mirror of https://github.com/apache/cloudstack.git
VPC Support for contrail networking
Signed-off-by: Sheng Yang <sheng.yang@citrix.com>
This commit is contained in:
sbalineni
Sheng Yang
parent
0e2e6995b7
commit
ed3e1b95b0
|
|
@ -113,6 +113,7 @@ public interface Network extends ControlledEntity, StateObject<Network.State>, I
|
|||
|
||||
public static final Provider VirtualRouter = new Provider("VirtualRouter", false);
|
||||
public static final Provider JuniperContrailRouter = new Provider("JuniperContrailRouter", false);
|
||||
public static final Provider JuniperContrailVpcRouter = new Provider("JuniperContrailVpcRouter", false);
|
||||
public static final Provider JuniperSRX = new Provider("JuniperSRX", true);
|
||||
public static final Provider PaloAlto = new Provider("PaloAlto", true);
|
||||
public static final Provider F5BigIp = new Provider("F5BigIp", true);
|
||||
|
|
|
|||
|
|
@ -32,6 +32,10 @@
|
|||
class="org.apache.cloudstack.network.contrail.management.ContrailElementImpl">
|
||||
<property name="name" value="ContrailElement"/>
|
||||
</bean>
|
||||
<bean id="ContrailVpcElement"
|
||||
class="org.apache.cloudstack.network.contrail.management.ContrailVpcElementImpl">
|
||||
<property name="name" value="ContrailVpcElement"/>
|
||||
</bean>
|
||||
|
||||
<bean id="ContrailGuru"
|
||||
class="org.apache.cloudstack.network.contrail.management.ContrailGuru">
|
||||
|
|
|
|||
|
|
@ -19,6 +19,7 @@ package org.apache.cloudstack.network.contrail.management;
|
|||
|
||||
import java.io.IOException;
|
||||
import java.net.URI;
|
||||
import java.util.List;
|
||||
|
||||
import javax.inject.Inject;
|
||||
import javax.ejb.Local;
|
||||
|
|
@ -54,6 +55,8 @@ import com.cloud.network.guru.NetworkGuru;
|
|||
import com.cloud.network.PhysicalNetwork;
|
||||
import com.cloud.network.dao.PhysicalNetworkDao;
|
||||
import com.cloud.network.dao.PhysicalNetworkVO;
|
||||
import com.cloud.network.dao.IPAddressVO;
|
||||
import com.cloud.network.addr.PublicIp;
|
||||
import com.cloud.offering.NetworkOffering;
|
||||
import com.cloud.user.Account;
|
||||
import com.cloud.utils.component.AdapterBase;
|
||||
|
|
@ -94,7 +97,7 @@ public class ContrailGuru extends AdapterBase implements NetworkGuru {
|
|||
|
||||
private boolean canHandle(NetworkOffering offering, NetworkType networkType, PhysicalNetwork physicalNetwork) {
|
||||
if (networkType == NetworkType.Advanced
|
||||
&& offering.getId() == _manager.getRouterOffering().getId()
|
||||
&& (offering.getId() == _manager.getRouterOffering().getId() || offering.getId() == _manager.getVpcRouterOffering().getId())
|
||||
&& isMyTrafficType(offering.getTrafficType())
|
||||
&& offering.getGuestType() == Network.GuestType.Isolated
|
||||
&& physicalNetwork.getIsolationMethods().contains("L3VPN"))
|
||||
|
|
@ -148,6 +151,25 @@ public class ContrailGuru extends AdapterBase implements NetworkGuru {
|
|||
return network;
|
||||
}
|
||||
_manager.getDatabase().getVirtualNetworks().add(vnModel);
|
||||
|
||||
if (network.getVpcId() != null) {
|
||||
List<IPAddressVO> ips = _ipAddressDao.listByAssociatedVpc(network.getVpcId(), true);
|
||||
if (ips.isEmpty()) {
|
||||
s_logger.debug("Creating a source nat ip for network " + network);
|
||||
Account owner = _accountMgr.getAccount(network.getAccountId());
|
||||
try {
|
||||
PublicIp publicIp = _ipAddrMgr.assignSourceNatIpAddressToGuestNetwork(owner, network);
|
||||
IPAddressVO ip = publicIp.ip();
|
||||
ip.setVpcId(network.getVpcId());
|
||||
_ipAddressDao.acquireInLockTable(ip.getId());
|
||||
_ipAddressDao.update(ip.getId(), ip);
|
||||
_ipAddressDao.releaseFromLockTable(ip.getId());
|
||||
} catch (Exception e) {
|
||||
s_logger.error("Unable to allocate source nat ip: " + e);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
return network;
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -38,12 +38,19 @@ import com.cloud.network.dao.PhysicalNetworkVO;
|
|||
import com.cloud.offering.NetworkOffering;
|
||||
import com.cloud.projects.ProjectVO;
|
||||
import com.cloud.network.vpc.NetworkACLVO;
|
||||
import com.cloud.network.vpc.VpcOffering;
|
||||
import com.cloud.network.vpc.VpcVO;
|
||||
|
||||
public interface ContrailManager {
|
||||
public static final String routerOfferingName = "Juniper Contrail Network Offering";
|
||||
public static final String routerOfferingDisplayText = "Juniper Contrail Network Offering";
|
||||
public static final String routerPublicOfferingName = "Juniper Contrail Public Network Offering";
|
||||
public static final String routerPublicOfferingDisplayText = "Juniper Contrail Public Network Offering";
|
||||
public static final String vpcRouterOfferingName = "Juniper Contrail VPC Network Offering";
|
||||
public static final String vpcRouterOfferingDisplayText = "Juniper Contrail VPC Network Offering";
|
||||
public static final String juniperVPCOfferingName = "Juniper Contrail VPC Offering";
|
||||
public static final String juniperVPCOfferingDisplayText = "Juniper Contrail VPC Offering";
|
||||
|
||||
public static final int DB_SYNC_INTERVAL_DEFAULT = 600000;
|
||||
public static final String VNC_ROOT_DOMAIN = "default-domain";
|
||||
public static final String VNC_DEFAULT_PROJECT = "default-project";
|
||||
|
|
@ -51,6 +58,8 @@ public interface ContrailManager {
|
|||
|
||||
public NetworkOffering getRouterOffering();
|
||||
public NetworkOffering getPublicRouterOffering();
|
||||
public NetworkOffering getVpcRouterOffering();
|
||||
public VpcOffering getVpcOffering();
|
||||
|
||||
public void syncNetworkDB(short syncMode) throws IOException;
|
||||
|
||||
|
|
@ -116,6 +125,8 @@ public interface ContrailManager {
|
|||
|
||||
public List<IPAddressVO> findManagedPublicIps();
|
||||
|
||||
public List<VpcVO> findManagedVpcs();
|
||||
|
||||
public List<NetworkACLVO> findManagedACLs();
|
||||
|
||||
public VirtualNetwork findDefaultVirtualNetwork(TrafficType trafficType) throws IOException;
|
||||
|
|
|
|||
|
|
@ -81,6 +81,12 @@ import com.cloud.offerings.NetworkOfferingVO;
|
|||
import com.cloud.offerings.dao.NetworkOfferingDao;
|
||||
import com.cloud.projects.ProjectVO;
|
||||
import com.cloud.network.vpc.dao.NetworkACLDao;
|
||||
import com.cloud.network.vpc.dao.VpcDao;
|
||||
import com.cloud.network.vpc.dao.VpcOfferingDao;
|
||||
import com.cloud.network.vpc.VpcOffering;
|
||||
import com.cloud.network.vpc.VpcOfferingVO;
|
||||
import com.cloud.network.vpc.VpcProvisioningService;
|
||||
import com.cloud.network.vpc.VpcVO;
|
||||
import com.cloud.network.vpc.NetworkACLVO;
|
||||
import com.cloud.projects.dao.ProjectDao;
|
||||
import com.cloud.user.Account;
|
||||
|
|
@ -132,6 +138,12 @@ public class ContrailManagerImpl extends ManagerBase implements ContrailManager
|
|||
@Inject
|
||||
UserVmDao _vmDao;
|
||||
@Inject
|
||||
VpcOfferingDao _vpcOffDao;
|
||||
@Inject
|
||||
VpcProvisioningService _vpcProvSvc;
|
||||
@Inject
|
||||
VpcDao _vpcDao;
|
||||
@Inject
|
||||
NetworkACLDao _networkAclDao;
|
||||
|
||||
private static final Logger s_logger = Logger.getLogger(ContrailManager.class);
|
||||
|
|
@ -141,6 +153,9 @@ public class ContrailManagerImpl extends ManagerBase implements ContrailManager
|
|||
private NetworkOffering _offering;
|
||||
private NetworkOffering _routerOffering;
|
||||
private NetworkOffering _routerPublicOffering;
|
||||
private NetworkOffering _vpcRouterOffering;
|
||||
private VpcOffering _vpcOffering;
|
||||
|
||||
private Timer _dbSyncTimer;
|
||||
private int _dbSyncInterval = DB_SYNC_INTERVAL_DEFAULT;
|
||||
private final String configuration = "contrail.properties";
|
||||
|
|
@ -175,7 +190,7 @@ public class ContrailManagerImpl extends ManagerBase implements ContrailManager
|
|||
return _database;
|
||||
}
|
||||
|
||||
private NetworkOffering LocatePublicNetworkOffering(String offeringName,
|
||||
private NetworkOffering locatePublicNetworkOffering(String offeringName,
|
||||
String offeringDisplayText, Provider provider) {
|
||||
List<? extends NetworkOffering> offerList = _configService.listNetworkOfferings(TrafficType.Public, false);
|
||||
for (NetworkOffering offer: offerList) {
|
||||
|
|
@ -210,7 +225,7 @@ public class ContrailManagerImpl extends ManagerBase implements ContrailManager
|
|||
return _networkOfferingDao.findById(id);
|
||||
}
|
||||
|
||||
private NetworkOffering LocateNetworkOffering(String offeringName,
|
||||
private NetworkOffering locateNetworkOffering(String offeringName,
|
||||
String offeringDisplayText, Provider provider) {
|
||||
List<? extends NetworkOffering> offerList = _configService.listNetworkOfferings(TrafficType.Guest, false);
|
||||
for (NetworkOffering offer : offerList) {
|
||||
|
|
@ -239,6 +254,38 @@ public class ContrailManagerImpl extends ManagerBase implements ContrailManager
|
|||
return _networkOfferingDao.findById(id);
|
||||
}
|
||||
|
||||
private VpcOffering locateVpcOffering() {
|
||||
VpcOffering vpcOffer = _vpcOffDao.findByUniqueName(juniperVPCOfferingName);
|
||||
if (vpcOffer != null) {
|
||||
if (((VpcOfferingVO)vpcOffer).getState() == VpcOffering.State.Enabled) {
|
||||
return vpcOffer;
|
||||
}
|
||||
((VpcOfferingVO)vpcOffer).setState(VpcOffering.State.Enabled);
|
||||
long id = vpcOffer.getId();
|
||||
_vpcOffDao.update(id, (VpcOfferingVO)vpcOffer);
|
||||
return vpcOffer;
|
||||
}
|
||||
Map<String, List<String>> serviceProviderMap = new HashMap<String, List<String>>();
|
||||
List<String> providerSet = new ArrayList<String>();
|
||||
providerSet.add(Provider.JuniperContrailVpcRouter.getName());
|
||||
final List<String> services = new ArrayList<String>();
|
||||
services.add(Service.Connectivity.getName());
|
||||
services.add(Service.Dhcp.getName());
|
||||
services.add(Service.NetworkACL.getName());
|
||||
services.add(Service.StaticNat.getName());
|
||||
services.add(Service.SourceNat.getName());
|
||||
services.add(Service.Gateway.getName());
|
||||
|
||||
for (String svc: services) {
|
||||
serviceProviderMap.put(svc, providerSet);
|
||||
}
|
||||
vpcOffer = _vpcProvSvc.createVpcOffering(juniperVPCOfferingName, juniperVPCOfferingDisplayText, services, serviceProviderMap, null);
|
||||
((VpcOfferingVO)vpcOffer).setState(VpcOffering.State.Enabled);
|
||||
long id = vpcOffer.getId();
|
||||
_vpcOffDao.update(id, (VpcOfferingVO)vpcOffer);
|
||||
return _vpcOffDao.findById(id);
|
||||
}
|
||||
|
||||
private NetworkOffering EnableNetworkOffering(long id) {
|
||||
NetworkOfferingVO offering = _networkOfferingDao.createForUpdate(id);
|
||||
offering.setState(NetworkOffering.State.Enabled);
|
||||
|
|
@ -281,10 +328,13 @@ public class ContrailManagerImpl extends ManagerBase implements ContrailManager
|
|||
|
||||
_controller = new ModelController(this, _api, _vmDao, _networksDao, _nicDao, _vlanDao, _ipAddressDao);
|
||||
|
||||
_routerOffering = LocateNetworkOffering(routerOfferingName, routerOfferingDisplayText,
|
||||
_routerOffering = locateNetworkOffering(routerOfferingName, routerOfferingDisplayText,
|
||||
Provider.JuniperContrailRouter);
|
||||
_routerPublicOffering = LocatePublicNetworkOffering(routerPublicOfferingName, routerPublicOfferingDisplayText,
|
||||
_routerPublicOffering = locatePublicNetworkOffering(routerPublicOfferingName, routerPublicOfferingDisplayText,
|
||||
Provider.JuniperContrailRouter);
|
||||
_vpcRouterOffering = locateNetworkOffering(vpcRouterOfferingName, vpcRouterOfferingDisplayText,
|
||||
Provider.JuniperContrailVpcRouter);
|
||||
_vpcOffering = locateVpcOffering();
|
||||
|
||||
_eventHandler.subscribe();
|
||||
|
||||
|
|
@ -303,6 +353,16 @@ public class ContrailManagerImpl extends ManagerBase implements ContrailManager
|
|||
return _routerOffering;
|
||||
}
|
||||
|
||||
@Override
|
||||
public NetworkOffering getVpcRouterOffering() {
|
||||
return _vpcRouterOffering;
|
||||
}
|
||||
|
||||
@Override
|
||||
public VpcOffering getVpcOffering() {
|
||||
return _vpcOffering;
|
||||
}
|
||||
|
||||
@Override
|
||||
public String getPhysicalNetworkName(PhysicalNetworkVO physNet) {
|
||||
String physname = physNet.getName();
|
||||
|
|
@ -465,7 +525,8 @@ public class ContrailManagerImpl extends ManagerBase implements ContrailManager
|
|||
public boolean isManagedPhysicalNetwork(Network network) {
|
||||
List<PhysicalNetworkVO> net_list = _physicalNetworkDao.listByZone(network.getDataCenterId());
|
||||
for (PhysicalNetworkVO phys : net_list) {
|
||||
if (_physProviderDao.findByServiceProvider(phys.getId(), Network.Provider.JuniperContrailRouter.getName()) != null) {
|
||||
if(_physProviderDao.findByServiceProvider(phys.getId(), Provider.JuniperContrailRouter.getName()) != null ||
|
||||
_physProviderDao.findByServiceProvider(phys.getId(), Provider.JuniperContrailVpcRouter.getName()) != null) {
|
||||
return true;
|
||||
}
|
||||
}
|
||||
|
|
@ -564,6 +625,7 @@ public class ContrailManagerImpl extends ManagerBase implements ContrailManager
|
|||
SearchCriteria<NetworkVO> sc = searchBuilder.create();
|
||||
List<Long> offerings = new ArrayList<Long>();
|
||||
offerings.add(getRouterOffering().getId());
|
||||
offerings.add(getVpcRouterOffering().getId());
|
||||
offerings.add(getPublicRouterOffering().getId());
|
||||
sc.setParameters("networkOfferingId", offerings.toArray());
|
||||
|
||||
|
|
@ -585,9 +647,11 @@ public class ContrailManagerImpl extends ManagerBase implements ContrailManager
|
|||
|
||||
List<PhysicalNetworkVO> phys_list = _physicalNetworkDao.listAll();
|
||||
final String provider = Network.Provider.JuniperContrailRouter.getName();
|
||||
final String vpcProvider = Provider.JuniperContrailVpcRouter.getName();
|
||||
for (Iterator<PhysicalNetworkVO> iter = phys_list.iterator(); iter.hasNext();) {
|
||||
PhysicalNetworkVO phys = iter.next();
|
||||
if (_physProviderDao.findByServiceProvider(phys.getId(), provider) != null) {
|
||||
if (_physProviderDao.findByServiceProvider(phys.getId(), provider) != null ||
|
||||
_physProviderDao.findByServiceProvider(phys.getId(), vpcProvider) != null) {
|
||||
List<NetworkVO> infraNets = new ArrayList<NetworkVO>();
|
||||
findInfrastructureNetworks(phys, infraNets);
|
||||
for (NetworkVO net : infraNets) {
|
||||
|
|
@ -611,10 +675,51 @@ public class ContrailManagerImpl extends ManagerBase implements ContrailManager
|
|||
return dbNets;
|
||||
}
|
||||
|
||||
@Override
|
||||
public List<VpcVO> findManagedVpcs() {
|
||||
SearchBuilder<VpcVO> searchBuilder = _vpcDao.createSearchBuilder();
|
||||
searchBuilder.and("vpcOffering", searchBuilder.entity().getVpcOfferingId(), Op.EQ);
|
||||
SearchCriteria<VpcVO> sc = searchBuilder.create();
|
||||
sc.setParameters("vpcOffering", getVpcOffering().getId());
|
||||
List<VpcVO> vpcs = _vpcDao.search(sc, null);
|
||||
if (vpcs == null || vpcs.size() == 0) {
|
||||
s_logger.debug("no vpcs found");
|
||||
return null;
|
||||
}
|
||||
return vpcs;
|
||||
}
|
||||
|
||||
@Override
|
||||
public List<NetworkACLVO> findManagedACLs() {
|
||||
/* contrail vpc is not yet implemented */
|
||||
return null;
|
||||
List<VpcVO> vpcs = findManagedVpcs();
|
||||
if (vpcs == null || vpcs.isEmpty()) {
|
||||
return null;
|
||||
}
|
||||
List<Long> vpcIds = new ArrayList<Long>();
|
||||
/* default-allow, default-deny ACLs will be under vpcId '0', so include it*/
|
||||
vpcIds.add((long)0);
|
||||
for (VpcVO vpc:vpcs) {
|
||||
vpcIds.add(vpc.getId());
|
||||
}
|
||||
SearchBuilder<NetworkACLVO> searchBuilder = _networkAclDao.createSearchBuilder();
|
||||
searchBuilder.and("vpcId", searchBuilder.entity().getVpcId(), Op.IN);
|
||||
SearchCriteria<NetworkACLVO> sc = searchBuilder.create();
|
||||
sc.setParameters("vpcId", vpcIds.toArray());
|
||||
List<NetworkACLVO> acls = _networkAclDao.search(sc, null);
|
||||
if (acls == null || acls.size() == 0) {
|
||||
s_logger.debug("no acls found");
|
||||
return null;
|
||||
}
|
||||
/* only return if acl is associated to any network */
|
||||
List<NetworkACLVO> jnprAcls = new ArrayList<NetworkACLVO>();
|
||||
for (NetworkACLVO acl:acls) {
|
||||
List<NetworkVO> nets = _networksDao.listByAclId(acl.getId());
|
||||
if (nets == null || nets.isEmpty()) {
|
||||
continue;
|
||||
}
|
||||
jnprAcls.add(acl);
|
||||
}
|
||||
return jnprAcls;
|
||||
}
|
||||
|
||||
/*
|
||||
|
|
|
|||
|
|
@ -0,0 +1,199 @@
|
|||
// Licensed to the Apache Software Foundation (ASF) under one
|
||||
// or more contributor license agreements. See the NOTICE file
|
||||
// distributed with this work for additional information
|
||||
// regarding copyright ownership. The ASF licenses this file
|
||||
// to you under the Apache License, Version 2.0 (the
|
||||
// "License"); you may not use this file except in compliance
|
||||
// with the License. You may obtain a copy of the License at
|
||||
//
|
||||
// http://www.apache.org/licenses/LICENSE-2.0
|
||||
//
|
||||
// Unless required by applicable law or agreed to in writing,
|
||||
// software distributed under the License is distributed on an
|
||||
// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||
// KIND, either express or implied. See the License for the
|
||||
// specific language governing permissions and limitations
|
||||
// under the License.
|
||||
|
||||
package org.apache.cloudstack.network.contrail.management;
|
||||
|
||||
import java.io.IOException;
|
||||
import java.util.List;
|
||||
|
||||
import javax.ejb.Local;
|
||||
import javax.inject.Inject;
|
||||
|
||||
import org.apache.cloudstack.network.contrail.model.VirtualNetworkModel;
|
||||
import org.apache.cloudstack.network.contrail.model.NetworkPolicyModel;
|
||||
|
||||
import org.apache.log4j.Logger;
|
||||
import org.springframework.stereotype.Component;
|
||||
|
||||
import com.cloud.deploy.DeployDestination;
|
||||
import com.cloud.exception.ConcurrentOperationException;
|
||||
import com.cloud.exception.InsufficientCapacityException;
|
||||
import com.cloud.exception.ResourceUnavailableException;
|
||||
import com.cloud.network.Network;
|
||||
import com.cloud.network.Network.Provider;
|
||||
import com.cloud.network.element.NetworkACLServiceProvider;
|
||||
import com.cloud.network.element.VpcProvider;
|
||||
import com.cloud.network.vpc.NetworkACLItem;
|
||||
import com.cloud.network.vpc.NetworkACLVO;
|
||||
import com.cloud.network.vpc.PrivateGateway;
|
||||
import com.cloud.network.vpc.StaticRouteProfile;
|
||||
import com.cloud.network.vpc.Vpc;
|
||||
import com.cloud.network.vpc.dao.NetworkACLDao;
|
||||
import com.cloud.vm.ReservationContext;
|
||||
|
||||
@Component
|
||||
@Local(value = {NetworkACLServiceProvider.class, VpcProvider.class, ContrailElementImpl.class})
|
||||
public class ContrailVpcElementImpl extends ContrailElementImpl implements NetworkACLServiceProvider, VpcProvider {
|
||||
private static final Logger s_logger =
|
||||
Logger.getLogger(ContrailElement.class);
|
||||
|
||||
@Inject
|
||||
NetworkACLDao _networkACLDao;
|
||||
|
||||
// NetworkElement API
|
||||
@Override
|
||||
public Provider getProvider() {
|
||||
return Provider.JuniperContrailVpcRouter;
|
||||
}
|
||||
|
||||
@Override
|
||||
public boolean implementVpc(Vpc vpc, DeployDestination dest,
|
||||
ReservationContext context) throws ConcurrentOperationException,
|
||||
ResourceUnavailableException, InsufficientCapacityException {
|
||||
// TODO Auto-generated method stub
|
||||
s_logger.debug("NetworkElement implementVpc");
|
||||
return true;
|
||||
}
|
||||
|
||||
@Override
|
||||
public boolean shutdownVpc(Vpc vpc, ReservationContext context)
|
||||
throws ConcurrentOperationException, ResourceUnavailableException {
|
||||
// TODO Auto-generated method stub
|
||||
s_logger.debug("NetworkElement shutdownVpc");
|
||||
return true;
|
||||
}
|
||||
|
||||
@Override
|
||||
public boolean createPrivateGateway(PrivateGateway gateway)
|
||||
throws ConcurrentOperationException, ResourceUnavailableException {
|
||||
// TODO Auto-generated method stub
|
||||
s_logger.debug("NetworkElement createPrivateGateway");
|
||||
return false;
|
||||
}
|
||||
|
||||
@Override
|
||||
public boolean deletePrivateGateway(PrivateGateway privateGateway)
|
||||
throws ConcurrentOperationException, ResourceUnavailableException {
|
||||
// TODO Auto-generated method stub
|
||||
s_logger.debug("NetworkElement deletePrivateGateway");
|
||||
return false;
|
||||
}
|
||||
|
||||
@Override
|
||||
public boolean applyStaticRoutes(Vpc vpc, List<StaticRouteProfile> routes)
|
||||
throws ResourceUnavailableException {
|
||||
// TODO Auto-generated method stub
|
||||
s_logger.debug("NetworkElement applyStaticRoutes");
|
||||
return true;
|
||||
}
|
||||
|
||||
@Override
|
||||
public boolean applyNetworkACLs(Network net,
|
||||
List<? extends NetworkACLItem> rules)
|
||||
throws ResourceUnavailableException {
|
||||
s_logger.debug("NetworkElement applyNetworkACLs");
|
||||
if (rules == null || rules.isEmpty()) {
|
||||
s_logger.debug("no rules to apply");
|
||||
return true;
|
||||
}
|
||||
|
||||
Long aclId = rules.get(0).getAclId();
|
||||
NetworkACLVO acl = _networkACLDao.findById(aclId);
|
||||
NetworkPolicyModel policyModel = _manager.getDatabase().lookupNetworkPolicy(acl.getUuid());
|
||||
if (policyModel == null) {
|
||||
/*
|
||||
* For the first time, when a CS ACL applied to a network, create a network-policy in VNC
|
||||
* and when there are no networks associated to CS ACL, delete it from VNC.
|
||||
*/
|
||||
policyModel = new NetworkPolicyModel(acl.getUuid(), acl.getName());
|
||||
net.juniper.contrail.api.types.Project project;
|
||||
try {
|
||||
project = _manager.getVncProject(net.getDomainId(), net.getAccountId());
|
||||
if (project == null) {
|
||||
project = _manager.getDefaultVncProject();
|
||||
}
|
||||
} catch (IOException ex) {
|
||||
s_logger.warn("read project", ex);
|
||||
return false;
|
||||
}
|
||||
policyModel.setProject(project);
|
||||
}
|
||||
|
||||
VirtualNetworkModel vnModel = _manager.getDatabase().lookupVirtualNetwork(net.getUuid(),
|
||||
_manager.getCanonicalName(net), net.getTrafficType());
|
||||
NetworkPolicyModel oldPolicyModel = null;
|
||||
/* this method is called when network is destroyed too, hence vn model might have been deleted already */
|
||||
if (vnModel != null) {
|
||||
oldPolicyModel = vnModel.getNetworkPolicyModel();
|
||||
vnModel.addToNetworkPolicy(policyModel);
|
||||
}
|
||||
|
||||
try {
|
||||
policyModel.build(_manager.getModelController(), rules);
|
||||
} catch (Exception e) {
|
||||
s_logger.error(e);
|
||||
e.printStackTrace();
|
||||
return false;
|
||||
}
|
||||
|
||||
try {
|
||||
if (!policyModel.verify(_manager.getModelController())) {
|
||||
policyModel.update(_manager.getModelController());
|
||||
}
|
||||
_manager.getDatabase().getNetworkPolicys().add(policyModel);
|
||||
} catch (Exception ex) {
|
||||
s_logger.error("network-policy update: ", ex);
|
||||
ex.printStackTrace();
|
||||
return false;
|
||||
}
|
||||
|
||||
if (!policyModel.hasPolicyRules()) {
|
||||
try {
|
||||
policyModel.delete(_manager.getModelController());
|
||||
_manager.getDatabase().getNetworkPolicys().remove(policyModel);
|
||||
} catch (IOException e) {
|
||||
e.printStackTrace();
|
||||
return false;
|
||||
}
|
||||
}
|
||||
/*
|
||||
* if no other VNs are associated with the old policy,
|
||||
* we could delete it from the Contrail VNC
|
||||
*/
|
||||
if (policyModel != oldPolicyModel && oldPolicyModel != null && !oldPolicyModel.hasDescendents()) {
|
||||
try {
|
||||
oldPolicyModel.delete(_manager.getModelController());
|
||||
_manager.getDatabase().getNetworkPolicys().remove(oldPolicyModel);
|
||||
} catch (IOException e) {
|
||||
e.printStackTrace();
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
||||
return true;
|
||||
}
|
||||
|
||||
@Override
|
||||
public boolean applyACLItemsToPrivateGw(PrivateGateway privateGateway,
|
||||
List<? extends NetworkACLItem> rules)
|
||||
throws ResourceUnavailableException {
|
||||
// TODO Auto-generated method stub
|
||||
s_logger.debug("NetworkElement applyACLItemsToPrivateGw");
|
||||
return true;
|
||||
}
|
||||
|
||||
}
|
||||
|
|
@ -68,6 +68,8 @@ import com.cloud.network.vpc.NetworkACLItemDao;
|
|||
import com.cloud.network.vpc.NetworkACLItemVO;
|
||||
import com.cloud.network.vpc.NetworkACLVO;
|
||||
import com.cloud.network.vpc.dao.NetworkACLDao;
|
||||
import com.cloud.network.vpc.VpcVO;
|
||||
import com.cloud.network.vpc.dao.VpcDao;
|
||||
import com.cloud.projects.ProjectVO;
|
||||
import com.cloud.projects.dao.ProjectDao;
|
||||
import com.cloud.vm.NicVO;
|
||||
|
|
@ -97,6 +99,8 @@ public class ServerDBSyncImpl implements ServerDBSync {
|
|||
@Inject
|
||||
ContrailManager _manager;
|
||||
@Inject
|
||||
VpcDao _vpcDao;
|
||||
@Inject
|
||||
NetworkACLItemDao _networkACLItemDao;
|
||||
@Inject
|
||||
NetworkACLDao _networkACLDao;
|
||||
|
|
@ -990,7 +994,12 @@ public class ServerDBSyncImpl implements ServerDBSync {
|
|||
NetworkPolicyModel policyModel = new NetworkPolicyModel(db.getUuid(), db.getName());
|
||||
net.juniper.contrail.api.types.Project project = null;
|
||||
try {
|
||||
project = _manager.getDefaultVncProject();
|
||||
VpcVO vpc = _vpcDao.findById(db.getVpcId());
|
||||
if (vpc != null) {
|
||||
project = _manager.getVncProject(vpc.getDomainId(), vpc.getAccountId());
|
||||
} else {
|
||||
project = _manager.getDefaultVncProject();
|
||||
}
|
||||
} catch (IOException ex) {
|
||||
s_logger.warn("read project", ex);
|
||||
throw ex;
|
||||
|
|
@ -1055,7 +1064,12 @@ public class ServerDBSyncImpl implements ServerDBSync {
|
|||
NetworkPolicyModel policyModel = new NetworkPolicyModel(db.getUuid(), db.getName());
|
||||
net.juniper.contrail.api.types.Project project = null;
|
||||
try {
|
||||
project = _manager.getDefaultVncProject();
|
||||
VpcVO vpc = _vpcDao.findById(db.getVpcId());
|
||||
if (vpc != null) {
|
||||
project = _manager.getVncProject(vpc.getDomainId(), vpc.getAccountId());
|
||||
} else {
|
||||
project = _manager.getDefaultVncProject();
|
||||
}
|
||||
} catch (IOException ex) {
|
||||
s_logger.warn("read project", ex);
|
||||
}
|
||||
|
|
|
|||
|
|
@ -73,7 +73,7 @@ public class NetworkPolicyModel extends ModelObjectBase {
|
|||
|
||||
SearchCriteria<NetworkVO> sc = searchBuilder.create();
|
||||
|
||||
sc.setParameters("networkOfferingId", controller.getManager().getRouterOffering().getId());
|
||||
sc.setParameters("networkOfferingId", controller.getManager().getVpcRouterOffering().getId());
|
||||
sc.setParameters("cidr", cidr);
|
||||
sc.setParameters("trafficType", Networks.TrafficType.Guest);
|
||||
|
||||
|
|
|
|||
|
|
@ -4294,7 +4294,9 @@ public class ConfigurationManagerImpl extends ManagerBase implements Configurati
|
|||
|
||||
@Override
|
||||
public boolean isOfferingForVpc(NetworkOffering offering) {
|
||||
boolean vpcProvider = _ntwkOffServiceMapDao.isProviderForNetworkOffering(offering.getId(), Provider.VPCVirtualRouter);
|
||||
boolean vpcProvider = _ntwkOffServiceMapDao.isProviderForNetworkOffering(offering.getId(), Provider.VPCVirtualRouter) ||
|
||||
_ntwkOffServiceMapDao.isProviderForNetworkOffering(offering.getId(), Provider.JuniperContrailVpcRouter);
|
||||
|
||||
return vpcProvider;
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -203,7 +203,7 @@ public class VpcManagerImpl extends ManagerBase implements VpcManager, VpcProvis
|
|||
private final ScheduledExecutorService _executor = Executors.newScheduledThreadPool(1, new NamedThreadFactory("VpcChecker"));
|
||||
private List<VpcProvider> vpcElements = null;
|
||||
private final List<Service> nonSupportedServices = Arrays.asList(Service.SecurityGroup, Service.Firewall);
|
||||
private final List<Provider> supportedProviders = Arrays.asList(Provider.VPCVirtualRouter, Provider.NiciraNvp, Provider.InternalLbVm, Provider.Netscaler);
|
||||
private final List<Provider> supportedProviders = Arrays.asList(Provider.VPCVirtualRouter, Provider.NiciraNvp, Provider.InternalLbVm, Provider.Netscaler, Provider.JuniperContrailVpcRouter);
|
||||
|
||||
int _cleanupInterval;
|
||||
int _maxNetworks;
|
||||
|
|
@ -308,6 +308,7 @@ public class VpcManagerImpl extends ManagerBase implements VpcManager, VpcProvis
|
|||
// Just here for 4.1, replaced by commit 836ce6c1 in newer versions
|
||||
Set<Network.Provider> sdnProviders = new HashSet<Network.Provider>();
|
||||
sdnProviders.add(Provider.NiciraNvp);
|
||||
sdnProviders.add(Provider.JuniperContrailVpcRouter);
|
||||
|
||||
boolean sourceNatSvc = false;
|
||||
boolean firewallSvs = false;
|
||||
|
|
@ -1191,6 +1192,7 @@ public class VpcManagerImpl extends ManagerBase implements VpcManager, VpcProvis
|
|||
if (vpcElements == null) {
|
||||
vpcElements = new ArrayList<VpcProvider>();
|
||||
vpcElements.add((VpcProvider)_ntwkModel.getElementImplementingProvider(Provider.VPCVirtualRouter.getName()));
|
||||
vpcElements.add((VpcProvider)_ntwkModel.getElementImplementingProvider(Provider.JuniperContrailVpcRouter.getName()));
|
||||
}
|
||||
|
||||
if (vpcElements == null) {
|
||||
|
|
|
|||
Loading…
Reference in New Issue