When starting a remote access VPN, send down all the users as well

2010-11-03 16:40:35 -07:00 · 2010-11-03 16:40:35 -07:00 · f182efc279
parent 613b38f79e
commit f182efc279
4 changed files with 26 additions and 12 deletions
--- a/server/src/com/cloud/network/NetworkManager.java
+++ b/server/src/com/cloud/network/NetworkManager.java
@ -333,8 +333,9 @@ public interface NetworkManager extends Manager {
     * @param cmd the command specifying the ip address, ip range
     * @return the RemoteAccessVpnVO if successful, null otherwise
     * @throws ConcurrentOperationException 
+     * @throws ResourceUnavailableException 
     */
-    public RemoteAccessVpnVO startRemoteAccessVpn(CreateRemoteAccessVpnCmd cmd) throws ConcurrentOperationException;
+    public RemoteAccessVpnVO startRemoteAccessVpn(CreateRemoteAccessVpnCmd cmd) throws ConcurrentOperationException, ResourceUnavailableException;
    
    /**
     * Destroy a previously created remote access VPN
--- a/server/src/com/cloud/network/NetworkManagerImpl.java
+++ b/server/src/com/cloud/network/NetworkManagerImpl.java
@ -2657,7 +2657,7 @@ public class NetworkManagerImpl implements NetworkManager, DomainRouterService {
        	}
        	locked = true;
        	vpnVO = new RemoteAccessVpnVO(account.getId(), cmd.getZoneId(), publicIp, range[0], newIpRange, sharedSecret);
-        	_remoteAccessVpnDao.persist(vpnVO);
+        	vpnVO = _remoteAccessVpnDao.persist(vpnVO);
        	txn.commit();
        	return vpnVO;
        } finally {
@ -2669,7 +2669,7 @@ public class NetworkManagerImpl implements NetworkManager, DomainRouterService {

 	@Override
 	@DB
-	public RemoteAccessVpnVO startRemoteAccessVpn(CreateRemoteAccessVpnCmd cmd) throws ConcurrentOperationException {
+	public RemoteAccessVpnVO startRemoteAccessVpn(CreateRemoteAccessVpnCmd cmd) throws ConcurrentOperationException, ResourceUnavailableException {
    	Long userId = UserContext.current().getUserId();
    	Account account = getAccountForApiCommand(cmd.getAccountName(), cmd.getDomainId());
        EventUtils.saveStartedEvent(userId, account.getId(), EventTypes.EVENT_REMOTE_ACCESS_VPN_CREATE, "Creating a Remote Access VPN for account: " + account.getAccountName() + " in zone " + cmd.getZoneId(), cmd.getStartEventId());
--- a/server/src/com/cloud/network/router/DomainRouterManager.java
+++ b/server/src/com/cloud/network/router/DomainRouterManager.java
@ -175,7 +175,7 @@ public interface DomainRouterManager extends Manager {
 	
 	DomainRouterVO deploy(NetworkConfiguration guestConfig, NetworkOffering offering, DeployDestination dest, Account owner) throws InsufficientCapacityException, ResourceUnavailableException, ConcurrentOperationException;

-	RemoteAccessVpnVO startRemoteAccessVpn(RemoteAccessVpnVO vpnVO);
+	RemoteAccessVpnVO startRemoteAccessVpn(RemoteAccessVpnVO vpnVO) throws ResourceUnavailableException;
 	
 	boolean addRemoveVpnUsers(RemoteAccessVpnVO vpnVO, List<VpnUserVO> addUsers, List<VpnUserVO> removeUsers);

--- a/server/src/com/cloud/network/router/DomainRouterManagerImpl.java
+++ b/server/src/com/cloud/network/router/DomainRouterManagerImpl.java
@ -121,6 +121,7 @@ import com.cloud.network.dao.LoadBalancerDao;
 import com.cloud.network.dao.LoadBalancerVMMapDao;
 import com.cloud.network.dao.NetworkConfigurationDao;
 import com.cloud.network.dao.NetworkRuleConfigDao;
+import com.cloud.network.dao.VpnUserDao;
 import com.cloud.offering.NetworkOffering;
 import com.cloud.offering.NetworkOffering.GuestIpType;
 import com.cloud.offerings.NetworkOfferingVO;
@ -225,6 +226,7 @@ public class DomainRouterManagerImpl implements DomainRouterManager, VirtualMach
    @Inject GuestOSDao _guestOSDao = null;
    @Inject NetworkManager _networkMgr;
    @Inject VmManager _itMgr;
+    @Inject VpnUserDao _vpnUsersDao;
    
    long _routerTemplateId = -1;
    int _routerRamSize;
@ -2124,7 +2126,7 @@ public class DomainRouterManagerImpl implements DomainRouterManager, VirtualMach
    }

 	@Override
-	public RemoteAccessVpnVO startRemoteAccessVpn(RemoteAccessVpnVO vpnVO) {
+	public RemoteAccessVpnVO startRemoteAccessVpn(RemoteAccessVpnVO vpnVO) throws ResourceUnavailableException {
 		DomainRouterVO router = getRouter(vpnVO.getAccountId(), vpnVO.getZoneId());
 		if (router == null) {
 			s_logger.warn("Failed to start remote access VPN: no router found for account and zone");
@ -2134,14 +2136,14 @@ public class DomainRouterManagerImpl implements DomainRouterManager, VirtualMach
 			s_logger.warn("Failed to start remote access VPN: router not in running state");
 			return null;
 		}
+		List<VpnUserVO> vpnUsers = _vpnUsersDao.listByAccount(vpnVO.getAccountId());
+		VpnUsersCfgCommand addUsersCmd = new VpnUsersCfgCommand(router.getPrivateIpAddress(), vpnUsers, new ArrayList<VpnUserVO>());
+		RemoteAccessVpnCfgCommand startVpnCmd = new RemoteAccessVpnCfgCommand(true, router.getPrivateIpAddress(), vpnVO.getVpnServerAddress(), vpnVO.getLocalIp(), vpnVO.getIpRange(), vpnVO.getIpsecPresharedKey());
+		Commands cmds = new Commands(OnError.Stop);
+		cmds.addCommand("users", addUsersCmd);
+		cmds.addCommand("startVpn", startVpnCmd);
 		try {
-			Answer answer = _agentMgr.send(router.getHostId(), new RemoteAccessVpnCfgCommand(true, router.getPrivateIpAddress(), vpnVO.getVpnServerAddress(), vpnVO.getLocalIp(), vpnVO.getIpRange(), vpnVO.getIpsecPresharedKey()));
-			if (answer != null && answer.getResult()) {
-				return vpnVO;
-			} else {
-				s_logger.debug("Failed to start remote access VPN: " + answer.getDetails());
-				return null;
-			}
+			_agentMgr.send(router.getHostId(), cmds);
 		} catch (AgentUnavailableException e) {
 			s_logger.debug("Failed to start remote access VPN: ", e);
 			return null;
@ -2149,6 +2151,17 @@ public class DomainRouterManagerImpl implements DomainRouterManager, VirtualMach
 			s_logger.debug("Failed to start remote access VPN: ", e);
 			return null;		
 		}
+		Answer answer = cmds.getAnswer("users");
+		if (!answer.getResult()) {
+            s_logger.error("Unable to start vpn: unable add users to vpn in zone " + vpnVO.getZoneId() + " for account "+ vpnVO.getAccountId() +" on domR: " + router.getName() + " due to " + answer.getDetails());
+            throw new ResourceUnavailableException("Unable to start vpn: Unable to add users to vpn in zone " + vpnVO.getZoneId() + " for account "+ vpnVO.getAccountId() +" on domR: " + router.getName() + " due to " + answer.getDetails()); 
+        }
+		answer = cmds.getAnswer("startVpn");
+		if (!answer.getResult()) {
+            s_logger.error("Unable to start vpn in zone " + vpnVO.getZoneId() + " for account "+ vpnVO.getAccountId() +" on domR: " + router.getName() + " due to " + answer.getDetails());
+            throw new ResourceUnavailableException("Unable to start vpn in zone " + vpnVO.getZoneId() + " for account "+ vpnVO.getAccountId() +" on domR: " + router.getName() + " due to " + answer.getDetails()); 
+        }
+		return vpnVO;
 	}

 	@Override