bug 12318: NaaS: Dynamic CIDR for virtual router
This patch in fact use ExternalGuestNetworkGuru to replace GuestNetworkGuru. The
problem is the virtual router would normally use 10.1.1.0/8 as CIDR, but when we
want to upgrade to external firewall e.g. Netscaler, the CIDR would need to be
changed to different value e.g. 10.x.x.0/24 based on VLAN, because the external
firewall can not support one CIDR for multiply VLAN right now. So we have to use
the same policy for virtual router.
This patch also add one field "specified_cidr" to the networks table. If this
field is true, then it means user specify the CIDR of this network, thus we can
not granutee the CIDR after upgrade is valid, so we would like to prohibit the
upgrade of network offering.
This should also fix bug 12318. The reason for bug 12318 is the pre-set gateway
address of domR is overrided by ExternalGuestNetworkGuru. After this patch,
ExternalGuestNetworkGuru would respect the existed value in Nic, rather than
simply wiping it out. It would do calcuation to get the relevant address after
VLAN changed.
More clean up can be done in the future, when we proved that this policy change
doesn't break...
status 12234: resolved fixed
status 12318: resolved fixed
only owner of the network can access it; if it's domain - all accounts in the domain and domain children can have an access.
* aclType replaces 2 old fields: isShared and isDomainSpecific.
* All 2.2.x account specific networks will have aclType=Account; 2.2.x Domain specific networks - aclType=domain; 2.2.x Zone level networks - aclType=Domain with domainId = Root domain id
* can be specified for Shared network only
* if not specified for the Shared networks, try to locate it based on the zoneId and tags. If tags is not null, pick up first physicalNetwork from the zone that has matching tags. If tags is null, and there are none/more than 1 physical netwroks in the zone, error out.
- Create Zone changes and changes to data_center table to remove vlan, securityGroup fields
- Physical Network lifecycle APIs
- Physical Network Service Provider APIs
- DB schema changes
Block update only in these cases:
* when DNS capability AllowDnsSuffixModification is false for the network
* when target network has running network elements (dhcps or domRs)
Conflicts:
server/src/com/cloud/vm/dao/DomainRouterDao.java
server/src/com/cloud/vm/dao/DomainRouterDaoImpl.java
2) Added new config parameter 'allow.subdomain.network.access' - default value is true. If it's set to false, the child domain can't use the network of the parent domain
status 7803: resolved fixed
Fix overview:
1) Parameter "isDefault" should be defined as a part of createNetwork
* Virtual network is always default
* Parameter can be specified only for DirectNetwork
* Once parameter is set, there is no way to change it as we don't provide updateNetwork command.
2) Added isDefault parameter to listNetworks command so you can sort by that.
3) DeployVmCmd:
* at least one default network should be set
* if more than 1 default network is set - throw an error
4) Return isDefault information as a part of Nic object for the vm response in deploy/stop/start/listVm
status 7863: resolved fixed
Router cleanp thread is fixed, here is functionality description:
* Runs every "router.cleanup.interval" period of time (1 day by default)
* Stops only domRs running in Advance zone
* Thread Flow:
- gets all Running domRs/dhcps, get their networks, select network that
has to be checked (see criteria below):
- checks that there is only one nic in the op_networks table for the
network, and this nic belongs to domR/dhcp
- Stops domR/dhcp
* Criteria to choose the network:
- Network has to be non-system.
- Network should be one of the following: Guest Virtual (TrafficType=Guest; GuestType=Virtual); Direct Tagged (TrafficType=Public; GuestType=Direct)
Couple of other fixes:
* Added isShared parameter to listNetworks command
* Moved guestType from NetworkOffering to Network
2) Added networkIds parameter to deployVMCmd - accepts list of networks ids separated by coma.
3) Changed domainRouter/systemVm/userVm response to return list of Nics associated with the vm.
Alena Prokharchyk
Sheng Yang
Alex Huang
Kelven Yang
alena
prachi
Alex Huang
Frank
Edison Su