etan39
/
cloudstack
mirror of https://github.com/apache/cloudstack.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
15,325 Commits 325 Branches 325 Tags 885 MiB
Commit Graph

62 Commits

Author SHA1 Message Date
Jayapal b6727e5646 CLOUDSTACK-299: Egress firewall rules feature for guest network on VR 2013-01-31 11:20:47 +05:30
Chiradeep Vittal cadca5fc0c Merge branch 'master' into network-refactor-merge2 
Conflicts:
	api/src/com/cloud/network/NetworkService.java
	api/src/com/cloud/network/element/RemoteAccessVPNServiceProvider.java
	plugins/network-elements/nicira-nvp/src/com/cloud/network/element/NiciraNvpElement.java
	server/src/com/cloud/acl/DomainChecker.java
	server/src/com/cloud/network/ExternalFirewallDeviceManagerImpl.java
	server/src/com/cloud/network/NetworkManager.java
	server/src/com/cloud/network/NetworkManagerImpl.java
	server/src/com/cloud/network/router/VirtualNetworkApplianceManagerImpl.java
	server/src/com/cloud/vm/UserVmManagerImpl.java
	server/test/com/cloud/network/MockNetworkManagerImpl.java
	server/test/com/cloud/vpc/MockNetworkManagerImpl.java
 2013-01-16 19:17:14 -08:00
Chiradeep Vittal 5a830c4db0 Network-refactor: Refactor NetworkManager into NetworkModel and NetworkManager. 
NetworkManager's exclusive focus is now
 - handling plugins during orchestration, and
 - to deal with ip address allocation.
Those classes that used to refer to NetworkManager to get access to the datamodel now refer to NetworkModel

Signed-off-by: Chiradeep Vittal <chiradeep@apache.org>
 2013-01-09 15:49:01 -08:00
Chiradeep Vittal 3529c47248 Rationalize the interface by injecting ipDeployers. This is step 1 and includes 2 service providers - Remote AccessVPN and S2S VPN 
Signed-off-by: Chiradeep Vittal <chiradeep@apache.org>
 2013-01-04 15:08:55 -08:00
Rohit Yadav 2140ff55ea api: Refactor and move VPN related api cmd classes to command.user.vpn 
Signed-off-by: Rohit Yadav <bhaisaab@apache.org>
 2012-12-22 16:13:37 -08:00
Rohit Yadav e398b1e47a api: Refactor command and response classes to org.apache.cloudstack.api.* 
Signed-off-by: Rohit Yadav <bhaisaab@apache.org>
 2012-12-07 19:23:24 -08:00
Rohit Yadav af28c06998 api: move and group all under command, org.apache.cloudstack.command.* 
Signed-off-by: Rohit Yadav <bhaisaab@apache.org>
 2012-12-07 18:30:54 -08:00
Rohit Yadav 55364478e5 api_refactor: move vpn related apis to user.vpn 
Signed-off-by: Rohit Yadav <bhaisaab@apache.org>
 2012-12-05 14:24:26 -08:00
Rohit Yadav 1b8dc65f3a api_refactor: refactor user (vpn) apis 
- Fix refactored apis, mappings in commands*.in

Signed-off-by: Rohit Yadav <bhaisaab@apache.org>
 2012-12-04 10:27:47 -08:00
Rohit Yadav 6fc3bc3760 api_refactor: refactor vpn and vm apis 
- Refactor VPN and VM APIs to admin and user pkgs
- Names space, org.apache.cloudstack
- Fix refactored apis in commands*.in
- Fix comments etc.
- Expand tabs, remove trailing whitespace

Signed-off-by: Rohit Yadav <bhaisaab@apache.org>
 2012-12-03 21:27:02 -08:00
Alena Prokharchyk 214bbf3ebd CLOUDSTACK-279: fixed deleteProject when executed by the regular user. Always pass System account as a caller when do account cleanup 
Conflicts:

	api/src/com/cloud/api/commands/DeleteRemoteAccessVpnCmd.java
	server/src/com/cloud/network/element/CiscoNexusVSMElement.java
	server/src/com/cloud/network/element/ElasticLoadBalancerElement.java
	server/src/com/cloud/network/element/F5ExternalLoadBalancerElement.java
	server/src/com/cloud/network/element/JuniperSRXExternalFirewallElement.java
	server/src/com/cloud/network/element/NetscalerElement.java
	server/src/com/cloud/network/element/OvsElement.java
	server/src/com/cloud/network/element/VpcJuniperSRXExternalFirewallElement.java
	server/src/com/cloud/network/router/VirtualNetworkApplianceManagerImpl.java
	server/src/com/cloud/network/vpc/VpcManagerImpl.java
	server/src/com/cloud/network/vpn/RemoteAccessVpnManagerImpl.java
	server/src/com/cloud/storage/StorageManager.java
 2012-10-17 17:26:19 -07:00
Alena Prokharchyk 8f2d9a09e5 CLOUDSTACK-332: intermediate checkin fixing count parameter in listCommands 
Fixes the count in commands:

listVolumes
listVirtualMachines
listSnapshots
listRouters
listFirewallRules
listPortForwardingRules
listLoadBalancerRules
listIpForwardingRules
listAccounts
listUsers
listDomains
listDomainChildren
listPublicIpAddresses
listAlerts
listAsyncJobs
listRemoteAccessVpns
listVpnUsers
listTags
listPrivateGateways
listNetworkACLs
listStaticRoutes

Conflicts:

	api/src/com/cloud/api/commands/ListVMsCmd.java
	api/src/com/cloud/api/commands/ListVolumesCmd.java
	api/src/com/cloud/network/lb/LoadBalancingRulesService.java
	server/src/com/cloud/network/firewall/FirewallManagerImpl.java
	server/src/com/cloud/network/lb/LoadBalancingRulesManagerImpl.java
	server/src/com/cloud/network/rules/RulesManagerImpl.java
	server/src/com/cloud/network/vpc/NetworkACLManagerImpl.java
	server/src/com/cloud/network/vpc/VpcManagerImpl.java
	server/src/com/cloud/network/vpn/RemoteAccessVpnManagerImpl.java
	server/src/com/cloud/tags/TaggedResourceManagerImpl.java
 2012-10-12 13:58:59 -07:00
Kishan Kavala 6540ff8fa1 bug CLOUDSTACK-198: VPN user add, on failure remove user currently being added only, other users will remain in Add state 2012-09-26 13:54:49 +05:30
Alena Prokharchyk e7a1862867 VPC: CS-15827 - register only VpcVirtualNetworkApplianceMgr 
Conflicts:

	api/src/com/cloud/api/BaseCmd.java
	api/src/com/cloud/network/VpcVirtualNetworkApplianceService.java
	plugins/network-elements/elastic-loadbalancer/src/com/cloud/network/lb/ElasticLoadBalancerManagerImpl.java
	server/src/com/cloud/configuration/DefaultComponentLibrary.java
	server/src/com/cloud/ha/UserVmDomRInvestigator.java
 2012-08-03 14:23:45 -07:00
Alena Prokharchyk ad80f426a0 VPC: CS-15553 and CS-15549 - more checks during automatic ip assoc to VPC network 
Conflicts:

	api/src/com/cloud/api/commands/CreateLoadBalancerRuleCmd.java
	server/src/com/cloud/network/firewall/FirewallManagerImpl.java
	server/src/com/cloud/network/lb/LoadBalancingRulesManagerImpl.java
	server/src/com/cloud/network/rules/RulesManagerImpl.java
 2012-07-13 13:32:14 -07:00
Alena Prokharchyk 31f9d718fb Merge branch 'master' into vpc 
Conflicts:
	server/src/com/cloud/network/lb/LoadBalancingRulesManagerImpl.java
 2012-07-03 17:32:50 -07:00
David Nalley e87558256c Patch from Chip Childers 
https://reviews.apache.org/r/5704/
License header updates for the server folder
 2012-07-02 09:51:21 -04:00
Alena Prokharchyk c8ec262dea VPC: as there is no support for FirewallRules/remoteAccessVPN in the VPC, removed the networkId from the list of parameters for corresponding api calls 2012-06-28 10:17:53 -07:00
Alena Prokharchyk 8be74c033f VPC: update ip address object after the ip is associated with the network 2012-06-25 21:00:12 -07:00
Alena Prokharchyk 929997f54e AssociateIpAddress to VPC - the ip gets associated to the network only when the first rule for the ip gets created. 
When the last rule is removed for vpc ip, networkId is set to null

Conflicts:

	api/src/com/cloud/api/commands/AssociateIPAddrCmd.java
	api/src/com/cloud/api/commands/EnableStaticNatCmd.java
	api/src/com/cloud/network/NetworkService.java
	api/src/com/cloud/network/rules/RulesService.java
	server/src/com/cloud/network/NetworkManagerImpl.java
	server/src/com/cloud/network/lb/LoadBalancingRulesManagerImpl.java
	server/src/com/cloud/network/rules/RulesManagerImpl.java
	server/test/com/cloud/network/MockNetworkManagerImpl.java
 2012-06-15 14:18:24 -07:00
frank 2f634c0913 Switch to Apache license 2012-04-03 04:50:05 -07:00
kishan 74ce678baf Bug 13802: Log VPN user remove usage event when user fails to get applied 
Status 13802: resolved fixed
Reviewed-By: Nitin
 2012-02-17 14:17:28 +05:30
kishan 17659d1500 Bug 12972: Added VPN_USER_REMOVE usage events when VPN is disabled. VPN_USER_ADD events added when VPN is enabled again. VPN usage will be generated only when VPN is enabled. 
Status 12972: resolved fixed
Reviewed-By: Nitin
 2012-02-08 19:57:08 +05:30
Alena Prokharchyk cad392cd68 bug 13335: fixed listProjectInvitations by projectId 
status 13335: resolved fixed
 2012-02-07 13:16:27 -08:00
Alena Prokharchyk 83400cd15f bug 12776: if there are multiple objects involved in resource creation, verify that they belong to the same account 
status 12776: resolved fixed
 2012-01-17 13:40:37 -08:00
Alena Prokharchyk f0c4980dff bug 13110: use Ternary data structure when build search criteria 
status 13110: resolved fixed
 2012-01-16 14:15:28 -08:00
Alena Prokharchyk c581506103 bug 12306: list* command revamp 2012-01-09 10:07:42 -08:00
Sheng Yang 89ca2fe48e bug 12656: Add restriction for network update and new rules 
status 12656: resolved fixed
 2012-01-05 21:08:41 -08:00
Alena Prokharchyk 1871de3048 bug 11853: better error message when try to add VPN user with duplicated user name 
status 11853: resolved fixed
 2011-11-18 15:49:18 -08:00
Alex Huang f6fcaa49ec Merge complete except for virtualnetworkappliancemanager 2011-11-10 15:18:16 -08:00
kishan 606779b300 bug 11851: When Add VPN user fails, remove the user entry from db instead of leaving in Add state. 
status 11851: resolved fixed
reviewed-by: Abhi
 2011-11-08 15:56:16 +05:30
alena 3a845d2d75 Keep Service/Provider map per network as well as per networkOffering (to handle the case when there are multiple providers defined for the same service in the network offering, and only one is picked when the network is created) 2011-11-07 16:16:03 -08:00
alena 17a7b7cda4 listNetworkOfferings: added an ability to filter based on the Services supported 2011-11-07 10:53:28 -08:00
kishan f40dcbd82e bug 11851: While adding new Vpn user, exisitng users state will remain as Active and still be re-added 
status 11851: resolved fixed
 2011-11-04 13:58:14 +05:30
kishan 18ef8ca3b4 bug 11173: Added usage for VPN users 
status 11173: resolved fixed
 2011-11-01 17:01:48 +05:30
alena f6717e0a23 1) Method name change 
2) Rely on SourceNatService when decide if DirectNetworkGuru and GuestNetworkGuru should handle the network
 2011-10-24 17:30:14 -07:00
Sheng Yang 0121c0516d Network: Add Service providers 
In the past, the NetworkElement would cover almost all the functionality that
e.g.  virtual router can cover: firewall, source NAT, static NAT, password,
VPN... So anyone want to implement the NetworkElement would have to implement
these service's specific methods, even it wouldn't support it. Also, if we want
to find a e.g. FirewallServiceProvider, we have to proceed all the current
network service providers, to call a method to know if it support such service.
That's neither elegant nor scaling way to do it.

As the first step, this patch separates each ServiceProvider from NetworkElement
(there are some interface already out of NetworkElement, so this patch slightly
modifies them too), and only the class would implement the correlated interface, would
have the ability to do these services.
 2011-10-10 11:45:39 -07:00
alena 25c2734e03 More stuff to Projects feature - added support for adding resources (vms, templates, isos) to the project 2011-10-05 13:24:25 -07:00
alena 4d89066b2c bug 11515: reapply all firewall rules for the IP address when VPN related rules are being revoked 
status 11515: resolved fixed

Reviewed-by: will@cloud.com
 2011-09-21 09:50:32 -07:00
alena a1331d1cfc Intermidiate checkin to Project feature: 
1) Introduce new managers - ProjectManager and DomainManager. Moved all domain related code from AccountManager to DomainManager.
2) Moved some code from ManagementServerImpl to the correct managers.
3) New resource limit for Domain - Project
 2011-09-20 18:35:28 -07:00
alena 8c53dbcdd7 bug 11185: support multiple CIDR on overlapping port ranges for firewall rules 
status 11185: resolved fixed

Conflicts:

	server/src/com/cloud/network/firewall/FirewallManagerImpl.java

Conflicts:

	api/src/com/cloud/network/firewall/FirewallService.java
	server/src/com/cloud/network/firewall/FirewallManagerImpl.java
	server/src/com/cloud/network/lb/LoadBalancingRulesManagerImpl.java
	server/src/com/cloud/network/rules/RulesManagerImpl.java
 2011-08-25 12:21:11 -07:00
alena e3f179844e bug 11236: domainAdmin/regularUser can edit/delete/copy/extract Public template/iso only if it was created by them. They still can use/see public template/iso when execute list/deploy/attachIso commands. Root admin can operate with other people templates w/o any restrictions. 
status 11236: resolved fixed
 2011-08-24 14:48:35 -07:00
alena 803255b0ba bug 11029: db upgrade from 2.2.9 to 2.2.10 includes firewall_rule upgrade now 
status 11029: resolved fixed

Commit also includes the following:

* map firewall rule to pf/lb/staticNat/vpn when the firewall rule is created as a part of pf/lb/staticNat/vpn rule creation
* when delete firewall rules, also delete related firewall rule
 2011-08-15 10:18:09 -07:00
alena 06d007337a bug 10561: intermidiate checkin for FirewallRuleFeature 
1) Added new apis: createFirewallRule, deleteFirewallRule, listFirewallRules
2) Modified existing apis - added boolean openFirewall parameter to createPortForwardingRule/createIpForwardingRule/createRemoteAccessVpn. If parameter is set to true, open firewall on the domR before creating an actual PF rule there
Modified backend calls appropriately.
3) Schema changes for firewall_rules table:
* startPort/endPort can be null now
* added icmp_type, icmp_code fields (can be not null only when protocol is icmp)
4) Added new manager - FirewallManagerImpl
 2011-08-08 20:59:40 -07:00
alena 8d47c53735 Revert "bug 10435: removed vpn feature" 
This reverts commit ea9e1b5d138950e8de49fce7ffdbb12a1c72c560.

Conflicts:

	api/src/com/cloud/api/ResponseGenerator.java
	scripts/vm/hypervisor/xenserver/vmops
	server/src/com/cloud/configuration/Config.java
	server/src/com/cloud/network/router/VirtualNetworkApplianceManager.java
	server/src/com/cloud/network/router/VirtualNetworkApplianceManagerImpl.java
 2011-08-02 18:12:57 -07:00
alena 74f34a0e0c bug 10435: removed vpn feature 
status 10435: resolved fixed
 2011-06-24 09:18:46 -07:00
alena b9325a28dd bug 9579: allow domain name suffix update for existing networks. 
Block update only in these cases:

* when DNS capability AllowDnsSuffixModification is false for the network
* when target network has running network elements (dhcps or domRs)
 2011-06-09 16:10:24 -07:00
nit debe236a8d bug 8710: CONTD....Introducing a new user role in cloudstack called RESOURCE_DOMAIN_ADMIN. The role would have all the domain_admin rights and the rights to list zone,pods,clusters and so on. More info in the bug 2011-04-11 19:40:37 +05:30
alena 504ab73ae5 Sync on network instead of ipAddressId when do create PF/StaticNat/LB rules 2011-02-17 16:13:28 -08:00
alena 8978839d96 bug 8617: Disable firewall/lb/vpn service for Direct network offering, so when user tries to create PF/LB rule for direct IP address, it fails. 
status 8617: resolved fixed
 2011-02-17 14:31:05 -08:00