Also fixed a couple of other problems:
* verify security group ids before vm creation
* don't create "default" security group (if missing) as a part of deployVm process when vm is deployed from vmWare template
status 9873: resolved fixed
Following fixes were made as a part of the checkin:
* When deploy user vm and SG doesn't exist in the DB, create it automatically.
* SecurityGroup enabled use vm start: if map to default group is not present in security_group_vm_map table, create one.
* Added "name" (securityGroupName) parameter back to deleteSecurityGroup/authorizeSecurityGroupIngress/deployVm. Mutually exclusive with security group id parameter.
Conflicts:
api/src/com/cloud/api/commands/AuthorizeSecurityGroupIngressCmd.java
api/src/com/cloud/api/commands/DeleteSecurityGroupCmd.java
api/src/com/cloud/api/commands/DeployVMCmd.java
server/src/com/cloud/api/ApiDBUtils.java
server/src/com/cloud/vm/UserVmManagerImpl.java
status 9336: resolved fixed
Following changes were made:
* deleteSecurityGroup/authorizeSecurityGroupIngress - removed account/domainId parameters as SG is uniquely identified by id now
* removed account_name field from securityGroup DB table; removed allowed_security_group/allowed_sec_grp_acct from security_ingress_rule.
These values were used for api response generation only for performance purposes; added caching on API level to improve performance
* Added missing security checks for securityGroups/ingressRules
* MALFORMED_PARAMETER_ERROR - when type of the request parameter is invalid (String instead of Long for id for example)
* PARAM_ERROR - when invalid parameter value is specified in api request. For example, id of non existing vm for StartVmCmd
* ACCOUNT_RESOURCE_LIMIT_ERROR - when user tries to exceed his resource limits by executing the api command.
* INSUFFICIENT_CAPACITY_ERROR - when resource fails to create/start due to insufficient capacity.
* RESOURCE_UNAVAILABLE_ERROR - when user tries to create a vm when storage is not available.
* RESOURCE_IN_USE_ERROR - when user tries to delete/modify resource while it's in use. For example, when we try to delete a network group when it contains ingress rules.
* NETWORK_RULE_CONFLICT_ERROR - when LB/PF rule to add conflicts with existing rule
* ACCOUNT_ERROR - when user is not authorized to execute operation on the resource.
* INTERNAL_ERROR
* Implement callCreate() and execute() methods in apis extending BaseAsyncCreateCmd (example - CreateVolumeCmd)
* Implement execute() method in apis extending BaseCmd and BaseAsyncCmd (example - deleteVolumeCmd and deleteUserCmd)
We no longer need createMethod(), method(), manager() fields in @Implementation annotation, cleanup has to be done.
2) Moved Account/User related methods to AccountManagerImpl. Methods are exposed via AccountService interface.
3) Enhanced exception handing for Api calls.
4) Created ConfigurationService interface, all Api config methods are exposed via it.
alena
Frank
anthony
nit
Edison Su
abhishek
Alex Huang
Chiradeep Vittal