You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cloudstack.apache.org by GitBox <gi...@apache.org> on 2021/11/29 14:13:32 UTC
[GitHub] [cloudstack] weizhouapache opened a new pull request #5730: Enhancement: create Shared networks and VPC private gateways by users
weizhouapache opened a new pull request #5730:
URL: https://github.com/apache/cloudstack/pull/5730
### Description
Currently shared networks and VPC private gateways can only be created from ROOT admin.
This PR contains the following enhancement
# 1. Create shared network offering with specifyvlan=false
* specifyvlan MUST be true for shared network offering for now
* specifyvlan can be true or false with this PR.
# 2. Create shared network by non-ROOT users
## If specifyvlan=true in shared network offering
vlan is required, it can be created/removed only by ROOT admin
## if specifyvlan=false in shared network offering
All users can create shared network with an associated network (isolated networks), it will use the same vlan of associated network.
If associated network is not specified, cloudstack will allocate a vlan from zone guest vlan ranges to the shared network.
* ROOT admin and Domain admins can create shared network for domain (acltype=domain) and account (acltype=account)
* Normal users can create shared network for account (acltype=account)
* Associated network MUST be an Isolated network
* Associated network MUST be owned by same account (if acltype=account) or in the same domain (if acltype=domain)
* Associated network MUST be on same physical network as the new shared network.
# 3. Create VPC private gateway by non-ROOT users
ALL users can create VPC private gateway with an associated network. it will use the same vlan of associated network.
* Associated network MUST be an Isolated network
* Associated network MUST be owned by same account
* Associated network MUST be on same physical network as the private gateway.
* The private gateway will use the new system network offering : System-Private-Gateway-Network-Offering-Without-Vlan
ROOT admin can create VPC private gateway with a specified vlan. It can only be removed by root admin either.
The private gateway will use the new system network offering : System-Private-Gateway-Network-Offering
# 4. List guest vlans in zone
An API is introduced to list all guest vlans: listGuestVlans . It is only available by root admin.
Guest vlans can be listed by
* id
* zoneid
* physical network id
* vnet (vlan id)
* allocatedonly (true/false)
<!--- Describe your changes in DETAIL - And how has behaviour functionally changed. -->
<!-- For new features, provide link to FS, dev ML discussion etc. -->
<!-- In case of bug fix, the expected and actual behaviours, steps to reproduce. -->
<!-- When "Fixes: #<id>" is specified, the issue/PR will automatically be closed when this PR gets merged -->
<!-- For addressing multiple issues/PRs, use multiple "Fixes: #<id>" -->
<!-- Fixes: # -->
<!--- ********************************************************************************* -->
<!--- NOTE: AUTOMATATION USES THE DESCRIPTIONS TO SET LABELS AND PRODUCE DOCUMENTATION. -->
<!--- PLEASE PUT AN 'X' in only **ONE** box -->
<!--- ********************************************************************************* -->
### Types of changes
- [ ] Breaking change (fix or feature that would cause existing functionality to change)
- [ ] New feature (non-breaking change which adds functionality)
- [ ] Bug fix (non-breaking change which fixes an issue)
- [x] Enhancement (improves an existing feature and functionality)
- [ ] Cleanup (Code refactoring and cleanup, that may add test cases)
### Feature/Enhancement Scale or Bug Severity
#### Feature/Enhancement Scale
- [x] Major
- [ ] Minor
### Screenshots (if appropriate):
### How Has This Been Tested?
<!-- Please describe in detail how you tested your changes. -->
<!-- Include details of your testing environment, and the tests you ran to -->
<!-- see how your change affects other areas of the code, etc. -->
<!-- Please read the [CONTRIBUTING](https://github.com/apache/cloudstack/blob/main/CONTRIBUTING.md) document -->
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #5730: Enhancement: create Shared networks and VPC private gateways by users
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on pull request #5730:
URL: https://github.com/apache/cloudstack/pull/5730#issuecomment-988340940
<b>Trillian test result (tid-2634)</b>
Environment: kvm-centos7 (x2), Advanced Networking with Mgmt server 7
Total time taken: 35900 seconds
Marvin logs: https://github.com/blueorangutan/acs-prs/releases/download/trillian/pr5730-t2634-kvm-centos7.zip
Smoke tests completed. 93 look OK, 0 have errors
Only failed tests results shown below:
Test | Result | Time (s) | Test File
--- | --- | --- | ---
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] weizhouapache commented on pull request #5730: Enhancement: create Shared networks and VPC private gateways by users
Posted by GitBox <gi...@apache.org>.
weizhouapache commented on pull request #5730:
URL: https://github.com/apache/cloudstack/pull/5730#issuecomment-984438986
> Trillian test result (tid-2601) Environment: kvm-centos7 (x2), Advanced Networking with Mgmt server 7 Total time taken: 37031 seconds Marvin logs: https://github.com/blueorangutan/acs-prs/releases/download/trillian/pr5730-t2601-kvm-centos7.zip Smoke tests completed. 92 look OK, 1 have errors Only failed tests results shown below:
>
> Test Result Time (s) Test File
> test_01_create_redundant_VPC_2tiers_4VMs_4IPs_4PF_ACL `Failure` 319.81 test_vpc_redundant.py
run this test manually twice, both succeed.
```
Create a redundant VPC with two networks with two VMs in each network ... === TestName: test_01_create_redundant_VPC_2tiers_4VMs_4IPs_4PF_ACL | Status : SUCCESS ===
ok
Create a redundant VPC with two networks with two VMs in each network and check default routes ... === TestName: test_02_redundant_VPC_default_routes | Status : SUCCESS ===
ok
Create a redundant VPC with two networks with two VMs in each network ... === TestName: test_03_create_redundant_VPC_1tier_2VMs_2IPs_2PF_ACL_reboot_routers | Status : SUCCESS ===
ok
Create a redundant VPC with 1 Tier, 1 VM, 1 ACL, 1 PF and test Network GC Nics ... === TestName: test_04_rvpc_network_garbage_collector_nics | Status : SUCCESS ===
ok
Create a redundant VPC with multiple tiers ... === TestName: test_05_rvpc_multi_tiers | Status : SUCCESS ===
ok
----------------------------------------------------------------------
Ran 5 tests in 3192.898s
OK
```
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] weizhouapache commented on a change in pull request #5730: Enhancement: create Shared networks and VPC private gateways by users
Posted by GitBox <gi...@apache.org>.
weizhouapache commented on a change in pull request #5730:
URL: https://github.com/apache/cloudstack/pull/5730#discussion_r759147486
##########
File path: api/src/main/java/org/apache/cloudstack/api/command/admin/vpc/CreatePrivateGatewayByAdminCmd.java
##########
@@ -0,0 +1,75 @@
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements. See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership. The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License. You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied. See the License for the
+// specific language governing permissions and limitations
+// under the License.
+package org.apache.cloudstack.api.command.admin.vpc;
+
+import org.apache.log4j.Logger;
+
+import org.apache.cloudstack.api.APICommand;
+import org.apache.cloudstack.api.ApiConstants;
+import org.apache.cloudstack.api.Parameter;
+import org.apache.cloudstack.api.ResponseObject.ResponseView;
+import org.apache.cloudstack.api.command.admin.AdminCmd;
+import org.apache.cloudstack.api.command.user.vpc.CreatePrivateGatewayCmd;
+import org.apache.cloudstack.api.response.PhysicalNetworkResponse;
+import org.apache.cloudstack.api.response.PrivateGatewayResponse;
+
+import com.cloud.network.vpc.VpcGateway;
+
+@APICommand(name = "createPrivateGateway", description = "Creates a private gateway",
+ responseObject = PrivateGatewayResponse.class,
+ responseView = ResponseView.Full,
+ entityType = {VpcGateway.class},
+ requestHasSensitiveInfo = false, responseHasSensitiveInfo = false)
Review comment:
@sureshanaparti
thanks .
api commands and api parameters are updated.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] weizhouapache commented on a change in pull request #5730: Enhancement: create Shared networks and VPC private gateways by users
Posted by GitBox <gi...@apache.org>.
weizhouapache commented on a change in pull request #5730:
URL: https://github.com/apache/cloudstack/pull/5730#discussion_r759166648
##########
File path: api/src/main/java/org/apache/cloudstack/api/command/user/network/CreateNetworkCmd.java
##########
@@ -249,11 +259,31 @@ public Long getPhysicalNetworkId() {
throw new InvalidParameterValueException("Unable to find network offering by ID " + networkOfferingId);
}
+ Network associatedNetwork = null;
+ if (associatedNetworkId != null) {
+ associatedNetwork = _entityMgr.findById(Network.class, associatedNetworkId);
+ if (associatedNetwork == null) {
+ throw new InvalidParameterValueException("Unable to find network by ID " + associatedNetworkId);
Review comment:
@sureshanaparti
as discussed offline, the uuid of removed networks can be converted to long value, but the removed networks cannot be used as associated network.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] weizhouapache commented on pull request #5730: Enhancement: create Shared networks and VPC private gateways by users
Posted by GitBox <gi...@apache.org>.
weizhouapache commented on pull request #5730:
URL: https://github.com/apache/cloudstack/pull/5730#issuecomment-982570526
@blueorangutan package
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] weizhouapache commented on pull request #5730: Enhancement: create Shared networks and VPC private gateways by users
Posted by GitBox <gi...@apache.org>.
weizhouapache commented on pull request #5730:
URL: https://github.com/apache/cloudstack/pull/5730#issuecomment-983615053
@blueorangutan package
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #5730: Enhancement: create Shared networks and VPC private gateways by users
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on pull request #5730:
URL: https://github.com/apache/cloudstack/pull/5730#issuecomment-984237823
<b>Trillian test result (tid-2601)</b>
Environment: kvm-centos7 (x2), Advanced Networking with Mgmt server 7
Total time taken: 37031 seconds
Marvin logs: https://github.com/blueorangutan/acs-prs/releases/download/trillian/pr5730-t2601-kvm-centos7.zip
Smoke tests completed. 92 look OK, 1 have errors
Only failed tests results shown below:
Test | Result | Time (s) | Test File
--- | --- | --- | ---
test_01_create_redundant_VPC_2tiers_4VMs_4IPs_4PF_ACL | `Failure` | 319.81 | test_vpc_redundant.py
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #5730: Enhancement: create Shared networks and VPC private gateways by users
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on pull request #5730:
URL: https://github.com/apache/cloudstack/pull/5730#issuecomment-983779665
@weizhouapache a Trillian-Jenkins test job (centos7 mgmt + kvm-centos7) has been kicked to run smoke tests
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] weizhouapache commented on a change in pull request #5730: Enhancement: create Shared networks and VPC private gateways by users
Posted by GitBox <gi...@apache.org>.
weizhouapache commented on a change in pull request #5730:
URL: https://github.com/apache/cloudstack/pull/5730#discussion_r759205131
##########
File path: engine/orchestration/src/main/java/org/apache/cloudstack/engine/orchestration/NetworkOrchestrator.java
##########
@@ -2764,6 +2770,21 @@ public Network doInTransaction(final TransactionStatus status) {
return network;
}
+ @Override
+ public boolean isSharedNetworkWithoutSpecifyVlan(NetworkOffering offering) {
+ if (offering == null || offering.getTrafficType() != TrafficType.Guest || offering.getGuestType() != GuestType.Shared) {
+ return false;
+ }
+ if (! offering.isSpecifyVlan()) {
Review comment:
@ravening done. thanks.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #5730: Enhancement: create Shared networks and VPC private gateways by users
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on pull request #5730:
URL: https://github.com/apache/cloudstack/pull/5730#issuecomment-983615522
@weizhouapache a Jenkins job has been kicked to build packages. I'll keep you posted as I make progress.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] weizhouapache commented on pull request #5730: Enhancement: create Shared networks and VPC private gateways by users
Posted by GitBox <gi...@apache.org>.
weizhouapache commented on pull request #5730:
URL: https://github.com/apache/cloudstack/pull/5730#issuecomment-981672702
@blueorangutan package
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] ravening commented on a change in pull request #5730: Enhancement: create Shared networks and VPC private gateways by users
Posted by GitBox <gi...@apache.org>.
ravening commented on a change in pull request #5730:
URL: https://github.com/apache/cloudstack/pull/5730#discussion_r759170259
##########
File path: engine/orchestration/src/main/java/org/apache/cloudstack/engine/orchestration/NetworkOrchestrator.java
##########
@@ -2764,6 +2770,21 @@ public Network doInTransaction(final TransactionStatus status) {
return network;
}
+ @Override
+ public boolean isSharedNetworkWithoutSpecifyVlan(NetworkOffering offering) {
+ if (offering == null || offering.getTrafficType() != TrafficType.Guest || offering.getGuestType() != GuestType.Shared) {
+ return false;
+ }
+ if (! offering.isSpecifyVlan()) {
Review comment:
simplify this if checkeck to `return offering.isSpecifyVlan()` ?
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #5730: Enhancement: create Shared networks and VPC private gateways by users
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on pull request #5730:
URL: https://github.com/apache/cloudstack/pull/5730#issuecomment-985595090
Packaging result: :heavy_check_mark: el7 :heavy_check_mark: el8 :heavy_check_mark: debian :heavy_check_mark: suse15. SL-JID 1832
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] weizhouapache commented on pull request #5730: Enhancement: create Shared networks and VPC private gateways by users
Posted by GitBox <gi...@apache.org>.
weizhouapache commented on pull request #5730:
URL: https://github.com/apache/cloudstack/pull/5730#issuecomment-991566651
@blueorangutan test keepEnv
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #5730: Enhancement: create Shared networks and VPC private gateways by users
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on pull request #5730:
URL: https://github.com/apache/cloudstack/pull/5730#issuecomment-986535588
@weizhouapache a Trillian-Jenkins test job (centos7 mgmt + kvm-centos7) has been kicked to run smoke tests
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] weizhouapache commented on pull request #5730: Enhancement: create Shared networks and VPC private gateways by users
Posted by GitBox <gi...@apache.org>.
weizhouapache commented on pull request #5730:
URL: https://github.com/apache/cloudstack/pull/5730#issuecomment-987913221
@blueorangutan test keepEnv
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] weizhouapache commented on pull request #5730: Enhancement: create Shared networks and VPC private gateways by users
Posted by GitBox <gi...@apache.org>.
weizhouapache commented on pull request #5730:
URL: https://github.com/apache/cloudstack/pull/5730#issuecomment-994438636
#5769 contains all commits in this PR.
please review this PR and test with #5769.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] weizhouapache commented on pull request #5730: Enhancement: create Shared networks and VPC private gateways by users
Posted by GitBox <gi...@apache.org>.
weizhouapache commented on pull request #5730:
URL: https://github.com/apache/cloudstack/pull/5730#issuecomment-983778630
@blueorangutan test keepEnv
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #5730: Enhancement: create Shared networks and VPC private gateways by users
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on pull request #5730:
URL: https://github.com/apache/cloudstack/pull/5730#issuecomment-983661821
Packaging result: :heavy_check_mark: el7 :heavy_check_mark: el8 :heavy_check_mark: debian :heavy_check_mark: suse15. SL-JID 1811
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] weizhouapache removed a comment on pull request #5730: Enhancement: create Shared networks and VPC private gateways by users
Posted by GitBox <gi...@apache.org>.
weizhouapache removed a comment on pull request #5730:
URL: https://github.com/apache/cloudstack/pull/5730#issuecomment-981745973
@blueorangutan test
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #5730: Enhancement: create Shared networks and VPC private gateways by users
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on pull request #5730:
URL: https://github.com/apache/cloudstack/pull/5730#issuecomment-985945922
<b>Trillian test result (tid-2617)</b>
Environment: kvm-centos7 (x2), Advanced Networking with Mgmt server 7
Total time taken: 37228 seconds
Marvin logs: https://github.com/blueorangutan/acs-prs/releases/download/trillian/pr5730-t2617-kvm-centos7.zip
Intermittent failure detected: /marvin/tests/smoke/test_pvlan.py
Intermittent failure detected: /marvin/tests/smoke/test_primary_storage.py
Intermittent failure detected: /marvin/tests/smoke/test_kubernetes_clusters.py
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] weizhouapache commented on pull request #5730: Enhancement: create Shared networks and VPC private gateways by users
Posted by GitBox <gi...@apache.org>.
weizhouapache commented on pull request #5730:
URL: https://github.com/apache/cloudstack/pull/5730#issuecomment-982527107
@blueorangutan package
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #5730: Enhancement: create Shared networks and VPC private gateways by users
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on pull request #5730:
URL: https://github.com/apache/cloudstack/pull/5730#issuecomment-986084721
<b>Trillian test result (tid-2618)</b>
Environment: kvm-centos7 (x2), Advanced Networking with Mgmt server 7
Total time taken: 46746 seconds
Marvin logs: https://github.com/blueorangutan/acs-prs/releases/download/trillian/pr5730-t2618-kvm-centos7.zip
Smoke tests completed. 91 look OK, 2 have errors
Only failed tests results shown below:
Test | Result | Time (s) | Test File
--- | --- | --- | ---
test_01_invalid_upgrade_kubernetes_cluster | `Failure` | 3607.43 | test_kubernetes_clusters.py
test_02_upgrade_kubernetes_cluster | `Failure` | 3605.73 | test_kubernetes_clusters.py
test_03_deploy_and_scale_kubernetes_cluster | `Failure` | 0.05 | test_kubernetes_clusters.py
test_04_autoscale_kubernetes_cluster | `Failure` | 0.04 | test_kubernetes_clusters.py
test_05_basic_lifecycle_kubernetes_cluster | `Failure` | 0.04 | test_kubernetes_clusters.py
test_06_delete_kubernetes_cluster | `Failure` | 0.04 | test_kubernetes_clusters.py
test_07_deploy_kubernetes_ha_cluster | `Failure` | 0.03 | test_kubernetes_clusters.py
test_08_upgrade_kubernetes_ha_cluster | `Failure` | 0.03 | test_kubernetes_clusters.py
test_09_delete_kubernetes_ha_cluster | `Failure` | 0.03 | test_kubernetes_clusters.py
ContextSuite context=TestKubernetesCluster>:teardown | `Error` | 85.02 | test_kubernetes_clusters.py
test_03_ssvm_internals | `Failure` | 13.95 | test_ssvm.py
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #5730: Enhancement: create Shared networks and VPC private gateways by users
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on pull request #5730:
URL: https://github.com/apache/cloudstack/pull/5730#issuecomment-983718502
@weizhouapache a Jenkins job has been kicked to build packages. I'll keep you posted as I make progress.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] weizhouapache commented on pull request #5730: Enhancement: create Shared networks and VPC private gateways by users
Posted by GitBox <gi...@apache.org>.
weizhouapache commented on pull request #5730:
URL: https://github.com/apache/cloudstack/pull/5730#issuecomment-985602837
@blueorangutan test keepEnv
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #5730: Enhancement: create Shared networks and VPC private gateways by users
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on pull request #5730:
URL: https://github.com/apache/cloudstack/pull/5730#issuecomment-991775020
<b>Trillian test result (tid-2645)</b>
Environment: kvm-centos7 (x2), Advanced Networking with Mgmt server 7
Total time taken: 39063 seconds
Marvin logs: https://github.com/blueorangutan/acs-prs/releases/download/trillian/pr5730-t2645-kvm-centos7.zip
Smoke tests completed. 93 look OK, 0 have errors
Only failed tests results shown below:
Test | Result | Time (s) | Test File
--- | --- | --- | ---
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #5730: Enhancement: create Shared networks and VPC private gateways by users
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on pull request #5730:
URL: https://github.com/apache/cloudstack/pull/5730#issuecomment-991348075
Packaging result: :heavy_check_mark: el7 :heavy_check_mark: el8 :heavy_check_mark: debian :heavy_check_mark: suse15. SL-JID 1871
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #5730: Enhancement: create Shared networks and VPC private gateways by users
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on pull request #5730:
URL: https://github.com/apache/cloudstack/pull/5730#issuecomment-991316772
@weizhouapache a Jenkins job has been kicked to build packages. I'll keep you posted as I make progress.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] weizhouapache commented on pull request #5730: Enhancement: create Shared networks and VPC private gateways by users
Posted by GitBox <gi...@apache.org>.
weizhouapache commented on pull request #5730:
URL: https://github.com/apache/cloudstack/pull/5730#issuecomment-987869705
@blueorangutan package
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #5730: Enhancement: create Shared networks and VPC private gateways by users
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on pull request #5730:
URL: https://github.com/apache/cloudstack/pull/5730#issuecomment-982216194
<b>Trillian test result (tid-2594)</b>
Environment: kvm-centos7 (x2), Advanced Networking with Mgmt server 7
Total time taken: 37410 seconds
Marvin logs: https://github.com/blueorangutan/acs-prs/releases/download/trillian/pr5730-t2594-kvm-centos7.zip
Smoke tests completed. 90 look OK, 3 have errors
Only failed tests results shown below:
Test | Result | Time (s) | Test File
--- | --- | --- | ---
test_create_pvlan_network | `Error` | 0.03 | test_pvlan.py
test_01_isolated_persistent_network | `Error` | 31.07 | test_persistent_network.py
test_dedicateGuestVlanRange | `Error` | 1.10 | test_guest_vlan_range.py
ContextSuite context=TestDedicateGuestVlanRange>:teardown | `Error` | 2.16 | test_guest_vlan_range.py
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] sureshanaparti commented on a change in pull request #5730: Enhancement: create Shared networks and VPC private gateways by users
Posted by GitBox <gi...@apache.org>.
sureshanaparti commented on a change in pull request #5730:
URL: https://github.com/apache/cloudstack/pull/5730#discussion_r759125691
##########
File path: api/src/main/java/org/apache/cloudstack/api/command/user/network/CreateNetworkCmd.java
##########
@@ -249,11 +259,31 @@ public Long getPhysicalNetworkId() {
throw new InvalidParameterValueException("Unable to find network offering by ID " + networkOfferingId);
}
+ Network associatedNetwork = null;
+ if (associatedNetworkId != null) {
+ associatedNetwork = _entityMgr.findById(Network.class, associatedNetworkId);
+ if (associatedNetwork == null) {
+ throw new InvalidParameterValueException("Unable to find network by ID " + associatedNetworkId);
Review comment:
I think, this is already checked in the API call when UUID is transformed to the DB 'ID'.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #5730: Enhancement: create Shared networks and VPC private gateways by users
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on pull request #5730:
URL: https://github.com/apache/cloudstack/pull/5730#issuecomment-985562648
@weizhouapache a Jenkins job has been kicked to build packages. I'll keep you posted as I make progress.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] weizhouapache commented on pull request #5730: Enhancement: create Shared networks and VPC private gateways by users
Posted by GitBox <gi...@apache.org>.
weizhouapache commented on pull request #5730:
URL: https://github.com/apache/cloudstack/pull/5730#issuecomment-985979053
@blueorangutan test keepEnv
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #5730: Enhancement: create Shared networks and VPC private gateways by users
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on pull request #5730:
URL: https://github.com/apache/cloudstack/pull/5730#issuecomment-985603240
@weizhouapache a Trillian-Jenkins test job (centos7 mgmt + kvm-centos7) has been kicked to run smoke tests
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] weizhouapache commented on pull request #5730: Enhancement: create Shared networks and VPC private gateways by users
Posted by GitBox <gi...@apache.org>.
weizhouapache commented on pull request #5730:
URL: https://github.com/apache/cloudstack/pull/5730#issuecomment-991316570
@blueorangutan package
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #5730: Enhancement: create Shared networks and VPC private gateways by users
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on pull request #5730:
URL: https://github.com/apache/cloudstack/pull/5730#issuecomment-991566995
@weizhouapache a Trillian-Jenkins test job (centos7 mgmt + kvm-centos7) has been kicked to run smoke tests
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #5730: Enhancement: create Shared networks and VPC private gateways by users
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on pull request #5730:
URL: https://github.com/apache/cloudstack/pull/5730#issuecomment-983774045
Packaging result: :heavy_check_mark: el7 :heavy_multiplication_x: el8 :heavy_check_mark: debian :heavy_check_mark: suse15. SL-JID 1813
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #5730: Enhancement: create Shared networks and VPC private gateways by users
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on pull request #5730:
URL: https://github.com/apache/cloudstack/pull/5730#issuecomment-981673147
@weizhouapache a Jenkins job has been kicked to build packages. I'll keep you posted as I make progress.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] weizhouapache commented on pull request #5730: Enhancement: create Shared networks and VPC private gateways by users
Posted by GitBox <gi...@apache.org>.
weizhouapache commented on pull request #5730:
URL: https://github.com/apache/cloudstack/pull/5730#issuecomment-981745973
@blueorangutan test
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #5730: Enhancement: create Shared networks and VPC private gateways by users
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on pull request #5730:
URL: https://github.com/apache/cloudstack/pull/5730#issuecomment-981746778
@weizhouapache a Trillian-Jenkins test job (centos7 mgmt + kvm-centos7) has been kicked to run smoke tests
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] weizhouapache commented on pull request #5730: Enhancement: create Shared networks and VPC private gateways by users
Posted by GitBox <gi...@apache.org>.
weizhouapache commented on pull request #5730:
URL: https://github.com/apache/cloudstack/pull/5730#issuecomment-986535233
@blueorangutan test keepEnv
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #5730: Enhancement: create Shared networks and VPC private gateways by users
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on pull request #5730:
URL: https://github.com/apache/cloudstack/pull/5730#issuecomment-982570660
@weizhouapache a Jenkins job has been kicked to build packages. I'll keep you posted as I make progress.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #5730: Enhancement: create Shared networks and VPC private gateways by users
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on pull request #5730:
URL: https://github.com/apache/cloudstack/pull/5730#issuecomment-982631374
@weizhouapache a Trillian-Jenkins test job (centos7 mgmt + kvm-centos7) has been kicked to run smoke tests
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #5730: Enhancement: create Shared networks and VPC private gateways by users
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on pull request #5730:
URL: https://github.com/apache/cloudstack/pull/5730#issuecomment-987035966
<b>Trillian test result (tid-2621)</b>
Environment: kvm-centos7 (x2), Advanced Networking with Mgmt server 7
Total time taken: 35059 seconds
Marvin logs: https://github.com/blueorangutan/acs-prs/releases/download/trillian/pr5730-t2621-kvm-centos7.zip
Smoke tests completed. 89 look OK, 4 have errors
Only failed tests results shown below:
Test | Result | Time (s) | Test File
--- | --- | --- | ---
test_01_add_primary_storage_disabled_host | `Error` | 0.75 | test_primary_storage.py
test_01_primary_storage_nfs | `Error` | 0.11 | test_primary_storage.py
ContextSuite context=TestStorageTags>:setup | `Error` | 0.19 | test_primary_storage.py
test_03_deploy_and_scale_kubernetes_cluster | `Failure` | 32.95 | test_kubernetes_clusters.py
test_07_deploy_kubernetes_ha_cluster | `Failure` | 55.48 | test_kubernetes_clusters.py
test_08_upgrade_kubernetes_ha_cluster | `Failure` | 40.28 | test_kubernetes_clusters.py
test_09_delete_kubernetes_ha_cluster | `Failure` | 0.04 | test_kubernetes_clusters.py
ContextSuite context=TestKubernetesCluster>:teardown | `Error` | 73.81 | test_kubernetes_clusters.py
test_02_list_snapshots_with_removed_data_store | `Error` | 9.50 | test_snapshots.py
test_02_list_snapshots_with_removed_data_store | `Error` | 9.50 | test_snapshots.py
test_hostha_enable_ha_when_host_in_maintenance | `Error` | 307.13 | test_hostha_kvm.py
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] weizhouapache commented on pull request #5730: Enhancement: create Shared networks and VPC private gateways by users
Posted by GitBox <gi...@apache.org>.
weizhouapache commented on pull request #5730:
URL: https://github.com/apache/cloudstack/pull/5730#issuecomment-991316570
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] weizhouapache closed pull request #5730: Enhancement: create Shared networks and VPC private gateways by users
Posted by GitBox <gi...@apache.org>.
weizhouapache closed pull request #5730:
URL: https://github.com/apache/cloudstack/pull/5730
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] sureshanaparti commented on a change in pull request #5730: Enhancement: create Shared networks and VPC private gateways by users
Posted by GitBox <gi...@apache.org>.
sureshanaparti commented on a change in pull request #5730:
URL: https://github.com/apache/cloudstack/pull/5730#discussion_r759121624
##########
File path: api/src/main/java/org/apache/cloudstack/api/command/admin/vpc/CreatePrivateGatewayByAdminCmd.java
##########
@@ -0,0 +1,75 @@
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements. See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership. The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License. You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied. See the License for the
+// specific language governing permissions and limitations
+// under the License.
+package org.apache.cloudstack.api.command.admin.vpc;
+
+import org.apache.log4j.Logger;
+
+import org.apache.cloudstack.api.APICommand;
+import org.apache.cloudstack.api.ApiConstants;
+import org.apache.cloudstack.api.Parameter;
+import org.apache.cloudstack.api.ResponseObject.ResponseView;
+import org.apache.cloudstack.api.command.admin.AdminCmd;
+import org.apache.cloudstack.api.command.user.vpc.CreatePrivateGatewayCmd;
+import org.apache.cloudstack.api.response.PhysicalNetworkResponse;
+import org.apache.cloudstack.api.response.PrivateGatewayResponse;
+
+import com.cloud.network.vpc.VpcGateway;
+
+@APICommand(name = "createPrivateGateway", description = "Creates a private gateway",
+ responseObject = PrivateGatewayResponse.class,
+ responseView = ResponseView.Full,
+ entityType = {VpcGateway.class},
+ requestHasSensitiveInfo = false, responseHasSensitiveInfo = false)
Review comment:
Add "since" attribute to new API cmds.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #5730: Enhancement: create Shared networks and VPC private gateways by users
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on pull request #5730:
URL: https://github.com/apache/cloudstack/pull/5730#issuecomment-983115396
<b>Trillian test result (tid-2595)</b>
Environment: kvm-centos7 (x2), Advanced Networking with Mgmt server 7
Total time taken: 34444 seconds
Marvin logs: https://github.com/blueorangutan/acs-prs/releases/download/trillian/pr5730-t2595-kvm-centos7.zip
Smoke tests completed. 92 look OK, 1 have errors
Only failed tests results shown below:
Test | Result | Time (s) | Test File
--- | --- | --- | ---
test_create_pvlan_network | `Error` | 0.04 | test_pvlan.py
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #5730: Enhancement: create Shared networks and VPC private gateways by users
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on pull request #5730:
URL: https://github.com/apache/cloudstack/pull/5730#issuecomment-982478587
@weizhouapache a Jenkins job has been kicked to build packages. I'll keep you posted as I make progress.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] weizhouapache commented on pull request #5730: Enhancement: create Shared networks and VPC private gateways by users
Posted by GitBox <gi...@apache.org>.
weizhouapache commented on pull request #5730:
URL: https://github.com/apache/cloudstack/pull/5730#issuecomment-982477889
@blueorangutan package
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #5730: Enhancement: create Shared networks and VPC private gateways by users
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on pull request #5730:
URL: https://github.com/apache/cloudstack/pull/5730#issuecomment-982517749
Packaging result: :heavy_check_mark: el7 :heavy_check_mark: el8 :heavy_check_mark: debian :heavy_check_mark: suse15. SL-JID 1800
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #5730: Enhancement: create Shared networks and VPC private gateways by users
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on pull request #5730:
URL: https://github.com/apache/cloudstack/pull/5730#issuecomment-982600097
Packaging result: :heavy_check_mark: el7 :heavy_check_mark: el8 :heavy_check_mark: debian :heavy_check_mark: suse15. SL-JID 1802
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] GutoVeronezi commented on a change in pull request #5730: Enhancement: create Shared networks and VPC private gateways by users
Posted by GitBox <gi...@apache.org>.
GutoVeronezi commented on a change in pull request #5730:
URL: https://github.com/apache/cloudstack/pull/5730#discussion_r763067267
##########
File path: api/src/main/java/org/apache/cloudstack/api/command/admin/vpc/CreatePrivateGatewayByAdminCmd.java
##########
@@ -0,0 +1,76 @@
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements. See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership. The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License. You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied. See the License for the
+// specific language governing permissions and limitations
+// under the License.
+package org.apache.cloudstack.api.command.admin.vpc;
+
+import org.apache.log4j.Logger;
+
+import org.apache.cloudstack.api.APICommand;
+import org.apache.cloudstack.api.ApiConstants;
+import org.apache.cloudstack.api.Parameter;
+import org.apache.cloudstack.api.ResponseObject.ResponseView;
+import org.apache.cloudstack.api.command.admin.AdminCmd;
+import org.apache.cloudstack.api.command.user.vpc.CreatePrivateGatewayCmd;
+import org.apache.cloudstack.api.response.PhysicalNetworkResponse;
+import org.apache.cloudstack.api.response.PrivateGatewayResponse;
+
+import com.cloud.network.vpc.VpcGateway;
+
+@APICommand(name = "createPrivateGateway", description = "Creates a private gateway",
+ responseObject = PrivateGatewayResponse.class,
+ responseView = ResponseView.Full,
+ entityType = {VpcGateway.class},
+ since = "4.17.0",
+ requestHasSensitiveInfo = false, responseHasSensitiveInfo = false)
+public class CreatePrivateGatewayByAdminCmd extends CreatePrivateGatewayCmd implements AdminCmd {
+ public static final Logger s_logger = Logger.getLogger(CreatePrivateGatewayByAdminCmd.class.getName());
+
+ /////////////////////////////////////////////////////
+ //////////////// API parameters /////////////////////
+ /////////////////////////////////////////////////////
+
+ @Parameter(name = ApiConstants.PHYSICAL_NETWORK_ID,
+ type = CommandType.UUID,
+ entityType = PhysicalNetworkResponse.class,
+ description = "the Physical Network ID the network belongs to")
+ private Long physicalNetworkId;
+
+ @Parameter(name = ApiConstants.VLAN, type = CommandType.STRING, description = "the network implementation uri for the private gateway")
+ private String broadcastUri;
+
+ @Parameter(name = ApiConstants.BYPASS_VLAN_OVERLAP_CHECK, type = CommandType.BOOLEAN, description = "when true bypasses VLAN id/range overlap check during private gateway creation")
+ private Boolean bypassVlanOverlapCheck;
+
+ /////////////////////////////////////////////////////
+ /////////////////// Accessors ///////////////////////
+ /////////////////////////////////////////////////////
+
+
+ public String getBroadcastUri() {
+ return broadcastUri;
+ }
+
+ public Long getPhysicalNetworkId() {
+ return physicalNetworkId;
+ }
+
+ public Boolean getBypassVlanOverlapCheck() {
+ if (bypassVlanOverlapCheck != null) {
+ return bypassVlanOverlapCheck;
+ }
+ return false;
+ }
Review comment:
We could use `org.apache.commons.lang3.BooleanUtils#toBoolean` here.
##########
File path: api/src/main/java/org/apache/cloudstack/api/command/user/network/ListNetworksCmd.java
##########
@@ -96,6 +96,13 @@
@Parameter(name = ApiConstants.NETWORK_OFFERING_ID, type = CommandType.UUID, entityType = NetworkOfferingResponse.class, description = "list networks by network offering ID")
private Long networkOfferingId;
+ @Parameter(name = ApiConstants.ASSOCIATED_NETWORK_ID,
+ type = CommandType.UUID,
+ entityType = NetworkResponse.class,
+ since = "4.17.0",
+ description = "List networks by associated networks. only available if create a Shared network")
Review comment:
```suggestion
description = "List networks by associated networks. Only available if create a Shared network.")
```
##########
File path: engine/orchestration/src/main/java/org/apache/cloudstack/engine/orchestration/NetworkOrchestrator.java
##########
@@ -2530,7 +2530,9 @@ private Network createGuestNetwork(final long networkOfferingId, final String na
final boolean vlanSpecified = vlanId != null;
if (vlanSpecified != ntwkOff.isSpecifyVlan()) {
if (vlanSpecified) {
- throw new InvalidParameterValueException("Can't specify vlan; corresponding offering says specifyVlan=false");
+ if (! isSharedNetworkWithoutSpecifyVlan(ntwkOff) && ! isPrivateGatewayWithoutSpecifyVlan(ntwkOff)) {
Review comment:
```suggestion
if (!isSharedNetworkWithoutSpecifyVlan(ntwkOff) && !isPrivateGatewayWithoutSpecifyVlan(ntwkOff)) {
```
##########
File path: api/src/main/java/org/apache/cloudstack/api/response/GuestVlanResponse.java
##########
@@ -0,0 +1,156 @@
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements. See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership. The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License. You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied. See the License for the
+// specific language governing permissions and limitations
+// under the License.
+package org.apache.cloudstack.api.response;
+
+import com.google.gson.annotations.SerializedName;
+
+import org.apache.cloudstack.api.ApiConstants;
+import org.apache.cloudstack.api.BaseResponse;
+
+import com.cloud.serializer.Param;
+
+import java.util.Date;
+import java.util.List;
+
+@SuppressWarnings("unused")
+public class GuestVlanResponse extends BaseResponse implements ControlledEntityResponse {
+
+ @SerializedName(ApiConstants.ID)
+ @Param(description = "the guest VLAN id")
+ private long id;
+
+ @SerializedName(ApiConstants.VLAN)
+ @Param(description = "the guest VLAN")
+ private String guestVlan;
+
+ @SerializedName(ApiConstants.ACCOUNT)
+ @Param(description = "the account of the guest VLAN range")
+ private String accountName;
+
+ @SerializedName(ApiConstants.DOMAIN_ID)
+ @Param(description = "the domain ID of the guest VLAN range")
+ private String domainId;
+
+ @SerializedName(ApiConstants.DOMAIN)
+ @Param(description = "the domain name of the guest VLAN range")
+ private String domainName;
+
+ @SerializedName(ApiConstants.PROJECT_ID)
+ @Param(description = "the project id of the guest vlan range")
+ private String projectId;
+
+ @SerializedName(ApiConstants.PROJECT)
+ @Param(description = "the project name of the guest vlan range")
+ private String projectName;
+
+ @SerializedName(ApiConstants.ZONE_ID)
+ @Param(description = "the zone ID of the guest vlan range")
+ private String zoneId;
+
+ @SerializedName(ApiConstants.ZONE_NAME)
+ @Param(description = "the zone name of the guest vlan range")
+ private String zoneName;
+
+ @SerializedName(ApiConstants.PHYSICAL_NETWORK_ID)
+ @Param(description = "the physical network ID of the guest vlan range")
+ private String physicalNetworkId;
+
+ @SerializedName(ApiConstants.PHYSICAL_NETWORK_NAME)
+ @Param(description = "the physical network name of the guest vlan range")
+ private String physicalNetworkName;
+
+ @SerializedName(ApiConstants.IS_DEDICATED)
+ @Param(description = "true if the guest vlan is dedicated to the account")
+ private Boolean isDedicated;
+
+ @SerializedName(ApiConstants.ALLOCATION_STATE)
+ @Param(description = "the allocation state of the guest vlan")
+ private String allocationState;
+
+ @SerializedName(ApiConstants.TAKEN)
+ @Param(description = "date the guest vlan was taken")
+ private Date taken;
+
+ @SerializedName(ApiConstants.NETWORK)
+ @Param(description = "the list of networks who use this guest vlan", responseObject = NetworkResponse.class)
Review comment:
`vlan` -> `VLAN`
##########
File path: server/src/main/java/com/cloud/api/ApiResponseHelper.java
##########
@@ -2424,6 +2429,17 @@ public NetworkResponse createNetworkResponse(ResponseView view, Network network)
response.setVpcName(vpc.getName());
}
}
+
+ final NetworkDetailVO detail = networkDetailsDao.findDetail(network.getId(), Network.AssociatedNetworkId);
+ if (detail != null) {
+ Long associatedNetworkId = Long.valueOf(detail.getValue());
+ NetworkVO associatedNetwork = ApiDBUtils.findNetworkById(associatedNetworkId);
+ if (associatedNetwork != null) {
+ response.setAssociatedNetworkId(associatedNetwork.getUuid());
+ response.setAssociatedNetworkName(associatedNetwork.getName());
+ }
+ }
+
Review comment:
We could invert this `if` statement and add a return, to reduce code indentation.
##########
File path: engine/schema/src/main/java/com/cloud/vm/dao/DomainRouterDaoImpl.java
##########
@@ -376,7 +376,8 @@ public DomainRouterVO persist(final DomainRouterVO router, final List<Network> g
public void addRouterToGuestNetwork(final VirtualRouter router, final Network guestNetwork) {
if (_routerNetworkDao.findByRouterAndNetwork(router.getId(), guestNetwork.getId()) == null) {
final NetworkOffering off = _offDao.findById(guestNetwork.getNetworkOfferingId());
- if (!off.getName().equalsIgnoreCase(NetworkOffering.SystemPrivateGatewayNetworkOffering)) {
+ if (!off.getName().equalsIgnoreCase(NetworkOffering.SystemPrivateGatewayNetworkOffering)
+ && !off.getName().equalsIgnoreCase(NetworkOffering.SystemPrivateGatewayNetworkOfferingWithoutVlan)) {
Review comment:
We could use `org.apache.commons.lang3.StringUtils#equalsAnyIgnoreCase` here.
##########
File path: server/src/main/java/com/cloud/configuration/ConfigurationManagerImpl.java
##########
@@ -4377,6 +4320,73 @@ public Vlan createVlanAndPublicIpRange(final long zoneId, final long networkId,
return vlan;
}
+ private void checkZoneVlanIpOverlap(DataCenterVO zone, Network network, String newCidr, String vlanId, String vlanGateway, String vlanNetmask, String startIP, String endIP) {
+ // Throw an exception if this subnet overlaps with subnet on other VLAN,
+ // if this is ip range extension, gateway, network mask should be same and ip range should not overlap
+
+ final List<VlanVO> vlans = _vlanDao.listByZone(zone.getId());
+ for (final VlanVO vlan : vlans) {
+ final String otherVlanGateway = vlan.getVlanGateway();
+ final String otherVlanNetmask = vlan.getVlanNetmask();
+ // Continue if it's not IPv4
+ if ( otherVlanGateway == null || otherVlanNetmask == null ) {
+ continue;
+ }
+ if ( vlan.getNetworkId() == null ) {
+ continue;
+ }
Review comment:
We could use `org.apache.commons.lang3.ObjectUtils#anyNull` here.
##########
File path: server/src/main/java/com/cloud/configuration/ConfigurationManagerImpl.java
##########
@@ -4377,6 +4320,73 @@ public Vlan createVlanAndPublicIpRange(final long zoneId, final long networkId,
return vlan;
}
+ private void checkZoneVlanIpOverlap(DataCenterVO zone, Network network, String newCidr, String vlanId, String vlanGateway, String vlanNetmask, String startIP, String endIP) {
+ // Throw an exception if this subnet overlaps with subnet on other VLAN,
+ // if this is ip range extension, gateway, network mask should be same and ip range should not overlap
+
+ final List<VlanVO> vlans = _vlanDao.listByZone(zone.getId());
+ for (final VlanVO vlan : vlans) {
+ final String otherVlanGateway = vlan.getVlanGateway();
+ final String otherVlanNetmask = vlan.getVlanNetmask();
+ // Continue if it's not IPv4
+ if ( otherVlanGateway == null || otherVlanNetmask == null ) {
+ continue;
+ }
+ if ( vlan.getNetworkId() == null ) {
+ continue;
+ }
+ final String otherCidr = NetUtils.getCidrFromGatewayAndNetmask(otherVlanGateway, otherVlanNetmask);
+ if( !NetUtils.isNetworksOverlap(newCidr, otherCidr)) {
+ continue;
+ }
+ // from here, subnet overlaps
+ if (vlanId.toLowerCase().contains(Vlan.UNTAGGED) || UriUtils.checkVlanUriOverlap(
+ BroadcastDomainType.getValue(BroadcastDomainType.fromString(vlanId)),
+ BroadcastDomainType.getValue(BroadcastDomainType.fromString(vlan.getVlanTag())))) {
+ // For untagged VLAN Id and overlapping URIs we need to expand and verify IP ranges
+ final String[] otherVlanIpRange = vlan.getIpRange().split("\\-");
+ final String otherVlanStartIP = otherVlanIpRange[0];
+ String otherVlanEndIP = null;
+ if (otherVlanIpRange.length > 1) {
+ otherVlanEndIP = otherVlanIpRange[1];
+ }
+
+ // extend IP range
+ if (!vlanGateway.equals(otherVlanGateway) || !vlanNetmask.equals(vlan.getVlanNetmask())) {
+ throw new InvalidParameterValueException("The IP range has already been added with gateway "
+ + otherVlanGateway + " ,and netmask " + otherVlanNetmask
+ + ", Please specify the gateway/netmask if you want to extend ip range" );
+ }
+ if (!NetUtils.is31PrefixCidr(newCidr)) {
+ if (NetUtils.ipRangesOverlap(startIP, endIP, otherVlanStartIP, otherVlanEndIP)) {
Review comment:
We could join these 2 `if` statement.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] weizhouapache commented on a change in pull request #5730: Enhancement: create Shared networks and VPC private gateways by users
Posted by GitBox <gi...@apache.org>.
weizhouapache commented on a change in pull request #5730:
URL: https://github.com/apache/cloudstack/pull/5730#discussion_r761770410
##########
File path: test/integration/smoke/test_user_private_gateway.py
##########
@@ -0,0 +1,428 @@
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied. See the License for the
+# specific language governing permissions and limitations
+# under the License.
+
+"""
+Tests of user-private gateway
+"""
+
+import logging
+import time
+
+from nose.plugins.attrib import attr
+from marvin.cloudstackTestCase import cloudstackTestCase
+from marvin.lib.utils import cleanup_resources, random_gen
+
+from marvin.lib.base import (Account,
+ Domain,
+ Project,
+ Configurations,
+ ServiceOffering,
+ Zone,
+ Network,
+ NetworkOffering,
+ VPC,
+ VpcOffering,
+ PrivateGateway)
+
+from marvin.lib.common import (get_domain,
+ get_zone,
+ get_template)
+
+NETWORK_STATE_ALLOCATED = "Allocated"
+NETWORK_STATE_IMPLEMENTED = "Implemented"
+NETWORK_STATE_SETUP = "Setup"
+NETWORK_STATE_REMOVED = "Removed"
+
+class TestUserPrivateGateways(cloudstackTestCase):
+ """
+ Test user-shared networks
+ """
+ @classmethod
+ def setUpClass(cls):
+ cls.testClient = super(
+ TestUserPrivateGateways,
+ cls).getClsTestClient()
+ cls.admin_apiclient = cls.testClient.getApiClient()
+ cls.services = cls.testClient.getParsedTestDataConfig()
+
+ zone = get_zone(cls.admin_apiclient, cls.testClient.getZoneForTests())
+ cls.zone = Zone(zone.__dict__)
+ cls.template = get_template(cls.admin_apiclient, cls.zone.id)
+ cls._cleanup = []
+
+ cls.logger = logging.getLogger("TestUserPrivateGateways")
+ cls.stream_handler = logging.StreamHandler()
+ cls.logger.setLevel(logging.DEBUG)
+ cls.logger.addHandler(cls.stream_handler)
+
+ cls.domain = get_domain(cls.admin_apiclient)
+
+ # Create sub-domain
+ cls.sub_domain = Domain.create(
+ cls.admin_apiclient,
+ cls.services["acl"]["domain1"]
+ )
+
+ # Create domain admin and normal user
+ cls.domain_admin = Account.create(
+ cls.admin_apiclient,
+ cls.services["acl"]["accountD1A"],
+ admin=True,
+ domainid=cls.sub_domain.id
+ )
+ cls.normal_user = Account.create(
+ cls.admin_apiclient,
+ cls.services["acl"]["accountD1B"],
+ domainid=cls.sub_domain.id
+ )
+ # Create project
+ cls.project = Project.create(
+ cls.admin_apiclient,
+ cls.services["project"],
+ account=cls.domain_admin.name,
+ domainid=cls.domain_admin.domainid
+ )
+ cls._cleanup.append(cls.project)
+ cls._cleanup.append(cls.domain_admin)
+ cls._cleanup.append(cls.normal_user)
+ cls._cleanup.append(cls.sub_domain)
+
Review comment:
@DaanHoogland good point. will change it.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #5730: Enhancement: create Shared networks and VPC private gateways by users
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on pull request #5730:
URL: https://github.com/apache/cloudstack/pull/5730#issuecomment-985979282
@weizhouapache a Trillian-Jenkins test job (centos7 mgmt + kvm-centos7) has been kicked to run smoke tests
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] DaanHoogland commented on a change in pull request #5730: Enhancement: create Shared networks and VPC private gateways by users
Posted by GitBox <gi...@apache.org>.
DaanHoogland commented on a change in pull request #5730:
URL: https://github.com/apache/cloudstack/pull/5730#discussion_r761730336
##########
File path: server/src/main/java/com/cloud/network/NetworkModelImpl.java
##########
@@ -1703,6 +1690,109 @@ public void checkNetworkPermissions(Account owner, Network network) {
}
}
+ private void checkProjectNetworkPermissions(Account owner, Account networkOwner, Network network){
+ User user = CallContext.current().getCallingUser();
+ Project project = projectDao.findByProjectAccountId(networkOwner.getId());
+ if (project == null) {
+ throw new CloudRuntimeException("Unable to find project to which the network belongs to");
+ }
+ ProjectAccount projectAccountUser = _projectAccountDao.findByProjectIdUserId(project.getId(), user.getAccountId(), user.getId());
+ if (projectAccountUser != null) {
+ if (!_projectAccountDao.canUserAccessProjectAccount(user.getAccountId(), user.getId(), networkOwner.getId())) {
+ throw new PermissionDeniedException("Unable to use network with id= " + ((NetworkVO)network).getUuid() +
+ ", permission denied");
+ }
+ } else {
+ if (!_projectAccountDao.canAccessProjectAccount(owner.getAccountId(), networkOwner.getId())) {
+ throw new PermissionDeniedException("Unable to use network with id= " + ((NetworkVO) network).getUuid() +
+ ", permission denied");
+ }
+ }
+ }
+
+ @Override
+ public void checkNetworkOperatePermissions(Account owner, Network network) {
+ if (network == null) {
+ throw new CloudRuntimeException("cannot check permissions on (Network) <null>");
+ }
+ if (network.getGuestType() == GuestType.Shared) {
+ checkSharedNetworkOperatePermissions(owner, network);
+ } else {
+ checkNonSharedNetworkOperatePermissions(owner, network);
+ }
+ }
+
+ private void checkNonSharedNetworkOperatePermissions(Account owner, Network network) {
+ // check on isolated/L2 networks
+ if (owner.getType() == Account.ACCOUNT_TYPE_ADMIN) {
+ return;
+ }
+ Account networkOwner = _accountDao.findByIdIncludingRemoved(network.getAccountId());
+ if (owner.getType() == Account.ACCOUNT_TYPE_DOMAIN_ADMIN) {
+ if (!_domainDao.isChildDomain(owner.getDomainId(), networkOwner.getDomainId())) {
+ throw new PermissionDeniedException(String.format("network %s cannot be operated by domain admin %s", network, owner));
+ }
+ } else if (owner.getType() == Account.ACCOUNT_TYPE_NORMAL) {
+ if (owner.getType() != Account.ACCOUNT_TYPE_PROJECT && networkOwner.getType() == Account.ACCOUNT_TYPE_PROJECT) {
+ checkProjectNetworkPermissions(owner, networkOwner, network);
+ } else if (networkOwner.getAccountId() != owner.getAccountId()) {
+ throw new PermissionDeniedException(String.format("network %s cannot be operated by normal user %s", network, owner));
+ }
+ } else {
+ throw new PermissionDeniedException(String.format("network %s cannot be operated by this account %s", network, owner));
+ }
+ }
+
+ private void checkSharedNetworkOperatePermissions(Account owner, Network network) {
+ NetworkOffering networkOffering = _networkOfferingDao.findById(network.getNetworkOfferingId());
+ if (networkOffering.isSpecifyVlan() && owner.getType() != Account.ACCOUNT_TYPE_ADMIN) {
+ throw new PermissionDeniedException(String.format("Shared network %s with specifyvlan=true can only be operated by root admin", network));
+ }
+ if (owner.getType() == Account.ACCOUNT_TYPE_DOMAIN_ADMIN) {
+ if (network.getAclType() == ACLType.Domain) {
+ // Allow domain admins to operate shared network for their domain.
+ NetworkDomainVO networkDomainMap = _networkDomainDao.getDomainNetworkMapByNetworkId(network.getId());
+ if (networkDomainMap == null) {
+ throw new CloudRuntimeException(String.format("Cannot find domain info for Shared network %s with aclType=Domain", network));
+ }
+ if (!_domainDao.isChildDomain(owner.getDomainId(), networkDomainMap.getDomainId())) {
+ throw new PermissionDeniedException(String.format("Shared network %s cannot be operated by domain admin %s", network, owner));
+ }
+ } else if (network.getAclType() == ACLType.Account) {
+ // Allow domain admins to operate shared network for an account in their domain.
+ NetworkAccountVO networkAccountMap = _networkAccountDao.getAccountNetworkMapByNetworkId(network.getId());
+ if (networkAccountMap == null) {
+ throw new CloudRuntimeException(String.format("Cannot find account info for Shared network %s with aclType=Account", network));
+ }
+ if (!_domainDao.isChildDomain(owner.getDomainId(), _accountDao.findByIdIncludingRemoved(networkAccountMap.getAccountId()).getDomainId())) {
+ throw new PermissionDeniedException(String.format("Shared network %s cannot be operated by domain admin %s", network, owner));
Review comment:
this has the exact same message text as line https://github.com/apache/cloudstack/pull/5730/files#diff-05d77af980dadebef650b49cb8ab34f4d0040fa18ec7643cd2c945de5227933dR1759
maybe externalise or include the reason for throwing in the text so it can be identified more easily?
##########
File path: test/integration/smoke/test_user_shared_network.py
##########
@@ -0,0 +1,634 @@
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied. See the License for the
+# specific language governing permissions and limitations
+# under the License.
+
+"""
+Tests of user-shared networks
+"""
+
+import logging
+import time
+
+from nose.plugins.attrib import attr
+from marvin.cloudstackTestCase import cloudstackTestCase
+from marvin.lib.utils import cleanup_resources, random_gen
+
+from marvin.lib.base import (Account,
+ Domain,
+ Project,
+ Configurations,
+ ServiceOffering,
+ Zone,
+ Network,
+ NetworkOffering,
+ VPC,
+ VpcOffering)
+
+from marvin.lib.common import (get_domain,
+ get_zone,
+ get_template)
+
+NETWORK_STATE_ALLOCATED = "Allocated"
+NETWORK_STATE_IMPLEMENTED = "Implemented"
+NETWORK_STATE_SETUP = "Setup"
+NETWORK_STATE_REMOVED = "Removed"
+
+class TestUserSharedNetworks(cloudstackTestCase):
+ """
+ Test user-shared networks
+ """
+ @classmethod
+ def setUpClass(cls):
+ cls.testClient = super(
+ TestUserSharedNetworks,
+ cls).getClsTestClient()
+ cls.admin_apiclient = cls.testClient.getApiClient()
+ cls.services = cls.testClient.getParsedTestDataConfig()
+
+ zone = get_zone(cls.admin_apiclient, cls.testClient.getZoneForTests())
+ cls.zone = Zone(zone.__dict__)
+ cls.template = get_template(cls.admin_apiclient, cls.zone.id)
+ cls._cleanup = []
+
+ cls.logger = logging.getLogger("TestUserSharedNetworks")
+ cls.stream_handler = logging.StreamHandler()
+ cls.logger.setLevel(logging.DEBUG)
+ cls.logger.addHandler(cls.stream_handler)
+
+ cls.domain = get_domain(cls.admin_apiclient)
+
+ # Create sub-domain
+ cls.sub_domain = Domain.create(
+ cls.admin_apiclient,
+ cls.services["acl"]["domain1"]
+ )
+
+ # Create domain admin and normal user
+ cls.domain_admin = Account.create(
+ cls.admin_apiclient,
+ cls.services["acl"]["accountD1A"],
+ admin=True,
+ domainid=cls.sub_domain.id
+ )
+ cls.normal_user = Account.create(
+ cls.admin_apiclient,
+ cls.services["acl"]["accountD1B"],
+ domainid=cls.sub_domain.id
+ )
+ # Create project
+ cls.project = Project.create(
+ cls.admin_apiclient,
+ cls.services["project"],
+ account=cls.domain_admin.name,
+ domainid=cls.domain_admin.domainid
+ )
+ cls._cleanup.append(cls.project)
+ cls._cleanup.append(cls.domain_admin)
+ cls._cleanup.append(cls.normal_user)
+ cls._cleanup.append(cls.sub_domain)
+
+ # Create small service offering
+ cls.service_offering = ServiceOffering.create(
+ cls.admin_apiclient,
+ cls.services["service_offerings"]["small"]
+ )
+ cls._cleanup.append(cls.service_offering)
+
+ # Create network offering for user-shared networks (specifyVlan=true)
+ cls.network_offering_withvlan = NetworkOffering.create(
+ cls.admin_apiclient,
+ cls.services["network_offering_shared"]
+ )
+ cls.network_offering_withvlan.update(cls.admin_apiclient, state='Enabled')
+ cls._cleanup.append(cls.network_offering_withvlan)
+
+ # Create network offering for user-shared networks (specifyVlan=false)
+ cls.services["network_offering_shared"]["specifyVlan"] = "False"
+ cls.network_offering_novlan = NetworkOffering.create(
+ cls.admin_apiclient,
+ cls.services["network_offering_shared"]
+ )
+ cls.network_offering_novlan.update(cls.admin_apiclient, state='Enabled')
+ cls._cleanup.append(cls.network_offering_novlan)
+
+ # Create network offering for isolated networks
+ cls.network_offering_isolated = NetworkOffering.create(
+ cls.admin_apiclient,
+ cls.services["network_offering"]
+ )
+ cls.network_offering_isolated.update(cls.admin_apiclient, state='Enabled')
+ cls._cleanup.append(cls.network_offering_isolated)
+
+ # Create vpc offering
+ cls.vpc_offering = VpcOffering.create(
+ cls.admin_apiclient,
+ cls.services["vpc_offering_multi_lb"])
+ cls.vpc_offering.update(cls.admin_apiclient, state='Enabled')
+ cls._cleanup.append(cls.vpc_offering)
+
+ # Create network offering for vpc tiers
+ cls.network_offering_vpc = NetworkOffering.create(
+ cls.admin_apiclient,
+ cls.services["nw_offering_isolated_vpc"],
+ conservemode=False
+ )
+ cls.network_offering_vpc.update(cls.admin_apiclient, state='Enabled')
+ cls._cleanup.append(cls.network_offering_vpc)
+
+ # Create api clients for domain admin and normal user
+ cls.domainadmin_user = cls.domain_admin.user[0]
+ cls.domainadmin_apiclient = cls.testClient.getUserApiClient(
+ cls.domainadmin_user.username, cls.sub_domain.name
+ )
+ cls.normaluser_user = cls.normal_user.user[0]
+ cls.normaluser_apiclient = cls.testClient.getUserApiClient(
+ cls.normaluser_user.username, cls.sub_domain.name
+ )
+
+ @classmethod
+ def tearDownClass(cls):
+ try:
+ cleanup_resources(cls.admin_apiclient, cls._cleanup)
+ except Exception as ex:
+ raise Exception(f"Warning: Exception during cleanup : {ex}") from ex
Review comment:
super call
##########
File path: test/integration/smoke/test_user_private_gateway.py
##########
@@ -0,0 +1,428 @@
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied. See the License for the
+# specific language governing permissions and limitations
+# under the License.
+
+"""
+Tests of user-private gateway
+"""
+
+import logging
+import time
+
+from nose.plugins.attrib import attr
+from marvin.cloudstackTestCase import cloudstackTestCase
+from marvin.lib.utils import cleanup_resources, random_gen
+
+from marvin.lib.base import (Account,
+ Domain,
+ Project,
+ Configurations,
+ ServiceOffering,
+ Zone,
+ Network,
+ NetworkOffering,
+ VPC,
+ VpcOffering,
+ PrivateGateway)
+
+from marvin.lib.common import (get_domain,
+ get_zone,
+ get_template)
+
+NETWORK_STATE_ALLOCATED = "Allocated"
+NETWORK_STATE_IMPLEMENTED = "Implemented"
+NETWORK_STATE_SETUP = "Setup"
+NETWORK_STATE_REMOVED = "Removed"
+
+class TestUserPrivateGateways(cloudstackTestCase):
+ """
+ Test user-shared networks
+ """
+ @classmethod
+ def setUpClass(cls):
+ cls.testClient = super(
+ TestUserPrivateGateways,
+ cls).getClsTestClient()
+ cls.admin_apiclient = cls.testClient.getApiClient()
+ cls.services = cls.testClient.getParsedTestDataConfig()
+
+ zone = get_zone(cls.admin_apiclient, cls.testClient.getZoneForTests())
+ cls.zone = Zone(zone.__dict__)
+ cls.template = get_template(cls.admin_apiclient, cls.zone.id)
+ cls._cleanup = []
+
+ cls.logger = logging.getLogger("TestUserPrivateGateways")
+ cls.stream_handler = logging.StreamHandler()
+ cls.logger.setLevel(logging.DEBUG)
+ cls.logger.addHandler(cls.stream_handler)
+
+ cls.domain = get_domain(cls.admin_apiclient)
+
+ # Create sub-domain
+ cls.sub_domain = Domain.create(
+ cls.admin_apiclient,
+ cls.services["acl"]["domain1"]
+ )
+
+ # Create domain admin and normal user
+ cls.domain_admin = Account.create(
+ cls.admin_apiclient,
+ cls.services["acl"]["accountD1A"],
+ admin=True,
+ domainid=cls.sub_domain.id
+ )
+ cls.normal_user = Account.create(
+ cls.admin_apiclient,
+ cls.services["acl"]["accountD1B"],
+ domainid=cls.sub_domain.id
+ )
+ # Create project
+ cls.project = Project.create(
+ cls.admin_apiclient,
+ cls.services["project"],
+ account=cls.domain_admin.name,
+ domainid=cls.domain_admin.domainid
+ )
+ cls._cleanup.append(cls.project)
+ cls._cleanup.append(cls.domain_admin)
+ cls._cleanup.append(cls.normal_user)
+ cls._cleanup.append(cls.sub_domain)
+
Review comment:
please add in order not in reverse order. there is a super call that handles reversing the item order for cleanup
##########
File path: server/src/main/java/com/cloud/network/NetworkModelImpl.java
##########
@@ -1703,6 +1690,109 @@ public void checkNetworkPermissions(Account owner, Network network) {
}
}
+ private void checkProjectNetworkPermissions(Account owner, Account networkOwner, Network network){
+ User user = CallContext.current().getCallingUser();
+ Project project = projectDao.findByProjectAccountId(networkOwner.getId());
+ if (project == null) {
+ throw new CloudRuntimeException("Unable to find project to which the network belongs to");
+ }
+ ProjectAccount projectAccountUser = _projectAccountDao.findByProjectIdUserId(project.getId(), user.getAccountId(), user.getId());
+ if (projectAccountUser != null) {
+ if (!_projectAccountDao.canUserAccessProjectAccount(user.getAccountId(), user.getId(), networkOwner.getId())) {
+ throw new PermissionDeniedException("Unable to use network with id= " + ((NetworkVO)network).getUuid() +
+ ", permission denied");
+ }
+ } else {
+ if (!_projectAccountDao.canAccessProjectAccount(owner.getAccountId(), networkOwner.getId())) {
+ throw new PermissionDeniedException("Unable to use network with id= " + ((NetworkVO) network).getUuid() +
+ ", permission denied");
+ }
+ }
+ }
+
+ @Override
+ public void checkNetworkOperatePermissions(Account owner, Network network) {
+ if (network == null) {
+ throw new CloudRuntimeException("cannot check permissions on (Network) <null>");
+ }
+ if (network.getGuestType() == GuestType.Shared) {
+ checkSharedNetworkOperatePermissions(owner, network);
+ } else {
+ checkNonSharedNetworkOperatePermissions(owner, network);
+ }
+ }
+
+ private void checkNonSharedNetworkOperatePermissions(Account owner, Network network) {
+ // check on isolated/L2 networks
+ if (owner.getType() == Account.ACCOUNT_TYPE_ADMIN) {
+ return;
+ }
+ Account networkOwner = _accountDao.findByIdIncludingRemoved(network.getAccountId());
+ if (owner.getType() == Account.ACCOUNT_TYPE_DOMAIN_ADMIN) {
+ if (!_domainDao.isChildDomain(owner.getDomainId(), networkOwner.getDomainId())) {
+ throw new PermissionDeniedException(String.format("network %s cannot be operated by domain admin %s", network, owner));
+ }
+ } else if (owner.getType() == Account.ACCOUNT_TYPE_NORMAL) {
+ if (owner.getType() != Account.ACCOUNT_TYPE_PROJECT && networkOwner.getType() == Account.ACCOUNT_TYPE_PROJECT) {
+ checkProjectNetworkPermissions(owner, networkOwner, network);
+ } else if (networkOwner.getAccountId() != owner.getAccountId()) {
+ throw new PermissionDeniedException(String.format("network %s cannot be operated by normal user %s", network, owner));
+ }
+ } else {
+ throw new PermissionDeniedException(String.format("network %s cannot be operated by this account %s", network, owner));
+ }
+ }
+
+ private void checkSharedNetworkOperatePermissions(Account owner, Network network) {
+ NetworkOffering networkOffering = _networkOfferingDao.findById(network.getNetworkOfferingId());
+ if (networkOffering.isSpecifyVlan() && owner.getType() != Account.ACCOUNT_TYPE_ADMIN) {
+ throw new PermissionDeniedException(String.format("Shared network %s with specifyvlan=true can only be operated by root admin", network));
+ }
+ if (owner.getType() == Account.ACCOUNT_TYPE_DOMAIN_ADMIN) {
+ if (network.getAclType() == ACLType.Domain) {
+ // Allow domain admins to operate shared network for their domain.
+ NetworkDomainVO networkDomainMap = _networkDomainDao.getDomainNetworkMapByNetworkId(network.getId());
+ if (networkDomainMap == null) {
+ throw new CloudRuntimeException(String.format("Cannot find domain info for Shared network %s with aclType=Domain", network));
+ }
+ if (!_domainDao.isChildDomain(owner.getDomainId(), networkDomainMap.getDomainId())) {
+ throw new PermissionDeniedException(String.format("Shared network %s cannot be operated by domain admin %s", network, owner));
+ }
+ } else if (network.getAclType() == ACLType.Account) {
+ // Allow domain admins to operate shared network for an account in their domain.
+ NetworkAccountVO networkAccountMap = _networkAccountDao.getAccountNetworkMapByNetworkId(network.getId());
+ if (networkAccountMap == null) {
+ throw new CloudRuntimeException(String.format("Cannot find account info for Shared network %s with aclType=Account", network));
+ }
+ if (!_domainDao.isChildDomain(owner.getDomainId(), _accountDao.findByIdIncludingRemoved(networkAccountMap.getAccountId()).getDomainId())) {
+ throw new PermissionDeniedException(String.format("Shared network %s cannot be operated by domain admin %s", network, owner));
+ }
+ }
+ } else if (owner.getType() == Account.ACCOUNT_TYPE_NORMAL) {
+ // Allow normal users to operate shared network for themselves.
+ if (network.getAclType() == ACLType.Account) {
+ // Allow domain admin to operate shared network for an account in its domain.
+ NetworkAccountVO networkAccountMap = _networkAccountDao.getAccountNetworkMapByNetworkId(network.getId());
+ if (networkAccountMap == null) {
+ throw new CloudRuntimeException(String.format("Cannot find account info for Shared network %s with aclType=Account", network));
Review comment:
this is the same message as https://github.com/apache/cloudstack/pull/5730/files#diff-05d77af980dadebef650b49cb8ab34f4d0040fa18ec7643cd2c945de5227933dR1765
##########
File path: test/integration/smoke/test_user_shared_network.py
##########
@@ -0,0 +1,634 @@
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied. See the License for the
+# specific language governing permissions and limitations
+# under the License.
+
+"""
+Tests of user-shared networks
+"""
+
+import logging
+import time
+
+from nose.plugins.attrib import attr
+from marvin.cloudstackTestCase import cloudstackTestCase
+from marvin.lib.utils import cleanup_resources, random_gen
+
+from marvin.lib.base import (Account,
+ Domain,
+ Project,
+ Configurations,
+ ServiceOffering,
+ Zone,
+ Network,
+ NetworkOffering,
+ VPC,
+ VpcOffering)
+
+from marvin.lib.common import (get_domain,
+ get_zone,
+ get_template)
+
+NETWORK_STATE_ALLOCATED = "Allocated"
+NETWORK_STATE_IMPLEMENTED = "Implemented"
+NETWORK_STATE_SETUP = "Setup"
+NETWORK_STATE_REMOVED = "Removed"
+
+class TestUserSharedNetworks(cloudstackTestCase):
+ """
+ Test user-shared networks
+ """
+ @classmethod
+ def setUpClass(cls):
+ cls.testClient = super(
+ TestUserSharedNetworks,
+ cls).getClsTestClient()
+ cls.admin_apiclient = cls.testClient.getApiClient()
+ cls.services = cls.testClient.getParsedTestDataConfig()
+
+ zone = get_zone(cls.admin_apiclient, cls.testClient.getZoneForTests())
+ cls.zone = Zone(zone.__dict__)
+ cls.template = get_template(cls.admin_apiclient, cls.zone.id)
+ cls._cleanup = []
+
+ cls.logger = logging.getLogger("TestUserSharedNetworks")
+ cls.stream_handler = logging.StreamHandler()
+ cls.logger.setLevel(logging.DEBUG)
+ cls.logger.addHandler(cls.stream_handler)
+
+ cls.domain = get_domain(cls.admin_apiclient)
+
+ # Create sub-domain
+ cls.sub_domain = Domain.create(
+ cls.admin_apiclient,
+ cls.services["acl"]["domain1"]
+ )
+
+ # Create domain admin and normal user
+ cls.domain_admin = Account.create(
+ cls.admin_apiclient,
+ cls.services["acl"]["accountD1A"],
+ admin=True,
+ domainid=cls.sub_domain.id
+ )
+ cls.normal_user = Account.create(
+ cls.admin_apiclient,
+ cls.services["acl"]["accountD1B"],
+ domainid=cls.sub_domain.id
+ )
+ # Create project
+ cls.project = Project.create(
+ cls.admin_apiclient,
+ cls.services["project"],
+ account=cls.domain_admin.name,
+ domainid=cls.domain_admin.domainid
+ )
+ cls._cleanup.append(cls.project)
+ cls._cleanup.append(cls.domain_admin)
+ cls._cleanup.append(cls.normal_user)
+ cls._cleanup.append(cls.sub_domain)
+
+ # Create small service offering
+ cls.service_offering = ServiceOffering.create(
+ cls.admin_apiclient,
+ cls.services["service_offerings"]["small"]
+ )
+ cls._cleanup.append(cls.service_offering)
+
+ # Create network offering for user-shared networks (specifyVlan=true)
+ cls.network_offering_withvlan = NetworkOffering.create(
+ cls.admin_apiclient,
+ cls.services["network_offering_shared"]
+ )
+ cls.network_offering_withvlan.update(cls.admin_apiclient, state='Enabled')
+ cls._cleanup.append(cls.network_offering_withvlan)
+
+ # Create network offering for user-shared networks (specifyVlan=false)
+ cls.services["network_offering_shared"]["specifyVlan"] = "False"
+ cls.network_offering_novlan = NetworkOffering.create(
+ cls.admin_apiclient,
+ cls.services["network_offering_shared"]
+ )
+ cls.network_offering_novlan.update(cls.admin_apiclient, state='Enabled')
+ cls._cleanup.append(cls.network_offering_novlan)
+
+ # Create network offering for isolated networks
+ cls.network_offering_isolated = NetworkOffering.create(
+ cls.admin_apiclient,
+ cls.services["network_offering"]
+ )
+ cls.network_offering_isolated.update(cls.admin_apiclient, state='Enabled')
+ cls._cleanup.append(cls.network_offering_isolated)
+
+ # Create vpc offering
+ cls.vpc_offering = VpcOffering.create(
+ cls.admin_apiclient,
+ cls.services["vpc_offering_multi_lb"])
+ cls.vpc_offering.update(cls.admin_apiclient, state='Enabled')
+ cls._cleanup.append(cls.vpc_offering)
+
+ # Create network offering for vpc tiers
+ cls.network_offering_vpc = NetworkOffering.create(
+ cls.admin_apiclient,
+ cls.services["nw_offering_isolated_vpc"],
+ conservemode=False
+ )
+ cls.network_offering_vpc.update(cls.admin_apiclient, state='Enabled')
+ cls._cleanup.append(cls.network_offering_vpc)
+
+ # Create api clients for domain admin and normal user
+ cls.domainadmin_user = cls.domain_admin.user[0]
+ cls.domainadmin_apiclient = cls.testClient.getUserApiClient(
+ cls.domainadmin_user.username, cls.sub_domain.name
+ )
+ cls.normaluser_user = cls.normal_user.user[0]
+ cls.normaluser_apiclient = cls.testClient.getUserApiClient(
+ cls.normaluser_user.username, cls.sub_domain.name
+ )
+
+ @classmethod
+ def tearDownClass(cls):
+ try:
+ cleanup_resources(cls.admin_apiclient, cls._cleanup)
+ except Exception as ex:
+ raise Exception(f"Warning: Exception during cleanup : {ex}") from ex
+
+ def setUp(self):
+ self.cleanup = []
+
+ def tearDown(self):
+ try:
+ cleanup_resources(self.admin_apiclient, self.cleanup)
+ except Exception as ex:
+ raise Exception(f"Warning: Exception during cleanup : {ex}") from ex
Review comment:
supercall
##########
File path: test/integration/smoke/test_user_private_gateway.py
##########
@@ -0,0 +1,428 @@
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied. See the License for the
+# specific language governing permissions and limitations
+# under the License.
+
+"""
+Tests of user-private gateway
+"""
+
+import logging
+import time
+
+from nose.plugins.attrib import attr
+from marvin.cloudstackTestCase import cloudstackTestCase
+from marvin.lib.utils import cleanup_resources, random_gen
+
+from marvin.lib.base import (Account,
+ Domain,
+ Project,
+ Configurations,
+ ServiceOffering,
+ Zone,
+ Network,
+ NetworkOffering,
+ VPC,
+ VpcOffering,
+ PrivateGateway)
+
+from marvin.lib.common import (get_domain,
+ get_zone,
+ get_template)
+
+NETWORK_STATE_ALLOCATED = "Allocated"
+NETWORK_STATE_IMPLEMENTED = "Implemented"
+NETWORK_STATE_SETUP = "Setup"
+NETWORK_STATE_REMOVED = "Removed"
+
+class TestUserPrivateGateways(cloudstackTestCase):
+ """
+ Test user-shared networks
+ """
+ @classmethod
+ def setUpClass(cls):
+ cls.testClient = super(
+ TestUserPrivateGateways,
+ cls).getClsTestClient()
+ cls.admin_apiclient = cls.testClient.getApiClient()
+ cls.services = cls.testClient.getParsedTestDataConfig()
+
+ zone = get_zone(cls.admin_apiclient, cls.testClient.getZoneForTests())
+ cls.zone = Zone(zone.__dict__)
+ cls.template = get_template(cls.admin_apiclient, cls.zone.id)
+ cls._cleanup = []
+
+ cls.logger = logging.getLogger("TestUserPrivateGateways")
+ cls.stream_handler = logging.StreamHandler()
+ cls.logger.setLevel(logging.DEBUG)
+ cls.logger.addHandler(cls.stream_handler)
+
+ cls.domain = get_domain(cls.admin_apiclient)
+
+ # Create sub-domain
+ cls.sub_domain = Domain.create(
+ cls.admin_apiclient,
+ cls.services["acl"]["domain1"]
+ )
+
+ # Create domain admin and normal user
+ cls.domain_admin = Account.create(
+ cls.admin_apiclient,
+ cls.services["acl"]["accountD1A"],
+ admin=True,
+ domainid=cls.sub_domain.id
+ )
+ cls.normal_user = Account.create(
+ cls.admin_apiclient,
+ cls.services["acl"]["accountD1B"],
+ domainid=cls.sub_domain.id
+ )
+ # Create project
+ cls.project = Project.create(
+ cls.admin_apiclient,
+ cls.services["project"],
+ account=cls.domain_admin.name,
+ domainid=cls.domain_admin.domainid
+ )
+ cls._cleanup.append(cls.project)
+ cls._cleanup.append(cls.domain_admin)
+ cls._cleanup.append(cls.normal_user)
+ cls._cleanup.append(cls.sub_domain)
+
+ # Create small service offering
+ cls.service_offering = ServiceOffering.create(
+ cls.admin_apiclient,
+ cls.services["service_offerings"]["small"]
+ )
+ cls._cleanup.append(cls.service_offering)
+
+ # Create network offering for isolated networks
+ cls.network_offering_isolated = NetworkOffering.create(
+ cls.admin_apiclient,
+ cls.services["network_offering"]
+ )
+ cls.network_offering_isolated.update(cls.admin_apiclient, state='Enabled')
+ cls._cleanup.append(cls.network_offering_isolated)
+
+ # Create vpc offering
+ cls.vpc_offering = VpcOffering.create(
+ cls.admin_apiclient,
+ cls.services["vpc_offering_multi_lb"])
+ cls.vpc_offering.update(cls.admin_apiclient, state='Enabled')
+ cls._cleanup.append(cls.vpc_offering)
+
+ # Create network offering for vpc tiers
+ cls.network_offering_vpc = NetworkOffering.create(
+ cls.admin_apiclient,
+ cls.services["nw_offering_isolated_vpc"],
+ conservemode=False
+ )
+ cls.network_offering_vpc.update(cls.admin_apiclient, state='Enabled')
+ cls._cleanup.append(cls.network_offering_vpc)
+
+ # Create api clients for domain admin and normal user
+ cls.domainadmin_user = cls.domain_admin.user[0]
+ cls.domainadmin_apiclient = cls.testClient.getUserApiClient(
+ cls.domainadmin_user.username, cls.sub_domain.name
+ )
+ cls.normaluser_user = cls.normal_user.user[0]
+ cls.normaluser_apiclient = cls.testClient.getUserApiClient(
+ cls.normaluser_user.username, cls.sub_domain.name
+ )
+
+ @classmethod
+ def tearDownClass(cls):
+ try:
+ cleanup_resources(cls.admin_apiclient, cls._cleanup)
+ except Exception as ex:
+ raise Exception(f"Warning: Exception during cleanup : {ex}") from ex
+
+ def setUp(self):
+ self.cleanup = []
+
+ def tearDown(self):
+ try:
+ cleanup_resources(self.admin_apiclient, self.cleanup)
+ except Exception as ex:
+ raise Exception(f"Warning: Exception during cleanup : {ex}") from ex
Review comment:
please use a super call
##########
File path: test/integration/smoke/test_user_shared_network.py
##########
@@ -0,0 +1,634 @@
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied. See the License for the
+# specific language governing permissions and limitations
+# under the License.
+
+"""
+Tests of user-shared networks
+"""
+
+import logging
+import time
+
+from nose.plugins.attrib import attr
+from marvin.cloudstackTestCase import cloudstackTestCase
+from marvin.lib.utils import cleanup_resources, random_gen
+
+from marvin.lib.base import (Account,
+ Domain,
+ Project,
+ Configurations,
+ ServiceOffering,
+ Zone,
+ Network,
+ NetworkOffering,
+ VPC,
+ VpcOffering)
+
+from marvin.lib.common import (get_domain,
+ get_zone,
+ get_template)
+
+NETWORK_STATE_ALLOCATED = "Allocated"
+NETWORK_STATE_IMPLEMENTED = "Implemented"
+NETWORK_STATE_SETUP = "Setup"
+NETWORK_STATE_REMOVED = "Removed"
+
+class TestUserSharedNetworks(cloudstackTestCase):
+ """
+ Test user-shared networks
+ """
+ @classmethod
+ def setUpClass(cls):
+ cls.testClient = super(
+ TestUserSharedNetworks,
+ cls).getClsTestClient()
+ cls.admin_apiclient = cls.testClient.getApiClient()
+ cls.services = cls.testClient.getParsedTestDataConfig()
+
+ zone = get_zone(cls.admin_apiclient, cls.testClient.getZoneForTests())
+ cls.zone = Zone(zone.__dict__)
+ cls.template = get_template(cls.admin_apiclient, cls.zone.id)
+ cls._cleanup = []
+
+ cls.logger = logging.getLogger("TestUserSharedNetworks")
+ cls.stream_handler = logging.StreamHandler()
+ cls.logger.setLevel(logging.DEBUG)
+ cls.logger.addHandler(cls.stream_handler)
+
+ cls.domain = get_domain(cls.admin_apiclient)
+
+ # Create sub-domain
+ cls.sub_domain = Domain.create(
+ cls.admin_apiclient,
+ cls.services["acl"]["domain1"]
+ )
+
+ # Create domain admin and normal user
+ cls.domain_admin = Account.create(
+ cls.admin_apiclient,
+ cls.services["acl"]["accountD1A"],
+ admin=True,
+ domainid=cls.sub_domain.id
+ )
+ cls.normal_user = Account.create(
+ cls.admin_apiclient,
+ cls.services["acl"]["accountD1B"],
+ domainid=cls.sub_domain.id
+ )
+ # Create project
+ cls.project = Project.create(
+ cls.admin_apiclient,
+ cls.services["project"],
+ account=cls.domain_admin.name,
+ domainid=cls.domain_admin.domainid
+ )
+ cls._cleanup.append(cls.project)
+ cls._cleanup.append(cls.domain_admin)
+ cls._cleanup.append(cls.normal_user)
+ cls._cleanup.append(cls.sub_domain)
Review comment:
please add in order and call super(TestUserSharedNetworks, cls).tearDownClass() to handle the reversing
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] weizhouapache commented on pull request #5730: Enhancement: create Shared networks and VPC private gateways by users
Posted by GitBox <gi...@apache.org>.
weizhouapache commented on pull request #5730:
URL: https://github.com/apache/cloudstack/pull/5730#issuecomment-985562398
@blueorangutan package
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #5730: Enhancement: create Shared networks and VPC private gateways by users
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on pull request #5730:
URL: https://github.com/apache/cloudstack/pull/5730#issuecomment-991316772
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #5730: Enhancement: create Shared networks and VPC private gateways by users
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on pull request #5730:
URL: https://github.com/apache/cloudstack/pull/5730#issuecomment-987870212
@weizhouapache a Jenkins job has been kicked to build packages. I'll keep you posted as I make progress.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #5730: Enhancement: create Shared networks and VPC private gateways by users
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on pull request #5730:
URL: https://github.com/apache/cloudstack/pull/5730#issuecomment-987913925
@weizhouapache a Trillian-Jenkins test job (centos7 mgmt + kvm-centos7) has been kicked to run smoke tests
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #5730: Enhancement: create Shared networks and VPC private gateways by users
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on pull request #5730:
URL: https://github.com/apache/cloudstack/pull/5730#issuecomment-987906216
Packaging result: :heavy_check_mark: el7 :heavy_check_mark: el8 :heavy_check_mark: debian :heavy_check_mark: suse15. SL-JID 1853
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] weizhouapache closed pull request #5730: Enhancement: create Shared networks and VPC private gateways by users
Posted by GitBox <gi...@apache.org>.
weizhouapache closed pull request #5730:
URL: https://github.com/apache/cloudstack/pull/5730
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #5730: Enhancement: create Shared networks and VPC private gateways by users
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on pull request #5730:
URL: https://github.com/apache/cloudstack/pull/5730#issuecomment-981708981
Packaging result: :heavy_check_mark: el7 :heavy_check_mark: el8 :heavy_check_mark: debian :heavy_check_mark: suse15. SL-JID 1797
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] weizhouapache commented on a change in pull request #5730: Enhancement: create Shared networks and VPC private gateways by users
Posted by GitBox <gi...@apache.org>.
weizhouapache commented on a change in pull request #5730:
URL: https://github.com/apache/cloudstack/pull/5730#discussion_r759210196
##########
File path: engine/orchestration/src/main/java/org/apache/cloudstack/engine/orchestration/NetworkOrchestrator.java
##########
@@ -2764,6 +2770,21 @@ public Network doInTransaction(final TransactionStatus status) {
return network;
}
+ @Override
+ public boolean isSharedNetworkWithoutSpecifyVlan(NetworkOffering offering) {
+ if (offering == null || offering.getTrafficType() != TrafficType.Guest || offering.getGuestType() != GuestType.Shared) {
+ return false;
+ }
+ if (! offering.isSpecifyVlan()) {
Review comment:
@ravening done. thanks.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] weizhouapache commented on pull request #5730: Enhancement: create Shared networks and VPC private gateways by users
Posted by GitBox <gi...@apache.org>.
weizhouapache commented on pull request #5730:
URL: https://github.com/apache/cloudstack/pull/5730#issuecomment-983718276
@blueorangutan package
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] weizhouapache commented on pull request #5730: Enhancement: create Shared networks and VPC private gateways by users
Posted by GitBox <gi...@apache.org>.
weizhouapache commented on pull request #5730:
URL: https://github.com/apache/cloudstack/pull/5730#issuecomment-982630795
@blueorangutan test keepEnv
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] weizhouapache commented on pull request #5730: Enhancement: create Shared networks and VPC private gateways by users
Posted by GitBox <gi...@apache.org>.
weizhouapache commented on pull request #5730:
URL: https://github.com/apache/cloudstack/pull/5730#issuecomment-981745758
@blueorangutan test
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org