You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cloudstack.apache.org by ya...@apache.org on 2013/10/18 02:57:32 UTC
[1/2] git commit: updated refs/heads/master to c3df348
Updated Branches:
refs/heads/master dad27aaf4 -> c3df34826
Remove Network Parameter for VPN service provider
It's unnecessary since RemoteAccessVpnVO already have network ID binding with it.
Project: http://git-wip-us.apache.org/repos/asf/cloudstack/repo
Commit: http://git-wip-us.apache.org/repos/asf/cloudstack/commit/ab124a17
Tree: http://git-wip-us.apache.org/repos/asf/cloudstack/tree/ab124a17
Diff: http://git-wip-us.apache.org/repos/asf/cloudstack/diff/ab124a17
Branch: refs/heads/master
Commit: ab124a17fa3391f570f1fcf504525e76af4d31eb
Parents: dad27aa
Author: Sheng Yang <sh...@citrix.com>
Authored: Thu Oct 17 11:35:21 2013 -0700
Committer: Sheng Yang <sh...@citrix.com>
Committed: Thu Oct 17 17:55:47 2013 -0700
----------------------------------------------------------------------
.../element/RemoteAccessVPNServiceProvider.java | 5 ++-
.../JuniperSRXExternalFirewallElement.java | 38 +-------------------
.../network/element/VirtualRouterElement.java | 8 +++--
.../network/vpn/RemoteAccessVpnManagerImpl.java | 4 +--
.../vpn/MockRemoteAccessVPNServiceProvider.java | 5 ++-
5 files changed, 13 insertions(+), 47 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/ab124a17/api/src/com/cloud/network/element/RemoteAccessVPNServiceProvider.java
----------------------------------------------------------------------
diff --git a/api/src/com/cloud/network/element/RemoteAccessVPNServiceProvider.java b/api/src/com/cloud/network/element/RemoteAccessVPNServiceProvider.java
index 4950ed9..b923375 100644
--- a/api/src/com/cloud/network/element/RemoteAccessVPNServiceProvider.java
+++ b/api/src/com/cloud/network/element/RemoteAccessVPNServiceProvider.java
@@ -19,7 +19,6 @@ package com.cloud.network.element;
import java.util.List;
import com.cloud.exception.ResourceUnavailableException;
-import com.cloud.network.Network;
import com.cloud.network.RemoteAccessVpn;
import com.cloud.network.VpnUser;
import com.cloud.utils.component.Adapter;
@@ -27,7 +26,7 @@ import com.cloud.utils.component.Adapter;
public interface RemoteAccessVPNServiceProvider extends Adapter {
String[] applyVpnUsers(RemoteAccessVpn vpn, List<? extends VpnUser> users) throws ResourceUnavailableException;
- boolean startVpn(Network network, RemoteAccessVpn vpn) throws ResourceUnavailableException;
+ boolean startVpn(RemoteAccessVpn vpn) throws ResourceUnavailableException;
- boolean stopVpn(Network network, RemoteAccessVpn vpn) throws ResourceUnavailableException;
+ boolean stopVpn(RemoteAccessVpn vpn) throws ResourceUnavailableException;
}
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/ab124a17/plugins/network-elements/juniper-srx/src/com/cloud/network/element/JuniperSRXExternalFirewallElement.java
----------------------------------------------------------------------
diff --git a/plugins/network-elements/juniper-srx/src/com/cloud/network/element/JuniperSRXExternalFirewallElement.java b/plugins/network-elements/juniper-srx/src/com/cloud/network/element/JuniperSRXExternalFirewallElement.java
index af67b02..8521037 100644
--- a/plugins/network-elements/juniper-srx/src/com/cloud/network/element/JuniperSRXExternalFirewallElement.java
+++ b/plugins/network-elements/juniper-srx/src/com/cloud/network/element/JuniperSRXExternalFirewallElement.java
@@ -95,7 +95,7 @@ import com.cloud.vm.VirtualMachineProfile;
PortForwardingServiceProvider.class, IpDeployer.class,
SourceNatServiceProvider.class, RemoteAccessVPNServiceProvider.class})
public class JuniperSRXExternalFirewallElement extends ExternalFirewallDeviceManagerImpl implements SourceNatServiceProvider, FirewallServiceProvider,
-PortForwardingServiceProvider, RemoteAccessVPNServiceProvider, IpDeployer, JuniperSRXFirewallElementService, StaticNatServiceProvider {
+PortForwardingServiceProvider, IpDeployer, JuniperSRXFirewallElementService, StaticNatServiceProvider {
private static final Logger s_logger = Logger.getLogger(JuniperSRXExternalFirewallElement.class);
@@ -226,42 +226,6 @@ PortForwardingServiceProvider, RemoteAccessVPNServiceProvider, IpDeployer, Junip
}
@Override
- public boolean startVpn(Network config, RemoteAccessVpn vpn) throws ResourceUnavailableException {
- if (!canHandle(config, Service.Vpn)) {
- return false;
- }
-
- return manageRemoteAccessVpn(true, config, vpn);
-
- }
-
- @Override
- public boolean stopVpn(Network config, RemoteAccessVpn vpn) throws ResourceUnavailableException {
- if (!canHandle(config, Service.Vpn)) {
- return false;
- }
-
- return manageRemoteAccessVpn(false, config, vpn);
- }
-
- @Override
- public String[] applyVpnUsers(RemoteAccessVpn vpn, List<? extends VpnUser> users) throws ResourceUnavailableException {
- Network config = _networksDao.findById(vpn.getNetworkId());
-
- if (!canHandle(config, Service.Vpn)) {
- return null;
- }
-
- boolean result = manageRemoteAccessVpnUsers(config, vpn, users);
- String[] results = new String[users.size()];
- for (int i = 0; i < results.length; i++) {
- results[i] = String.valueOf(result);
- }
-
- return results;
- }
-
- @Override
public Provider getProvider() {
return Provider.JuniperSRX;
}
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/ab124a17/server/src/com/cloud/network/element/VirtualRouterElement.java
----------------------------------------------------------------------
diff --git a/server/src/com/cloud/network/element/VirtualRouterElement.java b/server/src/com/cloud/network/element/VirtualRouterElement.java
index eb53db6..503ce74 100755
--- a/server/src/com/cloud/network/element/VirtualRouterElement.java
+++ b/server/src/com/cloud/network/element/VirtualRouterElement.java
@@ -404,7 +404,9 @@ public class VirtualRouterElement extends AdapterBase implements VirtualRouterEl
}
@Override
- public boolean startVpn(Network network, RemoteAccessVpn vpn) throws ResourceUnavailableException {
+ public boolean startVpn(RemoteAccessVpn vpn) throws ResourceUnavailableException {
+ Network network = _networksDao.findById(vpn.getNetworkId());
+
if (canHandle(network, Service.Vpn)) {
List<DomainRouterVO> routers = _routerDao.listByNetworkAndRole(network.getId(), Role.VIRTUAL_ROUTER);
if (routers == null || routers.isEmpty()) {
@@ -420,7 +422,9 @@ public class VirtualRouterElement extends AdapterBase implements VirtualRouterEl
}
@Override
- public boolean stopVpn(Network network, RemoteAccessVpn vpn) throws ResourceUnavailableException {
+ public boolean stopVpn(RemoteAccessVpn vpn) throws ResourceUnavailableException {
+ Network network = _networksDao.findById(vpn.getNetworkId());
+
if (canHandle(network, Service.Vpn)) {
List<DomainRouterVO> routers = _routerDao.listByNetworkAndRole(network.getId(), Role.VIRTUAL_ROUTER);
if (routers == null || routers.isEmpty()) {
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/ab124a17/server/src/com/cloud/network/vpn/RemoteAccessVpnManagerImpl.java
----------------------------------------------------------------------
diff --git a/server/src/com/cloud/network/vpn/RemoteAccessVpnManagerImpl.java b/server/src/com/cloud/network/vpn/RemoteAccessVpnManagerImpl.java
index 6cd164d..25c64e4 100755
--- a/server/src/com/cloud/network/vpn/RemoteAccessVpnManagerImpl.java
+++ b/server/src/com/cloud/network/vpn/RemoteAccessVpnManagerImpl.java
@@ -247,7 +247,7 @@ public class RemoteAccessVpnManagerImpl extends ManagerBase implements RemoteAcc
boolean success = false;
try {
for (RemoteAccessVPNServiceProvider element : _vpnServiceProviders) {
- if (element.stopVpn(network, vpn)) {
+ if (element.stopVpn(vpn)) {
success = true;
break;
}
@@ -397,7 +397,7 @@ public class RemoteAccessVpnManagerImpl extends ManagerBase implements RemoteAcc
if (firewallOpened) {
for (RemoteAccessVPNServiceProvider element : _vpnServiceProviders) {
- if (element.startVpn(network, vpn)) {
+ if (element.startVpn(vpn)) {
started = true;
break;
}
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/ab124a17/server/test/com/cloud/network/vpn/MockRemoteAccessVPNServiceProvider.java
----------------------------------------------------------------------
diff --git a/server/test/com/cloud/network/vpn/MockRemoteAccessVPNServiceProvider.java b/server/test/com/cloud/network/vpn/MockRemoteAccessVPNServiceProvider.java
index 1dde4a8..6e8cd69 100644
--- a/server/test/com/cloud/network/vpn/MockRemoteAccessVPNServiceProvider.java
+++ b/server/test/com/cloud/network/vpn/MockRemoteAccessVPNServiceProvider.java
@@ -23,7 +23,6 @@ import javax.ejb.Local;
import javax.naming.ConfigurationException;
import com.cloud.exception.ResourceUnavailableException;
-import com.cloud.network.Network;
import com.cloud.network.RemoteAccessVpn;
import com.cloud.network.VpnUser;
import com.cloud.network.element.RemoteAccessVPNServiceProvider;
@@ -63,14 +62,14 @@ public class MockRemoteAccessVPNServiceProvider extends ManagerBase implements
}
@Override
- public boolean startVpn(Network network, RemoteAccessVpn vpn)
+ public boolean startVpn(RemoteAccessVpn vpn)
throws ResourceUnavailableException {
// TODO Auto-generated method stub
return false;
}
@Override
- public boolean stopVpn(Network network, RemoteAccessVpn vpn)
+ public boolean stopVpn(RemoteAccessVpn vpn)
throws ResourceUnavailableException {
// TODO Auto-generated method stub
return false;
[2/2] git commit: updated refs/heads/master to c3df348
Posted by ya...@apache.org.
CLOUDSTACK-4836: Fix VPN user are not programmed after restart network
Also refactor VPN code.
Project: http://git-wip-us.apache.org/repos/asf/cloudstack/repo
Commit: http://git-wip-us.apache.org/repos/asf/cloudstack/commit/c3df3482
Tree: http://git-wip-us.apache.org/repos/asf/cloudstack/tree/c3df3482
Diff: http://git-wip-us.apache.org/repos/asf/cloudstack/diff/c3df3482
Branch: refs/heads/master
Commit: c3df34826413067d0a1ff90fbb2ab89f2a6a6416
Parents: ab124a1
Author: Sheng Yang <sh...@citrix.com>
Authored: Thu Oct 17 11:35:21 2013 -0700
Committer: Sheng Yang <sh...@citrix.com>
Committed: Thu Oct 17 17:55:52 2013 -0700
----------------------------------------------------------------------
.../VirtualNetworkApplianceManagerImpl.java | 82 +++++++-------------
1 file changed, 29 insertions(+), 53 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/c3df3482/server/src/com/cloud/network/router/VirtualNetworkApplianceManagerImpl.java
----------------------------------------------------------------------
diff --git a/server/src/com/cloud/network/router/VirtualNetworkApplianceManagerImpl.java b/server/src/com/cloud/network/router/VirtualNetworkApplianceManagerImpl.java
index 5ea7560..2ae2cfc 100755
--- a/server/src/com/cloud/network/router/VirtualNetworkApplianceManagerImpl.java
+++ b/server/src/com/cloud/network/router/VirtualNetworkApplianceManagerImpl.java
@@ -2459,7 +2459,7 @@ public class VirtualNetworkApplianceManagerImpl extends ManagerBase implements V
s_logger.debug("Found " + vpns.size() + " vpn(s) to apply as a part of domR " + router + " start.");
if (!vpns.isEmpty()) {
for (RemoteAccessVpn vpn : vpns) {
- createApplyVpnCommands(vpn, router, cmds);
+ createApplyVpnCommands(true, vpn, router, cmds);
}
}
@@ -2661,7 +2661,7 @@ public class VirtualNetworkApplianceManagerImpl extends ManagerBase implements V
}
Commands cmds = new Commands(Command.OnError.Stop);
- createApplyVpnCommands(vpn, router, cmds);
+ createApplyVpnCommands(true, vpn, router, cmds);
try {
_agentMgr.send(router.getHostId(), cmds);
@@ -2705,19 +2705,7 @@ public class VirtualNetworkApplianceManagerImpl extends ManagerBase implements V
for (VirtualRouter router : routers) {
if (router.getState() == State.Running) {
Commands cmds = new Commands(Command.OnError.Continue);
- IpAddress ip = _networkModel.getIp(vpn.getServerAddressId());
-
- RemoteAccessVpnCfgCommand removeVpnCmd = new RemoteAccessVpnCfgCommand(false, ip.getAddress().addr(),
- vpn.getLocalIp(), vpn.getIpRange(), vpn.getIpsecPresharedKey());
- removeVpnCmd.setAccessDetail(NetworkElementCommand.ROUTER_IP, getRouterControlIp(router.getId()));
- removeVpnCmd.setAccessDetail(NetworkElementCommand.ROUTER_GUEST_IP, getRouterIpInNetwork(network.getId(), router.getId()));
- removeVpnCmd.setAccessDetail(NetworkElementCommand.ROUTER_NAME, router.getInstanceName());
-
- DataCenterVO dcVo = _dcDao.findById(router.getDataCenterId());
- removeVpnCmd.setAccessDetail(NetworkElementCommand.ZONE_NETWORK_TYPE, dcVo.getNetworkType().toString());
-
- cmds.addCommand(removeVpnCmd);
-
+ createApplyVpnCommands(false, vpn, router, cmds);
result = result && sendCommandsToRouter(router, cmds);
} else if (router.getState() == State.Stopped) {
s_logger.debug("Router " + router + " is in Stopped state, not sending deleteRemoteAccessVpn command to it");
@@ -3018,6 +3006,28 @@ public class VirtualNetworkApplianceManagerImpl extends ManagerBase implements V
});
}
+ protected void createApplyVpnUsersCommand(List<? extends VpnUser> users, VirtualRouter router, Commands cmds)
+ {
+ List<VpnUser> addUsers = new ArrayList<VpnUser>();
+ List<VpnUser> removeUsers = new ArrayList<VpnUser>();
+ for (VpnUser user : users) {
+ if (user.getState() == VpnUser.State.Add || user.getState() == VpnUser.State.Active) {
+ addUsers.add(user);
+ } else if (user.getState() == VpnUser.State.Revoke) {
+ removeUsers.add(user);
+ }
+ }
+
+ VpnUsersCfgCommand cmd = new VpnUsersCfgCommand(addUsers, removeUsers);
+ cmd.setAccessDetail(NetworkElementCommand.ACCOUNT_ID, String.valueOf(router.getAccountId()));
+ cmd.setAccessDetail(NetworkElementCommand.ROUTER_IP, getRouterControlIp(router.getId()));
+ cmd.setAccessDetail(NetworkElementCommand.ROUTER_NAME, router.getInstanceName());
+ DataCenterVO dcVo = _dcDao.findById(router.getDataCenterId());
+ cmd.setAccessDetail(NetworkElementCommand.ZONE_NETWORK_TYPE, dcVo.getNetworkType().toString());
+
+ cmds.addCommand("users", cmd);
+ }
+
@Override
//FIXME add partial success and STOP state support
public String[] applyVpnUsers(Network network, List<? extends VpnUser> users, List<DomainRouterVO> routers) throws ResourceUnavailableException {
@@ -3037,27 +3047,7 @@ public class VirtualNetworkApplianceManagerImpl extends ManagerBase implements V
}
Commands cmds = new Commands(Command.OnError.Continue);
- List<VpnUser> addUsers = new ArrayList<VpnUser>();
- List<VpnUser> removeUsers = new ArrayList<VpnUser>();
- for (VpnUser user : users) {
- if (user.getState() == VpnUser.State.Add || user.getState() == VpnUser.State.Active) {
- addUsers.add(user);
- } else if (user.getState() == VpnUser.State.Revoke) {
- removeUsers.add(user);
- }
- }
-
- VpnUsersCfgCommand cmd = new VpnUsersCfgCommand(addUsers, removeUsers);
- cmd.setAccessDetail(NetworkElementCommand.ACCOUNT_ID, String.valueOf(router.getAccountId()));
- cmd.setAccessDetail(NetworkElementCommand.GUEST_NETWORK_CIDR, network.getCidr());
- cmd.setAccessDetail(NetworkElementCommand.ROUTER_IP, getRouterControlIp(router.getId()));
- cmd.setAccessDetail(NetworkElementCommand.ROUTER_GUEST_IP, getRouterIpInNetwork(network.getId(), router.getId()));
- cmd.setAccessDetail(NetworkElementCommand.ROUTER_NAME, router.getInstanceName());
- DataCenterVO dcVo = _dcDao.findById(router.getDataCenterId());
- cmd.setAccessDetail(NetworkElementCommand.ZONE_NETWORK_TYPE, dcVo.getNetworkType().toString());
-
- cmds.addCommand(cmd);
-
+ createApplyVpnUsersCommand(users, router, cmds);
// Currently we receive just one answer from the agent. In the future we have to parse individual answers and set
// results accordingly
@@ -3333,34 +3323,20 @@ public class VirtualNetworkApplianceManagerImpl extends ManagerBase implements V
}
- private void createApplyVpnCommands(RemoteAccessVpn vpn, VirtualRouter router, Commands cmds) {
+ protected void createApplyVpnCommands(boolean isCreate, RemoteAccessVpn vpn, VirtualRouter router, Commands cmds) {
List<VpnUserVO> vpnUsers = _vpnUsersDao.listByAccount(vpn.getAccountId());
- List<VpnUser> addUsers = new ArrayList<VpnUser>();
- List<VpnUser> removeUsers = new ArrayList<VpnUser>();
- for (VpnUser user : vpnUsers) {
- if (user.getState() == VpnUser.State.Add) {
- addUsers.add(user);
- } else if (user.getState() == VpnUser.State.Revoke) {
- removeUsers.add(user);
- }
- }
- VpnUsersCfgCommand addUsersCmd = new VpnUsersCfgCommand(addUsers, removeUsers);
- addUsersCmd.setAccessDetail(NetworkElementCommand.ROUTER_IP, getRouterControlIp(router.getId()));
- addUsersCmd.setAccessDetail(NetworkElementCommand.ROUTER_GUEST_IP, getRouterIpInNetwork(vpn.getNetworkId(), router.getId()));
- addUsersCmd.setAccessDetail(NetworkElementCommand.ROUTER_NAME, router.getInstanceName());
+ createApplyVpnUsersCommand(vpnUsers, router, cmds);
IpAddress ip = _networkModel.getIp(vpn.getServerAddressId());
- RemoteAccessVpnCfgCommand startVpnCmd = new RemoteAccessVpnCfgCommand(true, ip.getAddress().addr(),
+ RemoteAccessVpnCfgCommand startVpnCmd = new RemoteAccessVpnCfgCommand(isCreate, ip.getAddress().addr(),
vpn.getLocalIp(), vpn.getIpRange(), vpn.getIpsecPresharedKey());
startVpnCmd.setAccessDetail(NetworkElementCommand.ROUTER_IP, getRouterControlIp(router.getId()));
- startVpnCmd.setAccessDetail(NetworkElementCommand.ROUTER_GUEST_IP, getRouterIpInNetwork(vpn.getNetworkId(), router.getId()));
startVpnCmd.setAccessDetail(NetworkElementCommand.ROUTER_NAME, router.getInstanceName());
DataCenterVO dcVo = _dcDao.findById(router.getDataCenterId());
startVpnCmd.setAccessDetail(NetworkElementCommand.ZONE_NETWORK_TYPE, dcVo.getNetworkType().toString());
- cmds.addCommand("users", addUsersCmd);
cmds.addCommand("startVpn", startVpnCmd);
}