You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cloudstack.apache.org by bf...@apache.org on 2013/11/08 19:09:22 UTC
[66/76] [abbrv] git commit: updated refs/heads/ui-restyle to 9dd6ff6
Squashed merge of Ssl Termination feature
Bug: https://issues.apache.org/jira/browse/CLOUDSTACK-4821
FS: https://cwiki.apache.org/confluence/display/CLOUDSTACK/SSL+Termination+Support
This patch implements the SSL offload feature for loadbalancers
and includes the implementaion for this to work with Netscaler.
The following are the new API's that this patch adds
uploadSslCert
deleteSslCert
listSslCert
assignCertToLoadBalancer
removeCertFromLoadBalancer
Unit tests are also included in the patch.
Project: http://git-wip-us.apache.org/repos/asf/cloudstack/repo
Commit: http://git-wip-us.apache.org/repos/asf/cloudstack/commit/00763078
Tree: http://git-wip-us.apache.org/repos/asf/cloudstack/tree/00763078
Diff: http://git-wip-us.apache.org/repos/asf/cloudstack/diff/00763078
Branch: refs/heads/ui-restyle
Commit: 0076307863e9155273d9e4c14282de429388c9e9
Parents: 07b6874
Author: Syed <sa...@cloudops.com>
Authored: Wed Nov 6 15:08:42 2013 -0500
Committer: Murali Reddy <mu...@gmail.com>
Committed: Fri Nov 8 16:49:16 2013 +0530
----------------------------------------------------------------------
CHANGES | 1 +
.../com/cloud/agent/api/to/LoadBalancerTO.java | 23 +-
api/src/com/cloud/event/EventTypes.java | 8 +
api/src/com/cloud/network/Network.java | 1 +
api/src/com/cloud/network/lb/CertService.java | 32 +
.../com/cloud/network/lb/LoadBalancingRule.java | 61 +-
.../network/lb/LoadBalancingRulesService.java | 8 +-
api/src/com/cloud/network/lb/SslCert.java | 16 +
.../org/apache/cloudstack/api/ApiConstants.java | 3 +
.../AssignCertToLoadBalancerCmd.java | 92 +++
.../loadbalancer/CreateLoadBalancerRuleCmd.java | 9 +-
.../user/loadbalancer/DeleteSslCertCmd.java | 83 ++
.../user/loadbalancer/ListSslCertsCmd.java | 106 +++
.../RemoveCertFromLoadBalancerCmd.java | 82 ++
.../user/loadbalancer/UploadSslCertCmd.java | 103 +++
.../api/response/SslCertResponse.java | 90 +++
client/tomcatconf/commands.properties.in | 8 +
.../api/routing/LoadBalancerConfigCommand.java | 1 +
.../network/lb/LoadBalancingRulesManager.java | 5 +-
.../spring-engine-schema-core-daos-context.xml | 2 +
.../network/dao/LoadBalancerCertMapDao.java | 29 +
.../network/dao/LoadBalancerCertMapDaoImpl.java | 79 ++
.../network/dao/LoadBalancerCertMapVO.java | 96 +++
.../com/cloud/network/dao/LoadBalancerVO.java | 16 +-
.../src/com/cloud/network/dao/SslCertDao.java | 27 +
.../com/cloud/network/dao/SslCertDaoImpl.java | 31 +
.../src/com/cloud/network/dao/SslCertVO.java | 132 ++++
.../lb/ElasticLoadBalancerManagerImpl.java | 10 +-
.../lb/InternalLoadBalancerVMManagerImpl.java | 1 +
.../InternalLBVMManagerTest.java | 8 +-
.../cloud/network/element/NetscalerElement.java | 14 +-
.../network/resource/NetscalerResource.java | 259 +++++-
.../spring-server-core-managers-context.xml | 2 +
.../ExternalLoadBalancerDeviceManagerImpl.java | 6 +-
.../lb/LoadBalancingRulesManagerImpl.java | 200 ++++-
.../VirtualNetworkApplianceManagerImpl.java | 12 +-
.../com/cloud/server/ManagementServerImpl.java | 10 +
.../lb/ApplicationLoadBalancerManagerImpl.java | 2 +-
.../cloudstack/network/lb/CertServiceImpl.java | 477 +++++++++++
.../lb/ApplicationLoadBalancerTest.java | 380 ---------
.../network/lb/ApplicationLoadBalancerTest.java | 381 +++++++++
.../cloudstack/network/lb/CertServiceTest.java | 791 +++++++++++++++++++
server/test/resources/certs/bad_format_cert.crt | 1 +
server/test/resources/certs/dsa_self_signed.crt | 26 +
server/test/resources/certs/dsa_self_signed.key | 20 +
server/test/resources/certs/expired_cert.crt | 20 +
server/test/resources/certs/non_x509_pem.crt | 17 +
server/test/resources/certs/root_chain.crt | 22 +
server/test/resources/certs/rsa_ca_signed.crt | 23 +
server/test/resources/certs/rsa_ca_signed.key | 30 +
server/test/resources/certs/rsa_ca_signed2.crt | 23 +
server/test/resources/certs/rsa_ca_signed2.key | 30 +
server/test/resources/certs/rsa_random_pkey.key | 28 +
server/test/resources/certs/rsa_self_signed.crt | 19 +
server/test/resources/certs/rsa_self_signed.key | 27 +
.../certs/rsa_self_signed_with_pwd.crt | 19 +
.../certs/rsa_self_signed_with_pwd.key | 30 +
setup/db/db/schema-421to430.sql | 28 +
utils/src/com/cloud/utils/net/NetUtils.java | 3 +
59 files changed, 3643 insertions(+), 420 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/00763078/CHANGES
----------------------------------------------------------------------
diff --git a/CHANGES b/CHANGES
index 054e7b0..e3e316e 100644
--- a/CHANGES
+++ b/CHANGES
@@ -1,3 +1,4 @@
+
Apache CloudStack CHANGES
======================================
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/00763078/api/src/com/cloud/agent/api/to/LoadBalancerTO.java
----------------------------------------------------------------------
diff --git a/api/src/com/cloud/agent/api/to/LoadBalancerTO.java b/api/src/com/cloud/agent/api/to/LoadBalancerTO.java
index df2f8a8..4caa1b2 100644
--- a/api/src/com/cloud/agent/api/to/LoadBalancerTO.java
+++ b/api/src/com/cloud/agent/api/to/LoadBalancerTO.java
@@ -33,6 +33,7 @@ import com.cloud.network.lb.LoadBalancingRule.LbCondition;
import com.cloud.network.lb.LoadBalancingRule.LbDestination;
import com.cloud.network.lb.LoadBalancingRule.LbHealthCheckPolicy;
import com.cloud.network.lb.LoadBalancingRule.LbStickinessPolicy;
+import com.cloud.network.lb.LoadBalancingRule.LbSslCert;
import com.cloud.utils.Pair;
@@ -41,6 +42,7 @@ public class LoadBalancerTO {
String srcIp;
int srcPort;
String protocol;
+ String lbProtocol;
String algorithm;
boolean revoked;
boolean alreadyAdded;
@@ -48,6 +50,7 @@ public class LoadBalancerTO {
DestinationTO[] destinations;
private StickinessPolicyTO[] stickinessPolicies;
private HealthCheckPolicyTO[] healthCheckPolicies;
+ private LbSslCert sslCert; /* XXX: Should this be SslCertTO? */
private AutoScaleVmGroupTO autoScaleVmGroupTO;
final static int MAX_STICKINESS_POLICIES = 1;
final static int MAX_HEALTHCHECK_POLICIES = 1;
@@ -66,6 +69,8 @@ public class LoadBalancerTO {
this.inline = inline;
this.destinations = new DestinationTO[destinations.size()];
this.stickinessPolicies = null;
+ this.sslCert = null;
+ this.lbProtocol = null;
int i = 0;
for (LbDestination destination : destinations) {
this.destinations[i++] = new DestinationTO(destination.getIpAddress(), destination.getDestinationPortStart(), destination.isRevoked(), false);
@@ -77,12 +82,12 @@ public class LoadBalancerTO {
List<LbStickinessPolicy> stickinessPolicies) {
this(id, srcIp, srcPort, protocol, algorithm, revoked, alreadyAdded, inline, arg_destinations,
- stickinessPolicies, null);
+ stickinessPolicies, null, null, null);
}
public LoadBalancerTO(String id, String srcIp, int srcPort, String protocol, String algorithm, boolean revoked,
boolean alreadyAdded, boolean inline, List<LbDestination> arg_destinations,
- List<LbStickinessPolicy> stickinessPolicies, List<LbHealthCheckPolicy> healthCheckPolicies) {
+ List<LbStickinessPolicy> stickinessPolicies, List<LbHealthCheckPolicy> healthCheckPolicies, LbSslCert sslCert, String lbProtocol) {
this(id, srcIp, srcPort, protocol, algorithm, revoked, alreadyAdded, inline, arg_destinations);
this.stickinessPolicies = null;
this.healthCheckPolicies = null;
@@ -117,6 +122,9 @@ public class LoadBalancerTO {
if (index == 0)
this.healthCheckPolicies = null;
}
+
+ this.sslCert = sslCert;
+ this.lbProtocol = lbProtocol;
}
protected LoadBalancerTO() {
@@ -142,6 +150,10 @@ public class LoadBalancerTO {
return protocol;
}
+ public String getLbProtocol() {
+ return lbProtocol;
+ }
+
public boolean isRevoked() {
return revoked;
}
@@ -178,6 +190,10 @@ public class LoadBalancerTO {
return this.autoScaleVmGroupTO != null;
}
+ public LbSslCert getSslCert(){
+ return this.sslCert;
+ }
+
public static class StickinessPolicyTO {
private String _methodName;
private List<Pair<String, String>> _paramsList;
@@ -294,6 +310,8 @@ public class LoadBalancerTO {
public String getMonitorState() {
return monitorState;
}
+
+
}
public static class CounterTO implements Serializable {
private final String name;
@@ -558,5 +576,4 @@ public class LoadBalancerTO {
autoScaleVmGroupTO = new AutoScaleVmGroupTO(autoScaleVmGroup.getUuid(), autoScaleVmGroup.getMinMembers(), autoScaleVmGroup.getMaxMembers(), autoScaleVmGroup.getMemberPort(),
autoScaleVmGroup.getInterval(), autoScalePolicyTOs, autoScaleVmProfileTO, autoScaleVmGroup.getState(), lbAutoScaleVmGroup.getCurrentState());
}
-
}
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/00763078/api/src/com/cloud/event/EventTypes.java
----------------------------------------------------------------------
diff --git a/api/src/com/cloud/event/EventTypes.java b/api/src/com/cloud/event/EventTypes.java
index d9f80eb..a3e45fa 100755
--- a/api/src/com/cloud/event/EventTypes.java
+++ b/api/src/com/cloud/event/EventTypes.java
@@ -133,6 +133,10 @@ public class EventTypes {
public static final String EVENT_LB_HEALTHCHECKPOLICY_CREATE = "LB.HEALTHCHECKPOLICY.CREATE";
public static final String EVENT_LB_HEALTHCHECKPOLICY_DELETE = "LB.HEALTHCHECKPOLICY.DELETE";
public static final String EVENT_LOAD_BALANCER_UPDATE = "LB.UPDATE";
+ public static final String EVENT_LB_CERT_UPLOAD = "LB.CERT.UPLOAD";
+ public static final String EVENT_LB_CERT_DELETE = "LB.CERT.DELETE";
+ public static final String EVENT_LB_CERT_ASSIGN = "LB.CERT.ASSIGN";
+ public static final String EVENT_LB_CERT_REMOVE = "LB.CERT.REMOVE";
// Global Load Balancer rules
public static final String EVENT_ASSIGN_TO_GLOBAL_LOAD_BALANCER_RULE = "GLOBAL.LB.ASSIGN";
@@ -511,6 +515,10 @@ public class EventTypes {
entityEventDetails.put(EVENT_LB_STICKINESSPOLICY_CREATE, LoadBalancer.class.getName());
entityEventDetails.put(EVENT_LB_STICKINESSPOLICY_DELETE, LoadBalancer.class.getName());
entityEventDetails.put(EVENT_LOAD_BALANCER_UPDATE, LoadBalancer.class.getName());
+ entityEventDetails.put(EVENT_LB_CERT_UPLOAD, LoadBalancer.class.getName());
+ entityEventDetails.put(EVENT_LB_CERT_DELETE, LoadBalancer.class.getName());
+ entityEventDetails.put(EVENT_LB_CERT_ASSIGN, LoadBalancer.class.getName());
+ entityEventDetails.put(EVENT_LB_CERT_REMOVE, LoadBalancer.class.getName());
// Account events
entityEventDetails.put(EVENT_ACCOUNT_DISABLE, Account.class.getName());
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/00763078/api/src/com/cloud/network/Network.java
----------------------------------------------------------------------
diff --git a/api/src/com/cloud/network/Network.java b/api/src/com/cloud/network/Network.java
index 318ac19..4eadd61 100644
--- a/api/src/com/cloud/network/Network.java
+++ b/api/src/com/cloud/network/Network.java
@@ -181,6 +181,7 @@ public interface Network extends ControlledEntity, StateObject<Network.State>, I
public static final Capability SupportedTrafficDirection = new Capability("SupportedTrafficDirection");
public static final Capability SupportedEgressProtocols = new Capability("SupportedEgressProtocols");
public static final Capability HealthCheckPolicy = new Capability("HealthCheckPolicy");
+ public static final Capability SslTermination = new Capability("SslTermination");
public static final Capability LbSchemes = new Capability("LbSchemes");
public static final Capability DhcpAccrossMultipleSubnets = new Capability("DhcpAccrossMultipleSubnets");
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/00763078/api/src/com/cloud/network/lb/CertService.java
----------------------------------------------------------------------
diff --git a/api/src/com/cloud/network/lb/CertService.java b/api/src/com/cloud/network/lb/CertService.java
new file mode 100644
index 0000000..69d77d6
--- /dev/null
+++ b/api/src/com/cloud/network/lb/CertService.java
@@ -0,0 +1,32 @@
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements. See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership. The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License. You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied. See the License for the
+// specific language governing permissions and limitations
+// under the License.
+package com.cloud.network.lb;
+
+
+import org.apache.cloudstack.api.command.user.loadbalancer.DeleteSslCertCmd;
+import org.apache.cloudstack.api.command.user.loadbalancer.ListSslCertsCmd;
+import org.apache.cloudstack.api.command.user.loadbalancer.UploadSslCertCmd;
+import org.apache.cloudstack.api.response.SslCertResponse;
+
+import java.util.List;
+
+public interface CertService {
+
+ public SslCertResponse uploadSslCert(UploadSslCertCmd certCmd);
+ public void deleteSslCert(DeleteSslCertCmd deleteSslCertCmd);
+ public List<SslCertResponse> listSslCerts(ListSslCertsCmd listSslCertCmd);
+}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/00763078/api/src/com/cloud/network/lb/LoadBalancingRule.java
----------------------------------------------------------------------
diff --git a/api/src/com/cloud/network/lb/LoadBalancingRule.java b/api/src/com/cloud/network/lb/LoadBalancingRule.java
index 4b37782..39c969c 100644
--- a/api/src/com/cloud/network/lb/LoadBalancingRule.java
+++ b/api/src/com/cloud/network/lb/LoadBalancingRule.java
@@ -36,9 +36,11 @@ public class LoadBalancingRule {
private List<LbStickinessPolicy> stickinessPolicies;
private LbAutoScaleVmGroup autoScaleVmGroup;
private List<LbHealthCheckPolicy> healthCheckPolicies;
+ private LbSslCert sslCert;
+ private String lbProtocol;
public LoadBalancingRule(LoadBalancer lb, List<LbDestination> destinations,
- List<LbStickinessPolicy> stickinessPolicies, List<LbHealthCheckPolicy> healthCheckPolicies, Ip sourceIp) {
+ List<LbStickinessPolicy> stickinessPolicies, List<LbHealthCheckPolicy> healthCheckPolicies, Ip sourceIp) {
this.lb = lb;
this.destinations = destinations;
this.stickinessPolicies = stickinessPolicies;
@@ -46,6 +48,17 @@ public class LoadBalancingRule {
this.sourceIp = sourceIp;
}
+ public LoadBalancingRule(LoadBalancer lb, List<LbDestination> destinations,
+ List<LbStickinessPolicy> stickinessPolicies, List<LbHealthCheckPolicy> healthCheckPolicies, Ip sourceIp, LbSslCert sslCert, String lbProtocol) {
+ this.lb = lb;
+ this.destinations = destinations;
+ this.stickinessPolicies = stickinessPolicies;
+ this.healthCheckPolicies = healthCheckPolicies;
+ this.sourceIp = sourceIp;
+ this.sslCert = sslCert;
+ this.lbProtocol = lbProtocol;
+ }
+
public long getId() {
return lb.getId();
}
@@ -90,6 +103,10 @@ public class LoadBalancingRule {
return lb.getProtocol();
}
+ public String getLbProtocol() {
+ return this.lbProtocol;
+ }
+
public FirewallRule.Purpose getPurpose() {
return FirewallRule.Purpose.LoadBalancing;
}
@@ -123,6 +140,10 @@ public class LoadBalancingRule {
return healthCheckPolicies;
}
+ public LbSslCert getLbSslCert(){
+ return sslCert;
+ }
+
public interface Destination {
String getIpAddress();
@@ -415,6 +436,44 @@ public class LoadBalancingRule {
}
}
+ public static class LbSslCert {
+ private String cert;
+ private String key;
+ private String password=null;
+ private String chain=null;
+ private boolean revoked;
+
+
+ public LbSslCert(String cert, String key, String password, String chain, boolean revoked) {
+ this.cert = cert;
+ this.key = key;
+ this.password = password;
+ this.chain = chain;
+ this.revoked = revoked;
+ }
+
+ public String getCert() {
+
+ return cert;
+ }
+
+ public String getKey() {
+ return key;
+ }
+
+ public String getPassword() {
+ return password;
+ }
+
+ public String getChain() {
+ return chain;
+ }
+
+ public boolean isRevoked(){
+ return revoked;
+ }
+ }
+
public Ip getSourceIp() {
return sourceIp;
}
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/00763078/api/src/com/cloud/network/lb/LoadBalancingRulesService.java
----------------------------------------------------------------------
diff --git a/api/src/com/cloud/network/lb/LoadBalancingRulesService.java b/api/src/com/cloud/network/lb/LoadBalancingRulesService.java
index 59d5c8d..298426b 100644
--- a/api/src/com/cloud/network/lb/LoadBalancingRulesService.java
+++ b/api/src/com/cloud/network/lb/LoadBalancingRulesService.java
@@ -52,7 +52,7 @@ public interface LoadBalancingRulesService {
*/
LoadBalancer createPublicLoadBalancerRule(String xId, String name, String description,
int srcPortStart, int srcPortEnd, int defPortStart, int defPortEnd, Long ipAddrId, String protocol, String algorithm,
- long networkId, long lbOwnerId, boolean openFirewall) throws NetworkRuleConflictException, InsufficientAddressCapacityException;
+ long networkId, long lbOwnerId, boolean openFirewall, String lbProtocol) throws NetworkRuleConflictException, InsufficientAddressCapacityException;
LoadBalancer updateLoadBalancerRule(UpdateLoadBalancerRuleCmd cmd);
@@ -94,10 +94,16 @@ public interface LoadBalancingRulesService {
*/
boolean assignToLoadBalancer(long lbRuleId, List<Long> vmIds);
+ boolean assignSSLCertToLoadBalancerRule(Long lbRuleId, String certName, String publicCert, String privateKey);
+
boolean removeFromLoadBalancer(long lbRuleId, List<Long> vmIds);
boolean applyLoadBalancerConfig(long lbRuleId) throws ResourceUnavailableException;
+ boolean assignCertToLoadBalancer(long lbRuleId, Long CertId);
+ boolean removeCertFromLoadBalancer(long lbRuleId);
+
+
/**
* List instances that have either been applied to a load balancer or are eligible to be assigned to a load
* balancer.
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/00763078/api/src/com/cloud/network/lb/SslCert.java
----------------------------------------------------------------------
diff --git a/api/src/com/cloud/network/lb/SslCert.java b/api/src/com/cloud/network/lb/SslCert.java
new file mode 100644
index 0000000..f7a7c4b
--- /dev/null
+++ b/api/src/com/cloud/network/lb/SslCert.java
@@ -0,0 +1,16 @@
+package com.cloud.network.lb;
+
+
+import org.apache.cloudstack.acl.ControlledEntity;
+import org.apache.cloudstack.api.Identity;
+import org.apache.cloudstack.api.InternalIdentity;
+
+public interface SslCert extends InternalIdentity, Identity, ControlledEntity {
+
+ public String getCertificate();
+ public String getKey() ;
+ public String getChain();
+ public String getPassword();
+ public String getFingerPrint();
+
+}
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/00763078/api/src/org/apache/cloudstack/api/ApiConstants.java
----------------------------------------------------------------------
diff --git a/api/src/org/apache/cloudstack/api/ApiConstants.java b/api/src/org/apache/cloudstack/api/ApiConstants.java
index a348684..ae6be63 100755
--- a/api/src/org/apache/cloudstack/api/ApiConstants.java
+++ b/api/src/org/apache/cloudstack/api/ApiConstants.java
@@ -36,6 +36,9 @@ public class ApiConstants {
public static final String CATEGORY = "category";
public static final String CAN_REVERT = "canrevert";
public static final String CERTIFICATE = "certificate";
+ public static final String CERTIFICATE_CHAIN = "certchain";
+ public static final String CERTIFICATE_FINGERPRINT = "fingerprint";
+ public static final String CERTIFICATE_ID = "certid";
public static final String PRIVATE_KEY = "privatekey";
public static final String DOMAIN_SUFFIX = "domainsuffix";
public static final String DNS_SEARCH_ORDER = "dnssearchorder";
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/00763078/api/src/org/apache/cloudstack/api/command/user/loadbalancer/AssignCertToLoadBalancerCmd.java
----------------------------------------------------------------------
diff --git a/api/src/org/apache/cloudstack/api/command/user/loadbalancer/AssignCertToLoadBalancerCmd.java b/api/src/org/apache/cloudstack/api/command/user/loadbalancer/AssignCertToLoadBalancerCmd.java
new file mode 100644
index 0000000..253c015
--- /dev/null
+++ b/api/src/org/apache/cloudstack/api/command/user/loadbalancer/AssignCertToLoadBalancerCmd.java
@@ -0,0 +1,92 @@
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements. See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership. The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License. You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied. See the License for the
+// specific language governing permissions and limitations
+// under the License.
+package org.apache.cloudstack.api.command.user.loadbalancer;
+
+import com.cloud.event.EventTypes;
+import com.cloud.exception.*;
+import com.cloud.network.rules.LoadBalancer;
+import com.cloud.user.Account;
+import org.apache.cloudstack.api.*;
+import org.apache.cloudstack.api.response.FirewallRuleResponse;
+import org.apache.cloudstack.api.response.SslCertResponse;
+import org.apache.cloudstack.api.response.SuccessResponse;
+import org.apache.log4j.Logger;
+
+@APICommand(name = "assignCertToLoadBalancer", description = "Assigns a certificate to a Load Balancer Rule", responseObject = SuccessResponse.class)
+public class AssignCertToLoadBalancerCmd extends BaseAsyncCmd {
+
+ public static final Logger s_logger = Logger
+ .getLogger(AssignCertToLoadBalancerCmd.class.getName());
+
+ private static final String s_name = "assignCertToLoadBalancer";
+
+
+ @Parameter(name = ApiConstants.LBID, type = CommandType.UUID, entityType = FirewallRuleResponse.class,
+ required = true, description = "the ID of the load balancer rule")
+ Long lbRuleId;
+
+ @Parameter(name = ApiConstants.CERTIFICATE_ID, type = CommandType.UUID, entityType = SslCertResponse.class,
+ required = true, description = "the ID of the certificate")
+ Long certId;
+
+
+ @Override
+ public void execute() throws ResourceUnavailableException, InsufficientCapacityException, ServerApiException, ConcurrentOperationException, ResourceAllocationException, NetworkRuleConflictException {
+ //To change body of implemented methods use File | Settings | File Templates.
+ if ( _lbService.assignCertToLoadBalancer( getLbRuleId(), getCertId()) ) {
+ SuccessResponse response = new SuccessResponse(getCommandName());
+ this.setResponseObject(response);
+ } else {
+ throw new ServerApiException(ApiErrorCode.INTERNAL_ERROR, "Failed to assign certificate to loadbalancer");
+ }
+ }
+
+ @Override
+ public String getEventType() {
+ return EventTypes.EVENT_LB_CERT_ASSIGN;
+ }
+
+ @Override
+ public String getCommandName() {
+ return s_name;
+ }
+
+ @Override
+ public String getEventDescription() {
+ return "Assigining a certificate to a loadbalancer";
+ }
+
+
+ @Override
+ public long getEntityOwnerId() {
+ LoadBalancer lb = _entityMgr.findById(LoadBalancer.class, getLbRuleId());
+ if (lb == null) {
+ return Account.ACCOUNT_ID_SYSTEM; // bad id given, parent this command to SYSTEM so ERROR events are tracked
+ }
+ return lb.getAccountId();
+ }
+
+
+
+ public Long getCertId(){
+ return certId;
+ }
+
+ public Long getLbRuleId(){
+ return lbRuleId;
+ }
+}
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/00763078/api/src/org/apache/cloudstack/api/command/user/loadbalancer/CreateLoadBalancerRuleCmd.java
----------------------------------------------------------------------
diff --git a/api/src/org/apache/cloudstack/api/command/user/loadbalancer/CreateLoadBalancerRuleCmd.java b/api/src/org/apache/cloudstack/api/command/user/loadbalancer/CreateLoadBalancerRuleCmd.java
index a368436..e4cc0e6 100644
--- a/api/src/org/apache/cloudstack/api/command/user/loadbalancer/CreateLoadBalancerRuleCmd.java
+++ b/api/src/org/apache/cloudstack/api/command/user/loadbalancer/CreateLoadBalancerRuleCmd.java
@@ -102,6 +102,9 @@ public class CreateLoadBalancerRuleCmd extends BaseAsyncCreateCmd /*implements
"rule will be created for. Required when public Ip address is not associated with any Guest network yet (VPC case)")
private Long networkId;
+ @Parameter(name=ApiConstants.PROTOCOL, type=CommandType.STRING, description="The protocol for the LB")
+ private String lbProtocol;
+
/////////////////////////////////////////////////////
/////////////////// Accessors ///////////////////////
/////////////////////////////////////////////////////
@@ -227,6 +230,10 @@ public class CreateLoadBalancerRuleCmd extends BaseAsyncCreateCmd /*implements
return null;
}
+ public String getLbProtocol(){
+ return lbProtocol;
+ }
+
/////////////////////////////////////////////////////
/////////////// API Implementation///////////////////
/////////////////////////////////////////////////////
@@ -282,7 +289,7 @@ public class CreateLoadBalancerRuleCmd extends BaseAsyncCreateCmd /*implements
try {
LoadBalancer result = _lbService.createPublicLoadBalancerRule(getXid(), getName(), getDescription(),
getSourcePortStart(), getSourcePortEnd(), getDefaultPortStart(), getDefaultPortEnd(), getSourceIpAddressId(), getProtocol(), getAlgorithm(),
- getNetworkId(), getEntityOwnerId(), getOpenFirewall());
+ getNetworkId(), getEntityOwnerId(), getOpenFirewall(), getLbProtocol());
this.setEntityId(result.getId());
this.setEntityUuid(result.getUuid());
} catch (NetworkRuleConflictException e) {
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/00763078/api/src/org/apache/cloudstack/api/command/user/loadbalancer/DeleteSslCertCmd.java
----------------------------------------------------------------------
diff --git a/api/src/org/apache/cloudstack/api/command/user/loadbalancer/DeleteSslCertCmd.java b/api/src/org/apache/cloudstack/api/command/user/loadbalancer/DeleteSslCertCmd.java
new file mode 100644
index 0000000..19e36d2
--- /dev/null
+++ b/api/src/org/apache/cloudstack/api/command/user/loadbalancer/DeleteSslCertCmd.java
@@ -0,0 +1,83 @@
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements. See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership. The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License. You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied. See the License for the
+// specific language governing permissions and limitations
+// under the License.
+package org.apache.cloudstack.api.command.user.loadbalancer;
+
+
+import com.cloud.network.lb.CertService;
+import org.apache.cloudstack.api.response.SslCertResponse;
+import com.cloud.exception.*;
+import com.cloud.utils.exception.CloudRuntimeException;
+import org.apache.cloudstack.api.*;
+import org.apache.cloudstack.api.response.SuccessResponse;
+import org.apache.cloudstack.context.CallContext;
+import org.apache.log4j.Logger;
+
+import javax.inject.Inject;
+
+@APICommand(name = "deleteSslCert", description="Delete a certificate to cloudstack", responseObject=SuccessResponse.class)
+public class DeleteSslCertCmd extends BaseCmd {
+ public static final Logger s_logger = Logger.getLogger(DeleteSslCertCmd.class.getName());
+
+ private static final String s_name = "deletesslcertresponse";
+
+ @Inject
+ CertService _certService;
+
+ /////////////////////////////////////////////////////
+ //////////////// API parameters /////////////////////
+ /////////////////////////////////////////////////////
+
+ @Parameter(name= ApiConstants.ID, type=CommandType.UUID, entityType = SslCertResponse.class, required=true, description="Id of SSL certificate")
+ private Long id;
+
+
+ /////////////////////////////////////////////////////
+ /////////////////// Accessors ///////////////////////
+ /////////////////////////////////////////////////////
+
+ public Long getId() {
+ return id;
+ }
+
+ /////////////////////////////////////////////////////
+ /////////////// API Implementation///////////////////
+ /////////////////////////////////////////////////////
+
+ @Override
+ public void execute() throws ResourceUnavailableException, InsufficientCapacityException, ServerApiException, ConcurrentOperationException, ResourceAllocationException, NetworkRuleConflictException {
+ try {
+ _certService.deleteSslCert(this);
+ SuccessResponse rsp = new SuccessResponse();
+ rsp.setResponseName(getCommandName());
+ rsp.setObjectName("success");
+ this.setResponseObject(rsp);
+ } catch (Exception e) {
+ throw new CloudRuntimeException(e);
+ }
+ }
+
+ @Override
+ public String getCommandName() {
+ return s_name;
+ }
+
+ @Override
+ public long getEntityOwnerId() {
+ return CallContext.current().getCallingAccount().getId();
+ }
+
+}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/00763078/api/src/org/apache/cloudstack/api/command/user/loadbalancer/ListSslCertsCmd.java
----------------------------------------------------------------------
diff --git a/api/src/org/apache/cloudstack/api/command/user/loadbalancer/ListSslCertsCmd.java b/api/src/org/apache/cloudstack/api/command/user/loadbalancer/ListSslCertsCmd.java
new file mode 100644
index 0000000..3df28a3
--- /dev/null
+++ b/api/src/org/apache/cloudstack/api/command/user/loadbalancer/ListSslCertsCmd.java
@@ -0,0 +1,106 @@
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements. See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership. The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License. You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied. See the License for the
+// specific language governing permissions and limitations
+// under the License.
+package org.apache.cloudstack.api.command.user.loadbalancer;
+
+
+import org.apache.cloudstack.api.response.FirewallRuleResponse;
+import org.apache.cloudstack.api.response.SslCertResponse;
+import com.cloud.network.lb.CertService;
+import com.cloud.utils.exception.CloudRuntimeException;
+import org.apache.cloudstack.api.APICommand;
+import org.apache.cloudstack.api.ApiConstants;
+import org.apache.cloudstack.api.BaseCmd;
+import org.apache.cloudstack.api.Parameter;
+import org.apache.cloudstack.api.response.AccountResponse;
+import org.apache.cloudstack.api.response.ListResponse;
+import org.apache.cloudstack.context.CallContext;
+import org.apache.log4j.Logger;
+
+import javax.inject.Inject;
+import java.util.List;
+
+@APICommand(name = "listSslCerts", description="Lists SSL certificates", responseObject=SslCertResponse.class)
+public class ListSslCertsCmd extends BaseCmd {
+ public static final Logger s_logger = Logger.getLogger(DeleteSslCertCmd.class.getName());
+
+ private static final String s_name = "listsslcertsresponse";
+
+ @Inject
+ CertService _certService;
+
+ /////////////////////////////////////////////////////
+ //////////////// API parameters /////////////////////
+ /////////////////////////////////////////////////////
+
+ @Parameter(name= ApiConstants.CERTIFICATE_ID, type=CommandType.UUID, entityType = SslCertResponse.class, required=false, description="Id of SSL certificate")
+ private Long certId;
+
+ @Parameter(name= ApiConstants.ACCOUNT_ID, type=CommandType.UUID, entityType = AccountResponse.class, required=false, description="Account Id")
+ private Long accountId;
+
+ @Parameter(name= ApiConstants.LBID, type=CommandType.UUID, entityType = FirewallRuleResponse.class, required=false, description="Loadbalancer Rule Id")
+ private Long lbId;
+
+
+ /////////////////////////////////////////////////////
+ /////////////////// Accessors ///////////////////////
+ /////////////////////////////////////////////////////
+
+ public Long getCertId() {
+ return certId;
+ }
+
+ public Long getAccountId() {
+ return accountId;
+ }
+
+ public Long getLbId(){
+ return lbId;
+ }
+
+
+ /////////////////////////////////////////////////////
+ /////////////// API Implementation///////////////////
+ /////////////////////////////////////////////////////
+
+ @Override
+ public void execute(){
+
+
+ try {
+ List<SslCertResponse> certResponseList = _certService.listSslCerts(this);
+ ListResponse<SslCertResponse> response = new ListResponse<SslCertResponse>();
+
+ response.setResponses(certResponseList);
+ response.setResponseName(getCommandName());
+ this.setResponseObject(response);
+
+ } catch (Exception e) {
+ throw new CloudRuntimeException(e);
+ }
+ }
+
+ @Override
+ public String getCommandName() {
+ return s_name;
+ }
+
+ @Override
+ public long getEntityOwnerId() {
+ return CallContext.current().getCallingAccount().getId();
+ }
+}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/00763078/api/src/org/apache/cloudstack/api/command/user/loadbalancer/RemoveCertFromLoadBalancerCmd.java
----------------------------------------------------------------------
diff --git a/api/src/org/apache/cloudstack/api/command/user/loadbalancer/RemoveCertFromLoadBalancerCmd.java b/api/src/org/apache/cloudstack/api/command/user/loadbalancer/RemoveCertFromLoadBalancerCmd.java
new file mode 100644
index 0000000..059d163
--- /dev/null
+++ b/api/src/org/apache/cloudstack/api/command/user/loadbalancer/RemoveCertFromLoadBalancerCmd.java
@@ -0,0 +1,82 @@
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements. See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership. The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License. You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied. See the License for the
+// specific language governing permissions and limitations
+// under the License.
+package org.apache.cloudstack.api.command.user.loadbalancer;
+
+
+import com.cloud.event.EventTypes;
+import com.cloud.exception.*;
+import com.cloud.network.rules.LoadBalancer;
+import com.cloud.user.Account;
+import org.apache.cloudstack.api.*;
+import org.apache.cloudstack.api.response.FirewallRuleResponse;
+import org.apache.cloudstack.api.response.SuccessResponse;
+import org.apache.log4j.Logger;
+
+
+@APICommand(name = "removeCertFromLoadBalancer", description = "Removes a certificate from a Load Balancer Rule", responseObject = SuccessResponse.class)
+public class RemoveCertFromLoadBalancerCmd extends BaseAsyncCmd{
+
+ public static final Logger s_logger = Logger.getLogger(RemoveCertFromLoadBalancerCmd.class.getName());
+
+ private static final String s_name = "removeCertFromLoadBalancer";
+
+
+ @Parameter(name = ApiConstants.LBID, type = CommandType.UUID, entityType = FirewallRuleResponse.class,
+ required = true, description = "the ID of the load balancer rule")
+ Long lbRuleId;
+
+
+ @Override
+ public void execute() throws ResourceUnavailableException, InsufficientCapacityException, ServerApiException, ConcurrentOperationException, ResourceAllocationException, NetworkRuleConflictException {
+ boolean result = _lbService.removeCertFromLoadBalancer(getLbRuleId());
+ if (result) {
+ SuccessResponse response = new SuccessResponse(getCommandName());
+ this.setResponseObject(response);
+ } else {
+ throw new ServerApiException(ApiErrorCode.INTERNAL_ERROR, "Failed to remove certificate from load balancer rule");
+ }
+ }
+
+ @Override
+ public String getEventType() {
+ return EventTypes.EVENT_LB_CERT_REMOVE;
+ }
+
+ @Override
+ public String getCommandName() {
+ return s_name;
+ }
+
+ @Override
+ public String getEventDescription() {
+ return "Removing a certificate from a loadbalancer with ID " + getLbRuleId();
+ }
+
+
+ @Override
+ public long getEntityOwnerId() {
+ LoadBalancer lb = _entityMgr.findById(LoadBalancer.class, getLbRuleId());
+ if (lb == null) {
+ return Account.ACCOUNT_ID_SYSTEM; // bad id given, parent this command to SYSTEM so ERROR events are tracked
+ }
+ return lb.getAccountId();
+ }
+
+ public Long getLbRuleId(){
+ return this.lbRuleId;
+ }
+}
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/00763078/api/src/org/apache/cloudstack/api/command/user/loadbalancer/UploadSslCertCmd.java
----------------------------------------------------------------------
diff --git a/api/src/org/apache/cloudstack/api/command/user/loadbalancer/UploadSslCertCmd.java b/api/src/org/apache/cloudstack/api/command/user/loadbalancer/UploadSslCertCmd.java
new file mode 100644
index 0000000..897d66b
--- /dev/null
+++ b/api/src/org/apache/cloudstack/api/command/user/loadbalancer/UploadSslCertCmd.java
@@ -0,0 +1,103 @@
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements. See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership. The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License. You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied. See the License for the
+// specific language governing permissions and limitations
+// under the License.
+package org.apache.cloudstack.api.command.user.loadbalancer;
+
+
+import org.apache.cloudstack.api.response.SslCertResponse;
+import com.cloud.exception.*;
+import com.cloud.network.lb.CertService;
+import org.apache.cloudstack.api.*;
+import org.apache.cloudstack.context.CallContext;
+import org.apache.log4j.Logger;
+
+import javax.inject.Inject;
+
+@APICommand(name = "uploadSslCert", description="Upload a certificate to cloudstack", responseObject=SslCertResponse.class)
+public class UploadSslCertCmd extends BaseCmd {
+ public static final Logger s_logger = Logger.getLogger(UploadSslCertCmd.class.getName());
+
+ private static final String s_name = "uploadsslcertresponse";
+
+ @Inject CertService _certService;
+
+ /////////////////////////////////////////////////////
+ //////////////// API parameters /////////////////////
+ /////////////////////////////////////////////////////
+
+ @Parameter(name= ApiConstants.CERTIFICATE, type=CommandType.STRING, required=true, description="SSL certificate",length=16384)
+ private String cert;
+
+ @Parameter(name=ApiConstants.PRIVATE_KEY, type=CommandType.STRING, required=true, description="Private key", length=16384)
+ private String key;
+
+ @Parameter(name=ApiConstants.CERTIFICATE_CHAIN, type=CommandType.STRING, description="Certificate chain of trust", length=2097152)
+ private String chain;
+
+ @Parameter(name=ApiConstants.PASSWORD, type=CommandType.STRING, description="Password for the private key")
+ private String password;
+
+
+
+ /////////////////////////////////////////////////////
+ /////////////////// Accessors ///////////////////////
+ /////////////////////////////////////////////////////
+
+ public String getCert() {
+ return cert;
+ }
+
+ public String getKey() {
+ return key;
+ }
+
+ public String getChain() {
+ return chain;
+ }
+
+ public String getPassword() {
+ return password;
+ }
+
+
+ /////////////////////////////////////////////////////
+ /////////////// API Implementation///////////////////
+ /////////////////////////////////////////////////////
+
+ @Override
+ public void execute() throws ResourceUnavailableException, InsufficientCapacityException, ServerApiException, ConcurrentOperationException, ResourceAllocationException, NetworkRuleConflictException {
+
+ try{
+ SslCertResponse response = _certService.uploadSslCert(this);
+ setResponseObject(response);
+ response.setResponseName(getCommandName());
+ } catch (Exception e){
+ throw new ServerApiException(ApiErrorCode.INTERNAL_ERROR, e.getMessage());
+ }
+
+ }
+
+ @Override
+ public String getCommandName() {
+ return s_name;
+ }
+
+ @Override
+ public long getEntityOwnerId() {
+ return CallContext.current().getCallingAccount().getId();
+ }
+
+}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/00763078/api/src/org/apache/cloudstack/api/response/SslCertResponse.java
----------------------------------------------------------------------
diff --git a/api/src/org/apache/cloudstack/api/response/SslCertResponse.java b/api/src/org/apache/cloudstack/api/response/SslCertResponse.java
new file mode 100644
index 0000000..3e8b7ae
--- /dev/null
+++ b/api/src/org/apache/cloudstack/api/response/SslCertResponse.java
@@ -0,0 +1,90 @@
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements. See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership. The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License. You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied. See the License for the
+// specific language governing permissions and limitations
+// under the License.
+package org.apache.cloudstack.api.response;
+
+import com.cloud.network.lb.SslCert;
+import com.cloud.serializer.Param;
+import com.google.gson.annotations.SerializedName;
+import org.apache.cloudstack.api.ApiConstants;
+import org.apache.cloudstack.api.BaseResponse;
+import org.apache.cloudstack.api.EntityReference;
+
+import java.util.List;
+//import org.apache.cloudstack.api.EntityReference;
+
+@EntityReference(value= SslCert.class)
+public class SslCertResponse extends BaseResponse {
+
+ @SerializedName(ApiConstants.ID)
+ @Param(description = "SSL certificate ID")
+ private String id;
+
+ @SerializedName(ApiConstants.CERTIFICATE)
+ @Param(description = "certificate")
+ private String certificate;
+
+ @SerializedName(ApiConstants.PRIVATE_KEY)
+ @Param(description = "private key")
+ private String privatekey;
+
+ @SerializedName(ApiConstants.ACCOUNT)
+ @Param(description = "account for the certificate")
+ private String accountName;
+
+ @SerializedName(ApiConstants.CERTIFICATE_CHAIN)
+ @Param(description = "certificate chain")
+ private String certchain;
+
+ @SerializedName(ApiConstants.CERTIFICATE_FINGERPRINT)
+ @Param(description = "certificate fingerprint")
+ private String fingerprint;
+
+ @SerializedName(ApiConstants.LOAD_BALANCER_RULE_LIST)
+ @Param(description = "List of loabalancers this certificate is bound to")
+ List<String> lbIds;
+
+ public SslCertResponse() {
+ }
+
+ public void setId(String id) {
+ this.id = id;
+ }
+
+ public void setCertificate(String cert) {
+ this.certificate = cert;
+ }
+
+ public void setPrivatekey(String key) {
+ this.privatekey = key;
+ }
+
+ public void setAccountName(String accountName) {
+ this.accountName = accountName;
+ }
+
+ public void setCertchain(String chain) {
+ this.certchain = chain;
+ }
+
+ public void setFingerprint(String fingerprint){
+ this.fingerprint = fingerprint;
+ }
+
+ public void setLbIds(List<String> lbIds){
+ this.lbIds = lbIds;
+ }
+}
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/00763078/client/tomcatconf/commands.properties.in
----------------------------------------------------------------------
diff --git a/client/tomcatconf/commands.properties.in b/client/tomcatconf/commands.properties.in
index 68d7303..cb9dcf0 100644
--- a/client/tomcatconf/commands.properties.in
+++ b/client/tomcatconf/commands.properties.in
@@ -165,6 +165,14 @@ deleteLBHealthCheckPolicy=15
listLoadBalancerRuleInstances=15
updateLoadBalancerRule=15
+##### SSL offload commands
+
+uploadSslCert=15
+deleteSslCert=15
+listSslCerts=15
+assignCertToLoadBalancer=15
+removeCertFromLoadBalancer=15
+
#### autoscale commands
createCounter=1
createCondition=15
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/00763078/core/src/com/cloud/agent/api/routing/LoadBalancerConfigCommand.java
----------------------------------------------------------------------
diff --git a/core/src/com/cloud/agent/api/routing/LoadBalancerConfigCommand.java b/core/src/com/cloud/agent/api/routing/LoadBalancerConfigCommand.java
index 3a51e8a..a6a46d5 100644
--- a/core/src/com/cloud/agent/api/routing/LoadBalancerConfigCommand.java
+++ b/core/src/com/cloud/agent/api/routing/LoadBalancerConfigCommand.java
@@ -33,6 +33,7 @@ public class LoadBalancerConfigCommand extends NetworkElementCommand {
public String lbStatsAuth = "admin1:AdMiN123";
public String lbStatsUri = "/admin?stats";
public String maxconn ="";
+ public String lbProtocol;
public boolean keepAliveEnabled = false;
NicTO nic;
Long vpcId;
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/00763078/engine/components-api/src/com/cloud/network/lb/LoadBalancingRulesManager.java
----------------------------------------------------------------------
diff --git a/engine/components-api/src/com/cloud/network/lb/LoadBalancingRulesManager.java b/engine/components-api/src/com/cloud/network/lb/LoadBalancingRulesManager.java
index 3e32585..22830d5 100644
--- a/engine/components-api/src/com/cloud/network/lb/LoadBalancingRulesManager.java
+++ b/engine/components-api/src/com/cloud/network/lb/LoadBalancingRulesManager.java
@@ -25,6 +25,7 @@ import com.cloud.exception.ResourceUnavailableException;
import com.cloud.network.lb.LoadBalancingRule.LbDestination;
import com.cloud.network.lb.LoadBalancingRule.LbHealthCheckPolicy;
import com.cloud.network.lb.LoadBalancingRule.LbStickinessPolicy;
+import com.cloud.network.lb.LoadBalancingRule.LbSslCert;
import com.cloud.network.rules.LbStickinessMethod;
import com.cloud.network.rules.LoadBalancer;
import com.cloud.network.rules.LoadBalancerContainer.Scheme;
@@ -33,7 +34,8 @@ import com.cloud.user.Account;
public interface LoadBalancingRulesManager {
LoadBalancer createPublicLoadBalancer(String xId, String name, String description,
- int srcPort, int destPort, long sourceIpId, String protocol, String algorithm, boolean openFirewall, CallContext caller)
+ int srcPort, int destPort, long sourceIpId, String protocol, String algorithm,
+ boolean openFirewall, CallContext caller, String lbProtocol)
throws NetworkRuleConflictException;
boolean removeAllLoadBalanacersForIp(long ipId, Account caller, long callerUserId);
@@ -42,6 +44,7 @@ public interface LoadBalancingRulesManager {
List<LbStickinessPolicy> getStickinessPolicies(long lbId);
List<LbStickinessMethod> getStickinessMethods(long networkid);
List<LbHealthCheckPolicy> getHealthCheckPolicies(long lbId);
+ LbSslCert getLbSslCert(long lbId);
/**
* Remove vm from all load balancers
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/00763078/engine/schema/resources/META-INF/cloudstack/core/spring-engine-schema-core-daos-context.xml
----------------------------------------------------------------------
diff --git a/engine/schema/resources/META-INF/cloudstack/core/spring-engine-schema-core-daos-context.xml b/engine/schema/resources/META-INF/cloudstack/core/spring-engine-schema-core-daos-context.xml
index a64e5c0..c71190b 100644
--- a/engine/schema/resources/META-INF/cloudstack/core/spring-engine-schema-core-daos-context.xml
+++ b/engine/schema/resources/META-INF/cloudstack/core/spring-engine-schema-core-daos-context.xml
@@ -189,6 +189,7 @@
<bean id="launchPermissionDaoImpl" class="com.cloud.storage.dao.LaunchPermissionDaoImpl" />
<bean id="loadBalancerDaoImpl" class="com.cloud.network.dao.LoadBalancerDaoImpl" />
<bean id="loadBalancerVMMapDaoImpl" class="com.cloud.network.dao.LoadBalancerVMMapDaoImpl" />
+ <bean id="loadBalancerCertMapDaoImpl" class="com.cloud.network.dao.LoadBalancerCertMapDaoImpl" />
<bean id="managementServerHostDaoImpl" class="com.cloud.cluster.dao.ManagementServerHostDaoImpl" />
<bean id="managementServerHostPeerDaoImpl" class="com.cloud.cluster.dao.ManagementServerHostPeerDaoImpl" />
<bean id="networkAccountDaoImpl" class="com.cloud.network.dao.NetworkAccountDaoImpl" />
@@ -252,6 +253,7 @@
<bean id="snapshotDaoImpl" class="com.cloud.storage.dao.SnapshotDaoImpl" />
<bean id="snapshotPolicyDaoImpl" class="com.cloud.storage.dao.SnapshotPolicyDaoImpl" />
<bean id="snapshotScheduleDaoImpl" class="com.cloud.storage.dao.SnapshotScheduleDaoImpl" />
+ <bean id="sslCertDao" class="com.cloud.network.dao.SslCertDaoImpl" />
<bean id="staticRouteDaoImpl" class="com.cloud.network.vpc.dao.StaticRouteDaoImpl" />
<bean id="storageNetworkIpAddressDaoImpl" class="com.cloud.dc.dao.StorageNetworkIpAddressDaoImpl" />
<bean id="storageNetworkIpRangeDaoImpl" class="com.cloud.dc.dao.StorageNetworkIpRangeDaoImpl" />
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/00763078/engine/schema/src/com/cloud/network/dao/LoadBalancerCertMapDao.java
----------------------------------------------------------------------
diff --git a/engine/schema/src/com/cloud/network/dao/LoadBalancerCertMapDao.java b/engine/schema/src/com/cloud/network/dao/LoadBalancerCertMapDao.java
new file mode 100644
index 0000000..21c01d9
--- /dev/null
+++ b/engine/schema/src/com/cloud/network/dao/LoadBalancerCertMapDao.java
@@ -0,0 +1,29 @@
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements. See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership. The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License. You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied. See the License for the
+// specific language governing permissions and limitations
+// under the License.
+package com.cloud.network.dao;
+
+import com.cloud.network.LBHealthCheckPolicyVO;
+import com.cloud.utils.db.GenericDao;
+
+import java.util.List;
+
+
+public interface LoadBalancerCertMapDao extends GenericDao<LoadBalancerCertMapVO,Long> {
+ List<LoadBalancerCertMapVO> listByCertId(Long certId);
+ List<LoadBalancerCertMapVO> listByAccountId(Long accountId);
+ LoadBalancerCertMapVO findByLbRuleId(Long id);
+}
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/00763078/engine/schema/src/com/cloud/network/dao/LoadBalancerCertMapDaoImpl.java
----------------------------------------------------------------------
diff --git a/engine/schema/src/com/cloud/network/dao/LoadBalancerCertMapDaoImpl.java b/engine/schema/src/com/cloud/network/dao/LoadBalancerCertMapDaoImpl.java
new file mode 100644
index 0000000..57506f9
--- /dev/null
+++ b/engine/schema/src/com/cloud/network/dao/LoadBalancerCertMapDaoImpl.java
@@ -0,0 +1,79 @@
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements. See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership. The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License. You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied. See the License for the
+// specific language governing permissions and limitations
+// under the License.
+package com.cloud.network.dao;
+import com.cloud.utils.db.GenericDaoBase;
+import com.cloud.utils.db.JoinBuilder;
+import com.cloud.utils.db.SearchBuilder;
+import com.cloud.utils.db.SearchCriteria;
+
+import javax.ejb.Local;
+import javax.inject.Inject;
+import java.util.List;
+
+@Local(value = {LoadBalancerCertMapDao.class})
+public class LoadBalancerCertMapDaoImpl extends GenericDaoBase<LoadBalancerCertMapVO, Long> implements LoadBalancerCertMapDao {
+
+ private final SearchBuilder<LoadBalancerCertMapVO> listByCertId;
+ private final SearchBuilder<LoadBalancerCertMapVO> findByLbRuleId;
+
+
+ @Inject SslCertDao _sslCertDao;
+
+ public LoadBalancerCertMapDaoImpl() {
+
+ listByCertId = createSearchBuilder();
+ listByCertId.and("certificateId", listByCertId.entity().getCertId(), SearchCriteria.Op.EQ);
+ listByCertId.done();
+
+ findByLbRuleId = createSearchBuilder();
+ findByLbRuleId.and("loadBalancerId", findByLbRuleId.entity().getLbId(), SearchCriteria.Op.EQ);
+ findByLbRuleId.done();
+
+ }
+
+ @Override
+ public List<LoadBalancerCertMapVO> listByCertId(Long certId) {
+ SearchCriteria<LoadBalancerCertMapVO> sc = listByCertId.create();
+ sc.setParameters("certificateId", certId);
+ return listBy(sc);
+ }
+
+ @Override
+ public LoadBalancerCertMapVO findByLbRuleId(Long LbId) {
+ SearchCriteria<LoadBalancerCertMapVO> sc = findByLbRuleId.create();
+ sc.setParameters("loadBalancerId", LbId);
+ return findOneBy(sc);
+ }
+
+ @Override
+ public List<LoadBalancerCertMapVO> listByAccountId(Long accountId) {
+
+ SearchBuilder<LoadBalancerCertMapVO> listByAccountId;
+ SearchBuilder<SslCertVO> certsForAccount;
+
+ listByAccountId = createSearchBuilder();
+ certsForAccount = _sslCertDao.createSearchBuilder();
+ certsForAccount.and("accountId", certsForAccount.entity().getAccountId(), SearchCriteria.Op.EQ);
+ listByAccountId.join("certsForAccount", certsForAccount, certsForAccount.entity().getId(), listByAccountId.entity().getLbId(), JoinBuilder.JoinType.INNER);
+ certsForAccount.done();
+ listByAccountId.done();
+
+ SearchCriteria<LoadBalancerCertMapVO> sc = listByAccountId.create();
+ sc.setParameters("accountId", accountId);
+ return listBy(sc);
+ }
+}
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/00763078/engine/schema/src/com/cloud/network/dao/LoadBalancerCertMapVO.java
----------------------------------------------------------------------
diff --git a/engine/schema/src/com/cloud/network/dao/LoadBalancerCertMapVO.java b/engine/schema/src/com/cloud/network/dao/LoadBalancerCertMapVO.java
new file mode 100644
index 0000000..5359647
--- /dev/null
+++ b/engine/schema/src/com/cloud/network/dao/LoadBalancerCertMapVO.java
@@ -0,0 +1,96 @@
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements. See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership. The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License. You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied. See the License for the
+// specific language governing permissions and limitations
+// under the License.
+package com.cloud.network.dao;
+
+
+import org.apache.cloudstack.api.InternalIdentity;
+
+import javax.persistence.Column;
+import javax.persistence.Entity;
+import javax.persistence.Id;
+import javax.persistence.Table;
+import java.util.UUID;
+
+
+@Entity
+@Table(name="load_balancer_cert_map")
+public class LoadBalancerCertMapVO implements InternalIdentity {
+
+ @Id
+ @Column(name="id")
+ private Long id;
+
+ @Column(name="uuid")
+ private String uuid;
+
+ @Column(name="load_balancer_id")
+ private Long lbId;
+
+ @Column(name="certificate_id")
+ private Long certId;
+
+ @Column(name="revoke")
+ private boolean revoke = false;
+
+
+ public LoadBalancerCertMapVO() {
+ this.uuid = UUID.randomUUID().toString();
+ }
+
+ public LoadBalancerCertMapVO(Long lbId, Long certId, boolean revoke) {
+
+ this.lbId = lbId;
+ this.certId = certId;
+ this.revoke = revoke;
+ this.uuid = UUID.randomUUID().toString();
+ }
+
+ // Getters
+ @Override
+ public long getId() {
+ return id;
+ }
+
+ public String getUuid() {
+ return uuid;
+ }
+
+ public Long getLbId() {
+ return lbId;
+ }
+
+ public Long getCertId() {
+ return certId;
+ }
+
+ public boolean isRevoke() {
+ return revoke;
+ }
+
+ //Setters
+ public void setLbId(Long lbId) {
+ this.lbId = lbId;
+ }
+
+ public void setCertId(Long certId) {
+ this.certId = certId;
+ }
+
+ public void setRevoke(boolean revoke) {
+ this.revoke = revoke;
+ }
+}
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/00763078/engine/schema/src/com/cloud/network/dao/LoadBalancerVO.java
----------------------------------------------------------------------
diff --git a/engine/schema/src/com/cloud/network/dao/LoadBalancerVO.java b/engine/schema/src/com/cloud/network/dao/LoadBalancerVO.java
index fee88cf..625eb6f 100644
--- a/engine/schema/src/com/cloud/network/dao/LoadBalancerVO.java
+++ b/engine/schema/src/com/cloud/network/dao/LoadBalancerVO.java
@@ -59,10 +59,15 @@ public class LoadBalancerVO extends FirewallRuleVO implements LoadBalancer {
@Column(name="scheme")
Scheme scheme = Scheme.Public;
+ @Column(name="lb_protocol")
+ String lbProtocol;
+
+
public LoadBalancerVO() {
}
- public LoadBalancerVO(String xId, String name, String description, long srcIpId, int srcPort, int dstPort, String algorithm, long networkId, long accountId, long domainId) {
+ public LoadBalancerVO(String xId, String name, String description, long srcIpId, int srcPort, int dstPort, String algorithm, long networkId,
+ long accountId, long domainId, String lbProtocol) {
super(xId, srcIpId, srcPort, NetUtils.TCP_PROTO, networkId, accountId, domainId, Purpose.LoadBalancing, null, null, null, null);
this.name = name;
this.description = description;
@@ -70,6 +75,7 @@ public class LoadBalancerVO extends FirewallRuleVO implements LoadBalancer {
this.defaultPortStart = dstPort;
this.defaultPortEnd = dstPort;
this.scheme = Scheme.Public;
+ this.lbProtocol = lbProtocol;
}
@Override
@@ -101,6 +107,14 @@ public class LoadBalancerVO extends FirewallRuleVO implements LoadBalancer {
this.name = name;
}
+ public String getLbProtocol(){
+ return lbProtocol;
+ }
+
+ public void setLbProtocol(String lbProtocol){
+ this.lbProtocol = lbProtocol;
+ }
+
public void setAlgorithm(String algorithm) {
this.algorithm = algorithm;
}
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/00763078/engine/schema/src/com/cloud/network/dao/SslCertDao.java
----------------------------------------------------------------------
diff --git a/engine/schema/src/com/cloud/network/dao/SslCertDao.java b/engine/schema/src/com/cloud/network/dao/SslCertDao.java
new file mode 100644
index 0000000..37520bb
--- /dev/null
+++ b/engine/schema/src/com/cloud/network/dao/SslCertDao.java
@@ -0,0 +1,27 @@
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements. See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership. The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License. You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied. See the License for the
+// specific language governing permissions and limitations
+// under the License.
+package com.cloud.network.dao;
+
+
+import com.cloud.utils.db.GenericDao;
+
+import java.util.List;
+
+
+public interface SslCertDao extends GenericDao<SslCertVO, Long> {
+ List<SslCertVO> listByAccountId(Long id);
+}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/00763078/engine/schema/src/com/cloud/network/dao/SslCertDaoImpl.java
----------------------------------------------------------------------
diff --git a/engine/schema/src/com/cloud/network/dao/SslCertDaoImpl.java b/engine/schema/src/com/cloud/network/dao/SslCertDaoImpl.java
new file mode 100644
index 0000000..483c28d
--- /dev/null
+++ b/engine/schema/src/com/cloud/network/dao/SslCertDaoImpl.java
@@ -0,0 +1,31 @@
+package com.cloud.network.dao;
+
+import com.cloud.utils.db.GenericDaoBase;
+import com.cloud.utils.db.SearchBuilder;
+import com.cloud.utils.db.SearchCriteria;
+
+import javax.ejb.Local;
+import java.util.List;
+
+
+
+@Local(value = {SslCertDao.class})
+public class SslCertDaoImpl extends GenericDaoBase<SslCertVO, Long> implements SslCertDao {
+
+ private final SearchBuilder<SslCertVO> listByAccountId;
+
+ public SslCertDaoImpl() {
+ listByAccountId = createSearchBuilder();
+ listByAccountId.and("accountId", listByAccountId.entity().getAccountId(), SearchCriteria.Op.EQ);
+ listByAccountId.done();
+ }
+
+ @Override
+ public List<SslCertVO> listByAccountId(Long accountId) {
+ SearchCriteria<SslCertVO> sc = listByAccountId.create();
+ sc.setParameters("accountId", accountId);
+ return listBy(sc);
+ }
+
+
+}
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/00763078/engine/schema/src/com/cloud/network/dao/SslCertVO.java
----------------------------------------------------------------------
diff --git a/engine/schema/src/com/cloud/network/dao/SslCertVO.java b/engine/schema/src/com/cloud/network/dao/SslCertVO.java
new file mode 100644
index 0000000..c26c2aa
--- /dev/null
+++ b/engine/schema/src/com/cloud/network/dao/SslCertVO.java
@@ -0,0 +1,132 @@
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements. See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership. The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License. You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied. See the License for the
+// specific language governing permissions and limitations
+// under the License.
+package com.cloud.network.dao;
+
+
+import com.cloud.network.lb.SslCert;
+import com.cloud.utils.db.Encrypt;
+import org.apache.cloudstack.acl.ControlledEntity;
+import org.apache.cloudstack.api.InternalIdentity;
+
+import javax.persistence.Column;
+import javax.persistence.Entity;
+import javax.persistence.Id;
+import javax.persistence.Table;
+import java.util.UUID;
+
+@Entity
+@Table(name="sslcerts")
+public class SslCertVO implements SslCert {
+
+ @Id
+ @Column(name="id")
+ private Long id;
+
+ @Column(name="uuid")
+ private String uuid;
+
+ @Column(name="certificate",length=16384)
+ private String certificate;
+
+
+ @Column(name="chain",length=2097152)
+ private String chain;
+
+ @Encrypt
+ @Column(name="key",length=16384)
+ private String key;
+
+ @Encrypt
+ @Column(name="password")
+ private String password;
+
+ @Column(name="account_id")
+ private Long accountId;
+
+ @Column(name = "domain_id")
+ long domainId;
+
+ @Column(name = "fingerprint")
+ String fingerPrint;
+
+
+
+
+ public SslCertVO() {
+ this.uuid = UUID.randomUUID().toString();
+ }
+
+ public SslCertVO(String cert, String key, String password, String chain, Long accountId, Long domainId, String fingerPrint) {
+ this.certificate = cert;
+ this.key = key;
+ this.chain = chain;
+ this.password = password;
+ this.accountId = accountId;
+ this.domainId = domainId;
+ this.fingerPrint = fingerPrint;
+ this.uuid = UUID.randomUUID().toString();
+ }
+
+
+ // Getters
+ @Override
+ public long getId() {
+ return id;
+ }
+
+ @Override
+ public String getUuid() {
+ return uuid;
+ }
+
+ @Override
+ public String getCertificate() {
+ return certificate;
+ }
+
+
+ @Override
+ public String getKey() {
+ return key;
+ }
+
+
+ @Override
+ public String getChain() {
+ return chain;
+ }
+
+ @Override
+ public long getAccountId() {
+ return accountId;
+ }
+
+ @Override
+ public String getPassword() {
+ return password;
+ }
+
+ @Override
+ public long getDomainId() {
+ return domainId;
+ }
+
+ @Override
+ public String getFingerPrint() {
+ return fingerPrint;
+ }
+}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/00763078/plugins/network-elements/elastic-loadbalancer/src/com/cloud/network/lb/ElasticLoadBalancerManagerImpl.java
----------------------------------------------------------------------
diff --git a/plugins/network-elements/elastic-loadbalancer/src/com/cloud/network/lb/ElasticLoadBalancerManagerImpl.java b/plugins/network-elements/elastic-loadbalancer/src/com/cloud/network/lb/ElasticLoadBalancerManagerImpl.java
index 5c6f2e7..e049cec 100644
--- a/plugins/network-elements/elastic-loadbalancer/src/com/cloud/network/lb/ElasticLoadBalancerManagerImpl.java
+++ b/plugins/network-elements/elastic-loadbalancer/src/com/cloud/network/lb/ElasticLoadBalancerManagerImpl.java
@@ -98,6 +98,7 @@ import com.cloud.network.dao.VirtualRouterProviderDao;
import com.cloud.network.lb.LoadBalancingRule.LbDestination;
import com.cloud.network.lb.LoadBalancingRule.LbHealthCheckPolicy;
import com.cloud.network.lb.LoadBalancingRule.LbStickinessPolicy;
+import com.cloud.network.lb.LoadBalancingRule.LbSslCert;
import com.cloud.network.lb.dao.ElasticLbVmMapDao;
import com.cloud.network.router.VirtualRouter;
import com.cloud.network.router.VirtualRouter.RedundantState;
@@ -290,6 +291,7 @@ public class ElasticLoadBalancerManagerImpl extends ManagerBase implements Elast
private void createApplyLoadBalancingRulesCommands(
List<LoadBalancingRule> rules, DomainRouterVO elbVm, Commands cmds, long guestNetworkId) {
+ /* XXX: cert */
LoadBalancerTO[] lbs = new LoadBalancerTO[rules.size()];
int i = 0;
for (LoadBalancingRule rule : rules) {
@@ -302,7 +304,8 @@ public class ElasticLoadBalancerManagerImpl extends ManagerBase implements Elast
int srcPort = rule.getSourcePortStart();
String uuid = rule.getUuid();
List<LbDestination> destinations = rule.getDestinations();
- LoadBalancerTO lb = new LoadBalancerTO(uuid, elbIp, srcPort, protocol, algorithm, revoked, false, false, destinations);
+ LoadBalancerTO lb = new LoadBalancerTO(uuid, elbIp, srcPort, protocol, algorithm, revoked,
+ false, false, destinations);
lbs[i++] = lb;
}
@@ -377,8 +380,9 @@ public class ElasticLoadBalancerManagerImpl extends ManagerBase implements Elast
List<LbStickinessPolicy> policyList = _lbMgr.getStickinessPolicies(lb.getId());
List<LbHealthCheckPolicy> hcPolicyList = _lbMgr.getHealthCheckPolicies(lb.getId());
Ip sourceIp = _networkModel.getPublicIpAddress(lb.getSourceIpAddressId()).getAddress();
+ LbSslCert sslCert = _lbMgr.getLbSslCert(lb.getId());
LoadBalancingRule loadBalancing = new LoadBalancingRule(
- lb, dstList, policyList, hcPolicyList, sourceIp);
+ lb, dstList, policyList, hcPolicyList, sourceIp, sslCert, lb.getLbProtocol());
lbRules.add(loadBalancing);
}
return applyLBRules(elbVm, lbRules, network.getId());
@@ -664,7 +668,7 @@ public class ElasticLoadBalancerManagerImpl extends ManagerBase implements Elast
result = _lbMgr.createPublicLoadBalancer(lb.getXid(), lb.getName(), lb.getDescription(),
lb.getSourcePortStart(), lb.getDefaultPortStart(), ipId.longValue(), lb.getProtocol(),
- lb.getAlgorithm(), false, CallContext.current());
+ lb.getAlgorithm(), false, CallContext.current(), lb.getLbProtocol());
} catch (NetworkRuleConflictException e) {
s_logger.warn("Failed to create LB rule, not continuing with ELB deployment");
if (newIp) {
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/00763078/plugins/network-elements/internal-loadbalancer/src/org/apache/cloudstack/network/lb/InternalLoadBalancerVMManagerImpl.java
----------------------------------------------------------------------
diff --git a/plugins/network-elements/internal-loadbalancer/src/org/apache/cloudstack/network/lb/InternalLoadBalancerVMManagerImpl.java b/plugins/network-elements/internal-loadbalancer/src/org/apache/cloudstack/network/lb/InternalLoadBalancerVMManagerImpl.java
index b6269eb..b9482b5 100644
--- a/plugins/network-elements/internal-loadbalancer/src/org/apache/cloudstack/network/lb/InternalLoadBalancerVMManagerImpl.java
+++ b/plugins/network-elements/internal-loadbalancer/src/org/apache/cloudstack/network/lb/InternalLoadBalancerVMManagerImpl.java
@@ -77,6 +77,7 @@ import com.cloud.network.lb.LoadBalancingRule;
import com.cloud.network.lb.LoadBalancingRule.LbDestination;
import com.cloud.network.lb.LoadBalancingRule.LbHealthCheckPolicy;
import com.cloud.network.lb.LoadBalancingRule.LbStickinessPolicy;
+import com.cloud.network.lb.LoadBalancingRule.LbSslCert;
import com.cloud.network.lb.LoadBalancingRulesManager;
import com.cloud.network.router.VirtualNetworkApplianceManager;
import com.cloud.network.router.VirtualRouter;
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/00763078/plugins/network-elements/internal-loadbalancer/test/org/apache/cloudstack/internallbvmmgr/InternalLBVMManagerTest.java
----------------------------------------------------------------------
diff --git a/plugins/network-elements/internal-loadbalancer/test/org/apache/cloudstack/internallbvmmgr/InternalLBVMManagerTest.java b/plugins/network-elements/internal-loadbalancer/test/org/apache/cloudstack/internallbvmmgr/InternalLBVMManagerTest.java
index 82f90fb..90d6a18 100644
--- a/plugins/network-elements/internal-loadbalancer/test/org/apache/cloudstack/internallbvmmgr/InternalLBVMManagerTest.java
+++ b/plugins/network-elements/internal-loadbalancer/test/org/apache/cloudstack/internallbvmmgr/InternalLBVMManagerTest.java
@@ -212,7 +212,7 @@ public class InternalLBVMManagerTest extends TestCase {
List<DomainRouterVO> vms = new ArrayList<DomainRouterVO>();
List<LoadBalancingRule> rules = new ArrayList<LoadBalancingRule>();
LoadBalancingRule rule = new LoadBalancingRule(null, null,
- null, null, null);
+ null, null, null, null, null);
rules.add(rule);
try {
@@ -232,7 +232,7 @@ public class InternalLBVMManagerTest extends TestCase {
List<LoadBalancingRule> rules = new ArrayList<LoadBalancingRule>();
LoadBalancingRule rule = new LoadBalancingRule(null, null,
- null, null, null);
+ null, null, null, null, null);
rules.add(rule);
try {
@@ -252,7 +252,7 @@ public class InternalLBVMManagerTest extends TestCase {
List<LoadBalancingRule> rules = new ArrayList<LoadBalancingRule>();
LoadBalancingRule rule = new LoadBalancingRule(null, null,
- null, null, null);
+ null, null, null, null, null);
rules.add(rule);
try {
@@ -272,7 +272,7 @@ public class InternalLBVMManagerTest extends TestCase {
List<LoadBalancingRule> rules = new ArrayList<LoadBalancingRule>();
LoadBalancingRule rule = new LoadBalancingRule(null, null,
- null, null, null);
+ null, null, null, null, null);
rules.add(rule);
try {
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/00763078/plugins/network-elements/netscaler/src/com/cloud/network/element/NetscalerElement.java
----------------------------------------------------------------------
diff --git a/plugins/network-elements/netscaler/src/com/cloud/network/element/NetscalerElement.java b/plugins/network-elements/netscaler/src/com/cloud/network/element/NetscalerElement.java
index 8101864..de3d7e8 100644
--- a/plugins/network-elements/netscaler/src/com/cloud/network/element/NetscalerElement.java
+++ b/plugins/network-elements/netscaler/src/com/cloud/network/element/NetscalerElement.java
@@ -161,6 +161,7 @@ public class NetscalerElement extends ExternalLoadBalancerDeviceManagerImpl impl
@Inject
ExternalLoadBalancerDeviceDao _externalLoadBalancerDeviceDao;
+
private boolean canHandle(Network config, Service service) {
DataCenter zone = _dcDao.findById(config.getDataCenterId());
boolean handleInAdvanceZone = (zone.getNetworkType() == NetworkType.Advanced &&
@@ -277,7 +278,7 @@ public class NetscalerElement extends ExternalLoadBalancerDeviceManagerImpl impl
// Supports only Public load balancing
lbCapabilities.put(Capability.LbSchemes, LoadBalancerContainer.Scheme.Public.toString());
-
+
// Specifies that load balancing rules can support autoscaling and the list of counters it supports
AutoScaleCounter counter;
List<AutoScaleCounter> counterList = new ArrayList<AutoScaleCounter>();
@@ -319,6 +320,10 @@ public class NetscalerElement extends ExternalLoadBalancerDeviceManagerImpl impl
staticNatCapabilities.put(Capability.ElasticIp, "true");
capabilities.put(Service.StaticNat, staticNatCapabilities);
+ // Supports SSL offloading
+ lbCapabilities.put(Capability.SslTermination, "true");
+
+
// TODO - Murali, please put correct capabilities here
Map<Capability, String> firewallCapabilities = new HashMap<Capability, String>();
firewallCapabilities.put(Capability.TrafficStatistics, "per public ip");
@@ -516,6 +521,7 @@ public class NetscalerElement extends ExternalLoadBalancerDeviceManagerImpl impl
cmdList.add(DeleteNetscalerLoadBalancerCmd.class);
cmdList.add(ListNetscalerLoadBalancerNetworksCmd.class);
cmdList.add(ListNetscalerLoadBalancersCmd.class);
+
return cmdList;
}
@@ -732,7 +738,8 @@ public class NetscalerElement extends ExternalLoadBalancerDeviceManagerImpl impl
List<LbDestination> destinations = rule.getDestinations();
if ((destinations != null && !destinations.isEmpty()) || rule.isAutoScaleConfig()) {
- LoadBalancerTO loadBalancer = new LoadBalancerTO(lbUuid, srcIp, srcPort, protocol, algorithm, revoked, false, false, destinations, rule.getStickinessPolicies(), rule.getHealthCheckPolicies());
+ LoadBalancerTO loadBalancer = new LoadBalancerTO(lbUuid, srcIp, srcPort, protocol, algorithm, revoked, false, false, destinations,
+ rule.getStickinessPolicies(), rule.getHealthCheckPolicies(), rule.getLbSslCert(), rule.getLbProtocol());
if (rule.isAutoScaleConfig()) {
loadBalancer.setAutoScaleVmGroup(rule.getAutoScaleVmGroup());
}
@@ -894,7 +901,7 @@ public class NetscalerElement extends ExternalLoadBalancerDeviceManagerImpl impl
if ((destinations != null && !destinations.isEmpty()) || rule.isAutoScaleConfig()) {
LoadBalancerTO loadBalancer = new LoadBalancerTO(lbUuid, srcIp, srcPort, protocol, algorithm, revoked,
- false, false, destinations, null, rule.getHealthCheckPolicies());
+ false, false, destinations, null, rule.getHealthCheckPolicies(), rule.getLbSslCert(), rule.getLbProtocol());
loadBalancersToApply.add(loadBalancer);
}
}
@@ -1024,5 +1031,4 @@ public class NetscalerElement extends ExternalLoadBalancerDeviceManagerImpl impl
}
return true;
}
-
}