You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cloudstack.apache.org by al...@apache.org on 2012/07/13 22:34:35 UTC
[4/11] git commit: VPC: CS-15553 and CS-15549 - more checks during
automatic ip assoc to VPC network
VPC: CS-15553 and CS-15549 - more checks during automatic ip assoc to VPC network
Conflicts:
api/src/com/cloud/api/commands/CreateLoadBalancerRuleCmd.java
server/src/com/cloud/network/firewall/FirewallManagerImpl.java
server/src/com/cloud/network/lb/LoadBalancingRulesManagerImpl.java
server/src/com/cloud/network/rules/RulesManagerImpl.java
Project: http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/commit/ad80f426
Tree: http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/tree/ad80f426
Diff: http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/diff/ad80f426
Branch: refs/heads/vpc
Commit: ad80f426a0b5869e799a15cc5af1b9c7a666d9a1
Parents: 1781f70
Author: Alena Prokharchyk <al...@citrix.com>
Authored: Thu Jul 12 10:00:29 2012 -0700
Committer: Alena Prokharchyk <al...@citrix.com>
Committed: Fri Jul 13 13:32:14 2012 -0700
----------------------------------------------------------------------
.../api/commands/CreateLoadBalancerRuleCmd.java | 2 +-
server/src/com/cloud/network/NetworkManager.java | 2 +-
.../src/com/cloud/network/NetworkManagerImpl.java | 7 +-
.../network/firewall/FirewallManagerImpl.java | 4 +-
.../network/lb/LoadBalancingRulesManagerImpl.java | 33 ++++--
.../com/cloud/network/rules/RulesManagerImpl.java | 82 +++++++++-----
.../network/vpn/RemoteAccessVpnManagerImpl.java | 2 +-
.../com/cloud/network/MockNetworkManagerImpl.java | 2 +-
8 files changed, 85 insertions(+), 49 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/ad80f426/api/src/com/cloud/api/commands/CreateLoadBalancerRuleCmd.java
----------------------------------------------------------------------
diff --git a/api/src/com/cloud/api/commands/CreateLoadBalancerRuleCmd.java b/api/src/com/cloud/api/commands/CreateLoadBalancerRuleCmd.java
index 852d9a9..80a8684 100644
--- a/api/src/com/cloud/api/commands/CreateLoadBalancerRuleCmd.java
+++ b/api/src/com/cloud/api/commands/CreateLoadBalancerRuleCmd.java
@@ -314,7 +314,7 @@ public class CreateLoadBalancerRuleCmd extends BaseAsyncCreateCmd /*implements
throw new InvalidParameterValueException("Unable to find account " + account + " in domain id=" + domainId);
}
} else {
- throw new InvalidParameterValueException("Can't define IP owner. Either specify account/domainId or ipAddressId");
+ throw new InvalidParameterValueException("Can't define IP owner. Either specify account/domainId or publicIpId");
}
}
http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/ad80f426/server/src/com/cloud/network/NetworkManager.java
----------------------------------------------------------------------
diff --git a/server/src/com/cloud/network/NetworkManager.java b/server/src/com/cloud/network/NetworkManager.java
index 6aa5bea..2b78238 100755
--- a/server/src/com/cloud/network/NetworkManager.java
+++ b/server/src/com/cloud/network/NetworkManager.java
@@ -274,7 +274,7 @@ public interface NetworkManager extends NetworkService {
public Map<Provider, ArrayList<PublicIp>> getProviderToIpList(Network network, Map<PublicIp, Set<Service>> ipToServices);
- public boolean checkIpForService(IPAddressVO ip, Service service);
+ public boolean checkIpForService(IPAddressVO ip, Service service, Long networkId);
void checkVirtualNetworkCidrOverlap(Long zoneId, String cidr);
http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/ad80f426/server/src/com/cloud/network/NetworkManagerImpl.java
----------------------------------------------------------------------
diff --git a/server/src/com/cloud/network/NetworkManagerImpl.java b/server/src/com/cloud/network/NetworkManagerImpl.java
index 850051a..bf5260a 100755
--- a/server/src/com/cloud/network/NetworkManagerImpl.java
+++ b/server/src/com/cloud/network/NetworkManagerImpl.java
@@ -6954,8 +6954,11 @@ public class NetworkManagerImpl implements NetworkManager, NetworkService, Manag
}
@Override
- public boolean checkIpForService(IPAddressVO userIp, Service service) {
- Long networkId = userIp.getAssociatedWithNetworkId();
+ public boolean checkIpForService(IPAddressVO userIp, Service service, Long networkId) {
+ if (networkId == null) {
+ networkId = userIp.getAssociatedWithNetworkId();
+ }
+
NetworkVO network = _networksDao.findById(networkId);
NetworkOfferingVO offering = _networkOfferingDao.findById(network.getNetworkOfferingId());
if (offering.getGuestType() != GuestType.Isolated) {
http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/ad80f426/server/src/com/cloud/network/firewall/FirewallManagerImpl.java
----------------------------------------------------------------------
diff --git a/server/src/com/cloud/network/firewall/FirewallManagerImpl.java b/server/src/com/cloud/network/firewall/FirewallManagerImpl.java
index 2d29758..aa29740 100644
--- a/server/src/com/cloud/network/firewall/FirewallManagerImpl.java
+++ b/server/src/com/cloud/network/firewall/FirewallManagerImpl.java
@@ -159,8 +159,8 @@ public class FirewallManagerImpl implements FirewallService, FirewallManager, Ma
throw new InvalidParameterValueException("Unable to create firewall rule; ip id=" + ipAddrId +
" doesn't exist in the system");
}
-
- _networkMgr.checkIpForService(ipAddress, Service.Firewall);
+
+ _networkMgr.checkIpForService(ipAddress, Service.Firewall, null);
validateFirewallRule(caller, ipAddress, portStart, portEnd, protocol, Purpose.Firewall, type);
http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/ad80f426/server/src/com/cloud/network/lb/LoadBalancingRulesManagerImpl.java
----------------------------------------------------------------------
diff --git a/server/src/com/cloud/network/lb/LoadBalancingRulesManagerImpl.java b/server/src/com/cloud/network/lb/LoadBalancingRulesManagerImpl.java
index 5890727..d4ba141 100755
--- a/server/src/com/cloud/network/lb/LoadBalancingRulesManagerImpl.java
+++ b/server/src/com/cloud/network/lb/LoadBalancingRulesManagerImpl.java
@@ -743,20 +743,29 @@ public class LoadBalancingRulesManagerImpl<Type> implements LoadBalancingRulesMa
boolean performedIpAssoc = false;
try {
+ Network network = _networkMgr.getNetwork(lb.getNetworkId());
if (ipVO != null) {
if (ipVO.getAssociatedWithNetworkId() == null) {
- //set networkId just for verification purposes
- ipVO.setAssociatedWithNetworkId(lb.getNetworkId());
- _networkMgr.checkIpForService(ipVO, Service.Lb);
-
- s_logger.debug("The ip is not associated with the network id="+ lb.getNetworkId() + " so assigning");
- ipVO = _networkMgr.associateIPToGuestNetwork(ipAddrId, lb.getNetworkId());
- performedIpAssoc = true;
- } else {
- _networkMgr.checkIpForService(ipVO, Service.Lb);
- }
- }
-
+ boolean assignToVpcNtwk = network.getVpcId() != null
+ && ipVO.getVpcId() != null && ipVO.getVpcId().longValue() == network.getVpcId();
+ if (assignToVpcNtwk) {
+ //set networkId just for verification purposes
+ ipVO.setAssociatedWithNetworkId(lb.getNetworkId());
+ _networkMgr.checkIpForService(ipVO, Service.Lb, lb.getNetworkId());
+
+ s_logger.debug("The ip is not associated with the VPC network id="+ lb.getNetworkId() + " so assigning");
+ ipVO = _networkMgr.associateIPToGuestNetwork(ipAddrId, lb.getNetworkId());
+ performedIpAssoc = true;
+ }
+ } else {
+ _networkMgr.checkIpForService(ipVO, Service.Lb, null);
+ }
+ }
+
+ if (ipVO.getAssociatedWithNetworkId() == null) {
+ throw new InvalidParameterValueException("Ip address " + ipVO + " is not assigned to the network " + network);
+ }
+
if (lb.getSourceIpAddressId() == null) {
throw new CloudRuntimeException("No ip address is defined to assign the LB to");
}
http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/ad80f426/server/src/com/cloud/network/rules/RulesManagerImpl.java
----------------------------------------------------------------------
diff --git a/server/src/com/cloud/network/rules/RulesManagerImpl.java b/server/src/com/cloud/network/rules/RulesManagerImpl.java
index cda37d3..5f3d58a 100755
--- a/server/src/com/cloud/network/rules/RulesManagerImpl.java
+++ b/server/src/com/cloud/network/rules/RulesManagerImpl.java
@@ -180,23 +180,32 @@ public class RulesManagerImpl implements RulesManager, RulesService, Manager {
}
Long networkId = rule.getNetworkId();
+ Network network = _networkMgr.getNetwork(networkId);
//associate ip address to network (if needed)
boolean performedIpAssoc = false;
if (ipAddress.getAssociatedWithNetworkId() == null) {
- //set networkId just for verification purposes
- ipAddress.setAssociatedWithNetworkId(networkId);
- _networkMgr.checkIpForService(ipAddress, Service.PortForwarding);
-
- s_logger.debug("The ip is not associated with the network id="+ networkId + " so assigning");
- try {
- ipAddress = _networkMgr.associateIPToGuestNetwork(ipAddrId, networkId);
- performedIpAssoc = true;
- } catch (Exception ex) {
- throw new CloudRuntimeException("Failed to associate ip to network as " +
- "a part of port forwarding rule creation");
+ boolean assignToVpcNtwk = network.getVpcId() != null
+ && ipAddress.getVpcId() != null && ipAddress.getVpcId().longValue() == network.getVpcId();
+ if (assignToVpcNtwk) {
+ //set networkId just for verification purposes
+ ipAddress.setAssociatedWithNetworkId(networkId);
+ _networkMgr.checkIpForService(ipAddress, Service.PortForwarding, networkId);
+
+ s_logger.debug("The ip is not associated with the VPC network id="+ networkId + ", so assigning");
+ try {
+ ipAddress = _networkMgr.associateIPToGuestNetwork(ipAddrId, networkId);
+ performedIpAssoc = true;
+ } catch (Exception ex) {
+ throw new CloudRuntimeException("Failed to associate ip to VPC network as " +
+ "a part of port forwarding rule creation");
+ }
}
} else {
- _networkMgr.checkIpForService(ipAddress, Service.PortForwarding);
+ _networkMgr.checkIpForService(ipAddress, Service.PortForwarding, null);
+ }
+
+ if (ipAddress.getAssociatedWithNetworkId() == null) {
+ throw new InvalidParameterValueException("Ip address " + ipAddress + " is not assigned to the network " + network);
}
try {
@@ -313,7 +322,7 @@ public class RulesManagerImpl implements RulesManager, RulesService, Manager {
Long accountId = ipAddress.getAllocatedToAccountId();
Long domainId = ipAddress.getAllocatedInDomainId();
- _networkMgr.checkIpForService(ipAddress, Service.StaticNat);
+ _networkMgr.checkIpForService(ipAddress, Service.StaticNat, null);
Network network = _networkMgr.getNetwork(networkId);
NetworkOffering off = _configMgr.getNetworkOffering(network.getNetworkOfferingId());
@@ -379,27 +388,43 @@ public class RulesManagerImpl implements RulesManager, RulesService, Manager {
}
boolean setNetworkId = false;
- //associate ip address to network (if needed)
- if (ipAddress.getAssociatedWithNetworkId() == null) {
- s_logger.debug("The ip is not associated with the network id="+ networkId + " so assigning");
- try {
- ipAddress = _networkMgr.associateIPToGuestNetwork(ipId, networkId);
- } catch (Exception ex) {
- s_logger.warn("Failed to associate ip id=" + ipId + " to network id=" + networkId + " as " +
- "a part of enable static nat");
- return false;
- }
- setNetworkId = true;
+ Network network = _networkMgr.getNetwork(networkId);
+ if (network == null) {
+ throw new InvalidParameterValueException("Unable to find network by id");
}
- _networkMgr.checkIpForService(ipAddress, Service.StaticNat);
-
- // Verify input parameters
if (!isSystemVm) {
UserVmVO vm = _vmDao.findById(vmId);
if (vm == null) {
- throw new InvalidParameterValueException("Can't enable static nat for the address id=" + ipId + ", invalid virtual machine id specified (" + vmId + ").");
+ throw new InvalidParameterValueException("Can't enable static nat for the address id=" + ipId +
+ ", invalid virtual machine id specified (" + vmId + ").");
+ }
+ //associate ip address to network (if needed)
+ if (ipAddress.getAssociatedWithNetworkId() == null) {
+ boolean assignToVpcNtwk = network.getVpcId() != null
+ && ipAddress.getVpcId() != null && ipAddress.getVpcId().longValue() == network.getVpcId();
+ if (assignToVpcNtwk) {
+ _networkMgr.checkIpForService(ipAddress, Service.StaticNat, networkId);
+
+ s_logger.debug("The ip is not associated with the VPC network id="+ networkId + ", so assigning");
+ try {
+ ipAddress = _networkMgr.associateIPToGuestNetwork(ipId, networkId);
+ } catch (Exception ex) {
+ s_logger.warn("Failed to associate ip id=" + ipId + " to VPC network id=" + networkId + " as " +
+ "a part of enable static nat");
+ return false;
+ }
+ setNetworkId = true;
+ }
+ } else {
+ _networkMgr.checkIpForService(ipAddress, Service.StaticNat, null);
+ }
+
+
+ if (ipAddress.getAssociatedWithNetworkId() == null) {
+ throw new InvalidParameterValueException("Ip address " + ipAddress + " is not assigned to the network " + network);
}
+
// Check permissions
checkIpAndUserVm(ipAddress, vm, caller);
}
@@ -410,7 +435,6 @@ public class RulesManagerImpl implements RulesManager, RulesService, Manager {
throw new InvalidParameterValueException("Vm doesn't belong to the network " + networkId);
}
- Network network = _networkMgr.getNetwork(networkId);
if (!_networkMgr.areServicesSupportedInNetwork(network.getId(), Service.StaticNat)) {
throw new InvalidParameterValueException("Unable to create static nat rule; StaticNat service is not " +
"supported in network id=" + networkId);
http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/ad80f426/server/src/com/cloud/network/vpn/RemoteAccessVpnManagerImpl.java
----------------------------------------------------------------------
diff --git a/server/src/com/cloud/network/vpn/RemoteAccessVpnManagerImpl.java b/server/src/com/cloud/network/vpn/RemoteAccessVpnManagerImpl.java
index 51aed4c..7f86144 100755
--- a/server/src/com/cloud/network/vpn/RemoteAccessVpnManagerImpl.java
+++ b/server/src/com/cloud/network/vpn/RemoteAccessVpnManagerImpl.java
@@ -124,7 +124,7 @@ public class RemoteAccessVpnManagerImpl implements RemoteAccessVpnService, Manag
}
IPAddressVO ipAddress = _ipAddressDao.findById(publicIpId);
- _networkMgr.checkIpForService(ipAddress, Service.Vpn);
+ _networkMgr.checkIpForService(ipAddress, Service.Vpn, null);
RemoteAccessVpnVO vpnVO = _remoteAccessVpnDao.findByPublicIpAddress(publicIpId);
http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/ad80f426/server/test/com/cloud/network/MockNetworkManagerImpl.java
----------------------------------------------------------------------
diff --git a/server/test/com/cloud/network/MockNetworkManagerImpl.java b/server/test/com/cloud/network/MockNetworkManagerImpl.java
index f8a657c..8012b09 100755
--- a/server/test/com/cloud/network/MockNetworkManagerImpl.java
+++ b/server/test/com/cloud/network/MockNetworkManagerImpl.java
@@ -740,7 +740,7 @@ public class MockNetworkManagerImpl implements NetworkManager, Manager, NetworkS
}
@Override
- public boolean checkIpForService(IPAddressVO ip, Service service) {
+ public boolean checkIpForService(IPAddressVO ip, Service service, Long networkId) {
// TODO Auto-generated method stub
return false;
}