use of com.cloud.agent.api.to.IpAddressTO in project cloudstack by apache.
the class JuniperSrxResource method execute.
private Answer execute(IpAssocCommand cmd, int numRetries) {
String[] results = new String[cmd.getIpAddresses().length];
int i = 0;
try {
IpAddressTO ip;
if (cmd.getIpAddresses().length != 1) {
throw new ExecutionException("Received an invalid number of guest IPs to associate.");
} else {
ip = cmd.getIpAddresses()[0];
}
String sourceNatIpAddress = null;
GuestNetworkType type = GuestNetworkType.INTERFACE_NAT;
if (ip.isSourceNat()) {
type = GuestNetworkType.SOURCE_NAT;
if (ip.getPublicIp() == null) {
throw new ExecutionException("Source NAT IP address must not be null.");
} else {
sourceNatIpAddress = ip.getPublicIp();
}
}
long guestVlanTag = Long.parseLong(cmd.getAccessDetail(NetworkElementCommand.GUEST_VLAN_TAG));
String guestVlanGateway = cmd.getAccessDetail(NetworkElementCommand.GUEST_NETWORK_GATEWAY);
String cidr = cmd.getAccessDetail(NetworkElementCommand.GUEST_NETWORK_CIDR);
long cidrSize = NetUtils.cidrToLong(cidr)[1];
String guestVlanSubnet = NetUtils.getCidrSubNet(guestVlanGateway, cidrSize);
Long publicVlanTag = null;
if (ip.getBroadcastUri() != null && !ip.getBroadcastUri().equals("untagged")) {
try {
publicVlanTag = Long.parseLong(BroadcastDomainType.getValue(ip.getBroadcastUri()));
} catch (Exception e) {
throw new ExecutionException("Could not parse public VLAN tag: " + ip.getBroadcastUri());
}
}
openConfiguration();
// Remove the guest network:
// Remove source, static, and destination NAT rules
// Remove VPN
shutdownGuestNetwork(type, ip.getAccountId(), publicVlanTag, sourceNatIpAddress, guestVlanTag, guestVlanGateway, guestVlanSubnet, cidrSize);
if (ip.isAdd()) {
// Implement the guest network for this VLAN
implementGuestNetwork(type, publicVlanTag, sourceNatIpAddress, guestVlanTag, guestVlanGateway, guestVlanSubnet, cidrSize);
}
commitConfiguration();
results[i++] = ip.getPublicIp() + " - success";
} catch (ExecutionException e) {
s_logger.error(e);
closeConfiguration();
if (numRetries > 0 && refreshSrxConnection()) {
int numRetriesRemaining = numRetries - 1;
s_logger.debug("Retrying IPAssocCommand. Number of retries remaining: " + numRetriesRemaining);
return execute(cmd, numRetriesRemaining);
} else {
results[i++] = IpAssocAnswer.errorResult;
}
}
return new IpAssocAnswer(cmd, results);
}
use of com.cloud.agent.api.to.IpAddressTO in project cloudstack by apache.
the class ExternalFirewallDeviceManagerImpl method manageGuestNetworkWithExternalFirewall.
@Override
public boolean manageGuestNetworkWithExternalFirewall(boolean add, Network network) throws ResourceUnavailableException, InsufficientCapacityException {
if (network.getTrafficType() != TrafficType.Guest) {
s_logger.trace("External firewall can only be used for add/remove guest networks.");
return false;
}
long zoneId = network.getDataCenterId();
DataCenterVO zone = _dcDao.findById(zoneId);
HostVO externalFirewall = null;
if (add) {
GlobalLock deviceMapLock = GlobalLock.getInternLock("NetworkFirewallDeviceMap");
try {
if (deviceMapLock.lock(120)) {
try {
ExternalFirewallDeviceVO device = findSuitableFirewallForNetwork(network);
long externalFirewallId = device.getId();
NetworkExternalFirewallVO networkFW = new NetworkExternalFirewallVO(network.getId(), externalFirewallId);
_networkExternalFirewallDao.persist(networkFW);
externalFirewall = _hostDao.findById(device.getHostId());
} finally {
deviceMapLock.unlock();
}
}
} finally {
deviceMapLock.releaseRef();
}
} else {
ExternalFirewallDeviceVO fwDeviceVO = getExternalFirewallForNetwork(network);
if (fwDeviceVO == null) {
s_logger.warn("Network shutdown requested on external firewall element, which did not implement the network." + " Either network implement failed half way through or already network shutdown is completed.");
return true;
}
externalFirewall = _hostDao.findById(fwDeviceVO.getHostId());
}
Account account = _accountDao.findByIdIncludingRemoved(network.getAccountId());
NetworkOffering offering = _networkOfferingDao.findById(network.getNetworkOfferingId());
boolean sharedSourceNat = offering.getSharedSourceNat();
IPAddressVO sourceNatIp = null;
if (!sharedSourceNat) {
// Get the source NAT IP address for this network
List<? extends IpAddress> sourceNatIps = _networkModel.listPublicIpsAssignedToAccount(network.getAccountId(), zoneId, true);
for (IpAddress ipAddress : sourceNatIps) {
if (ipAddress.getAssociatedWithNetworkId().longValue() == network.getId()) {
sourceNatIp = _ipAddressDao.findById(ipAddress.getId());
break;
}
}
if (sourceNatIp == null) {
String errorMsg = "External firewall was unable to find the source NAT IP address for network " + network.getName();
s_logger.error(errorMsg);
return true;
}
}
// Send a command to the external firewall to implement or shutdown the guest network
long guestVlanTag = Long.parseLong(BroadcastDomainType.getValue(network.getBroadcastUri()));
String guestVlanGateway = network.getGateway();
String guestVlanCidr = network.getCidr();
String sourceNatIpAddress = null;
String publicVlanTag = null;
if (sourceNatIp != null) {
sourceNatIpAddress = sourceNatIp.getAddress().addr();
VlanVO publicVlan = _vlanDao.findById(sourceNatIp.getVlanId());
publicVlanTag = publicVlan.getVlanTag();
}
// Get network rate
Integer networkRate = _networkModel.getNetworkRate(network.getId(), null);
IpAddressTO ip = new IpAddressTO(account.getAccountId(), sourceNatIpAddress, add, false, !sharedSourceNat, publicVlanTag, null, null, null, networkRate, false);
IpAddressTO[] ips = new IpAddressTO[1];
ips[0] = ip;
IpAssocCommand cmd = new IpAssocCommand(ips);
cmd.setAccessDetail(NetworkElementCommand.GUEST_NETWORK_GATEWAY, guestVlanGateway);
cmd.setAccessDetail(NetworkElementCommand.GUEST_NETWORK_CIDR, guestVlanCidr);
cmd.setAccessDetail(NetworkElementCommand.GUEST_VLAN_TAG, String.valueOf(guestVlanTag));
Answer answer = _agentMgr.easySend(externalFirewall.getId(), cmd);
List<String> reservedIpAddressesForGuestNetwork = _nicDao.listIpAddressInNetwork(network.getId());
if (answer == null || !answer.getResult()) {
String action = add ? "implement" : "shutdown";
String answerDetails = (answer != null) ? answer.getDetails() : "answer was null";
String msg = "External firewall was unable to " + action + " the guest network on the external firewall in zone " + zone.getName() + " due to " + answerDetails;
s_logger.error(msg);
if (!add && (!reservedIpAddressesForGuestNetwork.contains(network.getGateway()))) {
// If we failed the implementation as well, then just return, no complain
s_logger.error("Skip the shutdown of guest network on SRX because it seems we didn't implement it as well");
return true;
}
throw new ResourceUnavailableException(msg, DataCenter.class, zoneId);
}
if (add && (!reservedIpAddressesForGuestNetwork.contains(network.getGateway()))) {
// Insert a new NIC for this guest network to reserve the gateway address
_networkMgr.savePlaceholderNic(network, network.getGateway(), null, null);
}
// Delete any mappings used for inline external load balancers in this network
List<NicVO> nicsInNetwork = _nicDao.listByNetworkId(network.getId());
for (NicVO nic : nicsInNetwork) {
InlineLoadBalancerNicMapVO mapping = _inlineLoadBalancerNicMapDao.findByNicId(nic.getId());
if (mapping != null) {
_nicDao.expunge(mapping.getNicId());
_inlineLoadBalancerNicMapDao.expunge(mapping.getId());
}
}
// on network shutdown, delete placeHolder nics used for the firewall device
if (!add) {
List<NicVO> nics = _nicDao.listByNetworkId(network.getId());
for (NicVO nic : nics) {
if (nic.getVmType() == null && nic.getReservationStrategy().equals(ReservationStrategy.PlaceHolder) && nic.getIPv4Address().equals(network.getGateway())) {
s_logger.debug("Removing placeholder nic " + nic + " for the network " + network);
_nicDao.remove(nic.getId());
}
}
freeFirewallForNetwork(network);
}
String action = add ? "implemented" : "shut down";
s_logger.debug("External firewall has " + action + " the guest network for account " + account.getAccountName() + "(id = " + account.getAccountId() + ") with VLAN tag " + guestVlanTag);
return true;
}
use of com.cloud.agent.api.to.IpAddressTO in project cloudstack by apache.
the class CiscoVnmcElement method configureSourceNat.
private boolean configureSourceNat(long vlanId, String guestCidr, PublicIp sourceNatIp, long hostId) {
boolean add = (sourceNatIp.getState() == IpAddress.State.Releasing ? false : true);
IpAddressTO ip = new IpAddressTO(sourceNatIp.getAccountId(), sourceNatIp.getAddress().addr(), add, false, sourceNatIp.isSourceNat(), sourceNatIp.getVlanTag(), sourceNatIp.getGateway(), sourceNatIp.getNetmask(), sourceNatIp.getMacAddress(), null, sourceNatIp.isOneToOneNat());
boolean addSourceNat = false;
if (sourceNatIp.isSourceNat()) {
addSourceNat = add;
}
SetSourceNatCommand cmd = new SetSourceNatCommand(ip, addSourceNat);
cmd.setContextParam(NetworkElementCommand.GUEST_VLAN_TAG, Long.toString(vlanId));
cmd.setContextParam(NetworkElementCommand.GUEST_NETWORK_CIDR, guestCidr);
Answer answer = _agentMgr.easySend(hostId, cmd);
return answer.getResult();
}
use of com.cloud.agent.api.to.IpAddressTO in project cloudstack by apache.
the class CiscoVnmcResourceTest method testSourceNat.
@Test
public void testSourceNat() throws ConfigurationException, Exception {
long vlanId = 123;
IpAddressTO ip = new IpAddressTO(1, "1.2.3.4", true, false, false, null, "1.2.3.1", "255.255.255.0", null, null, false);
SetSourceNatCommand cmd = new SetSourceNatCommand(ip, true);
cmd.setContextParam(NetworkElementCommand.GUEST_VLAN_TAG, Long.toString(vlanId));
cmd.setContextParam(NetworkElementCommand.GUEST_NETWORK_CIDR, "1.2.3.4/32");
_resource.setConnection(_connection);
when(_connection.login()).thenReturn(true);
when(_connection.createTenantVDCNatPolicySet(anyString())).thenReturn(true);
when(_connection.createTenantVDCSourceNatPolicy(anyString(), anyString())).thenReturn(true);
when(_connection.createTenantVDCSourceNatPolicyRef(anyString(), anyString())).thenReturn(true);
when(_connection.createTenantVDCSourceNatIpPool(anyString(), anyString(), anyString())).thenReturn(true);
when(_connection.createTenantVDCSourceNatRule(anyString(), anyString(), anyString(), anyString())).thenReturn(true);
when(_connection.associateNatPolicySet(anyString())).thenReturn(true);
Answer answer = _resource.executeRequest(cmd);
System.out.println(answer.getDetails());
assertTrue(answer.getResult());
}
use of com.cloud.agent.api.to.IpAddressTO in project cloudstack by apache.
the class PaloAltoResourceTest method implementGuestNetwork.
@Test
public void implementGuestNetwork() throws ConfigurationException, ExecutionException {
if (_context.containsKey("enable_console_output") && _context.get("enable_console_output").equals("true")) {
System.out.println("\nTEST: implementGuestNetwork");
System.out.println("---------------------------------------------------");
}
_resource.configure("PaloAltoResource", _resourceParams);
IpAddressTO ip = new IpAddressTO(Long.valueOf("1"), "192.168.80.102", true, false, true, "untagged", null, null, null, 100, false);
IpAddressTO[] ips = new IpAddressTO[1];
ips[0] = ip;
IpAssocCommand cmd = new IpAssocCommand(ips);
cmd.setAccessDetail(NetworkElementCommand.GUEST_NETWORK_GATEWAY, "10.3.96.1");
cmd.setAccessDetail(NetworkElementCommand.GUEST_NETWORK_CIDR, "10.3.96.1/20");
cmd.setAccessDetail(NetworkElementCommand.GUEST_VLAN_TAG, "3954");
IpAssocAnswer answer = (IpAssocAnswer) _resource.executeRequest(cmd);
assertTrue(answer.getResult());
}
Aggregations