Search in sources :

Example 26 with IpAddressTO

use of com.cloud.agent.api.to.IpAddressTO in project cloudstack by apache.

the class JuniperSrxResource method execute.

private Answer execute(IpAssocCommand cmd, int numRetries) {
    String[] results = new String[cmd.getIpAddresses().length];
    int i = 0;
    try {
        IpAddressTO ip;
        if (cmd.getIpAddresses().length != 1) {
            throw new ExecutionException("Received an invalid number of guest IPs to associate.");
        } else {
            ip = cmd.getIpAddresses()[0];
        }
        String sourceNatIpAddress = null;
        GuestNetworkType type = GuestNetworkType.INTERFACE_NAT;
        if (ip.isSourceNat()) {
            type = GuestNetworkType.SOURCE_NAT;
            if (ip.getPublicIp() == null) {
                throw new ExecutionException("Source NAT IP address must not be null.");
            } else {
                sourceNatIpAddress = ip.getPublicIp();
            }
        }
        long guestVlanTag = Long.parseLong(cmd.getAccessDetail(NetworkElementCommand.GUEST_VLAN_TAG));
        String guestVlanGateway = cmd.getAccessDetail(NetworkElementCommand.GUEST_NETWORK_GATEWAY);
        String cidr = cmd.getAccessDetail(NetworkElementCommand.GUEST_NETWORK_CIDR);
        long cidrSize = NetUtils.cidrToLong(cidr)[1];
        String guestVlanSubnet = NetUtils.getCidrSubNet(guestVlanGateway, cidrSize);
        Long publicVlanTag = null;
        if (ip.getBroadcastUri() != null && !ip.getBroadcastUri().equals("untagged")) {
            try {
                publicVlanTag = Long.parseLong(BroadcastDomainType.getValue(ip.getBroadcastUri()));
            } catch (Exception e) {
                throw new ExecutionException("Could not parse public VLAN tag: " + ip.getBroadcastUri());
            }
        }
        openConfiguration();
        // Remove the guest network:
        // Remove source, static, and destination NAT rules
        // Remove VPN
        shutdownGuestNetwork(type, ip.getAccountId(), publicVlanTag, sourceNatIpAddress, guestVlanTag, guestVlanGateway, guestVlanSubnet, cidrSize);
        if (ip.isAdd()) {
            // Implement the guest network for this VLAN
            implementGuestNetwork(type, publicVlanTag, sourceNatIpAddress, guestVlanTag, guestVlanGateway, guestVlanSubnet, cidrSize);
        }
        commitConfiguration();
        results[i++] = ip.getPublicIp() + " - success";
    } catch (ExecutionException e) {
        s_logger.error(e);
        closeConfiguration();
        if (numRetries > 0 && refreshSrxConnection()) {
            int numRetriesRemaining = numRetries - 1;
            s_logger.debug("Retrying IPAssocCommand. Number of retries remaining: " + numRetriesRemaining);
            return execute(cmd, numRetriesRemaining);
        } else {
            results[i++] = IpAssocAnswer.errorResult;
        }
    }
    return new IpAssocAnswer(cmd, results);
}
Also used : IpAssocAnswer(com.cloud.agent.api.routing.IpAssocAnswer) IpAddressTO(com.cloud.agent.api.to.IpAddressTO) ExecutionException(com.cloud.utils.exception.ExecutionException) ExecutionException(com.cloud.utils.exception.ExecutionException) ConfigurationException(javax.naming.ConfigurationException) SocketTimeoutException(java.net.SocketTimeoutException) IOException(java.io.IOException)

Example 27 with IpAddressTO

use of com.cloud.agent.api.to.IpAddressTO in project cloudstack by apache.

the class ExternalFirewallDeviceManagerImpl method manageGuestNetworkWithExternalFirewall.

@Override
public boolean manageGuestNetworkWithExternalFirewall(boolean add, Network network) throws ResourceUnavailableException, InsufficientCapacityException {
    if (network.getTrafficType() != TrafficType.Guest) {
        s_logger.trace("External firewall can only be used for add/remove guest networks.");
        return false;
    }
    long zoneId = network.getDataCenterId();
    DataCenterVO zone = _dcDao.findById(zoneId);
    HostVO externalFirewall = null;
    if (add) {
        GlobalLock deviceMapLock = GlobalLock.getInternLock("NetworkFirewallDeviceMap");
        try {
            if (deviceMapLock.lock(120)) {
                try {
                    ExternalFirewallDeviceVO device = findSuitableFirewallForNetwork(network);
                    long externalFirewallId = device.getId();
                    NetworkExternalFirewallVO networkFW = new NetworkExternalFirewallVO(network.getId(), externalFirewallId);
                    _networkExternalFirewallDao.persist(networkFW);
                    externalFirewall = _hostDao.findById(device.getHostId());
                } finally {
                    deviceMapLock.unlock();
                }
            }
        } finally {
            deviceMapLock.releaseRef();
        }
    } else {
        ExternalFirewallDeviceVO fwDeviceVO = getExternalFirewallForNetwork(network);
        if (fwDeviceVO == null) {
            s_logger.warn("Network shutdown requested on external firewall element, which did not implement the network." + " Either network implement failed half way through or already network shutdown is completed.");
            return true;
        }
        externalFirewall = _hostDao.findById(fwDeviceVO.getHostId());
    }
    Account account = _accountDao.findByIdIncludingRemoved(network.getAccountId());
    NetworkOffering offering = _networkOfferingDao.findById(network.getNetworkOfferingId());
    boolean sharedSourceNat = offering.getSharedSourceNat();
    IPAddressVO sourceNatIp = null;
    if (!sharedSourceNat) {
        // Get the source NAT IP address for this network
        List<? extends IpAddress> sourceNatIps = _networkModel.listPublicIpsAssignedToAccount(network.getAccountId(), zoneId, true);
        for (IpAddress ipAddress : sourceNatIps) {
            if (ipAddress.getAssociatedWithNetworkId().longValue() == network.getId()) {
                sourceNatIp = _ipAddressDao.findById(ipAddress.getId());
                break;
            }
        }
        if (sourceNatIp == null) {
            String errorMsg = "External firewall was unable to find the source NAT IP address for network " + network.getName();
            s_logger.error(errorMsg);
            return true;
        }
    }
    // Send a command to the external firewall to implement or shutdown the guest network
    long guestVlanTag = Long.parseLong(BroadcastDomainType.getValue(network.getBroadcastUri()));
    String guestVlanGateway = network.getGateway();
    String guestVlanCidr = network.getCidr();
    String sourceNatIpAddress = null;
    String publicVlanTag = null;
    if (sourceNatIp != null) {
        sourceNatIpAddress = sourceNatIp.getAddress().addr();
        VlanVO publicVlan = _vlanDao.findById(sourceNatIp.getVlanId());
        publicVlanTag = publicVlan.getVlanTag();
    }
    // Get network rate
    Integer networkRate = _networkModel.getNetworkRate(network.getId(), null);
    IpAddressTO ip = new IpAddressTO(account.getAccountId(), sourceNatIpAddress, add, false, !sharedSourceNat, publicVlanTag, null, null, null, networkRate, false);
    IpAddressTO[] ips = new IpAddressTO[1];
    ips[0] = ip;
    IpAssocCommand cmd = new IpAssocCommand(ips);
    cmd.setAccessDetail(NetworkElementCommand.GUEST_NETWORK_GATEWAY, guestVlanGateway);
    cmd.setAccessDetail(NetworkElementCommand.GUEST_NETWORK_CIDR, guestVlanCidr);
    cmd.setAccessDetail(NetworkElementCommand.GUEST_VLAN_TAG, String.valueOf(guestVlanTag));
    Answer answer = _agentMgr.easySend(externalFirewall.getId(), cmd);
    List<String> reservedIpAddressesForGuestNetwork = _nicDao.listIpAddressInNetwork(network.getId());
    if (answer == null || !answer.getResult()) {
        String action = add ? "implement" : "shutdown";
        String answerDetails = (answer != null) ? answer.getDetails() : "answer was null";
        String msg = "External firewall was unable to " + action + " the guest network on the external firewall in zone " + zone.getName() + " due to " + answerDetails;
        s_logger.error(msg);
        if (!add && (!reservedIpAddressesForGuestNetwork.contains(network.getGateway()))) {
            // If we failed the implementation as well, then just return, no complain
            s_logger.error("Skip the shutdown of guest network on SRX because it seems we didn't implement it as well");
            return true;
        }
        throw new ResourceUnavailableException(msg, DataCenter.class, zoneId);
    }
    if (add && (!reservedIpAddressesForGuestNetwork.contains(network.getGateway()))) {
        // Insert a new NIC for this guest network to reserve the gateway address
        _networkMgr.savePlaceholderNic(network, network.getGateway(), null, null);
    }
    // Delete any mappings used for inline external load balancers in this network
    List<NicVO> nicsInNetwork = _nicDao.listByNetworkId(network.getId());
    for (NicVO nic : nicsInNetwork) {
        InlineLoadBalancerNicMapVO mapping = _inlineLoadBalancerNicMapDao.findByNicId(nic.getId());
        if (mapping != null) {
            _nicDao.expunge(mapping.getNicId());
            _inlineLoadBalancerNicMapDao.expunge(mapping.getId());
        }
    }
    // on network shutdown, delete placeHolder nics used for the firewall device
    if (!add) {
        List<NicVO> nics = _nicDao.listByNetworkId(network.getId());
        for (NicVO nic : nics) {
            if (nic.getVmType() == null && nic.getReservationStrategy().equals(ReservationStrategy.PlaceHolder) && nic.getIPv4Address().equals(network.getGateway())) {
                s_logger.debug("Removing placeholder nic " + nic + " for the network " + network);
                _nicDao.remove(nic.getId());
            }
        }
        freeFirewallForNetwork(network);
    }
    String action = add ? "implemented" : "shut down";
    s_logger.debug("External firewall has " + action + " the guest network for account " + account.getAccountName() + "(id = " + account.getAccountId() + ") with VLAN tag " + guestVlanTag);
    return true;
}
Also used : DataCenterVO(com.cloud.dc.DataCenterVO) Account(com.cloud.user.Account) ExternalFirewallDeviceVO(com.cloud.network.dao.ExternalFirewallDeviceVO) IpAddressTO(com.cloud.agent.api.to.IpAddressTO) NetworkOffering(com.cloud.offering.NetworkOffering) InlineLoadBalancerNicMapVO(com.cloud.network.dao.InlineLoadBalancerNicMapVO) HostVO(com.cloud.host.HostVO) GlobalLock(com.cloud.utils.db.GlobalLock) Answer(com.cloud.agent.api.Answer) NetworkExternalFirewallVO(com.cloud.network.dao.NetworkExternalFirewallVO) IpAssocCommand(com.cloud.agent.api.routing.IpAssocCommand) ResourceUnavailableException(com.cloud.exception.ResourceUnavailableException) IPAddressVO(com.cloud.network.dao.IPAddressVO) VlanVO(com.cloud.dc.VlanVO) NicVO(com.cloud.vm.NicVO)

Example 28 with IpAddressTO

use of com.cloud.agent.api.to.IpAddressTO in project cloudstack by apache.

the class CiscoVnmcElement method configureSourceNat.

private boolean configureSourceNat(long vlanId, String guestCidr, PublicIp sourceNatIp, long hostId) {
    boolean add = (sourceNatIp.getState() == IpAddress.State.Releasing ? false : true);
    IpAddressTO ip = new IpAddressTO(sourceNatIp.getAccountId(), sourceNatIp.getAddress().addr(), add, false, sourceNatIp.isSourceNat(), sourceNatIp.getVlanTag(), sourceNatIp.getGateway(), sourceNatIp.getNetmask(), sourceNatIp.getMacAddress(), null, sourceNatIp.isOneToOneNat());
    boolean addSourceNat = false;
    if (sourceNatIp.isSourceNat()) {
        addSourceNat = add;
    }
    SetSourceNatCommand cmd = new SetSourceNatCommand(ip, addSourceNat);
    cmd.setContextParam(NetworkElementCommand.GUEST_VLAN_TAG, Long.toString(vlanId));
    cmd.setContextParam(NetworkElementCommand.GUEST_NETWORK_CIDR, guestCidr);
    Answer answer = _agentMgr.easySend(hostId, cmd);
    return answer.getResult();
}
Also used : Answer(com.cloud.agent.api.Answer) IpAddressTO(com.cloud.agent.api.to.IpAddressTO) SetSourceNatCommand(com.cloud.agent.api.routing.SetSourceNatCommand)

Example 29 with IpAddressTO

use of com.cloud.agent.api.to.IpAddressTO in project cloudstack by apache.

the class CiscoVnmcResourceTest method testSourceNat.

@Test
public void testSourceNat() throws ConfigurationException, Exception {
    long vlanId = 123;
    IpAddressTO ip = new IpAddressTO(1, "1.2.3.4", true, false, false, null, "1.2.3.1", "255.255.255.0", null, null, false);
    SetSourceNatCommand cmd = new SetSourceNatCommand(ip, true);
    cmd.setContextParam(NetworkElementCommand.GUEST_VLAN_TAG, Long.toString(vlanId));
    cmd.setContextParam(NetworkElementCommand.GUEST_NETWORK_CIDR, "1.2.3.4/32");
    _resource.setConnection(_connection);
    when(_connection.login()).thenReturn(true);
    when(_connection.createTenantVDCNatPolicySet(anyString())).thenReturn(true);
    when(_connection.createTenantVDCSourceNatPolicy(anyString(), anyString())).thenReturn(true);
    when(_connection.createTenantVDCSourceNatPolicyRef(anyString(), anyString())).thenReturn(true);
    when(_connection.createTenantVDCSourceNatIpPool(anyString(), anyString(), anyString())).thenReturn(true);
    when(_connection.createTenantVDCSourceNatRule(anyString(), anyString(), anyString(), anyString())).thenReturn(true);
    when(_connection.associateNatPolicySet(anyString())).thenReturn(true);
    Answer answer = _resource.executeRequest(cmd);
    System.out.println(answer.getDetails());
    assertTrue(answer.getResult());
}
Also used : Answer(com.cloud.agent.api.Answer) IpAddressTO(com.cloud.agent.api.to.IpAddressTO) SetSourceNatCommand(com.cloud.agent.api.routing.SetSourceNatCommand) Test(org.junit.Test)

Example 30 with IpAddressTO

use of com.cloud.agent.api.to.IpAddressTO in project cloudstack by apache.

the class PaloAltoResourceTest method implementGuestNetwork.

@Test
public void implementGuestNetwork() throws ConfigurationException, ExecutionException {
    if (_context.containsKey("enable_console_output") && _context.get("enable_console_output").equals("true")) {
        System.out.println("\nTEST: implementGuestNetwork");
        System.out.println("---------------------------------------------------");
    }
    _resource.configure("PaloAltoResource", _resourceParams);
    IpAddressTO ip = new IpAddressTO(Long.valueOf("1"), "192.168.80.102", true, false, true, "untagged", null, null, null, 100, false);
    IpAddressTO[] ips = new IpAddressTO[1];
    ips[0] = ip;
    IpAssocCommand cmd = new IpAssocCommand(ips);
    cmd.setAccessDetail(NetworkElementCommand.GUEST_NETWORK_GATEWAY, "10.3.96.1");
    cmd.setAccessDetail(NetworkElementCommand.GUEST_NETWORK_CIDR, "10.3.96.1/20");
    cmd.setAccessDetail(NetworkElementCommand.GUEST_VLAN_TAG, "3954");
    IpAssocAnswer answer = (IpAssocAnswer) _resource.executeRequest(cmd);
    assertTrue(answer.getResult());
}
Also used : IpAssocAnswer(com.cloud.agent.api.routing.IpAssocAnswer) IpAddressTO(com.cloud.agent.api.to.IpAddressTO) IpAssocCommand(com.cloud.agent.api.routing.IpAssocCommand) Test(org.junit.Test)

Aggregations

IpAddressTO (com.cloud.agent.api.to.IpAddressTO)41 ExecutionResult (com.cloud.utils.ExecutionResult)16 InternalErrorException (com.cloud.exception.InternalErrorException)14 IOException (java.io.IOException)12 ConfigurationException (javax.naming.ConfigurationException)12 IpAssocAnswer (com.cloud.agent.api.routing.IpAssocAnswer)9 IpAssocCommand (com.cloud.agent.api.routing.IpAssocCommand)8 ArrayList (java.util.ArrayList)8 CloudRuntimeException (com.cloud.utils.exception.CloudRuntimeException)7 URISyntaxException (java.net.URISyntaxException)7 HashMap (java.util.HashMap)7 Answer (com.cloud.agent.api.Answer)6 ConnectException (java.net.ConnectException)6 RemoteException (java.rmi.RemoteException)6 IpAssocVpcCommand (com.cloud.agent.api.routing.IpAssocVpcCommand)5 URI (java.net.URI)5 Connect (org.libvirt.Connect)5 LibvirtException (org.libvirt.LibvirtException)5 DataCenterVO (com.cloud.dc.DataCenterVO)4 ExecutionException (com.cloud.utils.exception.ExecutionException)4