Examples with StaticNatRuleTO com.cloud.agent.api.to.StaticNatRuleTO used on opensource projects

Example 11 with StaticNatRuleTO

use of com.cloud.agent.api.to.StaticNatRuleTO in project cloudstack by apache.

the class NiciraNvpResourceTest method testConfigureStaticNatRulesOnLogicalRouterExistingRules.

@Test
public void testConfigureStaticNatRulesOnLogicalRouterExistingRules() throws ConfigurationException, NiciraNvpApiException {
    resource.configure("NiciraNvpResource", parameters);
    /*
         * StaticNat Outside IP: 11.11.11.11 Inside IP: 10.10.10.10
         */
    // Mock the command
    final ConfigureStaticNatRulesOnLogicalRouterCommand cmd = mock(ConfigureStaticNatRulesOnLogicalRouterCommand.class);
    final StaticNatRuleTO rule = new StaticNatRuleTO(1, "11.11.11.11", null, null, "10.10.10.10", null, null, null, false, false);
    final List<StaticNatRuleTO> rules = new ArrayList<StaticNatRuleTO>();
    rules.add(rule);
    when(cmd.getRules()).thenReturn(rules);
    when(cmd.getLogicalRouterUuid()).thenReturn("aaaaa");
    // Mock the api create calls
    final NatRule[] rulepair = resource.generateStaticNatRulePair("10.10.10.10", "11.11.11.11");
    rulepair[0].setUuid(UUID.randomUUID());
    rulepair[1].setUuid(UUID.randomUUID());
    when(nvpApi.createLogicalRouterNatRule(eq("aaaaa"), (NatRule) any())).thenReturn(rulepair[0]).thenReturn(rulepair[1]);
    // Mock the api find call
    final List<NatRule> storedRules = Arrays.asList(rulepair);
    when(nvpApi.findNatRulesByLogicalRouterUuid("aaaaa")).thenReturn(storedRules);
    final ConfigureStaticNatRulesOnLogicalRouterAnswer a = (ConfigureStaticNatRulesOnLogicalRouterAnswer) resource.executeRequest(cmd);
    assertTrue(a.getResult());
    verify(nvpApi, never()).createLogicalRouterNatRule(eq("aaaaa"), argThat(new ArgumentMatcher<NatRule>() {

        @Override
        public boolean matches(final Object argument) {
            final NatRule rule = (NatRule) argument;
            if (rule.getType().equals("DestinationNatRule") && ((DestinationNatRule) rule).getToDestinationIpAddress().equals("10.10.10.10")) {
                return true;
            }
            if (rule.getType().equals("SourceNatRule") && ((SourceNatRule) rule).getToSourceIpAddressMin().equals("11.11.11.11")) {
                return true;
            }
            return false;
        }
    }));
}

Example 12 with StaticNatRuleTO

use of com.cloud.agent.api.to.StaticNatRuleTO in project cloudstack by apache.

the class NiciraNvpResourceTest method testConfigureStaticNatRulesOnLogicalRouterRemoveRules.

@Test
public void testConfigureStaticNatRulesOnLogicalRouterRemoveRules() throws ConfigurationException, NiciraNvpApiException {
    resource.configure("NiciraNvpResource", parameters);
    /*
         * StaticNat Outside IP: 11.11.11.11 Inside IP: 10.10.10.10
         */
    // Mock the command
    final ConfigureStaticNatRulesOnLogicalRouterCommand cmd = mock(ConfigureStaticNatRulesOnLogicalRouterCommand.class);
    final StaticNatRuleTO rule = new StaticNatRuleTO(1, "11.11.11.11", null, null, "10.10.10.10", null, null, null, true, false);
    final List<StaticNatRuleTO> rules = new ArrayList<StaticNatRuleTO>();
    rules.add(rule);
    when(cmd.getRules()).thenReturn(rules);
    when(cmd.getLogicalRouterUuid()).thenReturn("aaaaa");
    // Mock the api create calls
    final NatRule[] rulepair = resource.generateStaticNatRulePair("10.10.10.10", "11.11.11.11");
    final UUID rule0Uuid = UUID.randomUUID();
    final UUID rule1Uuid = UUID.randomUUID();
    rulepair[0].setUuid(rule0Uuid);
    rulepair[1].setUuid(rule1Uuid);
    when(nvpApi.createLogicalRouterNatRule(eq("aaaaa"), (NatRule) any())).thenReturn(rulepair[0]).thenReturn(rulepair[1]);
    // Mock the api find call
    final List<NatRule> storedRules = Arrays.asList(rulepair);
    when(nvpApi.findNatRulesByLogicalRouterUuid("aaaaa")).thenReturn(storedRules);
    final ConfigureStaticNatRulesOnLogicalRouterAnswer a = (ConfigureStaticNatRulesOnLogicalRouterAnswer) resource.executeRequest(cmd);
    assertTrue(a.getResult());
    verify(nvpApi, atLeast(2)).deleteLogicalRouterNatRule(eq("aaaaa"), argThat(new ArgumentMatcher<UUID>() {

        @Override
        public boolean matches(final Object argument) {
            final UUID uuid = (UUID) argument;
            if (rule0Uuid.equals(uuid) || rule1Uuid.equals(uuid)) {
                return true;
            }
            return false;
        }
    }));
}

Example 13 with StaticNatRuleTO

use of com.cloud.agent.api.to.StaticNatRuleTO in project cloudstack by apache.

the class NiciraNvpResourceTest method testConfigureStaticNatRulesOnLogicalRouter.

@Test
public void testConfigureStaticNatRulesOnLogicalRouter() throws ConfigurationException, NiciraNvpApiException {
    resource.configure("NiciraNvpResource", parameters);
    /*
         * StaticNat Outside IP: 11.11.11.11 Inside IP: 10.10.10.10
         */
    // Mock the command
    final ConfigureStaticNatRulesOnLogicalRouterCommand cmd = mock(ConfigureStaticNatRulesOnLogicalRouterCommand.class);
    final StaticNatRuleTO rule = new StaticNatRuleTO(1, "11.11.11.11", null, null, "10.10.10.10", null, null, null, false, false);
    final List<StaticNatRuleTO> rules = new ArrayList<StaticNatRuleTO>();
    rules.add(rule);
    when(cmd.getRules()).thenReturn(rules);
    when(cmd.getLogicalRouterUuid()).thenReturn("aaaaa");
    // Mock the api find call
    @SuppressWarnings("unchecked") final List<NatRule> storedRules = Collections.EMPTY_LIST;
    when(nvpApi.findNatRulesByLogicalRouterUuid("aaaaa")).thenReturn(storedRules);
    // Mock the api create calls
    final NatRule[] rulepair = resource.generateStaticNatRulePair("10.10.10.10", "11.11.11.11");
    rulepair[0].setUuid(UUID.randomUUID());
    rulepair[1].setUuid(UUID.randomUUID());
    when(nvpApi.createLogicalRouterNatRule(eq("aaaaa"), (NatRule) any())).thenReturn(rulepair[0]).thenReturn(rulepair[1]);
    final ConfigureStaticNatRulesOnLogicalRouterAnswer a = (ConfigureStaticNatRulesOnLogicalRouterAnswer) resource.executeRequest(cmd);
    assertTrue(a.getResult());
    verify(nvpApi, atLeast(2)).createLogicalRouterNatRule(eq("aaaaa"), argThat(new ArgumentMatcher<NatRule>() {

        @Override
        public boolean matches(final Object argument) {
            final NatRule rule = (NatRule) argument;
            if (rule.getType().equals("DestinationNatRule") && ((DestinationNatRule) rule).getToDestinationIpAddress().equals("10.10.10.10")) {
                return true;
            }
            if (rule.getType().equals("SourceNatRule") && ((SourceNatRule) rule).getToSourceIpAddressMin().equals("11.11.11.11")) {
                return true;
            }
            return false;
        }
    }));
}

Example 14 with StaticNatRuleTO

use of com.cloud.agent.api.to.StaticNatRuleTO in project cloudstack by apache.

the class CiscoVnmcResource method execute.

private Answer execute(SetStaticNatRulesCommand cmd, int numRetries) {
    String vlanId = cmd.getContextParam(NetworkElementCommand.GUEST_VLAN_TAG);
    String tenant = "vlan-" + vlanId;
    StaticNatRuleTO[] rules = cmd.getRules();
    Map<String, List<StaticNatRuleTO>> publicIpRulesMap = new HashMap<String, List<StaticNatRuleTO>>();
    for (StaticNatRuleTO rule : rules) {
        String publicIp = rule.getSrcIp();
        if (!publicIpRulesMap.containsKey(publicIp)) {
            List<StaticNatRuleTO> publicIpRulesList = new ArrayList<StaticNatRuleTO>();
            publicIpRulesMap.put(publicIp, publicIpRulesList);
        }
        publicIpRulesMap.get(publicIp).add(rule);
    }
    try {
        if (!_connection.createTenantVDCNatPolicySet(tenant)) {
            throw new ExecutionException("Failed to create NAT policy set in VNMC for guest network with vlan " + vlanId);
        }
        if (!_connection.createTenantVDCAclPolicySet(tenant, true)) {
            throw new ExecutionException("Failed to create ACL ingress policy set in VNMC for guest network with vlan " + vlanId);
        }
        if (!_connection.createTenantVDCAclPolicySet(tenant, false)) {
            throw new ExecutionException("Failed to create ACL egress policy set in VNMC for guest network with vlan " + vlanId);
        }
        for (String publicIp : publicIpRulesMap.keySet()) {
            String policyIdentifier = publicIp.replace('.', '-');
            if (!_connection.createTenantVDCDNatPolicy(tenant, policyIdentifier)) {
                throw new ExecutionException("Failed to create DNAT policy in VNMC for guest network with vlan " + vlanId);
            }
            if (!_connection.createTenantVDCDNatPolicyRef(tenant, policyIdentifier)) {
                throw new ExecutionException("Failed to associate DNAT policy with NAT policy set in VNMC for guest network with vlan " + vlanId);
            }
            if (!_connection.createTenantVDCAclPolicy(tenant, policyIdentifier)) {
                throw new ExecutionException("Failed to create ACL policy in VNMC for guest network with vlan " + vlanId);
            }
            if (!_connection.createTenantVDCAclPolicyRef(tenant, policyIdentifier, true)) {
                throw new ExecutionException("Failed to associate ACL policy with ACL ingress policy set in VNMC for guest network with vlan " + vlanId);
            }
            if (!_connection.createTenantVDCAclPolicyRef(tenant, policyIdentifier, false)) {
                throw new ExecutionException("Failed to associate ACL policy with ACL egress policy set in VNMC for guest network with vlan " + vlanId);
            }
            for (StaticNatRuleTO rule : publicIpRulesMap.get(publicIp)) {
                if (rule.revoked()) {
                    if (!_connection.deleteTenantVDCDNatRule(tenant, rule.getId(), policyIdentifier)) {
                        throw new ExecutionException("Failed to delete DNAT rule in VNMC for guest network with vlan " + vlanId);
                    }
                } else {
                    if (!_connection.createTenantVDCDNatIpPool(tenant, Long.toString(rule.getId()), rule.getDstIp())) {
                        throw new ExecutionException("Failed to create DNAT ip pool in VNMC for guest network with vlan " + vlanId);
                    }
                    if (!_connection.createTenantVDCDNatRule(tenant, rule.getId(), policyIdentifier, rule.getSrcIp())) {
                        throw new ExecutionException("Failed to create DNAT rule in VNMC for guest network with vlan " + vlanId);
                    }
                }
            }
        }
        if (!_connection.associateAclPolicySet(tenant)) {
            throw new ExecutionException("Failed to associate source NAT policy set with edge security profile in VNMC for guest network with vlan " + vlanId);
        }
    } catch (ExecutionException e) {
        String msg = "SetStaticNatRulesCommand failed due to " + e.getMessage();
        s_logger.error(msg, e);
        return new Answer(cmd, false, msg);
    }
    return new Answer(cmd, true, "Success");
}

Example 15 with StaticNatRuleTO

use of com.cloud.agent.api.to.StaticNatRuleTO in project cloudstack by apache.

the class CiscoVnmcElement method applyStaticNats.

@Override
public boolean applyStaticNats(Network network, List<? extends StaticNat> rules) throws ResourceUnavailableException {
    if (!_networkModel.isProviderSupportServiceInNetwork(network.getId(), Service.StaticNat, Provider.CiscoVnmc)) {
        s_logger.error("Static NAT service is not provided by Cisco Vnmc device on network " + network.getName());
        return false;
    }
    // Find VNMC host for physical network
    List<CiscoVnmcControllerVO> devices = _ciscoVnmcDao.listByPhysicalNetwork(network.getPhysicalNetworkId());
    if (devices.isEmpty()) {
        s_logger.error("No Cisco Vnmc device on network " + network.getName());
        return true;
    }
    // Find if ASA 1000v is associated with network
    NetworkAsa1000vMapVO asaForNetwork = _networkAsa1000vMapDao.findByNetworkId(network.getId());
    if (asaForNetwork == null) {
        s_logger.debug("Cisco ASA 1000v device is not associated with network " + network.getName());
        return true;
    }
    if (network.getState() == Network.State.Allocated) {
        s_logger.debug("External firewall was asked to apply static NAT rules for network with ID " + network.getId() + "; this network is not implemented. Skipping backend commands.");
        return true;
    }
    CiscoVnmcControllerVO ciscoVnmcDevice = devices.get(0);
    HostVO ciscoVnmcHost = _hostDao.findById(ciscoVnmcDevice.getHostId());
    List<StaticNatRuleTO> rulesTO = new ArrayList<StaticNatRuleTO>();
    for (StaticNat rule : rules) {
        IpAddress sourceIp = _networkModel.getIp(rule.getSourceIpAddressId());
        StaticNatRuleTO ruleTO = new StaticNatRuleTO(rule.getSourceIpAddressId(), sourceIp.getAddress().addr(), null, null, rule.getDestIpAddress(), null, null, null, rule.isForRevoke(), false);
        rulesTO.add(ruleTO);
    }
    if (!rulesTO.isEmpty()) {
        SetStaticNatRulesCommand cmd = new SetStaticNatRulesCommand(rulesTO, null);
        cmd.setContextParam(NetworkElementCommand.GUEST_VLAN_TAG, BroadcastDomainType.getValue(network.getBroadcastUri()));
        cmd.setContextParam(NetworkElementCommand.GUEST_NETWORK_CIDR, network.getCidr());
        Answer answer = _agentMgr.easySend(ciscoVnmcHost.getId(), cmd);
        if (answer == null || !answer.getResult()) {
            String details = (answer != null) ? answer.getDetails() : "details unavailable";
            String msg = "Unable to apply static NAT rules to Cisco ASA 1000v appliance due to: " + details + ".";
            s_logger.error(msg);
            throw new ResourceUnavailableException(msg, DataCenter.class, network.getDataCenterId());
        }
    }
    return true;
}