use of com.cloud.exception.ResourceUnavailableException in project cloudstack by apache.
the class RulesManagerImpl method updatePortForwardingRule.
@Override
@ActionEvent(eventType = EventTypes.EVENT_NET_RULE_MODIFY, eventDescription = "updating forwarding rule", async = true)
public PortForwardingRule updatePortForwardingRule(long id, Integer privatePort, Integer privateEndPort, Long virtualMachineId, Ip vmGuestIp, String customId, Boolean forDisplay) {
Account caller = CallContext.current().getCallingAccount();
PortForwardingRuleVO rule = _portForwardingDao.findById(id);
if (rule == null) {
throw new InvalidParameterValueException("Unable to find " + id);
}
_accountMgr.checkAccess(caller, null, true, rule);
if (customId != null) {
rule.setUuid(customId);
}
if (forDisplay != null) {
rule.setDisplay(forDisplay);
}
if (privatePort != null && !NetUtils.isValidPort(privatePort)) {
throw new InvalidParameterValueException("privatePort is an invalid value: " + privatePort);
}
if (privateEndPort != null && !NetUtils.isValidPort(privateEndPort)) {
throw new InvalidParameterValueException("PrivateEndPort has an invalid value: " + privateEndPort);
}
if (privatePort != null && privateEndPort != null && ((privateEndPort - privatePort) != (rule.getSourcePortEnd() - rule.getSourcePortStart()))) {
throw new InvalidParameterValueException("Unable to update the private port range of port forwarding rule as " + "the provided port range is not consistent with the port range : " + rule.getSourcePortStart() + " to " + rule.getSourcePortEnd());
}
// in case of port range
if (!rule.getSourcePortStart().equals(rule.getSourcePortEnd())) {
if ((privatePort == null || privateEndPort == null) && !(privatePort == null && privateEndPort == null)) {
throw new InvalidParameterValueException("Unable to update the private port range of port forwarding rule as " + "the provided port range is not consistent with the port range : " + rule.getSourcePortStart() + " to " + rule.getSourcePortEnd());
}
}
if (virtualMachineId == null && vmGuestIp != null) {
throw new InvalidParameterValueException("vmguestip should be set along with virtualmachineid");
}
Ip dstIp = rule.getDestinationIpAddress();
if (virtualMachineId != null) {
// Verify that vm has nic in the network
Nic guestNic = _networkModel.getNicInNetwork(virtualMachineId, rule.getNetworkId());
if (guestNic == null || guestNic.getIPv4Address() == null) {
throw new InvalidParameterValueException("Vm doesn't belong to network associated with ipAddress");
} else {
dstIp = new Ip(guestNic.getIPv4Address());
}
if (vmGuestIp != null) {
// vm ip is passed so it can be primary or secondary ip addreess.
if (!dstIp.equals(vmGuestIp)) {
// the vm ip is secondary ip to the nic.
// is vmIp is secondary ip or not
NicSecondaryIp secondaryIp = _nicSecondaryDao.findByIp4AddressAndNicId(vmGuestIp.toString(), guestNic.getId());
if (secondaryIp == null) {
throw new InvalidParameterValueException("IP Address is not in the VM nic's network ");
}
dstIp = vmGuestIp;
}
}
}
// revoke old rules at first
List<PortForwardingRuleVO> rules = new ArrayList<PortForwardingRuleVO>();
rule.setState(State.Revoke);
_portForwardingDao.update(id, rule);
rules.add(rule);
try {
if (!_firewallMgr.applyRules(rules, true, false)) {
throw new CloudRuntimeException("Failed to revoke the existing port forwarding rule:" + id);
}
} catch (ResourceUnavailableException ex) {
throw new CloudRuntimeException("Failed to revoke the existing port forwarding rule:" + id + " due to ", ex);
}
rule = _portForwardingDao.findById(id);
rule.setState(State.Add);
if (privatePort != null) {
rule.setDestinationPortStart(privatePort.intValue());
rule.setDestinationPortEnd((privateEndPort == null) ? privatePort.intValue() : privateEndPort.intValue());
} else if (privateEndPort != null) {
rule.setDestinationPortStart(privateEndPort.intValue());
rule.setDestinationPortEnd(privateEndPort);
}
if (virtualMachineId != null) {
rule.setVirtualMachineId(virtualMachineId);
rule.setDestinationIpAddress(dstIp);
}
_portForwardingDao.update(id, rule);
// apply new rules
if (!applyPortForwardingRules(rule.getSourceIpAddressId(), false, caller)) {
throw new CloudRuntimeException("Failed to apply the new port forwarding rule:" + id);
}
return _portForwardingDao.findById(id);
}
use of com.cloud.exception.ResourceUnavailableException in project cloudstack by apache.
the class RulesManagerImpl method applyStaticNatForIp.
protected boolean applyStaticNatForIp(long sourceIpId, boolean continueOnError, Account caller, boolean forRevoke) {
IpAddress sourceIp = _ipAddressDao.findById(sourceIpId);
List<StaticNat> staticNats = createStaticNatForIp(sourceIp, caller, forRevoke);
if (staticNats != null && !staticNats.isEmpty()) {
try {
if (!_ipAddrMgr.applyStaticNats(staticNats, continueOnError, forRevoke)) {
return false;
}
} catch (ResourceUnavailableException ex) {
s_logger.warn("Failed to create static nat rule due to ", ex);
return false;
}
}
return true;
}
use of com.cloud.exception.ResourceUnavailableException in project cloudstack by apache.
the class RulesManagerImpl method applyStaticNatForNetwork.
@Override
public boolean applyStaticNatForNetwork(long networkId, boolean continueOnError, Account caller, boolean forRevoke) {
List<? extends IpAddress> staticNatIps = _ipAddressDao.listStaticNatPublicIps(networkId);
List<StaticNat> staticNats = new ArrayList<StaticNat>();
for (IpAddress staticNatIp : staticNatIps) {
staticNats.addAll(createStaticNatForIp(staticNatIp, caller, forRevoke));
}
if (staticNats != null && !staticNats.isEmpty()) {
if (forRevoke) {
s_logger.debug("Found " + staticNats.size() + " static nats to disable for network id " + networkId);
}
try {
if (!_ipAddrMgr.applyStaticNats(staticNats, continueOnError, forRevoke)) {
return false;
}
} catch (ResourceUnavailableException ex) {
s_logger.warn("Failed to create static nat rule due to ", ex);
return false;
}
} else {
s_logger.debug("Found 0 static nat rules to apply for network id " + networkId);
}
return true;
}
use of com.cloud.exception.ResourceUnavailableException in project cloudstack by apache.
the class RulesManagerImpl method getSystemIpAndEnableStaticNatForVm.
@Override
public void getSystemIpAndEnableStaticNatForVm(VirtualMachine vm, boolean getNewIp) throws InsufficientAddressCapacityException {
boolean success = true;
// enable static nat if eIp capability is supported
List<? extends Nic> nics = _nicDao.listByVmId(vm.getId());
for (Nic nic : nics) {
Network guestNetwork = _networkModel.getNetwork(nic.getNetworkId());
NetworkOffering offering = _entityMgr.findById(NetworkOffering.class, guestNetwork.getNetworkOfferingId());
if (offering.isElasticIp()) {
boolean isSystemVM = (vm.getType() == Type.ConsoleProxy || vm.getType() == Type.SecondaryStorageVm);
// for user VM's associate public IP only if offering is marked to associate a public IP by default on start of VM
if (!isSystemVM && !offering.isAssociatePublicIP()) {
continue;
}
// check if there is already static nat enabled
if (_ipAddressDao.findByAssociatedVmId(vm.getId()) != null && !getNewIp) {
s_logger.debug("Vm " + vm + " already has ip associated with it in guest network " + guestNetwork);
continue;
}
s_logger.debug("Allocating system ip and enabling static nat for it for the vm " + vm + " in guest network " + guestNetwork);
IpAddress ip = _ipAddrMgr.assignSystemIp(guestNetwork.getId(), _accountMgr.getAccount(vm.getAccountId()), false, true);
if (ip == null) {
throw new CloudRuntimeException("Failed to allocate system ip for vm " + vm + " in guest network " + guestNetwork);
}
s_logger.debug("Allocated system ip " + ip + ", now enabling static nat on it for vm " + vm);
try {
success = enableStaticNat(ip.getId(), vm.getId(), guestNetwork.getId(), isSystemVM, null);
} catch (NetworkRuleConflictException ex) {
s_logger.warn("Failed to enable static nat as a part of enabling elasticIp and staticNat for vm " + vm + " in guest network " + guestNetwork + " due to exception ", ex);
success = false;
} catch (ResourceUnavailableException ex) {
s_logger.warn("Failed to enable static nat as a part of enabling elasticIp and staticNat for vm " + vm + " in guest network " + guestNetwork + " due to exception ", ex);
success = false;
}
if (!success) {
s_logger.warn("Failed to enable static nat on system ip " + ip + " for the vm " + vm + ", releasing the ip...");
_ipAddrMgr.handleSystemIpRelease(ip);
throw new CloudRuntimeException("Failed to enable static nat on system ip for the vm " + vm);
} else {
s_logger.warn("Succesfully enabled static nat on system ip " + ip + " for the vm " + vm);
}
}
}
}
use of com.cloud.exception.ResourceUnavailableException in project cloudstack by apache.
the class NetworkACLServiceImpl method createAclListForNetworkAndReturnAclListId.
/**
* This method will created a network ACL for the provided network. This method will behave as follows:
* <ul>
* <li> If the network offering does not support ACLs ( {@link NetworkModel#areServicesSupportedByNetworkOffering(long, com.cloud.network.Network.Service...)} ), then it throws an {@link InvalidParameterValueException};
* <li> If the network does not have any VPC, it throws an {@link InvalidParameterValueException};
* <li> If everything is OK so far, we try to create the ACL using {@link NetworkACLManagerImpl#createNetworkACL(String, String, long, Boolean)} method.
* <ul>
* <li> If the ACL is not created we throw a {@link CloudRuntimeException};
* <li> otherwise, the workflow continues.
* </ul>
* <li> With the ACL in our hands, we try to apply it. If it does not work we throw a {@link CloudRuntimeException}.
* </ul>
*
* @return the Id of the network ACL that is created.
*/
protected Long createAclListForNetworkAndReturnAclListId(CreateNetworkACLCmd aclItemCmd, Network network) {
s_logger.debug("Network " + network.getId() + " is not associated with any ACL. Creating an ACL before adding acl item");
if (!networkModel.areServicesSupportedByNetworkOffering(network.getNetworkOfferingId(), Network.Service.NetworkACL)) {
throw new InvalidParameterValueException("Network Offering does not support NetworkACL service");
}
Vpc vpc = _entityMgr.findById(Vpc.class, network.getVpcId());
if (vpc == null) {
throw new InvalidParameterValueException("Unable to find Vpc associated with the Network");
}
String aclName = "VPC_" + vpc.getName() + "_Tier_" + network.getName() + "_ACL_" + network.getUuid();
String description = "ACL for " + aclName;
NetworkACL acl = _networkAclMgr.createNetworkACL(aclName, description, network.getVpcId(), aclItemCmd.isDisplay());
if (acl == null) {
throw new CloudRuntimeException("Error while create ACL before adding ACL Item for network " + network.getId());
}
s_logger.debug("Created ACL: " + aclName + " for network " + network.getId());
Long aclId = acl.getId();
// Apply acl to network
try {
if (!_networkAclMgr.replaceNetworkACL(acl, (NetworkVO) network)) {
throw new CloudRuntimeException("Unable to apply auto created ACL to network " + network.getId());
}
s_logger.debug("Created ACL is applied to network " + network.getId());
} catch (ResourceUnavailableException e) {
throw new CloudRuntimeException("Unable to apply auto created ACL to network " + network.getId(), e);
}
return aclId;
}
Aggregations