Search in sources :

Example 11 with Network

use of com.cloud.legacymodel.network.Network in project cosmic by MissionCriticalCloud.

the class AdvancedNetworkVisitor method visit.

@Override
public boolean visit(final PrivateGatewayRules privateGW) throws ResourceUnavailableException {
    final VirtualRouter router = privateGW.getRouter();
    final NicProfile nicProfile = privateGW.getNicProfile();
    final boolean add = privateGW.isAddOperation();
    if (router.getState() == State.Running) {
        final PrivateIpVO ipVO = privateGW.retrivePrivateIP(this);
        final Network network = privateGW.retrievePrivateNetwork(this);
        final String netmask = NetUtils.getCidrNetmask(network.getCidr());
        final PrivateIpAddress ip = new PrivateIpAddress(ipVO, network.getBroadcastUri().toString(), network.getGateway(), netmask, nicProfile.getMacAddress());
        final Commands cmds = new Commands(Command.OnError.Stop);
        final List<Ip> ipsToExclude = new ArrayList<>();
        if (!add) {
            ipsToExclude.add(new Ip(NetUtils.ip2Long(ip.getIpAddress())));
        }
        final NetworkOverviewTO networkOverview = _commandSetupHelper.createNetworkOverviewFromRouter(router, new ArrayList<>(), ipsToExclude, new ArrayList<>(), null, null, null);
        final UpdateNetworkOverviewCommand updateNetworkOverviewCommand = _commandSetupHelper.createUpdateNetworkOverviewCommand(router, networkOverview);
        cmds.addCommand(updateNetworkOverviewCommand);
        try {
            if (_networkGeneralHelper.sendCommandsToRouter(router, cmds)) {
                s_logger.debug("Successfully applied ip association for ip " + ip + " in vpc network " + network);
                return true;
            } else {
                s_logger.warn("Failed to associate ip address " + ip + " in vpc network " + network);
                return false;
            }
        } catch (final Exception ex) {
            s_logger.warn("Failed to send  " + (add ? "add " : "delete ") + " private network " + network + " commands to rotuer ");
            return false;
        }
    } else if (router.getState() == State.Stopped || router.getState() == State.Stopping) {
        s_logger.debug("Router " + router.getInstanceName() + " is in " + router.getState() + ", so not sending setup private network command to the backend");
    } else {
        s_logger.warn("Unable to setup private gateway, virtual router " + router + " is not in the right state " + router.getState());
        throw new ResourceUnavailableException("Unable to setup Private gateway on the backend," + " virtual router " + router + " is not in the right state", DataCenter.class, router.getDataCenterId());
    }
    return true;
}
Also used : PrivateIpAddress(com.cloud.network.vpc.PrivateIpAddress) Ip(com.cloud.legacymodel.network.Ip) ArrayList(java.util.ArrayList) PrivateIpVO(com.cloud.network.vpc.PrivateIpVO) UpdateNetworkOverviewCommand(com.cloud.legacymodel.communication.command.UpdateNetworkOverviewCommand) NicProfile(com.cloud.vm.NicProfile) VirtualRouter(com.cloud.legacymodel.network.VirtualRouter) ResourceUnavailableException(com.cloud.legacymodel.exceptions.ResourceUnavailableException) DataCenter(com.cloud.legacymodel.dc.DataCenter) Network(com.cloud.legacymodel.network.Network) Commands(com.cloud.agent.manager.Commands) NetworkOverviewTO(com.cloud.legacymodel.to.NetworkOverviewTO) ResourceUnavailableException(com.cloud.legacymodel.exceptions.ResourceUnavailableException)

Example 12 with Network

use of com.cloud.legacymodel.network.Network in project cosmic by MissionCriticalCloud.

the class NetworkACLManagerImpl method applyACLItemsToNetwork.

public boolean applyACLItemsToNetwork(final long networkId, final List<NetworkACLItemVO> rules) throws ResourceUnavailableException {
    final Network network = _networkDao.findById(networkId);
    boolean handled = false;
    boolean foundProvider = false;
    for (final NetworkACLServiceProvider element : _networkAclElements) {
        final Network.Provider provider = element.getProvider();
        final boolean isAclProvider = _networkModel.isProviderSupportServiceInNetwork(network.getId(), Service.NetworkACL, provider);
        if (!isAclProvider) {
            continue;
        }
        foundProvider = true;
        s_logger.debug("Applying NetworkACL for network: " + network.getId() + " with Network ACL service provider");
        handled = element.applyNetworkACLs(network, rules);
        if (handled) {
            // publish message on message bus, so that network elements implementing distributed routing
            // capability can act on the event
            _messageBus.publish(_name, "Network_ACL_Replaced", PublishScope.LOCAL, network);
            break;
        }
    }
    if (!foundProvider) {
        s_logger.debug("Unable to find NetworkACL service provider for network: " + network.getId());
    }
    return handled;
}
Also used : Network(com.cloud.legacymodel.network.Network) NetworkACLServiceProvider(com.cloud.network.element.NetworkACLServiceProvider)

Example 13 with Network

use of com.cloud.legacymodel.network.Network in project cosmic by MissionCriticalCloud.

the class NetworkACLManagerImpl method applyACLToNetwork.

@Override
public boolean applyACLToNetwork(final long networkId) throws ResourceUnavailableException {
    final Network network = _networkDao.findById(networkId);
    if (network.getNetworkACLId() == null) {
        return true;
    }
    final List<NetworkACLItemVO> rules = _networkACLItemDao.listByACL(network.getNetworkACLId());
    return applyACLItemsToNetwork(networkId, rules);
}
Also used : Network(com.cloud.legacymodel.network.Network)

Example 14 with Network

use of com.cloud.legacymodel.network.Network in project cosmic by MissionCriticalCloud.

the class NetworkACLServiceImpl method listNetworkACLItems.

@Override
public Pair<List<? extends NetworkACLItem>, Integer> listNetworkACLItems(final ListNetworkACLsCmd cmd) {
    final Long networkId = cmd.getNetworkId();
    final Long id = cmd.getId();
    Long aclId = cmd.getAclId();
    final String trafficType = cmd.getTrafficType();
    final String protocol = cmd.getProtocol();
    final String action = cmd.getAction();
    final Map<String, String> tags = cmd.getTags();
    final Account caller = CallContext.current().getCallingAccount();
    final Filter filter = new Filter(NetworkACLItemVO.class, "id", false, cmd.getStartIndex(), cmd.getPageSizeVal());
    final SearchBuilder<NetworkACLItemVO> sb = _networkACLItemDao.createSearchBuilder();
    sb.and("id", sb.entity().getId(), Op.EQ);
    sb.and("aclId", sb.entity().getAclId(), Op.EQ);
    sb.and("trafficType", sb.entity().getTrafficType(), Op.EQ);
    sb.and("protocol", sb.entity().getProtocol(), Op.EQ);
    sb.and("action", sb.entity().getAction(), Op.EQ);
    if (tags != null && !tags.isEmpty()) {
        final SearchBuilder<ResourceTagVO> tagSearch = _resourceTagDao.createSearchBuilder();
        for (int count = 0; count < tags.size(); count++) {
            tagSearch.or().op("key" + String.valueOf(count), tagSearch.entity().getKey(), Op.EQ);
            tagSearch.and("value" + String.valueOf(count), tagSearch.entity().getValue(), Op.EQ);
            tagSearch.cp();
        }
        tagSearch.and("resourceType", tagSearch.entity().getResourceType(), Op.EQ);
        sb.groupBy(sb.entity().getId());
        sb.join("tagSearch", tagSearch, sb.entity().getId(), tagSearch.entity().getResourceId(), JoinBuilder.JoinType.INNER);
    }
    if (aclId == null) {
        // Join with network_acl table when aclId is not specified to list acl_items within permitted VPCs
        final SearchBuilder<NetworkACLVO> vpcSearch = _networkACLDao.createSearchBuilder();
        vpcSearch.and("vpcId", vpcSearch.entity().getVpcId(), Op.IN);
        sb.join("vpcSearch", vpcSearch, sb.entity().getAclId(), vpcSearch.entity().getId(), JoinBuilder.JoinType.INNER);
    }
    final SearchCriteria<NetworkACLItemVO> sc = sb.create();
    if (id != null) {
        sc.setParameters("id", id);
    }
    if (networkId != null) {
        final Network network = _networkDao.findById(networkId);
        aclId = network.getNetworkACLId();
        if (aclId == null) {
            // Return empty list
            return new Pair(new ArrayList<NetworkACLItem>(), 0);
        }
    }
    if (trafficType != null) {
        sc.setParameters("trafficType", trafficType);
    }
    if (aclId != null) {
        // Get VPC and check access
        final NetworkACL acl = _networkACLDao.findById(aclId);
        if (acl.getVpcId() != 0) {
            final Vpc vpc = _vpcDao.findById(acl.getVpcId());
            if (vpc == null) {
                throw new InvalidParameterValueException("Unable to find VPC associated with acl");
            }
            _accountMgr.checkAccess(caller, null, true, vpc);
        }
        sc.setParameters("aclId", aclId);
    } else {
        // ToDo: Add accountId to network_acl_item table for permission check
        // aclId is not specified
        // List permitted VPCs and filter aclItems
        final List<Long> permittedAccounts = new ArrayList<>();
        Long domainId = cmd.getDomainId();
        boolean isRecursive = cmd.isRecursive();
        final String accountName = cmd.getAccountName();
        final Long projectId = cmd.getProjectId();
        final boolean listAll = cmd.listAll();
        final Ternary<Long, Boolean, ListProjectResourcesCriteria> domainIdRecursiveListProject = new Ternary<>(domainId, isRecursive, null);
        _accountMgr.buildACLSearchParameters(caller, id, accountName, projectId, permittedAccounts, domainIdRecursiveListProject, listAll, false);
        domainId = domainIdRecursiveListProject.first();
        isRecursive = domainIdRecursiveListProject.second();
        final ListProjectResourcesCriteria listProjectResourcesCriteria = domainIdRecursiveListProject.third();
        final SearchBuilder<VpcVO> sbVpc = _vpcDao.createSearchBuilder();
        _accountMgr.buildACLSearchBuilder(sbVpc, domainId, isRecursive, permittedAccounts, listProjectResourcesCriteria);
        final SearchCriteria<VpcVO> scVpc = sbVpc.create();
        _accountMgr.buildACLSearchCriteria(scVpc, domainId, isRecursive, permittedAccounts, listProjectResourcesCriteria);
        final List<VpcVO> vpcs = _vpcDao.search(scVpc, null);
        final List<Long> vpcIds = new ArrayList<>();
        for (final VpcVO vpc : vpcs) {
            vpcIds.add(vpc.getId());
        }
        // Add vpc_id 0 to list acl_items in default ACL
        vpcIds.add(0L);
        sc.setJoinParameters("vpcSearch", "vpcId", vpcIds.toArray());
    }
    if (protocol != null) {
        sc.setParameters("protocol", protocol);
    }
    if (action != null) {
        sc.setParameters("action", action);
    }
    if (tags != null && !tags.isEmpty()) {
        int count = 0;
        sc.setJoinParameters("tagSearch", "resourceType", ResourceObjectType.NetworkACL.toString());
        for (final String key : tags.keySet()) {
            sc.setJoinParameters("tagSearch", "key" + String.valueOf(count), key);
            sc.setJoinParameters("tagSearch", "value" + String.valueOf(count), tags.get(key));
            count++;
        }
    }
    final Pair<List<NetworkACLItemVO>, Integer> result = _networkACLItemDao.searchAndCount(sc, filter);
    final List<NetworkACLItemVO> aclItemVOs = result.first();
    for (final NetworkACLItemVO item : aclItemVOs) {
        _networkACLItemDao.loadCidrs(item);
    }
    return new Pair<>(aclItemVOs, result.second());
}
Also used : Account(com.cloud.legacymodel.user.Account) Vpc(com.cloud.legacymodel.network.vpc.Vpc) ArrayList(java.util.ArrayList) NetworkACL(com.cloud.legacymodel.network.vpc.NetworkACL) NetworkACLItem(com.cloud.legacymodel.network.vpc.NetworkACLItem) InvalidParameterValueException(com.cloud.legacymodel.exceptions.InvalidParameterValueException) Network(com.cloud.legacymodel.network.Network) ResourceTagVO(com.cloud.tags.ResourceTagVO) List(java.util.List) ArrayList(java.util.ArrayList) Pair(com.cloud.legacymodel.utils.Pair) Ternary(com.cloud.legacymodel.utils.Ternary) ListProjectResourcesCriteria(com.cloud.projects.Project.ListProjectResourcesCriteria) Filter(com.cloud.utils.db.Filter)

Example 15 with Network

use of com.cloud.legacymodel.network.Network in project cosmic by MissionCriticalCloud.

the class VpcVirtualRouterElement method createPrivateGateway.

@Override
public boolean createPrivateGateway(final PrivateGateway gateway) throws ConcurrentOperationException, ResourceUnavailableException {
    if (gateway.getType() != VpcGateway.Type.Private) {
        s_logger.warn("Type of vpc gateway is not " + VpcGateway.Type.Private);
        return true;
    }
    final List<DomainRouterVO> routers = _vpcRouterMgr.getVpcRouters(gateway.getVpcId());
    if (routers == null || routers.isEmpty()) {
        s_logger.debug(getName() + " element doesn't need to create Private gateway on the backend; VPC virtual router doesn't exist in the vpc id=" + gateway.getVpcId());
        return true;
    }
    final Zone zone = zoneRepository.findById(gateway.getZoneId()).orElse(null);
    final NetworkTopology networkTopology = networkTopologyContext.retrieveNetworkTopology(zone);
    boolean result = true;
    final Network network = _networkDao.findById(gateway.getNetworkId());
    final boolean isPrivateGateway = true;
    for (final DomainRouterVO domainRouterVO : routers) {
        if (networkTopology.setupPrivateGateway(gateway, domainRouterVO)) {
            try {
                final List<NetworkACLItemVO> rules = _networkACLItemDao.listByACL(gateway.getNetworkACLId());
                result = result && networkTopology.applyNetworkACLs(network, rules, domainRouterVO, isPrivateGateway);
            } catch (final Exception ex) {
                s_logger.debug("Failed to apply network acl id  " + gateway.getNetworkACLId() + "  on gateway ");
                return false;
            }
        }
    }
    return result;
}
Also used : Zone(com.cloud.db.model.Zone) NetworkTopology(com.cloud.network.topology.NetworkTopology) Network(com.cloud.legacymodel.network.Network) DomainRouterVO(com.cloud.vm.DomainRouterVO) NetworkACLItemVO(com.cloud.network.vpc.NetworkACLItemVO) InsufficientCapacityException(com.cloud.legacymodel.exceptions.InsufficientCapacityException) IllegalVirtualMachineException(com.cloud.legacymodel.exceptions.IllegalVirtualMachineException) ResourceUnavailableException(com.cloud.legacymodel.exceptions.ResourceUnavailableException) ConcurrentOperationException(com.cloud.legacymodel.exceptions.ConcurrentOperationException) CloudRuntimeException(com.cloud.legacymodel.exceptions.CloudRuntimeException)

Aggregations

Network (com.cloud.legacymodel.network.Network)160 ArrayList (java.util.ArrayList)57 InvalidParameterValueException (com.cloud.legacymodel.exceptions.InvalidParameterValueException)56 Account (com.cloud.legacymodel.user.Account)46 CloudRuntimeException (com.cloud.legacymodel.exceptions.CloudRuntimeException)42 NetworkOffering (com.cloud.offering.NetworkOffering)36 PhysicalNetwork (com.cloud.network.PhysicalNetwork)34 IPAddressVO (com.cloud.network.dao.IPAddressVO)32 ResourceUnavailableException (com.cloud.legacymodel.exceptions.ResourceUnavailableException)30 NetworkVO (com.cloud.network.dao.NetworkVO)28 List (java.util.List)28 Zone (com.cloud.db.model.Zone)27 DB (com.cloud.utils.db.DB)27 NicProfile (com.cloud.vm.NicProfile)26 Nic (com.cloud.legacymodel.network.Nic)21 DataCenter (com.cloud.legacymodel.dc.DataCenter)20 ConcurrentOperationException (com.cloud.legacymodel.exceptions.ConcurrentOperationException)20 PhysicalNetworkVO (com.cloud.network.dao.PhysicalNetworkVO)19 DomainRouterVO (com.cloud.vm.DomainRouterVO)18 ActionEvent (com.cloud.event.ActionEvent)17