Example 1 with PrivateGateway
use of com.cloud.legacymodel.network.vpc.PrivateGateway in project cosmic by MissionCriticalCloud.
the class VpcManagerImpl method cleanupVpcResources.
private boolean cleanupVpcResources(final long vpcId, final Account caller, final long callerUserId) throws ResourceUnavailableException, ConcurrentOperationException {
s_logger.debug("Cleaning up resources for vpc id=" + vpcId);
boolean success = true;
// 1) Remove VPN connections and VPN gateway
s_logger.debug("Cleaning up existed site to site VPN connections");
_s2sVpnMgr.cleanupVpnConnectionByVpc(vpcId);
s_logger.debug("Cleaning up existed site to site VPN gateways");
_s2sVpnMgr.cleanupVpnGatewayByVpc(vpcId);
// 2) release all ip addresses
final List<IPAddressVO> ipsToRelease = _ipAddressDao.listByVpc(vpcId, null);
s_logger.debug("Releasing ips for vpc id=" + vpcId + " as a part of vpc cleanup");
for (final IPAddressVO ipToRelease : ipsToRelease) {
success = success && _ipAddrMgr.disassociatePublicIpAddress(ipToRelease.getId(), callerUserId, caller);
if (!success) {
s_logger.warn("Failed to cleanup ip " + ipToRelease + " as a part of vpc id=" + vpcId + " cleanup");
}
}
if (success) {
s_logger.debug("Released ip addresses for vpc id=" + vpcId + " as a part of cleanup vpc process");
} else {
s_logger.warn("Failed to release ip addresses for vpc id=" + vpcId + " as a part of cleanup vpc process");
// although it failed, proceed to the next cleanup step as it
// doesn't depend on the public ip release
}
// 3) Delete all static route rules
if (!revokeStaticRoutesForVpc(vpcId, caller)) {
s_logger.warn("Failed to revoke static routes for vpc " + vpcId + " as a part of cleanup vpc process");
return false;
}
// 4) Delete private gateways
final List<PrivateGateway> gateways = getVpcPrivateGateways(vpcId);
if (gateways != null) {
for (final PrivateGateway gateway : gateways) {
if (gateway != null) {
s_logger.debug("Deleting private gateway " + gateway + " as a part of vpc " + vpcId + " resources cleanup");
if (!deleteVpcPrivateGateway(gateway.getId())) {
success = false;
s_logger.debug("Failed to delete private gateway " + gateway + " as a part of vpc " + vpcId + " resources cleanup");
} else {
s_logger.debug("Deleted private gateway " + gateway + " as a part of vpc " + vpcId + " resources cleanup");
}
}
}
}
// 5) Delete ACLs
final SearchBuilder<NetworkACLVO> searchBuilder = _networkAclDao.createSearchBuilder();
searchBuilder.and("vpcId", searchBuilder.entity().getVpcId(), Op.IN);
final SearchCriteria<NetworkACLVO> searchCriteria = searchBuilder.create();
searchCriteria.setParameters("vpcId", vpcId, 0);
final Filter filter = new Filter(NetworkACLVO.class, "id", false, null, null);
final Pair<List<NetworkACLVO>, Integer> aclsCountPair = _networkAclDao.searchAndCount(searchCriteria, filter);
final List<NetworkACLVO> acls = aclsCountPair.first();
acls.forEach(networkAcl -> {
if (networkAcl.getId() != NetworkACL.DEFAULT_ALLOW && networkAcl.getId() != NetworkACL.DEFAULT_DENY) {
_networkAclMgr.deleteNetworkACL(networkAcl);
}
});
// 6) Deleting sync networks
final List<NetworkVO> syncNetworks = _ntwkDao.listSyncNetworksByVpc(vpcId);
syncNetworks.forEach(syncNetwork -> _ntwkMgr.removeAndShutdownSyncNetwork(syncNetwork.getId()));
return success;
}
Also used :
NetworkVO(com.cloud.network.dao.NetworkVO)
PrivateGateway(com.cloud.legacymodel.network.vpc.PrivateGateway)
Filter(com.cloud.utils.db.Filter)
IPAddressVO(com.cloud.network.dao.IPAddressVO)
ArrayList(java.util.ArrayList)
List(java.util.List)
LinkedList(java.util.LinkedList)
Example 2 with PrivateGateway
use of com.cloud.legacymodel.network.vpc.PrivateGateway in project cosmic by MissionCriticalCloud.
the class NetworkACLManagerImpl method applyNetworkACL.
@Override
public boolean applyNetworkACL(final long aclId) throws ResourceUnavailableException {
boolean applyToNetworksFailed = false;
boolean applyToPrivateGatewaysFailed = false;
boolean applyToIpAddressesFailed = false;
final List<NetworkACLItemVO> rules = _networkACLItemDao.listByACL(aclId);
final List<NetworkVO> networks = _networkDao.listByAclId(aclId);
for (final NetworkVO network : networks) {
if (!applyACLItemsToNetwork(network.getId(), rules)) {
applyToNetworksFailed = true;
s_logger.debug("Failed to apply ACL item to Network [" + network.getId() + "], ACL [" + aclId + "]");
break;
}
}
final List<VpcGatewayVO> vpcGateways = _vpcGatewayDao.listByAclIdAndType(aclId, VpcGateway.Type.Private);
for (final VpcGatewayVO vpcGateway : vpcGateways) {
final PrivateGateway privateGateway = _vpcSvc.getVpcPrivateGateway(vpcGateway.getId());
if (!applyACLToPrivateGw(privateGateway)) {
applyToPrivateGatewaysFailed = true;
s_logger.debug("Failed to apply ACL item to Private Gateway [" + privateGateway.getId() + "], ACL [" + aclId + "]");
break;
}
}
final List<IPAddressVO> ipAddresses = _ipAddressDao.listByAclId(aclId);
for (final IPAddressVO ipAddress : ipAddresses) {
if (!applyACLItemsToPublicIp(ipAddress.getId(), rules)) {
applyToIpAddressesFailed = true;
s_logger.debug("Failed to apply ACL item to IP Address [" + ipAddress.getId() + "], ACL [" + aclId + "]");
break;
}
}
if (!applyToNetworksFailed && !applyToPrivateGatewaysFailed && !applyToIpAddressesFailed) {
for (final NetworkACLItem rule : rules) {
if (rule.getState() == NetworkACLItem.State.Revoke) {
removeRule(rule);
} else if (rule.getState() == NetworkACLItem.State.Add) {
final NetworkACLItemVO ruleVO = _networkACLItemDao.findById(rule.getId());
ruleVO.setState(NetworkACLItem.State.Active);
_networkACLItemDao.update(ruleVO.getId(), ruleVO);
}
}
}
return !applyToNetworksFailed && !applyToPrivateGatewaysFailed && !applyToIpAddressesFailed;
}
Also used :
NetworkVO(com.cloud.network.dao.NetworkVO)
NetworkACLItem(com.cloud.legacymodel.network.vpc.NetworkACLItem)
IPAddressVO(com.cloud.network.dao.IPAddressVO)
PrivateGateway(com.cloud.legacymodel.network.vpc.PrivateGateway)
Example 3 with PrivateGateway
use of com.cloud.legacymodel.network.vpc.PrivateGateway in project cosmic by MissionCriticalCloud.
the class ListPrivateGatewaysCmd method execute.
@Override
public void execute() {
final Pair<List<PrivateGateway>, Integer> gateways = _vpcService.listPrivateGateway(this);
final ListResponse<PrivateGatewayResponse> response = new ListResponse<>();
final List<PrivateGatewayResponse> projectResponses = new ArrayList<>();
for (final PrivateGateway gateway : gateways.first()) {
final PrivateGatewayResponse gatewayResponse = _responseGenerator.createPrivateGatewayResponse(gateway);
projectResponses.add(gatewayResponse);
}
response.setResponses(projectResponses, gateways.second());
response.setResponseName(getCommandName());
setResponseObject(response);
}
Also used :
PrivateGatewayResponse(com.cloud.api.response.PrivateGatewayResponse)
ListResponse(com.cloud.api.response.ListResponse)
ArrayList(java.util.ArrayList)
ArrayList(java.util.ArrayList)
List(java.util.List)
PrivateGateway(com.cloud.legacymodel.network.vpc.PrivateGateway)
Example 4 with PrivateGateway
use of com.cloud.legacymodel.network.vpc.PrivateGateway in project cosmic by MissionCriticalCloud.
the class NetworkACLManagerTest method driveTestApplyNetworkACL.
public void driveTestApplyNetworkACL(final boolean result, final boolean applyNetworkACLs, final boolean applyACLToPrivateGw) throws Exception {
// In order to test ONLY our scope method, we mock the others
final NetworkACLManager aclManager = Mockito.spy(_aclMgr);
// Prepare
// Reset mocked objects to reuse
Mockito.reset(_networkACLItemDao);
// Make sure it is handled
final long aclId = 1L;
final NetworkVO network = Mockito.mock(NetworkVO.class);
final List<NetworkVO> networks = new ArrayList<>();
networks.add(network);
Mockito.when(_networkDao.listByAclId(Matchers.anyLong())).thenReturn(networks);
Mockito.when(_networkDao.findById(Matchers.anyLong())).thenReturn(network);
Mockito.when(_networkModel.isProviderSupportServiceInNetwork(Matchers.anyLong(), Matchers.any(Network.Service.class), Matchers.any(Network.Provider.class))).thenReturn(true);
Mockito.when(_networkAclElements.get(0).applyNetworkACLs(Matchers.any(Network.class), Matchers.anyList())).thenReturn(applyNetworkACLs);
// Make sure it applies ACL to private gateway
final List<VpcGatewayVO> vpcGateways = new ArrayList<>();
final VpcGatewayVO vpcGateway = Mockito.mock(VpcGatewayVO.class);
final PrivateGateway privateGateway = Mockito.mock(PrivateGateway.class);
Mockito.when(_vpcSvc.getVpcPrivateGateway(Mockito.anyLong())).thenReturn(privateGateway);
vpcGateways.add(vpcGateway);
Mockito.when(_vpcGatewayDao.listByAclIdAndType(aclId, VpcGateway.Type.Private)).thenReturn(vpcGateways);
// Create 4 rules to test all 4 scenarios: only revoke should
// be deleted, only add should update
final List<NetworkACLItemVO> rules = new ArrayList<>();
final NetworkACLItemVO ruleActive = Mockito.mock(NetworkACLItemVO.class);
final NetworkACLItemVO ruleStaged = Mockito.mock(NetworkACLItemVO.class);
final NetworkACLItemVO rule2Revoke = Mockito.mock(NetworkACLItemVO.class);
final NetworkACLItemVO rule2Add = Mockito.mock(NetworkACLItemVO.class);
Mockito.when(ruleActive.getState()).thenReturn(NetworkACLItem.State.Active);
Mockito.when(ruleStaged.getState()).thenReturn(NetworkACLItem.State.Staged);
Mockito.when(rule2Add.getState()).thenReturn(NetworkACLItem.State.Add);
Mockito.when(rule2Revoke.getState()).thenReturn(NetworkACLItem.State.Revoke);
rules.add(ruleActive);
rules.add(ruleStaged);
rules.add(rule2Add);
rules.add(rule2Revoke);
final long revokeId = 8;
Mockito.when(rule2Revoke.getId()).thenReturn(revokeId);
final long addId = 9;
Mockito.when(rule2Add.getId()).thenReturn(addId);
Mockito.when(_networkACLItemDao.findById(addId)).thenReturn(rule2Add);
Mockito.when(_networkACLItemDao.listByACL(aclId)).thenReturn(rules);
// Mock methods to avoid
Mockito.doReturn(applyACLToPrivateGw).when(aclManager).applyACLToPrivateGw(privateGateway);
// Execute
assertEquals("Result was not congruent with applyNetworkACLs and applyACLToPrivateGw", result, aclManager.applyNetworkACL(aclId));
// Assert if conditions met, network ACL was applied
final int timesProcessingDone = applyNetworkACLs && applyACLToPrivateGw ? 1 : 0;
Mockito.verify(_networkACLItemDao, Mockito.times(timesProcessingDone)).remove(revokeId);
Mockito.verify(rule2Add, Mockito.times(timesProcessingDone)).setState(NetworkACLItem.State.Active);
Mockito.verify(_networkACLItemDao, Mockito.times(timesProcessingDone)).update(addId, rule2Add);
}
Also used :
NetworkVO(com.cloud.network.dao.NetworkVO)
VpcGatewayVO(com.cloud.network.vpc.VpcGatewayVO)
ArrayList(java.util.ArrayList)
NetworkOrchestrationService(com.cloud.engine.orchestration.service.NetworkOrchestrationService)
VpcService(com.cloud.network.vpc.VpcService)
NetworkACLItemVO(com.cloud.network.vpc.NetworkACLItemVO)
NetworkACLManager(com.cloud.network.vpc.NetworkACLManager)
NetworkACLServiceProvider(com.cloud.network.element.NetworkACLServiceProvider)
PrivateGateway(com.cloud.legacymodel.network.vpc.PrivateGateway)
Network(com.cloud.legacymodel.network.Network)
Example 5 with PrivateGateway
use of com.cloud.legacymodel.network.vpc.PrivateGateway in project cosmic by MissionCriticalCloud.
the class CreatePrivateGatewayCmd method create.
// ///////////////////////////////////////////////////
// ///////////////// Accessors ///////////////////////
// ///////////////////////////////////////////////////
@Override
public void create() throws ResourceAllocationException {
PrivateGateway result;
try {
result = _vpcService.createVpcPrivateGateway(getVpcId(), getStartIp(), getGateway(), getNetmask(), getEntityDomainId(), getNetworkId(), getIsSourceNat(), getAclId());
} catch (final InsufficientCapacityException ex) {
s_logger.info(ex.toString());
throw new ServerApiException(ApiErrorCode.INSUFFICIENT_CAPACITY_ERROR, ex.getMessage());
} catch (final ConcurrentOperationException ex) {
s_logger.warn("Exception: ", ex);
throw new ServerApiException(ApiErrorCode.INTERNAL_ERROR, ex.getMessage());
}
if (result != null) {
setEntityId(result.getId());
setEntityUuid(result.getUuid());
} else {
throw new ServerApiException(ApiErrorCode.INTERNAL_ERROR, "Failed to create private gateway");
}
}
Also used :
ServerApiException(com.cloud.api.ServerApiException)
InsufficientCapacityException(com.cloud.legacymodel.exceptions.InsufficientCapacityException)
ConcurrentOperationException(com.cloud.legacymodel.exceptions.ConcurrentOperationException)
PrivateGateway(com.cloud.legacymodel.network.vpc.PrivateGateway)
Aggregations
PrivateGateway (com.cloud.legacymodel.network.vpc.PrivateGateway)12
ArrayList (java.util.ArrayList)6
List (java.util.List)5
NetworkVO (com.cloud.network.dao.NetworkVO)4
ServerApiException (com.cloud.api.ServerApiException)3
ActionEvent (com.cloud.event.ActionEvent)3
ConcurrentOperationException (com.cloud.legacymodel.exceptions.ConcurrentOperationException)3
InvalidParameterValueException (com.cloud.legacymodel.exceptions.InvalidParameterValueException)3
Network (com.cloud.legacymodel.network.Network)3
Account (com.cloud.legacymodel.user.Account)3
IPAddressVO (com.cloud.network.dao.IPAddressVO)3
LinkedList (java.util.LinkedList)3
PrivateGatewayResponse (com.cloud.api.response.PrivateGatewayResponse)2
InsufficientCapacityException (com.cloud.legacymodel.exceptions.InsufficientCapacityException)2
Provider (com.cloud.legacymodel.network.Network.Provider)2
Vpc (com.cloud.legacymodel.network.vpc.Vpc)2
VpcGateway (com.cloud.legacymodel.network.vpc.VpcGateway)2
VpcProvider (com.cloud.network.element.VpcProvider)2
DB (com.cloud.utils.db.DB)2
Filter (com.cloud.utils.db.Filter)2
