use of com.cloud.legacymodel.network.vpc.PrivateGateway in project cosmic by MissionCriticalCloud.
the class VpcManagerImpl method cleanupVpcResources.
private boolean cleanupVpcResources(final long vpcId, final Account caller, final long callerUserId) throws ResourceUnavailableException, ConcurrentOperationException {
s_logger.debug("Cleaning up resources for vpc id=" + vpcId);
boolean success = true;
// 1) Remove VPN connections and VPN gateway
s_logger.debug("Cleaning up existed site to site VPN connections");
_s2sVpnMgr.cleanupVpnConnectionByVpc(vpcId);
s_logger.debug("Cleaning up existed site to site VPN gateways");
_s2sVpnMgr.cleanupVpnGatewayByVpc(vpcId);
// 2) release all ip addresses
final List<IPAddressVO> ipsToRelease = _ipAddressDao.listByVpc(vpcId, null);
s_logger.debug("Releasing ips for vpc id=" + vpcId + " as a part of vpc cleanup");
for (final IPAddressVO ipToRelease : ipsToRelease) {
success = success && _ipAddrMgr.disassociatePublicIpAddress(ipToRelease.getId(), callerUserId, caller);
if (!success) {
s_logger.warn("Failed to cleanup ip " + ipToRelease + " as a part of vpc id=" + vpcId + " cleanup");
}
}
if (success) {
s_logger.debug("Released ip addresses for vpc id=" + vpcId + " as a part of cleanup vpc process");
} else {
s_logger.warn("Failed to release ip addresses for vpc id=" + vpcId + " as a part of cleanup vpc process");
// although it failed, proceed to the next cleanup step as it
// doesn't depend on the public ip release
}
// 3) Delete all static route rules
if (!revokeStaticRoutesForVpc(vpcId, caller)) {
s_logger.warn("Failed to revoke static routes for vpc " + vpcId + " as a part of cleanup vpc process");
return false;
}
// 4) Delete private gateways
final List<PrivateGateway> gateways = getVpcPrivateGateways(vpcId);
if (gateways != null) {
for (final PrivateGateway gateway : gateways) {
if (gateway != null) {
s_logger.debug("Deleting private gateway " + gateway + " as a part of vpc " + vpcId + " resources cleanup");
if (!deleteVpcPrivateGateway(gateway.getId())) {
success = false;
s_logger.debug("Failed to delete private gateway " + gateway + " as a part of vpc " + vpcId + " resources cleanup");
} else {
s_logger.debug("Deleted private gateway " + gateway + " as a part of vpc " + vpcId + " resources cleanup");
}
}
}
}
// 5) Delete ACLs
final SearchBuilder<NetworkACLVO> searchBuilder = _networkAclDao.createSearchBuilder();
searchBuilder.and("vpcId", searchBuilder.entity().getVpcId(), Op.IN);
final SearchCriteria<NetworkACLVO> searchCriteria = searchBuilder.create();
searchCriteria.setParameters("vpcId", vpcId, 0);
final Filter filter = new Filter(NetworkACLVO.class, "id", false, null, null);
final Pair<List<NetworkACLVO>, Integer> aclsCountPair = _networkAclDao.searchAndCount(searchCriteria, filter);
final List<NetworkACLVO> acls = aclsCountPair.first();
acls.forEach(networkAcl -> {
if (networkAcl.getId() != NetworkACL.DEFAULT_ALLOW && networkAcl.getId() != NetworkACL.DEFAULT_DENY) {
_networkAclMgr.deleteNetworkACL(networkAcl);
}
});
// 6) Deleting sync networks
final List<NetworkVO> syncNetworks = _ntwkDao.listSyncNetworksByVpc(vpcId);
syncNetworks.forEach(syncNetwork -> _ntwkMgr.removeAndShutdownSyncNetwork(syncNetwork.getId()));
return success;
}
use of com.cloud.legacymodel.network.vpc.PrivateGateway in project cosmic by MissionCriticalCloud.
the class NetworkACLManagerImpl method applyNetworkACL.
@Override
public boolean applyNetworkACL(final long aclId) throws ResourceUnavailableException {
boolean applyToNetworksFailed = false;
boolean applyToPrivateGatewaysFailed = false;
boolean applyToIpAddressesFailed = false;
final List<NetworkACLItemVO> rules = _networkACLItemDao.listByACL(aclId);
final List<NetworkVO> networks = _networkDao.listByAclId(aclId);
for (final NetworkVO network : networks) {
if (!applyACLItemsToNetwork(network.getId(), rules)) {
applyToNetworksFailed = true;
s_logger.debug("Failed to apply ACL item to Network [" + network.getId() + "], ACL [" + aclId + "]");
break;
}
}
final List<VpcGatewayVO> vpcGateways = _vpcGatewayDao.listByAclIdAndType(aclId, VpcGateway.Type.Private);
for (final VpcGatewayVO vpcGateway : vpcGateways) {
final PrivateGateway privateGateway = _vpcSvc.getVpcPrivateGateway(vpcGateway.getId());
if (!applyACLToPrivateGw(privateGateway)) {
applyToPrivateGatewaysFailed = true;
s_logger.debug("Failed to apply ACL item to Private Gateway [" + privateGateway.getId() + "], ACL [" + aclId + "]");
break;
}
}
final List<IPAddressVO> ipAddresses = _ipAddressDao.listByAclId(aclId);
for (final IPAddressVO ipAddress : ipAddresses) {
if (!applyACLItemsToPublicIp(ipAddress.getId(), rules)) {
applyToIpAddressesFailed = true;
s_logger.debug("Failed to apply ACL item to IP Address [" + ipAddress.getId() + "], ACL [" + aclId + "]");
break;
}
}
if (!applyToNetworksFailed && !applyToPrivateGatewaysFailed && !applyToIpAddressesFailed) {
for (final NetworkACLItem rule : rules) {
if (rule.getState() == NetworkACLItem.State.Revoke) {
removeRule(rule);
} else if (rule.getState() == NetworkACLItem.State.Add) {
final NetworkACLItemVO ruleVO = _networkACLItemDao.findById(rule.getId());
ruleVO.setState(NetworkACLItem.State.Active);
_networkACLItemDao.update(ruleVO.getId(), ruleVO);
}
}
}
return !applyToNetworksFailed && !applyToPrivateGatewaysFailed && !applyToIpAddressesFailed;
}
use of com.cloud.legacymodel.network.vpc.PrivateGateway in project cosmic by MissionCriticalCloud.
the class ListPrivateGatewaysCmd method execute.
@Override
public void execute() {
final Pair<List<PrivateGateway>, Integer> gateways = _vpcService.listPrivateGateway(this);
final ListResponse<PrivateGatewayResponse> response = new ListResponse<>();
final List<PrivateGatewayResponse> projectResponses = new ArrayList<>();
for (final PrivateGateway gateway : gateways.first()) {
final PrivateGatewayResponse gatewayResponse = _responseGenerator.createPrivateGatewayResponse(gateway);
projectResponses.add(gatewayResponse);
}
response.setResponses(projectResponses, gateways.second());
response.setResponseName(getCommandName());
setResponseObject(response);
}
use of com.cloud.legacymodel.network.vpc.PrivateGateway in project cosmic by MissionCriticalCloud.
the class NetworkACLManagerTest method driveTestApplyNetworkACL.
public void driveTestApplyNetworkACL(final boolean result, final boolean applyNetworkACLs, final boolean applyACLToPrivateGw) throws Exception {
// In order to test ONLY our scope method, we mock the others
final NetworkACLManager aclManager = Mockito.spy(_aclMgr);
// Prepare
// Reset mocked objects to reuse
Mockito.reset(_networkACLItemDao);
// Make sure it is handled
final long aclId = 1L;
final NetworkVO network = Mockito.mock(NetworkVO.class);
final List<NetworkVO> networks = new ArrayList<>();
networks.add(network);
Mockito.when(_networkDao.listByAclId(Matchers.anyLong())).thenReturn(networks);
Mockito.when(_networkDao.findById(Matchers.anyLong())).thenReturn(network);
Mockito.when(_networkModel.isProviderSupportServiceInNetwork(Matchers.anyLong(), Matchers.any(Network.Service.class), Matchers.any(Network.Provider.class))).thenReturn(true);
Mockito.when(_networkAclElements.get(0).applyNetworkACLs(Matchers.any(Network.class), Matchers.anyList())).thenReturn(applyNetworkACLs);
// Make sure it applies ACL to private gateway
final List<VpcGatewayVO> vpcGateways = new ArrayList<>();
final VpcGatewayVO vpcGateway = Mockito.mock(VpcGatewayVO.class);
final PrivateGateway privateGateway = Mockito.mock(PrivateGateway.class);
Mockito.when(_vpcSvc.getVpcPrivateGateway(Mockito.anyLong())).thenReturn(privateGateway);
vpcGateways.add(vpcGateway);
Mockito.when(_vpcGatewayDao.listByAclIdAndType(aclId, VpcGateway.Type.Private)).thenReturn(vpcGateways);
// Create 4 rules to test all 4 scenarios: only revoke should
// be deleted, only add should update
final List<NetworkACLItemVO> rules = new ArrayList<>();
final NetworkACLItemVO ruleActive = Mockito.mock(NetworkACLItemVO.class);
final NetworkACLItemVO ruleStaged = Mockito.mock(NetworkACLItemVO.class);
final NetworkACLItemVO rule2Revoke = Mockito.mock(NetworkACLItemVO.class);
final NetworkACLItemVO rule2Add = Mockito.mock(NetworkACLItemVO.class);
Mockito.when(ruleActive.getState()).thenReturn(NetworkACLItem.State.Active);
Mockito.when(ruleStaged.getState()).thenReturn(NetworkACLItem.State.Staged);
Mockito.when(rule2Add.getState()).thenReturn(NetworkACLItem.State.Add);
Mockito.when(rule2Revoke.getState()).thenReturn(NetworkACLItem.State.Revoke);
rules.add(ruleActive);
rules.add(ruleStaged);
rules.add(rule2Add);
rules.add(rule2Revoke);
final long revokeId = 8;
Mockito.when(rule2Revoke.getId()).thenReturn(revokeId);
final long addId = 9;
Mockito.when(rule2Add.getId()).thenReturn(addId);
Mockito.when(_networkACLItemDao.findById(addId)).thenReturn(rule2Add);
Mockito.when(_networkACLItemDao.listByACL(aclId)).thenReturn(rules);
// Mock methods to avoid
Mockito.doReturn(applyACLToPrivateGw).when(aclManager).applyACLToPrivateGw(privateGateway);
// Execute
assertEquals("Result was not congruent with applyNetworkACLs and applyACLToPrivateGw", result, aclManager.applyNetworkACL(aclId));
// Assert if conditions met, network ACL was applied
final int timesProcessingDone = applyNetworkACLs && applyACLToPrivateGw ? 1 : 0;
Mockito.verify(_networkACLItemDao, Mockito.times(timesProcessingDone)).remove(revokeId);
Mockito.verify(rule2Add, Mockito.times(timesProcessingDone)).setState(NetworkACLItem.State.Active);
Mockito.verify(_networkACLItemDao, Mockito.times(timesProcessingDone)).update(addId, rule2Add);
}
use of com.cloud.legacymodel.network.vpc.PrivateGateway in project cosmic by MissionCriticalCloud.
the class CreatePrivateGatewayCmd method create.
// ///////////////////////////////////////////////////
// ///////////////// Accessors ///////////////////////
// ///////////////////////////////////////////////////
@Override
public void create() throws ResourceAllocationException {
PrivateGateway result;
try {
result = _vpcService.createVpcPrivateGateway(getVpcId(), getStartIp(), getGateway(), getNetmask(), getEntityDomainId(), getNetworkId(), getIsSourceNat(), getAclId());
} catch (final InsufficientCapacityException ex) {
s_logger.info(ex.toString());
throw new ServerApiException(ApiErrorCode.INSUFFICIENT_CAPACITY_ERROR, ex.getMessage());
} catch (final ConcurrentOperationException ex) {
s_logger.warn("Exception: ", ex);
throw new ServerApiException(ApiErrorCode.INTERNAL_ERROR, ex.getMessage());
}
if (result != null) {
setEntityId(result.getId());
setEntityUuid(result.getUuid());
} else {
throw new ServerApiException(ApiErrorCode.INTERNAL_ERROR, "Failed to create private gateway");
}
}
Aggregations