Search in sources :

Example 1 with PrivateGateway

use of com.cloud.legacymodel.network.vpc.PrivateGateway in project cosmic by MissionCriticalCloud.

the class VpcManagerImpl method cleanupVpcResources.

private boolean cleanupVpcResources(final long vpcId, final Account caller, final long callerUserId) throws ResourceUnavailableException, ConcurrentOperationException {
    s_logger.debug("Cleaning up resources for vpc id=" + vpcId);
    boolean success = true;
    // 1) Remove VPN connections and VPN gateway
    s_logger.debug("Cleaning up existed site to site VPN connections");
    _s2sVpnMgr.cleanupVpnConnectionByVpc(vpcId);
    s_logger.debug("Cleaning up existed site to site VPN gateways");
    _s2sVpnMgr.cleanupVpnGatewayByVpc(vpcId);
    // 2) release all ip addresses
    final List<IPAddressVO> ipsToRelease = _ipAddressDao.listByVpc(vpcId, null);
    s_logger.debug("Releasing ips for vpc id=" + vpcId + " as a part of vpc cleanup");
    for (final IPAddressVO ipToRelease : ipsToRelease) {
        success = success && _ipAddrMgr.disassociatePublicIpAddress(ipToRelease.getId(), callerUserId, caller);
        if (!success) {
            s_logger.warn("Failed to cleanup ip " + ipToRelease + " as a part of vpc id=" + vpcId + " cleanup");
        }
    }
    if (success) {
        s_logger.debug("Released ip addresses for vpc id=" + vpcId + " as a part of cleanup vpc process");
    } else {
        s_logger.warn("Failed to release ip addresses for vpc id=" + vpcId + " as a part of cleanup vpc process");
    // although it failed, proceed to the next cleanup step as it
    // doesn't depend on the public ip release
    }
    // 3) Delete all static route rules
    if (!revokeStaticRoutesForVpc(vpcId, caller)) {
        s_logger.warn("Failed to revoke static routes for vpc " + vpcId + " as a part of cleanup vpc process");
        return false;
    }
    // 4) Delete private gateways
    final List<PrivateGateway> gateways = getVpcPrivateGateways(vpcId);
    if (gateways != null) {
        for (final PrivateGateway gateway : gateways) {
            if (gateway != null) {
                s_logger.debug("Deleting private gateway " + gateway + " as a part of vpc " + vpcId + " resources cleanup");
                if (!deleteVpcPrivateGateway(gateway.getId())) {
                    success = false;
                    s_logger.debug("Failed to delete private gateway " + gateway + " as a part of vpc " + vpcId + " resources cleanup");
                } else {
                    s_logger.debug("Deleted private gateway " + gateway + " as a part of vpc " + vpcId + " resources cleanup");
                }
            }
        }
    }
    // 5) Delete ACLs
    final SearchBuilder<NetworkACLVO> searchBuilder = _networkAclDao.createSearchBuilder();
    searchBuilder.and("vpcId", searchBuilder.entity().getVpcId(), Op.IN);
    final SearchCriteria<NetworkACLVO> searchCriteria = searchBuilder.create();
    searchCriteria.setParameters("vpcId", vpcId, 0);
    final Filter filter = new Filter(NetworkACLVO.class, "id", false, null, null);
    final Pair<List<NetworkACLVO>, Integer> aclsCountPair = _networkAclDao.searchAndCount(searchCriteria, filter);
    final List<NetworkACLVO> acls = aclsCountPair.first();
    acls.forEach(networkAcl -> {
        if (networkAcl.getId() != NetworkACL.DEFAULT_ALLOW && networkAcl.getId() != NetworkACL.DEFAULT_DENY) {
            _networkAclMgr.deleteNetworkACL(networkAcl);
        }
    });
    // 6) Deleting sync networks
    final List<NetworkVO> syncNetworks = _ntwkDao.listSyncNetworksByVpc(vpcId);
    syncNetworks.forEach(syncNetwork -> _ntwkMgr.removeAndShutdownSyncNetwork(syncNetwork.getId()));
    return success;
}
Also used : NetworkVO(com.cloud.network.dao.NetworkVO) PrivateGateway(com.cloud.legacymodel.network.vpc.PrivateGateway) Filter(com.cloud.utils.db.Filter) IPAddressVO(com.cloud.network.dao.IPAddressVO) ArrayList(java.util.ArrayList) List(java.util.List) LinkedList(java.util.LinkedList)

Example 2 with PrivateGateway

use of com.cloud.legacymodel.network.vpc.PrivateGateway in project cosmic by MissionCriticalCloud.

the class NetworkACLManagerImpl method applyNetworkACL.

@Override
public boolean applyNetworkACL(final long aclId) throws ResourceUnavailableException {
    boolean applyToNetworksFailed = false;
    boolean applyToPrivateGatewaysFailed = false;
    boolean applyToIpAddressesFailed = false;
    final List<NetworkACLItemVO> rules = _networkACLItemDao.listByACL(aclId);
    final List<NetworkVO> networks = _networkDao.listByAclId(aclId);
    for (final NetworkVO network : networks) {
        if (!applyACLItemsToNetwork(network.getId(), rules)) {
            applyToNetworksFailed = true;
            s_logger.debug("Failed to apply ACL item to Network [" + network.getId() + "], ACL [" + aclId + "]");
            break;
        }
    }
    final List<VpcGatewayVO> vpcGateways = _vpcGatewayDao.listByAclIdAndType(aclId, VpcGateway.Type.Private);
    for (final VpcGatewayVO vpcGateway : vpcGateways) {
        final PrivateGateway privateGateway = _vpcSvc.getVpcPrivateGateway(vpcGateway.getId());
        if (!applyACLToPrivateGw(privateGateway)) {
            applyToPrivateGatewaysFailed = true;
            s_logger.debug("Failed to apply ACL item to Private Gateway [" + privateGateway.getId() + "], ACL [" + aclId + "]");
            break;
        }
    }
    final List<IPAddressVO> ipAddresses = _ipAddressDao.listByAclId(aclId);
    for (final IPAddressVO ipAddress : ipAddresses) {
        if (!applyACLItemsToPublicIp(ipAddress.getId(), rules)) {
            applyToIpAddressesFailed = true;
            s_logger.debug("Failed to apply ACL item to IP Address [" + ipAddress.getId() + "], ACL [" + aclId + "]");
            break;
        }
    }
    if (!applyToNetworksFailed && !applyToPrivateGatewaysFailed && !applyToIpAddressesFailed) {
        for (final NetworkACLItem rule : rules) {
            if (rule.getState() == NetworkACLItem.State.Revoke) {
                removeRule(rule);
            } else if (rule.getState() == NetworkACLItem.State.Add) {
                final NetworkACLItemVO ruleVO = _networkACLItemDao.findById(rule.getId());
                ruleVO.setState(NetworkACLItem.State.Active);
                _networkACLItemDao.update(ruleVO.getId(), ruleVO);
            }
        }
    }
    return !applyToNetworksFailed && !applyToPrivateGatewaysFailed && !applyToIpAddressesFailed;
}
Also used : NetworkVO(com.cloud.network.dao.NetworkVO) NetworkACLItem(com.cloud.legacymodel.network.vpc.NetworkACLItem) IPAddressVO(com.cloud.network.dao.IPAddressVO) PrivateGateway(com.cloud.legacymodel.network.vpc.PrivateGateway)

Example 3 with PrivateGateway

use of com.cloud.legacymodel.network.vpc.PrivateGateway in project cosmic by MissionCriticalCloud.

the class ListPrivateGatewaysCmd method execute.

@Override
public void execute() {
    final Pair<List<PrivateGateway>, Integer> gateways = _vpcService.listPrivateGateway(this);
    final ListResponse<PrivateGatewayResponse> response = new ListResponse<>();
    final List<PrivateGatewayResponse> projectResponses = new ArrayList<>();
    for (final PrivateGateway gateway : gateways.first()) {
        final PrivateGatewayResponse gatewayResponse = _responseGenerator.createPrivateGatewayResponse(gateway);
        projectResponses.add(gatewayResponse);
    }
    response.setResponses(projectResponses, gateways.second());
    response.setResponseName(getCommandName());
    setResponseObject(response);
}
Also used : PrivateGatewayResponse(com.cloud.api.response.PrivateGatewayResponse) ListResponse(com.cloud.api.response.ListResponse) ArrayList(java.util.ArrayList) ArrayList(java.util.ArrayList) List(java.util.List) PrivateGateway(com.cloud.legacymodel.network.vpc.PrivateGateway)

Example 4 with PrivateGateway

use of com.cloud.legacymodel.network.vpc.PrivateGateway in project cosmic by MissionCriticalCloud.

the class NetworkACLManagerTest method driveTestApplyNetworkACL.

public void driveTestApplyNetworkACL(final boolean result, final boolean applyNetworkACLs, final boolean applyACLToPrivateGw) throws Exception {
    // In order to test ONLY our scope method, we mock the others
    final NetworkACLManager aclManager = Mockito.spy(_aclMgr);
    // Prepare
    // Reset mocked objects to reuse
    Mockito.reset(_networkACLItemDao);
    // Make sure it is handled
    final long aclId = 1L;
    final NetworkVO network = Mockito.mock(NetworkVO.class);
    final List<NetworkVO> networks = new ArrayList<>();
    networks.add(network);
    Mockito.when(_networkDao.listByAclId(Matchers.anyLong())).thenReturn(networks);
    Mockito.when(_networkDao.findById(Matchers.anyLong())).thenReturn(network);
    Mockito.when(_networkModel.isProviderSupportServiceInNetwork(Matchers.anyLong(), Matchers.any(Network.Service.class), Matchers.any(Network.Provider.class))).thenReturn(true);
    Mockito.when(_networkAclElements.get(0).applyNetworkACLs(Matchers.any(Network.class), Matchers.anyList())).thenReturn(applyNetworkACLs);
    // Make sure it applies ACL to private gateway
    final List<VpcGatewayVO> vpcGateways = new ArrayList<>();
    final VpcGatewayVO vpcGateway = Mockito.mock(VpcGatewayVO.class);
    final PrivateGateway privateGateway = Mockito.mock(PrivateGateway.class);
    Mockito.when(_vpcSvc.getVpcPrivateGateway(Mockito.anyLong())).thenReturn(privateGateway);
    vpcGateways.add(vpcGateway);
    Mockito.when(_vpcGatewayDao.listByAclIdAndType(aclId, VpcGateway.Type.Private)).thenReturn(vpcGateways);
    // Create 4 rules to test all 4 scenarios: only revoke should
    // be deleted, only add should update
    final List<NetworkACLItemVO> rules = new ArrayList<>();
    final NetworkACLItemVO ruleActive = Mockito.mock(NetworkACLItemVO.class);
    final NetworkACLItemVO ruleStaged = Mockito.mock(NetworkACLItemVO.class);
    final NetworkACLItemVO rule2Revoke = Mockito.mock(NetworkACLItemVO.class);
    final NetworkACLItemVO rule2Add = Mockito.mock(NetworkACLItemVO.class);
    Mockito.when(ruleActive.getState()).thenReturn(NetworkACLItem.State.Active);
    Mockito.when(ruleStaged.getState()).thenReturn(NetworkACLItem.State.Staged);
    Mockito.when(rule2Add.getState()).thenReturn(NetworkACLItem.State.Add);
    Mockito.when(rule2Revoke.getState()).thenReturn(NetworkACLItem.State.Revoke);
    rules.add(ruleActive);
    rules.add(ruleStaged);
    rules.add(rule2Add);
    rules.add(rule2Revoke);
    final long revokeId = 8;
    Mockito.when(rule2Revoke.getId()).thenReturn(revokeId);
    final long addId = 9;
    Mockito.when(rule2Add.getId()).thenReturn(addId);
    Mockito.when(_networkACLItemDao.findById(addId)).thenReturn(rule2Add);
    Mockito.when(_networkACLItemDao.listByACL(aclId)).thenReturn(rules);
    // Mock methods to avoid
    Mockito.doReturn(applyACLToPrivateGw).when(aclManager).applyACLToPrivateGw(privateGateway);
    // Execute
    assertEquals("Result was not congruent with applyNetworkACLs and applyACLToPrivateGw", result, aclManager.applyNetworkACL(aclId));
    // Assert if conditions met, network ACL was applied
    final int timesProcessingDone = applyNetworkACLs && applyACLToPrivateGw ? 1 : 0;
    Mockito.verify(_networkACLItemDao, Mockito.times(timesProcessingDone)).remove(revokeId);
    Mockito.verify(rule2Add, Mockito.times(timesProcessingDone)).setState(NetworkACLItem.State.Active);
    Mockito.verify(_networkACLItemDao, Mockito.times(timesProcessingDone)).update(addId, rule2Add);
}
Also used : NetworkVO(com.cloud.network.dao.NetworkVO) VpcGatewayVO(com.cloud.network.vpc.VpcGatewayVO) ArrayList(java.util.ArrayList) NetworkOrchestrationService(com.cloud.engine.orchestration.service.NetworkOrchestrationService) VpcService(com.cloud.network.vpc.VpcService) NetworkACLItemVO(com.cloud.network.vpc.NetworkACLItemVO) NetworkACLManager(com.cloud.network.vpc.NetworkACLManager) NetworkACLServiceProvider(com.cloud.network.element.NetworkACLServiceProvider) PrivateGateway(com.cloud.legacymodel.network.vpc.PrivateGateway) Network(com.cloud.legacymodel.network.Network)

Example 5 with PrivateGateway

use of com.cloud.legacymodel.network.vpc.PrivateGateway in project cosmic by MissionCriticalCloud.

the class CreatePrivateGatewayCmd method create.

// ///////////////////////////////////////////////////
// ///////////////// Accessors ///////////////////////
// ///////////////////////////////////////////////////
@Override
public void create() throws ResourceAllocationException {
    PrivateGateway result;
    try {
        result = _vpcService.createVpcPrivateGateway(getVpcId(), getStartIp(), getGateway(), getNetmask(), getEntityDomainId(), getNetworkId(), getIsSourceNat(), getAclId());
    } catch (final InsufficientCapacityException ex) {
        s_logger.info(ex.toString());
        throw new ServerApiException(ApiErrorCode.INSUFFICIENT_CAPACITY_ERROR, ex.getMessage());
    } catch (final ConcurrentOperationException ex) {
        s_logger.warn("Exception: ", ex);
        throw new ServerApiException(ApiErrorCode.INTERNAL_ERROR, ex.getMessage());
    }
    if (result != null) {
        setEntityId(result.getId());
        setEntityUuid(result.getUuid());
    } else {
        throw new ServerApiException(ApiErrorCode.INTERNAL_ERROR, "Failed to create private gateway");
    }
}
Also used : ServerApiException(com.cloud.api.ServerApiException) InsufficientCapacityException(com.cloud.legacymodel.exceptions.InsufficientCapacityException) ConcurrentOperationException(com.cloud.legacymodel.exceptions.ConcurrentOperationException) PrivateGateway(com.cloud.legacymodel.network.vpc.PrivateGateway)

Aggregations

PrivateGateway (com.cloud.legacymodel.network.vpc.PrivateGateway)12 ArrayList (java.util.ArrayList)6 List (java.util.List)5 NetworkVO (com.cloud.network.dao.NetworkVO)4 ServerApiException (com.cloud.api.ServerApiException)3 ActionEvent (com.cloud.event.ActionEvent)3 ConcurrentOperationException (com.cloud.legacymodel.exceptions.ConcurrentOperationException)3 InvalidParameterValueException (com.cloud.legacymodel.exceptions.InvalidParameterValueException)3 Network (com.cloud.legacymodel.network.Network)3 Account (com.cloud.legacymodel.user.Account)3 IPAddressVO (com.cloud.network.dao.IPAddressVO)3 LinkedList (java.util.LinkedList)3 PrivateGatewayResponse (com.cloud.api.response.PrivateGatewayResponse)2 InsufficientCapacityException (com.cloud.legacymodel.exceptions.InsufficientCapacityException)2 Provider (com.cloud.legacymodel.network.Network.Provider)2 Vpc (com.cloud.legacymodel.network.vpc.Vpc)2 VpcGateway (com.cloud.legacymodel.network.vpc.VpcGateway)2 VpcProvider (com.cloud.network.element.VpcProvider)2 DB (com.cloud.utils.db.DB)2 Filter (com.cloud.utils.db.Filter)2