Example 16 with IpAddress
use of com.cloud.network.IpAddress in project cloudstack by apache.
the class NetscalerElement method applyStaticNats.
@Override
public boolean applyStaticNats(Network config, List<? extends StaticNat> rules) throws ResourceUnavailableException {
if (!canHandle(config, Service.StaticNat)) {
return false;
}
boolean multiNetScalerDeployment = Boolean.valueOf(_configDao.getValue(Config.EIPWithMultipleNetScalersEnabled.key()));
try {
if (!multiNetScalerDeployment) {
String errMsg;
ExternalLoadBalancerDeviceVO lbDevice = getExternalLoadBalancerForNetwork(config);
if (lbDevice == null) {
try {
lbDevice = allocateLoadBalancerForNetwork(config);
} catch (Exception e) {
errMsg = "Could not allocate a NetSclaer load balancer for configuring static NAT rules due to" + e.getMessage();
s_logger.error(errMsg);
throw new ResourceUnavailableException(errMsg, this.getClass(), 0);
}
}
if (!isNetscalerDevice(lbDevice.getDeviceName())) {
errMsg = "There are no NetScaler load balancer assigned for this network. So NetScaler element will not be handling the static nat rules.";
s_logger.error(errMsg);
throw new ResourceUnavailableException(errMsg, this.getClass(), 0);
}
SetStaticNatRulesAnswer answer = null;
List<StaticNatRuleTO> rulesTO = null;
if (rules != null) {
rulesTO = new ArrayList<StaticNatRuleTO>();
for (StaticNat rule : rules) {
IpAddress sourceIp = _networkMgr.getIp(rule.getSourceIpAddressId());
StaticNatRuleTO ruleTO = new StaticNatRuleTO(0, sourceIp.getAddress().addr(), null, null, rule.getDestIpAddress(), null, null, null, rule.isForRevoke(), false);
rulesTO.add(ruleTO);
}
}
SetStaticNatRulesCommand cmd = new SetStaticNatRulesCommand(rulesTO, null);
answer = (SetStaticNatRulesAnswer) _agentMgr.send(lbDevice.getHostId(), cmd);
if (answer == null) {
return false;
} else {
return answer.getResult();
}
} else {
if (rules != null) {
for (StaticNat rule : rules) {
// validate if EIP rule can be configured.
ExternalLoadBalancerDeviceVO lbDevice = getNetScalerForEIP(rule);
if (lbDevice == null) {
String errMsg = "There is no NetScaler device configured to perform EIP to guest IP address: " + rule.getDestIpAddress();
s_logger.error(errMsg);
throw new ResourceUnavailableException(errMsg, this.getClass(), 0);
}
List<StaticNatRuleTO> rulesTO = new ArrayList<StaticNatRuleTO>();
IpAddress sourceIp = _networkMgr.getIp(rule.getSourceIpAddressId());
StaticNatRuleTO ruleTO = new StaticNatRuleTO(0, sourceIp.getAddress().addr(), null, null, rule.getDestIpAddress(), null, null, null, rule.isForRevoke(), false);
rulesTO.add(ruleTO);
SetStaticNatRulesCommand cmd = new SetStaticNatRulesCommand(rulesTO, null);
// send commands to configure INAT rule on the NetScaler device
SetStaticNatRulesAnswer answer = (SetStaticNatRulesAnswer) _agentMgr.send(lbDevice.getHostId(), cmd);
if (answer == null) {
String errMsg = "Failed to configure INAT rule on NetScaler device " + lbDevice.getHostId();
s_logger.error(errMsg);
throw new ResourceUnavailableException(errMsg, this.getClass(), 0);
}
}
return true;
}
}
return true;
} catch (Exception e) {
s_logger.error("Failed to configure StaticNat rule due to " + e.getMessage());
return false;
}
}
Also used :
StaticNatRuleTO(com.cloud.agent.api.to.StaticNatRuleTO)
SetStaticNatRulesCommand(com.cloud.agent.api.routing.SetStaticNatRulesCommand)
ArrayList(java.util.ArrayList)
InvalidParameterValueException(com.cloud.exception.InvalidParameterValueException)
ConcurrentOperationException(com.cloud.exception.ConcurrentOperationException)
InsufficientCapacityException(com.cloud.exception.InsufficientCapacityException)
ResourceUnavailableException(com.cloud.exception.ResourceUnavailableException)
CloudRuntimeException(com.cloud.utils.exception.CloudRuntimeException)
InsufficientNetworkCapacityException(com.cloud.exception.InsufficientNetworkCapacityException)
StaticNat(com.cloud.network.rules.StaticNat)
ExternalLoadBalancerDeviceVO(com.cloud.network.dao.ExternalLoadBalancerDeviceVO)
ResourceUnavailableException(com.cloud.exception.ResourceUnavailableException)
IpAddress(com.cloud.network.IpAddress)
PublicIpAddress(com.cloud.network.PublicIpAddress)
SetStaticNatRulesAnswer(com.cloud.agent.api.routing.SetStaticNatRulesAnswer)
Example 17 with IpAddress
use of com.cloud.network.IpAddress in project cloudstack by apache.
the class MidoNetElement method applyFWRules.
@Override
public boolean applyFWRules(Network config, List<? extends FirewallRule> rulesToApply) throws ResourceUnavailableException {
if (!midoInNetwork(config)) {
return false;
}
if (canHandle(config, Service.Firewall)) {
String accountIdStr = getAccountUuid(config);
String networkUUIDStr = String.valueOf(config.getId());
RuleChain preFilter = getChain(accountIdStr, networkUUIDStr, RuleChainCode.TR_PREFILTER);
RuleChain preNat = getChain(accountIdStr, networkUUIDStr, RuleChainCode.TR_PRENAT);
// Create a map of Rule description -> Rule for quicker lookups
Map<String, Rule> existingRules = new HashMap<String, Rule>();
for (Rule existingRule : preFilter.getRules()) {
// The "whitelist" rules we're interested in are the Jump rules where src address is specified
if (existingRule.getType().equals(DtoRule.Jump) && existingRule.getNwSrcAddress() != null) {
String ruleString = new SimpleFirewallRule(existingRule).toStringArray()[0];
existingRules.put(ruleString, existingRule);
}
}
for (FirewallRule rule : rulesToApply) {
if (rule.getState() == FirewallRule.State.Revoke || rule.getState() == FirewallRule.State.Add) {
IpAddress dstIp = _networkModel.getIp(rule.getSourceIpAddressId());
FirewallRuleTO ruleTO = new FirewallRuleTO(rule, null, dstIp.getAddress().addr());
// Convert to string representation
SimpleFirewallRule fwRule = new SimpleFirewallRule(ruleTO);
String[] ruleStrings = fwRule.toStringArray();
if (rule.getState() == FirewallRule.State.Revoke) {
// Lookup in existingRules, delete if present
for (String revokeRuleString : ruleStrings) {
Rule foundRule = existingRules.get(revokeRuleString);
if (foundRule != null) {
foundRule.delete();
}
}
} else if (rule.getState() == FirewallRule.State.Add) {
// Lookup in existingRules, add if not present
for (int i = 0; i < ruleStrings.length; i++) {
String ruleString = ruleStrings[i];
Rule foundRule = existingRules.get(ruleString);
if (foundRule == null) {
// Get the cidr for the related entry in the Source Cidrs list
String relatedCidr = fwRule.sourceCidrs.get(i);
Pair<String, Integer> cidrParts = NetUtils.getCidr(relatedCidr);
// Create rule with correct proto, cidr, ACCEPT, dst IP
Rule toApply = preFilter.addRule().type(DtoRule.Jump).jumpChainId(preNat.getId()).position(1).nwSrcAddress(cidrParts.first()).nwSrcLength(cidrParts.second()).nwDstAddress(ruleTO.getSrcIp()).nwDstLength(32).nwProto(SimpleFirewallRule.stringToProtocolNumber(rule.getProtocol()));
if (rule.getProtocol().equals("icmp")) {
// (-1, -1) means "allow all ICMP", so we don't set tpSrc / tpDst
if (fwRule.icmpType != -1 | fwRule.icmpCode != -1) {
toApply.tpSrc(new DtoRange(fwRule.icmpType, fwRule.icmpType)).tpDst(new DtoRange(fwRule.icmpCode, fwRule.icmpCode));
}
} else {
toApply.tpDst(new DtoRange(fwRule.dstPortStart, fwRule.dstPortEnd));
}
toApply.create();
}
}
}
}
}
return true;
} else {
return true;
}
}
Also used :
DtoRange(org.midonet.client.dto.DtoRule.DtoRange)
RuleChain(org.midonet.client.resource.RuleChain)
HashMap(java.util.HashMap)
IpAddress(com.cloud.network.IpAddress)
PublicIpAddress(com.cloud.network.PublicIpAddress)
Rule(org.midonet.client.resource.Rule)
PortForwardingRule(com.cloud.network.rules.PortForwardingRule)
FirewallRule(com.cloud.network.rules.FirewallRule)
DtoRule(org.midonet.client.dto.DtoRule)
FirewallRuleTO(com.cloud.agent.api.to.FirewallRuleTO)
FirewallRule(com.cloud.network.rules.FirewallRule)
Pair(com.cloud.utils.Pair)
Example 18 with IpAddress
use of com.cloud.network.IpAddress in project cloudstack by apache.
the class MidoNetElement method applyStaticNats.
/**
* From interface StaticNatServiceProvider
*/
@Override
public boolean applyStaticNats(Network network, List<? extends StaticNat> rules) throws ResourceUnavailableException {
s_logger.debug("applyStaticNats called with network: " + network.toString());
if (!midoInNetwork(network)) {
return false;
}
if (!canHandle(network, Service.StaticNat)) {
return false;
}
boolean resources = false;
Router tenantRouter = null;
Router providerRouter = null;
RouterPort[] ports = null;
RouterPort tenantUplink = null;
RouterPort providerDownlink = null;
RuleChain preFilter = null;
RuleChain preNat = null;
RuleChain post = null;
String accountIdStr = getAccountUuid(network);
String networkUUIDStr = String.valueOf(network.getId());
for (StaticNat rule : rules) {
IpAddress sourceIp = _networkModel.getIp(rule.getSourceIpAddressId());
String sourceIpAddr = sourceIp.getAddress().addr();
if (resources == false) {
tenantRouter = getOrCreateGuestNetworkRouter(network);
providerRouter = api.getRouter(_providerRouterId);
ports = getOrCreateProviderRouterPorts(tenantRouter, providerRouter);
tenantUplink = ports[0];
providerDownlink = ports[1];
boolean isVpc = getIsVpc(network);
long id = getRouterId(network, isVpc);
String routerName = getRouterName(isVpc, id);
preFilter = getChain(accountIdStr, routerName, RuleChainCode.TR_PREFILTER);
preNat = getChain(accountIdStr, routerName, RuleChainCode.TR_PRENAT);
post = api.getChain(tenantRouter.getOutboundFilterId());
resources = true;
}
if (rule.isForRevoke()) {
removeMidonetStaticNAT(preFilter, preNat, post, sourceIpAddr, rule.getDestIpAddress(), providerRouter);
} else {
addMidonetStaticNAT(preFilter, preNat, post, sourceIpAddr, rule.getDestIpAddress(), tenantUplink, providerDownlink, providerRouter, network);
}
}
return true;
}
Also used :
RuleChain(org.midonet.client.resource.RuleChain)
Router(org.midonet.client.resource.Router)
IpAddress(com.cloud.network.IpAddress)
PublicIpAddress(com.cloud.network.PublicIpAddress)
RouterPort(org.midonet.client.resource.RouterPort)
StaticNat(com.cloud.network.rules.StaticNat)
Example 19 with IpAddress
use of com.cloud.network.IpAddress in project cloudstack by apache.
the class RulesManagerImpl method applyStaticNatForIp.
protected boolean applyStaticNatForIp(long sourceIpId, boolean continueOnError, Account caller, boolean forRevoke) {
IpAddress sourceIp = _ipAddressDao.findById(sourceIpId);
List<StaticNat> staticNats = createStaticNatForIp(sourceIp, caller, forRevoke);
if (staticNats != null && !staticNats.isEmpty()) {
try {
if (!_ipAddrMgr.applyStaticNats(staticNats, continueOnError, forRevoke)) {
return false;
}
} catch (ResourceUnavailableException ex) {
s_logger.warn("Failed to create static nat rule due to ", ex);
return false;
}
}
return true;
}
Also used :
ResourceUnavailableException(com.cloud.exception.ResourceUnavailableException)
IpAddress(com.cloud.network.IpAddress)
Example 20 with IpAddress
use of com.cloud.network.IpAddress in project cloudstack by apache.
the class RulesManagerImpl method applyStaticNatForNetwork.
@Override
public boolean applyStaticNatForNetwork(long networkId, boolean continueOnError, Account caller, boolean forRevoke) {
List<? extends IpAddress> staticNatIps = _ipAddressDao.listStaticNatPublicIps(networkId);
List<StaticNat> staticNats = new ArrayList<StaticNat>();
for (IpAddress staticNatIp : staticNatIps) {
staticNats.addAll(createStaticNatForIp(staticNatIp, caller, forRevoke));
}
if (staticNats != null && !staticNats.isEmpty()) {
if (forRevoke) {
s_logger.debug("Found " + staticNats.size() + " static nats to disable for network id " + networkId);
}
try {
if (!_ipAddrMgr.applyStaticNats(staticNats, continueOnError, forRevoke)) {
return false;
}
} catch (ResourceUnavailableException ex) {
s_logger.warn("Failed to create static nat rule due to ", ex);
return false;
}
} else {
s_logger.debug("Found 0 static nat rules to apply for network id " + networkId);
}
return true;
}
Also used :
ArrayList(java.util.ArrayList)
ResourceUnavailableException(com.cloud.exception.ResourceUnavailableException)
IpAddress(com.cloud.network.IpAddress)
Aggregations
IpAddress (com.cloud.network.IpAddress)58
ArrayList (java.util.ArrayList)26
PublicIpAddress (com.cloud.network.PublicIpAddress)20
InvalidParameterValueException (com.cloud.exception.InvalidParameterValueException)16
ResourceUnavailableException (com.cloud.exception.ResourceUnavailableException)16
Network (com.cloud.network.Network)14
FirewallRule (com.cloud.network.rules.FirewallRule)11
HostVO (com.cloud.host.HostVO)9
CloudRuntimeException (com.cloud.utils.exception.CloudRuntimeException)9
DataCenterVO (com.cloud.dc.DataCenterVO)7
CiscoVnmcControllerVO (com.cloud.network.cisco.CiscoVnmcControllerVO)7
NetworkAsa1000vMapVO (com.cloud.network.cisco.NetworkAsa1000vMapVO)7
IPAddressVO (com.cloud.network.dao.IPAddressVO)7
PrivateIpAddress (com.cloud.network.vpc.PrivateIpAddress)7
Answer (com.cloud.agent.api.Answer)6
InsufficientAddressCapacityException (com.cloud.exception.InsufficientAddressCapacityException)6
PublicIp (com.cloud.network.addr.PublicIp)6
StaticNat (com.cloud.network.rules.StaticNat)6
Account (com.cloud.user.Account)6
NetworkRuleConflictException (com.cloud.exception.NetworkRuleConflictException)5
