Search in sources :

Example 16 with VpnUserVO

use of com.cloud.network.VpnUserVO in project cloudstack by apache.

the class AccountManagerImpl method cleanupAccount.

protected boolean cleanupAccount(AccountVO account, long callerUserId, Account caller) {
    long accountId = account.getId();
    boolean accountCleanupNeeded = false;
    try {
        // cleanup the users from the account
        List<UserVO> users = _userDao.listByAccount(accountId);
        for (UserVO user : users) {
            if (!_userDao.remove(user.getId())) {
                s_logger.error("Unable to delete user: " + user + " as a part of account " + account + " cleanup");
                accountCleanupNeeded = true;
            }
        }
        // delete global load balancer rules for the account.
        List<org.apache.cloudstack.region.gslb.GlobalLoadBalancerRuleVO> gslbRules = _gslbRuleDao.listByAccount(accountId);
        if (gslbRules != null && !gslbRules.isEmpty()) {
            _gslbService.revokeAllGslbRulesForAccount(caller, accountId);
        }
        // delete the account from project accounts
        _projectAccountDao.removeAccountFromProjects(accountId);
        if (account.getType() != Account.ACCOUNT_TYPE_PROJECT) {
            // delete the account from group
            _messageBus.publish(_name, MESSAGE_REMOVE_ACCOUNT_EVENT, PublishScope.LOCAL, accountId);
        }
        // delete all vm groups belonging to accont
        List<InstanceGroupVO> groups = _vmGroupDao.listByAccountId(accountId);
        for (InstanceGroupVO group : groups) {
            if (!_vmMgr.deleteVmGroup(group.getId())) {
                s_logger.error("Unable to delete group: " + group.getId());
                accountCleanupNeeded = true;
            }
        }
        // Delete the snapshots dir for the account. Have to do this before destroying the VMs.
        boolean success = _snapMgr.deleteSnapshotDirsForAccount(accountId);
        if (success) {
            s_logger.debug("Successfully deleted snapshots directories for all volumes under account " + accountId + " across all zones");
        }
        // clean up templates
        List<VMTemplateVO> userTemplates = _templateDao.listByAccountId(accountId);
        boolean allTemplatesDeleted = true;
        for (VMTemplateVO template : userTemplates) {
            if (template.getRemoved() == null) {
                try {
                    allTemplatesDeleted = _tmpltMgr.delete(callerUserId, template.getId(), null);
                } catch (Exception e) {
                    s_logger.warn("Failed to delete template while removing account: " + template.getName() + " due to: ", e);
                    allTemplatesDeleted = false;
                }
            }
        }
        if (!allTemplatesDeleted) {
            s_logger.warn("Failed to delete templates while removing account id=" + accountId);
            accountCleanupNeeded = true;
        }
        // Destroy VM Snapshots
        List<VMSnapshotVO> vmSnapshots = _vmSnapshotDao.listByAccountId(Long.valueOf(accountId));
        for (VMSnapshot vmSnapshot : vmSnapshots) {
            try {
                _vmSnapshotMgr.deleteVMSnapshot(vmSnapshot.getId());
            } catch (Exception e) {
                s_logger.debug("Failed to cleanup vm snapshot " + vmSnapshot.getId() + " due to " + e.toString());
            }
        }
        // Destroy the account's VMs
        List<UserVmVO> vms = _userVmDao.listByAccountId(accountId);
        if (s_logger.isDebugEnabled()) {
            s_logger.debug("Expunging # of vms (accountId=" + accountId + "): " + vms.size());
        }
        for (UserVmVO vm : vms) {
            if (vm.getState() != VirtualMachine.State.Destroyed && vm.getState() != VirtualMachine.State.Expunging) {
                try {
                    _vmMgr.destroyVm(vm.getId(), false);
                } catch (Exception e) {
                    e.printStackTrace();
                    s_logger.warn("Failed destroying instance " + vm.getUuid() + " as part of account deletion.");
                }
            }
            // should pass in order to perform further cleanup
            if (!_vmMgr.expunge(vm, callerUserId, caller)) {
                s_logger.error("Unable to expunge vm: " + vm.getId());
                accountCleanupNeeded = true;
            }
        }
        // Mark the account's volumes as destroyed
        List<VolumeVO> volumes = _volumeDao.findDetachedByAccount(accountId);
        for (VolumeVO volume : volumes) {
            try {
                volumeService.deleteVolume(volume.getId(), caller);
            } catch (Exception ex) {
                s_logger.warn("Failed to cleanup volumes as a part of account id=" + accountId + " cleanup due to Exception: ", ex);
                accountCleanupNeeded = true;
            }
        }
        // delete remote access vpns and associated users
        List<RemoteAccessVpnVO> remoteAccessVpns = _remoteAccessVpnDao.findByAccount(accountId);
        List<VpnUserVO> vpnUsers = _vpnUser.listByAccount(accountId);
        for (VpnUserVO vpnUser : vpnUsers) {
            _remoteAccessVpnMgr.removeVpnUser(accountId, vpnUser.getUsername(), caller);
        }
        try {
            for (RemoteAccessVpnVO vpn : remoteAccessVpns) {
                _remoteAccessVpnMgr.destroyRemoteAccessVpnForIp(vpn.getServerAddressId(), caller, false);
            }
        } catch (ResourceUnavailableException ex) {
            s_logger.warn("Failed to cleanup remote access vpn resources as a part of account id=" + accountId + " cleanup due to Exception: ", ex);
            accountCleanupNeeded = true;
        }
        // Cleanup security groups
        int numRemoved = _securityGroupDao.removeByAccountId(accountId);
        s_logger.info("deleteAccount: Deleted " + numRemoved + " network groups for account " + accountId);
        // Cleanup affinity groups
        int numAGRemoved = _affinityGroupDao.removeByAccountId(accountId);
        s_logger.info("deleteAccount: Deleted " + numAGRemoved + " affinity groups for account " + accountId);
        // Delete all the networks
        boolean networksDeleted = true;
        s_logger.debug("Deleting networks for account " + account.getId());
        List<NetworkVO> networks = _networkDao.listByOwner(accountId);
        if (networks != null) {
            for (NetworkVO network : networks) {
                ReservationContext context = new ReservationContextImpl(null, null, getActiveUser(callerUserId), caller);
                if (!_networkMgr.destroyNetwork(network.getId(), context, false)) {
                    s_logger.warn("Unable to destroy network " + network + " as a part of account id=" + accountId + " cleanup.");
                    accountCleanupNeeded = true;
                    networksDeleted = false;
                } else {
                    s_logger.debug("Network " + network.getId() + " successfully deleted as a part of account id=" + accountId + " cleanup.");
                }
            }
        }
        // Delete all VPCs
        boolean vpcsDeleted = true;
        s_logger.debug("Deleting vpcs for account " + account.getId());
        List<? extends Vpc> vpcs = _vpcMgr.getVpcsForAccount(account.getId());
        for (Vpc vpc : vpcs) {
            if (!_vpcMgr.destroyVpc(vpc, caller, callerUserId)) {
                s_logger.warn("Unable to destroy VPC " + vpc + " as a part of account id=" + accountId + " cleanup.");
                accountCleanupNeeded = true;
                vpcsDeleted = false;
            } else {
                s_logger.debug("VPC " + vpc.getId() + " successfully deleted as a part of account id=" + accountId + " cleanup.");
            }
        }
        if (networksDeleted && vpcsDeleted) {
            // release ip addresses belonging to the account
            List<? extends IpAddress> ipsToRelease = _ipAddressDao.listByAccount(accountId);
            for (IpAddress ip : ipsToRelease) {
                s_logger.debug("Releasing ip " + ip + " as a part of account id=" + accountId + " cleanup");
                if (!_ipAddrMgr.disassociatePublicIpAddress(ip.getId(), callerUserId, caller)) {
                    s_logger.warn("Failed to release ip address " + ip + " as a part of account id=" + accountId + " clenaup");
                    accountCleanupNeeded = true;
                }
            }
        }
        // Delete Site 2 Site VPN customer gateway
        s_logger.debug("Deleting site-to-site VPN customer gateways for account " + accountId);
        if (!_vpnMgr.deleteCustomerGatewayByAccount(accountId)) {
            s_logger.warn("Fail to delete site-to-site VPN customer gateways for account " + accountId);
        }
        // Delete autoscale resources if any
        try {
            _autoscaleMgr.cleanUpAutoScaleResources(accountId);
        } catch (CloudRuntimeException ex) {
            s_logger.warn("Failed to cleanup AutoScale resources as a part of account id=" + accountId + " cleanup due to exception:", ex);
            accountCleanupNeeded = true;
        }
        // up successfully
        if (networksDeleted) {
            if (!_configMgr.releaseAccountSpecificVirtualRanges(accountId)) {
                accountCleanupNeeded = true;
            } else {
                s_logger.debug("Account specific Virtual IP ranges " + " are successfully released as a part of account id=" + accountId + " cleanup.");
            }
        }
        // release account specific guest vlans
        List<AccountGuestVlanMapVO> maps = _accountGuestVlanMapDao.listAccountGuestVlanMapsByAccount(accountId);
        for (AccountGuestVlanMapVO map : maps) {
            _dataCenterVnetDao.releaseDedicatedGuestVlans(map.getId());
        }
        int vlansReleased = _accountGuestVlanMapDao.removeByAccountId(accountId);
        s_logger.info("deleteAccount: Released " + vlansReleased + " dedicated guest vlan ranges from account " + accountId);
        // release account specific acquired portable IP's. Since all the portable IP's must have been already
        // disassociated with VPC/guest network (due to deletion), so just mark portable IP as free.
        List<? extends IpAddress> ipsToRelease = _ipAddressDao.listByAccount(accountId);
        for (IpAddress ip : ipsToRelease) {
            if (ip.isPortable()) {
                s_logger.debug("Releasing portable ip " + ip + " as a part of account id=" + accountId + " cleanup");
                _ipAddrMgr.releasePortableIpAddress(ip.getId());
            }
        }
        // release dedication if any
        List<DedicatedResourceVO> dedicatedResources = _dedicatedDao.listByAccountId(accountId);
        if (dedicatedResources != null && !dedicatedResources.isEmpty()) {
            s_logger.debug("Releasing dedicated resources for account " + accountId);
            for (DedicatedResourceVO dr : dedicatedResources) {
                if (!_dedicatedDao.remove(dr.getId())) {
                    s_logger.warn("Fail to release dedicated resources for account " + accountId);
                }
            }
        }
        // Updating and deleting the resourceLimit and resourceCount should be the last step in cleanupAccount
        // process.
        // Update resource count for this account and for parent domains.
        List<ResourceCountVO> resourceCounts = _resourceCountDao.listByOwnerId(accountId, ResourceOwnerType.Account);
        for (ResourceCountVO resourceCount : resourceCounts) {
            _resourceLimitMgr.decrementResourceCount(accountId, resourceCount.getType(), resourceCount.getCount());
        }
        // Delete resource count and resource limits entries set for this account (if there are any).
        _resourceCountDao.removeEntriesByOwner(accountId, ResourceOwnerType.Account);
        _resourceLimitDao.removeEntriesByOwner(accountId, ResourceOwnerType.Account);
        // Delete ssh keypairs
        List<SSHKeyPairVO> sshkeypairs = _sshKeyPairDao.listKeyPairs(accountId, account.getDomainId());
        for (SSHKeyPairVO keypair : sshkeypairs) {
            _sshKeyPairDao.remove(keypair.getId());
        }
        return true;
    } catch (Exception ex) {
        s_logger.warn("Failed to cleanup account " + account + " due to ", ex);
        accountCleanupNeeded = true;
        return true;
    } finally {
        s_logger.info("Cleanup for account " + account.getId() + (accountCleanupNeeded ? " is needed." : " is not needed."));
        if (accountCleanupNeeded) {
            _accountDao.markForCleanup(accountId);
        } else {
            account.setNeedsCleanup(false);
            _accountDao.update(accountId, account);
        }
    }
}
Also used : UserVmVO(com.cloud.vm.UserVmVO) RemoteAccessVpnVO(com.cloud.network.dao.RemoteAccessVpnVO) AccountGuestVlanMapVO(com.cloud.network.dao.AccountGuestVlanMapVO) VpnUserVO(com.cloud.network.VpnUserVO) VMTemplateVO(com.cloud.storage.VMTemplateVO) Vpc(com.cloud.network.vpc.Vpc) VMSnapshot(com.cloud.vm.snapshot.VMSnapshot) ReservationContextImpl(com.cloud.vm.ReservationContextImpl) ReservationContext(com.cloud.vm.ReservationContext) VolumeVO(com.cloud.storage.VolumeVO) CloudRuntimeException(com.cloud.utils.exception.CloudRuntimeException) NetworkVO(com.cloud.network.dao.NetworkVO) AgentUnavailableException(com.cloud.exception.AgentUnavailableException) OperationTimedoutException(com.cloud.exception.OperationTimedoutException) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) ResourceUnavailableException(com.cloud.exception.ResourceUnavailableException) CloudRuntimeException(com.cloud.utils.exception.CloudRuntimeException) CloudAuthenticationException(com.cloud.exception.CloudAuthenticationException) InvalidParameterValueException(com.cloud.exception.InvalidParameterValueException) ConcurrentOperationException(com.cloud.exception.ConcurrentOperationException) ConfigurationException(javax.naming.ConfigurationException) PermissionDeniedException(com.cloud.exception.PermissionDeniedException) InstanceGroupVO(com.cloud.vm.InstanceGroupVO) VMSnapshotVO(com.cloud.vm.snapshot.VMSnapshotVO) VpnUserVO(com.cloud.network.VpnUserVO) ResourceUnavailableException(com.cloud.exception.ResourceUnavailableException) ResourceCountVO(com.cloud.configuration.ResourceCountVO) IpAddress(com.cloud.network.IpAddress) DedicatedResourceVO(com.cloud.dc.DedicatedResourceVO)

Aggregations

VpnUserVO (com.cloud.network.VpnUserVO)16 Account (com.cloud.user.Account)10 InvalidParameterValueException (com.cloud.exception.InvalidParameterValueException)7 RemoteAccessVpnVO (com.cloud.network.dao.RemoteAccessVpnVO)7 DB (com.cloud.utils.db.DB)7 TransactionCallbackNoReturn (com.cloud.utils.db.TransactionCallbackNoReturn)7 TransactionStatus (com.cloud.utils.db.TransactionStatus)7 ResourceUnavailableException (com.cloud.exception.ResourceUnavailableException)6 VMTemplateVO (com.cloud.storage.VMTemplateVO)6 VolumeVO (com.cloud.storage.VolumeVO)6 RemoteAccessVPNServiceProvider (com.cloud.network.element.RemoteAccessVPNServiceProvider)5 ArrayList (java.util.ArrayList)5 List (java.util.List)5 ConfigurationException (javax.naming.ConfigurationException)5 HostVO (com.cloud.host.HostVO)4 NetworkVO (com.cloud.network.dao.NetworkVO)4 AccountLimitException (com.cloud.exception.AccountLimitException)3 NetworkRuleConflictException (com.cloud.exception.NetworkRuleConflictException)3 IpAddress (com.cloud.network.IpAddress)3 IPAddressVO (com.cloud.network.dao.IPAddressVO)3