use of com.cloud.network.cisco.CiscoAsa1000vDeviceVO in project cloudstack by apache.
the class CiscoVnmcElement method addCiscoAsa1000vResource.
@Override
public CiscoAsa1000vDevice addCiscoAsa1000vResource(AddCiscoAsa1000vResourceCmd cmd) {
Long physicalNetworkId = cmd.getPhysicalNetworkId();
CiscoAsa1000vDevice ciscoAsa1000vResource = null;
PhysicalNetworkVO physicalNetwork = _physicalNetworkDao.findById(physicalNetworkId);
if (physicalNetwork == null) {
throw new InvalidParameterValueException("Could not find phyical network with ID: " + physicalNetworkId);
}
ciscoAsa1000vResource = new CiscoAsa1000vDeviceVO(physicalNetworkId, cmd.getManagementIp().trim(), cmd.getInPortProfile(), cmd.getClusterId());
try {
_ciscoAsa1000vDao.persist((CiscoAsa1000vDeviceVO) ciscoAsa1000vResource);
} catch (EntityExistsException e) {
throw new InvalidParameterValueException("An ASA 1000v appliance already exists with same configuration");
}
return ciscoAsa1000vResource;
}
use of com.cloud.network.cisco.CiscoAsa1000vDeviceVO in project cloudstack by apache.
the class CiscoVnmcElementTest method implementTest.
@Test
public void implementTest() throws ConcurrentOperationException, ResourceUnavailableException, InsufficientCapacityException {
URI uri = URI.create("vlan://123");
Network network = mock(Network.class);
when(network.getId()).thenReturn(1L);
when(network.getBroadcastDomainType()).thenReturn(BroadcastDomainType.Vlan);
when(network.getDataCenterId()).thenReturn(1L);
when(network.getGateway()).thenReturn("1.1.1.1");
when(network.getBroadcastUri()).thenReturn(uri);
when(network.getCidr()).thenReturn("1.1.1.0/24");
NetworkOffering offering = mock(NetworkOffering.class);
when(offering.getId()).thenReturn(1L);
when(offering.getTrafficType()).thenReturn(TrafficType.Guest);
when(offering.getGuestType()).thenReturn(GuestType.Isolated);
DeployDestination dest = mock(DeployDestination.class);
Domain dom = mock(Domain.class);
when(dom.getName()).thenReturn("d1");
Account acc = mock(Account.class);
when(acc.getAccountName()).thenReturn("a1");
ReservationContext context = mock(ReservationContext.class);
when(context.getDomain()).thenReturn(dom);
when(context.getAccount()).thenReturn(acc);
DataCenter dc = mock(DataCenter.class);
when(dc.getNetworkType()).thenReturn(NetworkType.Advanced);
when(_entityMgr.findById(DataCenter.class, network.getDataCenterId())).thenReturn(dc);
List<CiscoVnmcControllerVO> devices = new ArrayList<CiscoVnmcControllerVO>();
devices.add(mock(CiscoVnmcControllerVO.class));
when(_ciscoVnmcDao.listByPhysicalNetwork(network.getPhysicalNetworkId())).thenReturn(devices);
CiscoAsa1000vDeviceVO asaVO = mock(CiscoAsa1000vDeviceVO.class);
when(asaVO.getInPortProfile()).thenReturn("foo");
when(asaVO.getManagementIp()).thenReturn("1.2.3.4");
List<CiscoAsa1000vDeviceVO> asaList = new ArrayList<CiscoAsa1000vDeviceVO>();
asaList.add(asaVO);
when(_ciscoAsa1000vDao.listByPhysicalNetwork(network.getPhysicalNetworkId())).thenReturn(asaList);
when(_networkAsa1000vMapDao.findByNetworkId(network.getId())).thenReturn(mock(NetworkAsa1000vMapVO.class));
when(_networkAsa1000vMapDao.findByAsa1000vId(anyLong())).thenReturn(null);
when(_networkAsa1000vMapDao.persist(any(NetworkAsa1000vMapVO.class))).thenReturn(mock(NetworkAsa1000vMapVO.class));
when(_networkModel.isProviderSupportServiceInNetwork(network.getId(), Service.SourceNat, Provider.CiscoVnmc)).thenReturn(true);
ClusterVSMMapVO clusterVsmMap = mock(ClusterVSMMapVO.class);
when(_clusterVsmMapDao.findByClusterId(anyLong())).thenReturn(clusterVsmMap);
CiscoNexusVSMDeviceVO vsmDevice = mock(CiscoNexusVSMDeviceVO.class);
when(vsmDevice.getUserName()).thenReturn("foo");
when(vsmDevice.getPassword()).thenReturn("bar");
when(vsmDevice.getipaddr()).thenReturn("1.2.3.4");
when(_vsmDeviceDao.findById(anyLong())).thenReturn(vsmDevice);
HostVO hostVO = mock(HostVO.class);
when(hostVO.getId()).thenReturn(1L);
when(_hostDao.findById(anyLong())).thenReturn(hostVO);
Ip ip = mock(Ip.class);
when(ip.addr()).thenReturn("1.2.3.4");
PublicIp publicIp = mock(PublicIp.class);
when(publicIp.getAddress()).thenReturn(ip);
when(publicIp.getState()).thenReturn(IpAddress.State.Releasing);
when(publicIp.getAccountId()).thenReturn(1L);
when(publicIp.isSourceNat()).thenReturn(true);
when(publicIp.getVlanTag()).thenReturn("123");
when(publicIp.getGateway()).thenReturn("1.1.1.1");
when(publicIp.getNetmask()).thenReturn("1.1.1.1");
when(publicIp.getMacAddress()).thenReturn(null);
when(publicIp.isOneToOneNat()).thenReturn(true);
when(_ipAddrMgr.assignSourceNatIpAddressToGuestNetwork(acc, network)).thenReturn(publicIp);
VlanVO vlanVO = mock(VlanVO.class);
when(vlanVO.getVlanGateway()).thenReturn("1.1.1.1");
List<VlanVO> vlanVOList = new ArrayList<VlanVO>();
when(_vlanDao.listVlansByPhysicalNetworkId(network.getPhysicalNetworkId())).thenReturn(vlanVOList);
Answer answer = mock(Answer.class);
when(answer.getResult()).thenReturn(true);
when(_agentMgr.easySend(anyLong(), any(CreateLogicalEdgeFirewallCommand.class))).thenReturn(answer);
when(_agentMgr.easySend(anyLong(), any(ConfigureNexusVsmForAsaCommand.class))).thenReturn(answer);
when(_agentMgr.easySend(anyLong(), any(SetSourceNatCommand.class))).thenReturn(answer);
when(_agentMgr.easySend(anyLong(), any(AssociateAsaWithLogicalEdgeFirewallCommand.class))).thenReturn(answer);
assertTrue(_element.implement(network, offering, dest, context));
}
use of com.cloud.network.cisco.CiscoAsa1000vDeviceVO in project cloudstack by apache.
the class ListCiscoAsa1000vResourcesCmd method execute.
/////////////////////////////////////////////////////
/////////////// API Implementation///////////////////
/////////////////////////////////////////////////////
@Override
public void execute() throws ResourceUnavailableException, InsufficientCapacityException, ServerApiException, ConcurrentOperationException, ResourceAllocationException {
try {
List<CiscoAsa1000vDeviceVO> ciscoAsa1000vDevices = _ciscoAsa1000vService.listCiscoAsa1000vResources(this);
ListResponse<CiscoAsa1000vResourceResponse> response = new ListResponse<CiscoAsa1000vResourceResponse>();
List<CiscoAsa1000vResourceResponse> ciscoAsa1000vResourcesResponse = new ArrayList<CiscoAsa1000vResourceResponse>();
if (ciscoAsa1000vDevices != null && !ciscoAsa1000vDevices.isEmpty()) {
for (CiscoAsa1000vDevice ciscoAsa1000vDeviceVO : ciscoAsa1000vDevices) {
CiscoAsa1000vResourceResponse ciscoAsa1000vResourceResponse = _ciscoAsa1000vService.createCiscoAsa1000vResourceResponse(ciscoAsa1000vDeviceVO);
ciscoAsa1000vResourceResponse.setObjectName("CiscoAsa1000vResource");
ciscoAsa1000vResourcesResponse.add(ciscoAsa1000vResourceResponse);
}
}
response.setResponses(ciscoAsa1000vResourcesResponse);
response.setResponseName(getCommandName());
this.setResponseObject(response);
} catch (InvalidParameterValueException invalidParamExcp) {
throw new ServerApiException(ApiErrorCode.PARAM_ERROR, invalidParamExcp.getMessage());
} catch (CloudRuntimeException runtimeExcp) {
throw new ServerApiException(ApiErrorCode.INTERNAL_ERROR, runtimeExcp.getMessage());
}
}
use of com.cloud.network.cisco.CiscoAsa1000vDeviceVO in project cloudstack by apache.
the class CiscoVnmcElement method implement.
@Override
public boolean implement(final Network network, final NetworkOffering offering, final DeployDestination dest, final ReservationContext context) throws ConcurrentOperationException, ResourceUnavailableException, InsufficientCapacityException {
final DataCenter zone = _entityMgr.findById(DataCenter.class, network.getDataCenterId());
if (zone.getNetworkType() == NetworkType.Basic) {
s_logger.debug("Not handling network implement in zone of type " + NetworkType.Basic);
return false;
}
if (!canHandle(network)) {
return false;
}
final List<CiscoVnmcControllerVO> devices = _ciscoVnmcDao.listByPhysicalNetwork(network.getPhysicalNetworkId());
if (devices.isEmpty()) {
s_logger.error("No Cisco Vnmc device on network " + network.getName());
return false;
}
List<CiscoAsa1000vDeviceVO> asaList = _ciscoAsa1000vDao.listByPhysicalNetwork(network.getPhysicalNetworkId());
if (asaList.isEmpty()) {
s_logger.debug("No Cisco ASA 1000v device on network " + network.getName());
return false;
}
NetworkAsa1000vMapVO asaForNetwork = _networkAsa1000vMapDao.findByNetworkId(network.getId());
if (asaForNetwork != null) {
s_logger.debug("Cisco ASA 1000v device already associated with network " + network.getName());
return true;
}
if (!_networkModel.isProviderSupportServiceInNetwork(network.getId(), Service.SourceNat, Provider.CiscoVnmc)) {
s_logger.error("SourceNat service is not provided by Cisco Vnmc device on network " + network.getName());
return false;
}
try {
// ensure that there is an ASA 1000v assigned to this network
CiscoAsa1000vDevice assignedAsa = assignAsa1000vToNetwork(network);
if (assignedAsa == null) {
s_logger.error("Unable to assign ASA 1000v device to network " + network.getName());
throw new CloudRuntimeException("Unable to assign ASA 1000v device to network " + network.getName());
}
ClusterVO asaCluster = _clusterDao.findById(assignedAsa.getClusterId());
ClusterVSMMapVO clusterVsmMap = _clusterVsmMapDao.findByClusterId(assignedAsa.getClusterId());
if (clusterVsmMap == null) {
s_logger.error("Vmware cluster " + asaCluster.getName() + " has no Cisco Nexus VSM device associated with it");
throw new CloudRuntimeException("Vmware cluster " + asaCluster.getName() + " has no Cisco Nexus VSM device associated with it");
}
CiscoNexusVSMDeviceVO vsmDevice = _vsmDeviceDao.findById(clusterVsmMap.getVsmId());
if (vsmDevice == null) {
s_logger.error("Unable to load details of Cisco Nexus VSM device associated with cluster " + asaCluster.getName());
throw new CloudRuntimeException("Unable to load details of Cisco Nexus VSM device associated with cluster " + asaCluster.getName());
}
CiscoVnmcControllerVO ciscoVnmcDevice = devices.get(0);
HostVO ciscoVnmcHost = _hostDao.findById(ciscoVnmcDevice.getHostId());
_hostDao.loadDetails(ciscoVnmcHost);
Account owner = context.getAccount();
PublicIp sourceNatIp = _ipAddrMgr.assignSourceNatIpAddressToGuestNetwork(owner, network);
long vlanId = Long.parseLong(BroadcastDomainType.getValue(network.getBroadcastUri()));
List<VlanVO> vlanVOList = _vlanDao.listVlansByPhysicalNetworkId(network.getPhysicalNetworkId());
List<String> publicGateways = new ArrayList<String>();
for (VlanVO vlanVO : vlanVOList) {
publicGateways.add(vlanVO.getVlanGateway());
}
// due to VNMC limitation of not allowing source NAT ip as the outside ip of firewall,
// an additional public ip needs to acquired for assigning as firewall outside ip.
// In case there are already additional ip addresses available (network restart) use one
// of them such that it is not the source NAT ip
IpAddress outsideIp = null;
List<IPAddressVO> publicIps = _ipAddressDao.listByAssociatedNetwork(network.getId(), null);
for (IPAddressVO ip : publicIps) {
if (!ip.isSourceNat()) {
outsideIp = ip;
break;
}
}
if (outsideIp == null) {
// none available, acquire one
try {
Account caller = CallContext.current().getCallingAccount();
long callerUserId = CallContext.current().getCallingUserId();
outsideIp = _ipAddrMgr.allocateIp(owner, false, caller, callerUserId, zone, true);
} catch (ResourceAllocationException e) {
s_logger.error("Unable to allocate additional public Ip address. Exception details " + e);
throw new CloudRuntimeException("Unable to allocate additional public Ip address. Exception details " + e);
}
try {
outsideIp = _ipAddrMgr.associateIPToGuestNetwork(outsideIp.getId(), network.getId(), true);
} catch (ResourceAllocationException e) {
s_logger.error("Unable to assign allocated additional public Ip " + outsideIp.getAddress().addr() + " to network with vlan " + vlanId + ". Exception details " + e);
throw new CloudRuntimeException("Unable to assign allocated additional public Ip " + outsideIp.getAddress().addr() + " to network with vlan " + vlanId + ". Exception details " + e);
}
}
// create logical edge firewall in VNMC
String gatewayNetmask = NetUtils.getCidrNetmask(network.getCidr());
// all public ip addresses must be from same subnet, this essentially means single public subnet in zone
if (!createLogicalEdgeFirewall(vlanId, network.getGateway(), gatewayNetmask, outsideIp.getAddress().addr(), sourceNatIp.getNetmask(), publicGateways, ciscoVnmcHost.getId())) {
s_logger.error("Failed to create logical edge firewall in Cisco VNMC device for network " + network.getName());
throw new CloudRuntimeException("Failed to create logical edge firewall in Cisco VNMC device for network " + network.getName());
}
// create stuff in VSM for ASA device
if (!configureNexusVsmForAsa(vlanId, network.getGateway(), vsmDevice.getUserName(), vsmDevice.getPassword(), vsmDevice.getipaddr(), assignedAsa.getInPortProfile(), ciscoVnmcHost.getId())) {
s_logger.error("Failed to configure Cisco Nexus VSM " + vsmDevice.getipaddr() + " for ASA device for network " + network.getName());
throw new CloudRuntimeException("Failed to configure Cisco Nexus VSM " + vsmDevice.getipaddr() + " for ASA device for network " + network.getName());
}
// configure source NAT
if (!configureSourceNat(vlanId, network.getCidr(), sourceNatIp, ciscoVnmcHost.getId())) {
s_logger.error("Failed to configure source NAT in Cisco VNMC device for network " + network.getName());
throw new CloudRuntimeException("Failed to configure source NAT in Cisco VNMC device for network " + network.getName());
}
// associate Asa 1000v instance with logical edge firewall
if (!associateAsaWithLogicalEdgeFirewall(vlanId, assignedAsa.getManagementIp(), ciscoVnmcHost.getId())) {
s_logger.error("Failed to associate Cisco ASA 1000v (" + assignedAsa.getManagementIp() + ") with logical edge firewall in VNMC for network " + network.getName());
throw new CloudRuntimeException("Failed to associate Cisco ASA 1000v (" + assignedAsa.getManagementIp() + ") with logical edge firewall in VNMC for network " + network.getName());
}
} catch (CloudRuntimeException e) {
unassignAsa1000vFromNetwork(network);
s_logger.error("CiscoVnmcElement failed", e);
return false;
} catch (Exception e) {
unassignAsa1000vFromNetwork(network);
ExceptionUtil.rethrowRuntime(e);
ExceptionUtil.rethrow(e, InsufficientAddressCapacityException.class);
ExceptionUtil.rethrow(e, ResourceUnavailableException.class);
throw new IllegalStateException(e);
}
return true;
}
use of com.cloud.network.cisco.CiscoAsa1000vDeviceVO in project cloudstack by apache.
the class CiscoVnmcElement method deleteCiscoVnmcResource.
@Override
public boolean deleteCiscoVnmcResource(DeleteCiscoVnmcResourceCmd cmd) {
Long vnmcResourceId = cmd.getCiscoVnmcResourceId();
CiscoVnmcControllerVO vnmcResource = _ciscoVnmcDao.findById(vnmcResourceId);
if (vnmcResource == null) {
throw new InvalidParameterValueException("Could not find a Cisco VNMC appliance with id " + vnmcResourceId);
}
// Check if there any ASA 1000v appliances
Long physicalNetworkId = vnmcResource.getPhysicalNetworkId();
PhysicalNetworkVO physicalNetwork = _physicalNetworkDao.findById(physicalNetworkId);
if (physicalNetwork != null) {
List<CiscoAsa1000vDeviceVO> responseList = _ciscoAsa1000vDao.listByPhysicalNetwork(physicalNetworkId);
if (responseList.size() > 0) {
throw new CloudRuntimeException("Cisco VNMC appliance with id " + vnmcResourceId + " cannot be deleted as there Cisco ASA 1000v appliances using it");
}
}
HostVO vnmcHost = _hostDao.findById(vnmcResource.getHostId());
Long hostId = vnmcHost.getId();
vnmcHost.setResourceState(ResourceState.Maintenance);
_hostDao.update(hostId, vnmcHost);
_resourceMgr.deleteHost(hostId, false, false);
_ciscoVnmcDao.remove(vnmcResourceId);
return true;
}
Aggregations