use of com.cloud.network.dao.LoadBalancerVO in project cosmic by MissionCriticalCloud.
the class LoadBalancingRulesManagerImpl method createLBHealthCheckPolicy.
@Override
@DB
@ActionEvent(eventType = EventTypes.EVENT_LB_HEALTHCHECKPOLICY_CREATE, eventDescription = "create load balancer health check to load balancer", create = true)
public HealthCheckPolicy createLBHealthCheckPolicy(final CreateLBHealthCheckPolicyCmd cmd) {
final CallContext caller = CallContext.current();
/*
* Validation of cmd Monitor interval must be greater than response
* timeout
*/
final Map<String, String> paramMap = cmd.getFullUrlParams();
if (paramMap.containsKey(ApiConstants.HEALTHCHECK_RESPONSE_TIMEOUT) && paramMap.containsKey(ApiConstants.HEALTHCHECK_INTERVAL_TIME)) {
if (cmd.getResponsTimeOut() > cmd.getHealthCheckInterval()) {
throw new InvalidParameterValueException("Failed to create HealthCheck policy : Monitor interval must be greater than response timeout");
}
}
/* Validation : check corresponding load balancer rule exist */
final LoadBalancerVO loadBalancer = _lbDao.findById(cmd.getLbRuleId());
if (loadBalancer == null) {
throw new InvalidParameterValueException("Failed: LB rule id: " + cmd.getLbRuleId() + " not present ");
}
_accountMgr.checkAccess(caller.getCallingAccount(), null, true, loadBalancer);
if (loadBalancer.getState() == FirewallRule.State.Revoke) {
throw new InvalidParameterValueException("Failed: LB rule id: " + cmd.getLbRuleId() + " is in deleting state: ");
}
/*
* Validate Whether LB Provider has the capabilities to support Health
* Checks
*/
if (!validateHealthCheck(cmd)) {
throw new InvalidParameterValueException("Failed to create HealthCheck policy: Validation Failed (HealthCheck Policy is not supported by LB Provider for the LB rule id :" + cmd.getLbRuleId() + ")");
}
/* Validation : check for the multiple hc policies to the rule id */
final List<LBHealthCheckPolicyVO> hcPolicies = _lb2healthcheckDao.listByLoadBalancerId(cmd.getLbRuleId(), false);
if (hcPolicies.size() > 0) {
throw new InvalidParameterValueException("Failed to create HealthCheck policy: Already policy attached for the LB Rule id :" + cmd.getLbRuleId());
}
/*
* Specific validations using network element validator for specific
* validations
*/
final LBHealthCheckPolicyVO hcpolicy = new LBHealthCheckPolicyVO(loadBalancer.getId(), cmd.getPingPath(), cmd.getDescription(), cmd.getResponsTimeOut(), cmd.getHealthCheckInterval(), cmd.getHealthyThreshold(), cmd.getUnhealthyThreshold());
final List<LbHealthCheckPolicy> hcPolicyList = new ArrayList<>();
hcPolicyList.add(new LbHealthCheckPolicy(hcpolicy.getpingpath(), hcpolicy.getDescription(), hcpolicy.getResponseTime(), hcpolicy.getHealthcheckInterval(), hcpolicy.getHealthcheckThresshold(), hcpolicy.getUnhealthThresshold()));
// Finally Insert into DB
LBHealthCheckPolicyVO policy = new LBHealthCheckPolicyVO(loadBalancer.getId(), cmd.getPingPath(), cmd.getDescription(), cmd.getResponsTimeOut(), cmd.getHealthCheckInterval(), cmd.getHealthyThreshold(), cmd.getUnhealthyThreshold());
final Boolean forDisplay = cmd.getDisplay();
if (forDisplay != null) {
policy.setDisplay(forDisplay);
}
policy = _lb2healthcheckDao.persist(policy);
return policy;
}
use of com.cloud.network.dao.LoadBalancerVO in project cosmic by MissionCriticalCloud.
the class LoadBalancingRulesManagerImpl method deleteLBStickinessPolicy.
@Override
@ActionEvent(eventType = EventTypes.EVENT_LB_STICKINESSPOLICY_DELETE, eventDescription = "revoking LB Stickiness policy ", async = true)
public boolean deleteLBStickinessPolicy(final long stickinessPolicyId, final boolean apply) {
boolean success = true;
final CallContext caller = CallContext.current();
final LBStickinessPolicyVO stickinessPolicy = _lb2stickinesspoliciesDao.findById(stickinessPolicyId);
if (stickinessPolicy == null) {
throw new InvalidParameterException("Invalid Stickiness policy id value: " + stickinessPolicyId);
}
final LoadBalancerVO loadBalancer = _lbDao.findById(Long.valueOf(stickinessPolicy.getLoadBalancerId()));
if (loadBalancer == null) {
throw new InvalidParameterException("Invalid Load balancer : " + stickinessPolicy.getLoadBalancerId() + " for Stickiness policy id: " + stickinessPolicyId);
}
final long loadBalancerId = loadBalancer.getId();
final FirewallRule.State backupState = loadBalancer.getState();
_accountMgr.checkAccess(caller.getCallingAccount(), null, true, loadBalancer);
if (apply) {
if (loadBalancer.getState() == FirewallRule.State.Active) {
loadBalancer.setState(FirewallRule.State.Add);
_lbDao.persist(loadBalancer);
}
final boolean backupStickyState = stickinessPolicy.isRevoke();
stickinessPolicy.setRevoke(true);
_lb2stickinesspoliciesDao.persist(stickinessPolicy);
s_logger.debug("Set load balancer rule for revoke: rule id " + loadBalancerId + ", stickinesspolicyID " + stickinessPolicyId);
try {
if (!applyLoadBalancerConfig(loadBalancerId)) {
s_logger.warn("Failed to remove load balancer rule id " + loadBalancerId + " for stickinesspolicyID " + stickinessPolicyId);
throw new CloudRuntimeException("Failed to remove load balancer rule id " + loadBalancerId + " for stickinesspolicyID " + stickinessPolicyId);
}
} catch (final ResourceUnavailableException e) {
if (isRollBackAllowedForProvider(loadBalancer)) {
stickinessPolicy.setRevoke(backupStickyState);
_lb2stickinesspoliciesDao.persist(stickinessPolicy);
loadBalancer.setState(backupState);
_lbDao.persist(loadBalancer);
s_logger.debug("LB Rollback rule id: " + loadBalancer.getId() + " while deleting sticky policy: " + stickinessPolicyId);
}
s_logger.warn("Unable to apply the load balancer config because resource is unavaliable.", e);
success = false;
}
} else {
_lb2stickinesspoliciesDao.expunge(stickinessPolicyId);
}
return success;
}
use of com.cloud.network.dao.LoadBalancerVO in project cosmic by MissionCriticalCloud.
the class VirtualNetworkApplianceManagerImpl method finalizeNetworkRulesForNetwork.
protected void finalizeNetworkRulesForNetwork(final Commands cmds, final DomainRouterVO router, final Provider provider, final Long guestNetworkId) {
s_logger.debug("Resending ipAssoc, port forwarding, load balancing rules as a part of Virtual router start");
final ArrayList<? extends PublicIpAddress> publicIps = getPublicIpsToApply(router, provider, guestNetworkId);
final List<FirewallRule> firewallRulesEgress = new ArrayList<>();
// Fetch firewall Egress rules.
if (_networkModel.isProviderSupportServiceInNetwork(guestNetworkId, Service.Firewall, provider)) {
firewallRulesEgress.addAll(_rulesDao.listByNetworkPurposeTrafficType(guestNetworkId, Purpose.Firewall, FirewallRule.TrafficType.Egress));
if (firewallRulesEgress.isEmpty()) {
// create egress default rule for VR
createDefaultEgressFirewallRule(firewallRulesEgress, guestNetworkId);
}
}
// Re-apply firewall Egress rules
s_logger.debug("Found " + firewallRulesEgress.size() + " firewall Egress rule(s) to apply as a part of domR " + router + " start.");
if (!firewallRulesEgress.isEmpty()) {
_commandSetupHelper.createFirewallRulesCommands(firewallRulesEgress, router, cmds, guestNetworkId);
}
if (publicIps != null && !publicIps.isEmpty()) {
final List<PortForwardingRule> pfRules = new ArrayList<>();
final List<FirewallRule> staticNatFirewallRules = new ArrayList<>();
final List<StaticNat> staticNats = new ArrayList<>();
final List<FirewallRule> firewallRulesIngress = new ArrayList<>();
// StaticNatRules; PFVPN to reapply on domR start)
for (final PublicIpAddress ip : publicIps) {
if (_networkModel.isProviderSupportServiceInNetwork(guestNetworkId, Service.PortForwarding, provider)) {
pfRules.addAll(_pfRulesDao.listForApplication(ip.getId()));
}
if (_networkModel.isProviderSupportServiceInNetwork(guestNetworkId, Service.StaticNat, provider)) {
staticNatFirewallRules.addAll(_rulesDao.listByIpAndPurpose(ip.getId(), Purpose.StaticNat));
}
if (_networkModel.isProviderSupportServiceInNetwork(guestNetworkId, Service.Firewall, provider)) {
firewallRulesIngress.addAll(_rulesDao.listByIpAndPurpose(ip.getId(), Purpose.Firewall));
}
if (_networkModel.isProviderSupportServiceInNetwork(guestNetworkId, Service.StaticNat, provider)) {
if (ip.isOneToOneNat()) {
final StaticNatImpl staticNat = new StaticNatImpl(ip.getAccountId(), ip.getDomainId(), guestNetworkId, ip.getId(), ip.getVmIp(), false);
staticNats.add(staticNat);
}
}
}
// Re-apply static nats
s_logger.debug("Found " + staticNats.size() + " static nat(s) to apply as a part of domR " + router + " start.");
if (!staticNats.isEmpty()) {
_commandSetupHelper.createApplyStaticNatCommands(staticNats, router, cmds);
}
// Re-apply firewall Ingress rules
s_logger.debug("Found " + firewallRulesIngress.size() + " firewall Ingress rule(s) to apply as a part of domR " + router + " start.");
if (!firewallRulesIngress.isEmpty()) {
_commandSetupHelper.createFirewallRulesCommands(firewallRulesIngress, router, cmds, guestNetworkId);
}
// Re-apply port forwarding rules
s_logger.debug("Found " + pfRules.size() + " port forwarding rule(s) to apply as a part of domR " + router + " start.");
if (!pfRules.isEmpty()) {
_commandSetupHelper.createApplyPortForwardingRulesCommands(pfRules, router, cmds, guestNetworkId);
}
// Re-apply static nat rules
s_logger.debug("Found " + staticNatFirewallRules.size() + " static nat rule(s) to apply as a part of domR " + router + " start.");
if (!staticNatFirewallRules.isEmpty()) {
final List<StaticNatRule> staticNatRules = new ArrayList<>();
for (final FirewallRule rule : staticNatFirewallRules) {
staticNatRules.add(_rulesMgr.buildStaticNatRule(rule, false));
}
_commandSetupHelper.createApplyStaticNatRulesCommands(staticNatRules, router, cmds, guestNetworkId);
}
final List<LoadBalancerVO> lbs = _loadBalancerDao.listByNetworkIdAndScheme(guestNetworkId, Scheme.Public);
final List<LoadBalancingRule> lbRules = new ArrayList<>();
if (_networkModel.isProviderSupportServiceInNetwork(guestNetworkId, Service.Lb, provider)) {
// Re-apply load balancing rules
for (final LoadBalancerVO lb : lbs) {
final List<LbDestination> dstList = _lbMgr.getExistingDestinations(lb.getId());
final List<LbStickinessPolicy> policyList = _lbMgr.getStickinessPolicies(lb.getId());
final List<LbHealthCheckPolicy> hcPolicyList = _lbMgr.getHealthCheckPolicies(lb.getId());
final Ip sourceIp = _networkModel.getPublicIpAddress(lb.getSourceIpAddressId()).getAddress();
final LbSslCert sslCert = _lbMgr.getLbSslCert(lb.getId());
final LoadBalancingRule loadBalancing = new LoadBalancingRule(lb, dstList, policyList, hcPolicyList, sourceIp, sslCert, lb.getLbProtocol());
lbRules.add(loadBalancing);
}
}
s_logger.debug("Found " + lbRules.size() + " load balancing rule(s) to apply as a part of domR " + router + " start.");
if (!lbRules.isEmpty()) {
_commandSetupHelper.createApplyLoadBalancingRulesCommands(lbRules, router, cmds, guestNetworkId);
}
}
}
use of com.cloud.network.dao.LoadBalancerVO in project cosmic by MissionCriticalCloud.
the class FirewallRules method accept.
@Override
public boolean accept(final NetworkTopologyVisitor visitor, final VirtualRouter router) throws ResourceUnavailableException {
_router = router;
_purpose = _rules.get(0).getPurpose();
if (_purpose == Purpose.LoadBalancing) {
final LoadBalancerDao loadBalancerDao = visitor.getVirtualNetworkApplianceFactory().getLoadBalancerDao();
// for load balancer we have to resend all lb rules for the network
final List<LoadBalancerVO> lbs = loadBalancerDao.listByNetworkIdAndScheme(_network.getId(), Scheme.Public);
_loadbalancingRules = new ArrayList<>();
final LoadBalancingRulesManager lbMgr = visitor.getVirtualNetworkApplianceFactory().getLbMgr();
final NetworkModel networkModel = visitor.getVirtualNetworkApplianceFactory().getNetworkModel();
for (final LoadBalancerVO lb : lbs) {
final List<LbDestination> dstList = lbMgr.getExistingDestinations(lb.getId());
final List<LbStickinessPolicy> policyList = lbMgr.getStickinessPolicies(lb.getId());
final List<LbHealthCheckPolicy> hcPolicyList = lbMgr.getHealthCheckPolicies(lb.getId());
final LbSslCert sslCert = lbMgr.getLbSslCert(lb.getId());
final Ip sourceIp = networkModel.getPublicIpAddress(lb.getSourceIpAddressId()).getAddress();
final LoadBalancingRule loadBalancing = new LoadBalancingRule(lb, dstList, policyList, hcPolicyList, sourceIp, sslCert, lb.getLbProtocol());
_loadbalancingRules.add(loadBalancing);
}
}
return visitor.visit(this);
}
use of com.cloud.network.dao.LoadBalancerVO in project cosmic by MissionCriticalCloud.
the class LoadBalancingRules method accept.
@Override
public boolean accept(final NetworkTopologyVisitor visitor, final VirtualRouter router) throws ResourceUnavailableException {
_router = router;
final LoadBalancerDao loadBalancerDao = visitor.getVirtualNetworkApplianceFactory().getLoadBalancerDao();
// For load balancer we have to resend all lb rules for the network
final List<LoadBalancerVO> lbs = loadBalancerDao.listByNetworkIdAndScheme(_network.getId(), Scheme.Public);
// We are cleaning it before because all the rules have to be sent to the router.
_rules.clear();
final LoadBalancingRulesManager lbMgr = visitor.getVirtualNetworkApplianceFactory().getLbMgr();
final NetworkModel networkModel = visitor.getVirtualNetworkApplianceFactory().getNetworkModel();
for (final LoadBalancerVO lb : lbs) {
final List<LbDestination> dstList = lbMgr.getExistingDestinations(lb.getId());
final List<LbStickinessPolicy> policyList = lbMgr.getStickinessPolicies(lb.getId());
final List<LbHealthCheckPolicy> hcPolicyList = lbMgr.getHealthCheckPolicies(lb.getId());
final LbSslCert sslCert = lbMgr.getLbSslCert(lb.getId());
final Ip sourceIp = networkModel.getPublicIpAddress(lb.getSourceIpAddressId()).getAddress();
final LoadBalancingRule loadBalancing = new LoadBalancingRule(lb, dstList, policyList, hcPolicyList, sourceIp, sslCert, lb.getLbProtocol());
_rules.add(loadBalancing);
}
return visitor.visit(this);
}
Aggregations