Search in sources :

Example 61 with LoadBalancerVO

use of com.cloud.network.dao.LoadBalancerVO in project cosmic by MissionCriticalCloud.

the class LoadBalancingRulesManagerImpl method deleteLoadBalancerRule.

@DB
public boolean deleteLoadBalancerRule(final long loadBalancerId, final boolean apply, final Account caller, final long callerUserId, final boolean rollBack) {
    final LoadBalancerVO lb = _lbDao.findById(loadBalancerId);
    final FirewallRule.State backupState = lb.getState();
    // remove any ssl certs associated with this LB rule before trying to delete it.
    final LoadBalancerCertMapVO lbCertMap = _lbCertMapDao.findByLbRuleId(loadBalancerId);
    if (lbCertMap != null) {
        final boolean removeResult = removeCertFromLoadBalancer(loadBalancerId);
        if (!removeResult) {
            throw new CloudRuntimeException("Unable to remove certificate from load balancer rule " + loadBalancerId);
        }
    }
    final List<LoadBalancerVMMapVO> backupMaps = Transaction.execute(new TransactionCallback<List<LoadBalancerVMMapVO>>() {

        @Override
        public List<LoadBalancerVMMapVO> doInTransaction(final TransactionStatus status) {
            if (lb.getState() == FirewallRule.State.Staged) {
                if (s_logger.isDebugEnabled()) {
                    s_logger.debug("Found a rule that is still in stage state so just removing it: " + lb);
                }
            } else if (lb.getState() == FirewallRule.State.Add || lb.getState() == FirewallRule.State.Active) {
                lb.setState(FirewallRule.State.Revoke);
                _lbDao.persist(lb);
            }
            final List<LoadBalancerVMMapVO> backupMaps = _lb2VmMapDao.listByLoadBalancerId(loadBalancerId);
            final List<LoadBalancerVMMapVO> maps = _lb2VmMapDao.listByLoadBalancerId(loadBalancerId);
            if (maps != null) {
                for (final LoadBalancerVMMapVO map : maps) {
                    map.setRevoke(true);
                    _lb2VmMapDao.persist(map);
                    s_logger.debug("Set load balancer rule for revoke: rule id " + loadBalancerId + ", vmId " + map.getInstanceId());
                }
            }
            final List<LBHealthCheckPolicyVO> hcPolicies = _lb2healthcheckDao.listByLoadBalancerIdAndDisplayFlag(loadBalancerId, null);
            for (final LBHealthCheckPolicyVO lbHealthCheck : hcPolicies) {
                lbHealthCheck.setRevoke(true);
                _lb2healthcheckDao.persist(lbHealthCheck);
            }
            return backupMaps;
        }
    });
    // gather external network usage stats for this lb rule
    final NetworkVO network = _networkDao.findById(lb.getNetworkId());
    if (apply) {
        try {
            if (!applyLoadBalancerConfig(loadBalancerId)) {
                s_logger.warn("Unable to apply the load balancer config");
                return false;
            }
        } catch (final ResourceUnavailableException e) {
            if (rollBack && isRollBackAllowedForProvider(lb)) {
                if (backupMaps != null) {
                    for (final LoadBalancerVMMapVO map : backupMaps) {
                        _lb2VmMapDao.persist(map);
                        s_logger.debug("LB Rollback rule id: " + loadBalancerId + ", vmId " + map.getInstanceId());
                    }
                }
                lb.setState(backupState);
                _lbDao.persist(lb);
                s_logger.debug("LB Rollback rule id: " + loadBalancerId + " while deleting LB rule.");
            } else {
                s_logger.warn("Unable to apply the load balancer config because resource is unavaliable.", e);
            }
            return false;
        }
    }
    final FirewallRuleVO relatedRule = _firewallDao.findByRelatedId(lb.getId());
    if (relatedRule != null) {
        s_logger.warn("Unable to remove firewall rule id=" + lb.getId() + " as it has related firewall rule id=" + relatedRule.getId() + "; leaving it in Revoke state");
        return false;
    } else {
        _firewallMgr.removeRule(lb);
    }
    s_logger.debug("Load balancer with id " + lb.getId() + " is removed successfully");
    return true;
}
Also used : NetworkVO(com.cloud.network.dao.NetworkVO) LoadBalancerVO(com.cloud.network.dao.LoadBalancerVO) LoadBalancerCertMapVO(com.cloud.network.dao.LoadBalancerCertMapVO) TransactionStatus(com.cloud.utils.db.TransactionStatus) LBHealthCheckPolicyVO(com.cloud.network.LBHealthCheckPolicyVO) FirewallRuleVO(com.cloud.network.rules.FirewallRuleVO) CloudRuntimeException(com.cloud.utils.exception.CloudRuntimeException) ResourceUnavailableException(com.cloud.exception.ResourceUnavailableException) LoadBalancerVMMapVO(com.cloud.network.dao.LoadBalancerVMMapVO) ArrayList(java.util.ArrayList) List(java.util.List) FirewallRule(com.cloud.network.rules.FirewallRule) DB(com.cloud.utils.db.DB)

Example 62 with LoadBalancerVO

use of com.cloud.network.dao.LoadBalancerVO in project cosmic by MissionCriticalCloud.

the class LoadBalancingRulesManagerImpl method getExistingDestinations.

@Override
public List<LbDestination> getExistingDestinations(final long lbId) {
    final List<LbDestination> dstList = new ArrayList<>();
    final List<LoadBalancerVMMapVO> lbVmMaps = _lb2VmMapDao.listByLoadBalancerId(lbId);
    final LoadBalancerVO lb = _lbDao.findById(lbId);
    String dstIp = null;
    for (final LoadBalancerVMMapVO lbVmMap : lbVmMaps) {
        final UserVm vm = _vmDao.findById(lbVmMap.getInstanceId());
        final Nic nic = _nicDao.findByInstanceIdAndNetworkIdIncludingRemoved(lb.getNetworkId(), vm.getId());
        dstIp = lbVmMap.getInstanceIp() == null ? nic.getIPv4Address() : lbVmMap.getInstanceIp();
        final LbDestination lbDst = new LbDestination(lb.getDefaultPortStart(), lb.getDefaultPortEnd(), dstIp, lbVmMap.isRevoke());
        dstList.add(lbDst);
    }
    return dstList;
}
Also used : UserVm(com.cloud.uservm.UserVm) ArrayList(java.util.ArrayList) LoadBalancerVO(com.cloud.network.dao.LoadBalancerVO) Nic(com.cloud.vm.Nic) LoadBalancerVMMapVO(com.cloud.network.dao.LoadBalancerVMMapVO) LbDestination(com.cloud.network.lb.LoadBalancingRule.LbDestination)

Example 63 with LoadBalancerVO

use of com.cloud.network.dao.LoadBalancerVO in project cosmic by MissionCriticalCloud.

the class LoadBalancingRulesManagerImpl method applyLoadBalancerRules.

@DB
protected boolean applyLoadBalancerRules(final List<LoadBalancerVO> lbs, final boolean updateRulesInDB) throws ResourceUnavailableException {
    final List<LoadBalancingRule> rules = new ArrayList<>();
    for (final LoadBalancerVO lb : lbs) {
        rules.add(getLoadBalancerRuleToApply(lb));
    }
    if (!applyLbRules(rules, false)) {
        s_logger.debug("LB rules are not completely applied");
        return false;
    }
    if (updateRulesInDB) {
        for (final LoadBalancerVO lb : lbs) {
            final boolean checkForReleaseElasticIp = Transaction.execute(new TransactionCallback<Boolean>() {

                @Override
                public Boolean doInTransaction(final TransactionStatus status) {
                    boolean checkForReleaseElasticIp = false;
                    if (lb.getState() == FirewallRule.State.Revoke) {
                        removeLBRule(lb);
                        s_logger.debug("LB " + lb.getId() + " is successfully removed");
                        checkForReleaseElasticIp = true;
                    } else if (lb.getState() == FirewallRule.State.Add) {
                        lb.setState(FirewallRule.State.Active);
                        s_logger.debug("LB rule " + lb.getId() + " state is set to Active");
                        _lbDao.persist(lb);
                    }
                    // remove LB-Vm mappings that were state to revoke
                    final List<LoadBalancerVMMapVO> lbVmMaps = _lb2VmMapDao.listByLoadBalancerId(lb.getId(), true);
                    final List<Long> instanceIds = new ArrayList<>();
                    for (final LoadBalancerVMMapVO lbVmMap : lbVmMaps) {
                        instanceIds.add(lbVmMap.getInstanceId());
                        _lb2VmMapDao.remove(lb.getId(), lbVmMap.getInstanceId(), lbVmMap.getInstanceIp(), null);
                        s_logger.debug("Load balancer rule id " + lb.getId() + " is removed for vm " + lbVmMap.getInstanceId() + " instance ip " + lbVmMap.getInstanceIp());
                    }
                    if (_lb2VmMapDao.listByLoadBalancerId(lb.getId()).isEmpty()) {
                        lb.setState(FirewallRule.State.Add);
                        _lbDao.persist(lb);
                        s_logger.debug("LB rule " + lb.getId() + " state is set to Add as there are no more active LB-VM mappings");
                    }
                    // remove LB-Stickiness policy mapping that were state to revoke
                    final List<LBStickinessPolicyVO> stickinesspolicies = _lb2stickinesspoliciesDao.listByLoadBalancerId(lb.getId(), true);
                    if (!stickinesspolicies.isEmpty()) {
                        _lb2stickinesspoliciesDao.remove(lb.getId(), true);
                        s_logger.debug("Load balancer rule id " + lb.getId() + " is removed stickiness policies");
                    }
                    // remove LB-HealthCheck policy mapping that were state to
                    // revoke
                    final List<LBHealthCheckPolicyVO> healthCheckpolicies = _lb2healthcheckDao.listByLoadBalancerId(lb.getId(), true);
                    if (!healthCheckpolicies.isEmpty()) {
                        _lb2healthcheckDao.remove(lb.getId(), true);
                        s_logger.debug("Load balancer rule id " + lb.getId() + " is removed health check monitors policies");
                    }
                    final LoadBalancerCertMapVO lbCertMap = _lbCertMapDao.findByLbRuleId(lb.getId());
                    if (lbCertMap != null && lbCertMap.isRevoke()) {
                        _lbCertMapDao.remove(lbCertMap.getId());
                        s_logger.debug("Load balancer rule id " + lb.getId() + " removed certificate mapping");
                    }
                    return checkForReleaseElasticIp;
                }
            });
            if (checkForReleaseElasticIp && lb.getSourceIpAddressId() != null) {
                boolean success = true;
                final long count = _firewallDao.countRulesByIpId(lb.getSourceIpAddressId());
                if (count == 0) {
                    try {
                        success = handleSystemLBIpRelease(lb);
                    } catch (final Exception ex) {
                        s_logger.warn("Failed to release system ip as a part of lb rule " + lb + " deletion due to exception ", ex);
                        success = false;
                    } finally {
                        if (!success) {
                            s_logger.warn("Failed to release system ip as a part of lb rule " + lb + " deletion");
                        }
                    }
                }
            }
            // VPC, unassign it from the network
            if (lb.getSourceIpAddressId() != null) {
                final IpAddress ip = _ipAddressDao.findById(lb.getSourceIpAddressId());
                _vpcMgr.unassignIPFromVpcNetwork(ip.getId(), lb.getNetworkId());
            }
        }
    }
    return true;
}
Also used : ArrayList(java.util.ArrayList) LoadBalancerVO(com.cloud.network.dao.LoadBalancerVO) TransactionStatus(com.cloud.utils.db.TransactionStatus) LoadBalancerCertMapVO(com.cloud.network.dao.LoadBalancerCertMapVO) InvalidParameterException(java.security.InvalidParameterException) TransactionCallbackWithException(com.cloud.utils.db.TransactionCallbackWithException) NetworkRuleConflictException(com.cloud.exception.NetworkRuleConflictException) InsufficientAddressCapacityException(com.cloud.exception.InsufficientAddressCapacityException) ResourceUnavailableException(com.cloud.exception.ResourceUnavailableException) CloudRuntimeException(com.cloud.utils.exception.CloudRuntimeException) InvalidParameterValueException(com.cloud.utils.exception.InvalidParameterValueException) PermissionDeniedException(com.cloud.exception.PermissionDeniedException) ArrayList(java.util.ArrayList) List(java.util.List) LoadBalancerVMMapVO(com.cloud.network.dao.LoadBalancerVMMapVO) IpAddress(com.cloud.network.IpAddress) DB(com.cloud.utils.db.DB)

Example 64 with LoadBalancerVO

use of com.cloud.network.dao.LoadBalancerVO in project cosmic by MissionCriticalCloud.

the class AssignLoadBalancerTest method testVmIdAlreadyExist.

@Test(expected = InvalidParameterValueException.class)
public void testVmIdAlreadyExist() throws ResourceAllocationException, ResourceUnavailableException, InsufficientCapacityException {
    final AssignToLoadBalancerRuleCmd assignLbRuleCmd = Mockito.mock(AssignToLoadBalancerRuleCmd.class);
    final Map<Long, List<String>> vmIdIpMap = new HashMap<>();
    final List<String> secIp = new ArrayList<>();
    secIp.add("10.1.1.175");
    vmIdIpMap.put(1L, secIp);
    final List<Long> vmIds = new ArrayList<>();
    vmIds.add(2L);
    final LoadBalancerVO lbVO = new LoadBalancerVO("1", "L1", "Lbrule", 1, 22, 22, "rb", 204, 0, 0, "tcp", 60000, 60000);
    final LoadBalancerDao lbDao = Mockito.mock(LoadBalancerDao.class);
    final LoadBalancerVMMapDao lb2VmMapDao = Mockito.mock(LoadBalancerVMMapDao.class);
    final UserVmDao userVmDao = Mockito.mock(UserVmDao.class);
    final NicSecondaryIpDao nicSecIpDao = Mockito.mock(NicSecondaryIpDao.class);
    final LoadBalancerVMMapVO lbVmMapVO = new LoadBalancerVMMapVO(1L, 1L, "10.1.1.175", false);
    _lbMgr._lbDao = lbDao;
    _lbMgr._lb2VmMapDao = lb2VmMapDao;
    _lbMgr._vmDao = userVmDao;
    _lbMgr._nicSecondaryIpDao = nicSecIpDao;
    _lbvmMapList = new ArrayList<>();
    _lbvmMapList.add(lbVmMapVO);
    _lbMgr._rulesMgr = _rulesMgr;
    _lbMgr._networkModel = _networkModel;
    when(lbDao.findById(anyLong())).thenReturn(lbVO);
    when(userVmDao.findById(anyLong())).thenReturn(Mockito.mock(UserVmVO.class));
    when(lb2VmMapDao.listByLoadBalancerId(anyLong(), anyBoolean())).thenReturn(_lbvmMapList);
    when(nicSecIpDao.findByIp4AddressAndNicId(anyString(), anyLong())).thenReturn(null);
    _lbMgr.assignToLoadBalancer(1L, null, vmIdIpMap);
}
Also used : LoadBalancerDao(com.cloud.network.dao.LoadBalancerDao) UserVmVO(com.cloud.vm.UserVmVO) NicSecondaryIpDao(com.cloud.vm.dao.NicSecondaryIpDao) HashMap(java.util.HashMap) ArrayList(java.util.ArrayList) LoadBalancerVO(com.cloud.network.dao.LoadBalancerVO) Matchers.anyString(org.mockito.Matchers.anyString) AssignToLoadBalancerRuleCmd(com.cloud.api.command.user.loadbalancer.AssignToLoadBalancerRuleCmd) Matchers.anyLong(org.mockito.Matchers.anyLong) LoadBalancerVMMapDao(com.cloud.network.dao.LoadBalancerVMMapDao) ArrayList(java.util.ArrayList) List(java.util.List) LoadBalancerVMMapVO(com.cloud.network.dao.LoadBalancerVMMapVO) UserVmDao(com.cloud.vm.dao.UserVmDao) Test(org.junit.Test)

Example 65 with LoadBalancerVO

use of com.cloud.network.dao.LoadBalancerVO in project cosmic by MissionCriticalCloud.

the class CertServiceTest method runDeleteSslCertBoundCert.

@Test
public void runDeleteSslCertBoundCert() throws NoSuchFieldException, IllegalAccessException {
    final TransactionLegacy txn = TransactionLegacy.open("runDeleteSslCertBoundCert");
    final CertServiceImpl certService = new CertServiceImpl();
    // setting mock objects
    final long certId = 1;
    certService._accountMgr = Mockito.mock(AccountManager.class);
    final Account account = new AccountVO("testaccount", 1, "networkdomain", (short) 0, UUID.randomUUID().toString());
    when(certService._accountMgr.getAccount(anyLong())).thenReturn(account);
    certService._domainDao = Mockito.mock(DomainDao.class);
    final DomainVO domain = new DomainVO("networkdomain", 1L, 1L, "networkdomain");
    when(certService._domainDao.findByIdIncludingRemoved(anyLong())).thenReturn(domain);
    certService._sslCertDao = Mockito.mock(SslCertDao.class);
    when(certService._sslCertDao.remove(anyLong())).thenReturn(true);
    when(certService._sslCertDao.findById(anyLong())).thenReturn(new SslCertVO());
    // rule holding the cert
    certService._lbCertDao = Mockito.mock(LoadBalancerCertMapDao.class);
    final List<LoadBalancerCertMapVO> lbMapList = new ArrayList<>();
    lbMapList.add(new LoadBalancerCertMapVO());
    certService._lbCertDao = Mockito.mock(LoadBalancerCertMapDao.class);
    when(certService._lbCertDao.listByCertId(anyLong())).thenReturn(lbMapList);
    certService._entityMgr = Mockito.mock(EntityManager.class);
    when(certService._entityMgr.findById(eq(LoadBalancerVO.class), anyLong())).thenReturn(new LoadBalancerVO());
    // creating the command
    final DeleteSslCertCmd deleteCmd = new DeleteSslCertCmdExtn();
    final Class<?> _class = deleteCmd.getClass().getSuperclass();
    final Field certField = _class.getDeclaredField("id");
    certField.setAccessible(true);
    certField.set(deleteCmd, certId);
    try {
        certService.deleteSslCert(deleteCmd);
        fail("Delete with a cert id bound to a lb should fail");
    } catch (final Exception e) {
        assertTrue(e.getMessage().contains("Certificate in use by a loadbalancer"));
    }
}
Also used : Account(com.cloud.user.Account) SslCertDao(com.cloud.network.dao.SslCertDao) LoadBalancerCertMapDao(com.cloud.network.dao.LoadBalancerCertMapDao) ArrayList(java.util.ArrayList) LoadBalancerVO(com.cloud.network.dao.LoadBalancerVO) LoadBalancerCertMapVO(com.cloud.network.dao.LoadBalancerCertMapVO) AccountVO(com.cloud.user.AccountVO) IOException(java.io.IOException) TransactionLegacy(com.cloud.utils.db.TransactionLegacy) DomainVO(com.cloud.domain.DomainVO) Field(java.lang.reflect.Field) EntityManager(com.cloud.dao.EntityManager) SslCertVO(com.cloud.network.dao.SslCertVO) DomainDao(com.cloud.domain.dao.DomainDao) AccountManager(com.cloud.user.AccountManager) DeleteSslCertCmd(com.cloud.api.command.user.loadbalancer.DeleteSslCertCmd) Test(org.junit.Test)

Aggregations

LoadBalancerVO (com.cloud.network.dao.LoadBalancerVO)96 ArrayList (java.util.ArrayList)45 ActionEvent (com.cloud.event.ActionEvent)31 Account (com.cloud.user.Account)30 DB (com.cloud.utils.db.DB)30 ResourceUnavailableException (com.cloud.exception.ResourceUnavailableException)29 CloudRuntimeException (com.cloud.utils.exception.CloudRuntimeException)27 InvalidParameterValueException (com.cloud.exception.InvalidParameterValueException)23 LoadBalancerVMMapVO (com.cloud.network.dao.LoadBalancerVMMapVO)23 InvalidParameterException (java.security.InvalidParameterException)22 FirewallRule (com.cloud.network.rules.FirewallRule)21 Ip (com.cloud.utils.net.Ip)18 List (java.util.List)17 NetworkVO (com.cloud.network.dao.NetworkVO)15 TransactionStatus (com.cloud.utils.db.TransactionStatus)14 IPAddressVO (com.cloud.network.dao.IPAddressVO)13 LoadBalancerDao (com.cloud.network.dao.LoadBalancerDao)13 LbDestination (com.cloud.network.lb.LoadBalancingRule.LbDestination)13 LbHealthCheckPolicy (com.cloud.network.lb.LoadBalancingRule.LbHealthCheckPolicy)13 HashMap (java.util.HashMap)13