Example 1 with NetworkACL
use of com.cloud.network.vpc.NetworkACL in project cloudstack by apache.
the class NetworkServiceImpl method commitNetwork.
private Network commitNetwork(final Long networkOfferingId, final String gateway, final String startIP, final String endIP, final String netmask, final String networkDomain, final String vlanId, final String name, final String displayText, final Account caller, final Long physicalNetworkId, final Long zoneId, final Long domainId, final boolean isDomainSpecific, final Boolean subdomainAccessFinal, final Long vpcId, final String startIPv6, final String endIPv6, final String ip6Gateway, final String ip6Cidr, final Boolean displayNetwork, final Long aclId, final String isolatedPvlan, final NetworkOfferingVO ntwkOff, final PhysicalNetwork pNtwk, final ACLType aclType, final Account ownerFinal, final String cidr, final boolean createVlan) throws InsufficientCapacityException, ResourceAllocationException {
try {
Network network = Transaction.execute(new TransactionCallbackWithException<Network, Exception>() {
@Override
public Network doInTransaction(TransactionStatus status) throws InsufficientCapacityException, ResourceAllocationException {
Account owner = ownerFinal;
Boolean subdomainAccess = subdomainAccessFinal;
Long sharedDomainId = null;
if (isDomainSpecific) {
if (domainId != null) {
sharedDomainId = domainId;
} else {
sharedDomainId = _domainMgr.getDomain(Domain.ROOT_DOMAIN).getId();
subdomainAccess = true;
}
}
// default owner to system if network has aclType=Domain
if (aclType == ACLType.Domain) {
owner = _accountMgr.getAccount(Account.ACCOUNT_ID_SYSTEM);
}
// Create guest network
Network network = null;
if (vpcId != null) {
if (!_configMgr.isOfferingForVpc(ntwkOff)) {
throw new InvalidParameterValueException("Network offering can't be used for VPC networks");
}
if (aclId != null) {
NetworkACL acl = _networkACLDao.findById(aclId);
if (acl == null) {
throw new InvalidParameterValueException("Unable to find specified NetworkACL");
}
if (aclId != NetworkACL.DEFAULT_DENY && aclId != NetworkACL.DEFAULT_ALLOW) {
// ACL should be associated with a VPC
if (!vpcId.equals(acl.getVpcId())) {
throw new InvalidParameterValueException("ACL: " + aclId + " do not belong to the VPC");
}
}
}
network = _vpcMgr.createVpcGuestNetwork(networkOfferingId, name, displayText, gateway, cidr, vlanId, networkDomain, owner, sharedDomainId, pNtwk, zoneId, aclType, subdomainAccess, vpcId, aclId, caller, displayNetwork);
} else {
if (_configMgr.isOfferingForVpc(ntwkOff)) {
throw new InvalidParameterValueException("Network offering can be used for VPC networks only");
}
if (ntwkOff.getInternalLb()) {
throw new InvalidParameterValueException("Internal Lb can be enabled on vpc networks only");
}
network = _networkMgr.createGuestNetwork(networkOfferingId, name, displayText, gateway, cidr, vlanId, networkDomain, owner, sharedDomainId, pNtwk, zoneId, aclType, subdomainAccess, vpcId, ip6Gateway, ip6Cidr, displayNetwork, isolatedPvlan);
}
if (_accountMgr.isRootAdmin(caller.getId()) && createVlan && network != null) {
// Create vlan ip range
_configMgr.createVlanAndPublicIpRange(pNtwk.getDataCenterId(), network.getId(), physicalNetworkId, false, null, startIP, endIP, gateway, netmask, vlanId, null, null, startIPv6, endIPv6, ip6Gateway, ip6Cidr);
}
return network;
}
});
if (domainId != null && aclType == ACLType.Domain) {
// send event for storing the domain wide resource access
Map<String, Object> params = new HashMap<String, Object>();
params.put(ApiConstants.ENTITY_TYPE, Network.class);
params.put(ApiConstants.ENTITY_ID, network.getId());
params.put(ApiConstants.DOMAIN_ID, domainId);
params.put(ApiConstants.SUBDOMAIN_ACCESS, subdomainAccessFinal == null ? Boolean.TRUE : subdomainAccessFinal);
_messageBus.publish(_name, EntityManager.MESSAGE_ADD_DOMAIN_WIDE_ENTITY_EVENT, PublishScope.LOCAL, params);
}
return network;
} catch (Exception e) {
ExceptionUtil.rethrowRuntime(e);
ExceptionUtil.rethrow(e, InsufficientCapacityException.class);
ExceptionUtil.rethrow(e, ResourceAllocationException.class);
throw new IllegalStateException(e);
}
}
Also used :
Account(com.cloud.user.Account)
HashMap(java.util.HashMap)
TransactionStatus(com.cloud.utils.db.TransactionStatus)
NetworkACL(com.cloud.network.vpc.NetworkACL)
InvalidParameterException(java.security.InvalidParameterException)
TransactionCallbackWithException(com.cloud.utils.db.TransactionCallbackWithException)
InsufficientCapacityException(com.cloud.exception.InsufficientCapacityException)
InsufficientAddressCapacityException(com.cloud.exception.InsufficientAddressCapacityException)
ResourceUnavailableException(com.cloud.exception.ResourceUnavailableException)
CloudRuntimeException(com.cloud.utils.exception.CloudRuntimeException)
SQLException(java.sql.SQLException)
UnknownHostException(java.net.UnknownHostException)
InvalidParameterValueException(com.cloud.exception.InvalidParameterValueException)
ResourceAllocationException(com.cloud.exception.ResourceAllocationException)
ConcurrentOperationException(com.cloud.exception.ConcurrentOperationException)
UnsupportedServiceException(com.cloud.exception.UnsupportedServiceException)
ConfigurationException(javax.naming.ConfigurationException)
PermissionDeniedException(com.cloud.exception.PermissionDeniedException)
InvalidParameterValueException(com.cloud.exception.InvalidParameterValueException)
InsufficientCapacityException(com.cloud.exception.InsufficientCapacityException)
ResourceAllocationException(com.cloud.exception.ResourceAllocationException)
Example 2 with NetworkACL
use of com.cloud.network.vpc.NetworkACL in project cloudstack by apache.
the class ApiResponseHelper method createPrivateGatewayResponse.
@Override
public PrivateGatewayResponse createPrivateGatewayResponse(PrivateGateway result) {
PrivateGatewayResponse response = new PrivateGatewayResponse();
response.setId(result.getUuid());
response.setBroadcastUri(result.getBroadcastUri());
response.setGateway(result.getGateway());
response.setNetmask(result.getNetmask());
if (result.getVpcId() != null) {
Vpc vpc = ApiDBUtils.findVpcById(result.getVpcId());
response.setVpcId(vpc.getUuid());
response.setVpcName(vpc.getName());
}
DataCenter zone = ApiDBUtils.findZoneById(result.getZoneId());
if (zone != null) {
response.setZoneId(zone.getUuid());
response.setZoneName(zone.getName());
}
response.setAddress(result.getIp4Address());
PhysicalNetwork pnet = ApiDBUtils.findPhysicalNetworkById(result.getPhysicalNetworkId());
if (pnet != null) {
response.setPhysicalNetworkId(pnet.getUuid());
}
populateAccount(response, result.getAccountId());
populateDomain(response, result.getDomainId());
response.setState(result.getState().toString());
response.setSourceNat(result.getSourceNat());
NetworkACL acl = ApiDBUtils.findByNetworkACLId(result.getNetworkACLId());
if (acl != null) {
response.setAclId(acl.getUuid());
response.setAclName(acl.getName());
}
response.setObjectName("privategateway");
return response;
}
Also used :
PrivateGatewayResponse(org.apache.cloudstack.api.response.PrivateGatewayResponse)
DataCenter(com.cloud.dc.DataCenter)
PhysicalNetwork(com.cloud.network.PhysicalNetwork)
Vpc(com.cloud.network.vpc.Vpc)
NetworkACL(com.cloud.network.vpc.NetworkACL)
Example 3 with NetworkACL
use of com.cloud.network.vpc.NetworkACL in project cloudstack by apache.
the class CreateNetworkACLListCmd method create.
@Override
public void create() {
NetworkACL result = _networkACLService.createNetworkACL(getName(), getDescription(), getVpcId(), isDisplay());
setEntityId(result.getId());
setEntityUuid(result.getUuid());
}
Also used :
NetworkACL(com.cloud.network.vpc.NetworkACL)
Example 4 with NetworkACL
use of com.cloud.network.vpc.NetworkACL in project cloudstack by apache.
the class ListNetworkACLListsCmd method execute.
@Override
public void execute() {
Pair<List<? extends NetworkACL>, Integer> result = _networkACLService.listNetworkACLs(this);
ListResponse<NetworkACLResponse> response = new ListResponse<NetworkACLResponse>();
List<NetworkACLResponse> aclResponses = new ArrayList<NetworkACLResponse>();
for (NetworkACL acl : result.first()) {
NetworkACLResponse aclResponse = _responseGenerator.createNetworkACLResponse(acl);
aclResponses.add(aclResponse);
}
response.setResponses(aclResponses, result.second());
response.setResponseName(getCommandName());
setResponseObject(response);
}
Also used :
NetworkACLResponse(org.apache.cloudstack.api.response.NetworkACLResponse)
ListResponse(org.apache.cloudstack.api.response.ListResponse)
ArrayList(java.util.ArrayList)
ArrayList(java.util.ArrayList)
List(java.util.List)
NetworkACL(com.cloud.network.vpc.NetworkACL)
Example 5 with NetworkACL
use of com.cloud.network.vpc.NetworkACL in project cloudstack by apache.
the class NetworkServiceImpl method commitNetwork.
private Network commitNetwork(final Long networkOfferingId, final String gateway, final String startIP, final String endIP, final String netmask, final String networkDomain, final String vlanId, final Boolean bypassVlanOverlapCheck, final String name, final String displayText, final Account caller, final Long physicalNetworkId, final Long zoneId, final Long domainId, final boolean isDomainSpecific, final Boolean subdomainAccessFinal, final Long vpcId, final String startIPv6, final String endIPv6, final String ip6Gateway, final String ip6Cidr, final Boolean displayNetwork, final Long aclId, final String isolatedPvlan, final PVlanType isolatedPvlanType, final NetworkOfferingVO ntwkOff, final PhysicalNetwork pNtwk, final ACLType aclType, final Account ownerFinal, final String cidr, final boolean createVlan, final String externalId, String routerIp, String routerIpv6) throws InsufficientCapacityException, ResourceAllocationException {
try {
Network network = Transaction.execute(new TransactionCallbackWithException<Network, Exception>() {
@Override
public Network doInTransaction(TransactionStatus status) throws InsufficientCapacityException, ResourceAllocationException {
Account owner = ownerFinal;
Boolean subdomainAccess = subdomainAccessFinal;
Long sharedDomainId = null;
if (isDomainSpecific) {
if (domainId != null) {
sharedDomainId = domainId;
} else {
sharedDomainId = _domainMgr.getDomain(Domain.ROOT_DOMAIN).getId();
subdomainAccess = true;
}
}
// default owner to system if network has aclType=Domain
if (aclType == ACLType.Domain) {
owner = _accountMgr.getAccount(Account.ACCOUNT_ID_SYSTEM);
}
// Create guest network
Network network = null;
if (vpcId != null) {
if (!_configMgr.isOfferingForVpc(ntwkOff)) {
throw new InvalidParameterValueException("Network offering can't be used for VPC networks");
}
if (aclId != null) {
NetworkACL acl = _networkACLDao.findById(aclId);
if (acl == null) {
throw new InvalidParameterValueException("Unable to find specified NetworkACL");
}
if (aclId != NetworkACL.DEFAULT_DENY && aclId != NetworkACL.DEFAULT_ALLOW) {
// ACL should be associated with a VPC
if (!vpcId.equals(acl.getVpcId())) {
throw new InvalidParameterValueException("ACL: " + aclId + " do not belong to the VPC");
}
}
}
network = _vpcMgr.createVpcGuestNetwork(networkOfferingId, name, displayText, gateway, cidr, vlanId, networkDomain, owner, sharedDomainId, pNtwk, zoneId, aclType, subdomainAccess, vpcId, aclId, caller, displayNetwork, externalId);
} else {
if (_configMgr.isOfferingForVpc(ntwkOff)) {
throw new InvalidParameterValueException("Network offering can be used for VPC networks only");
}
if (ntwkOff.isInternalLb()) {
throw new InvalidParameterValueException("Internal Lb can be enabled on vpc networks only");
}
network = _networkMgr.createGuestNetwork(networkOfferingId, name, displayText, gateway, cidr, vlanId, bypassVlanOverlapCheck, networkDomain, owner, sharedDomainId, pNtwk, zoneId, aclType, subdomainAccess, vpcId, ip6Gateway, ip6Cidr, displayNetwork, isolatedPvlan, isolatedPvlanType, externalId, routerIp, routerIpv6);
}
if (_accountMgr.isRootAdmin(caller.getId()) && createVlan && network != null) {
// Create vlan ip range
_configMgr.createVlanAndPublicIpRange(pNtwk.getDataCenterId(), network.getId(), physicalNetworkId, false, false, null, startIP, endIP, gateway, netmask, vlanId, bypassVlanOverlapCheck, null, null, startIPv6, endIPv6, ip6Gateway, ip6Cidr);
}
return network;
}
});
if (domainId != null && aclType == ACLType.Domain) {
// send event for storing the domain wide resource access
Map<String, Object> params = new HashMap<String, Object>();
params.put(ApiConstants.ENTITY_TYPE, Network.class);
params.put(ApiConstants.ENTITY_ID, network.getId());
params.put(ApiConstants.DOMAIN_ID, domainId);
params.put(ApiConstants.SUBDOMAIN_ACCESS, subdomainAccessFinal == null ? Boolean.TRUE : subdomainAccessFinal);
_messageBus.publish(_name, EntityManager.MESSAGE_ADD_DOMAIN_WIDE_ENTITY_EVENT, PublishScope.LOCAL, params);
}
return network;
} catch (Exception e) {
ExceptionUtil.rethrowRuntime(e);
ExceptionUtil.rethrow(e, InsufficientCapacityException.class);
ExceptionUtil.rethrow(e, ResourceAllocationException.class);
throw new IllegalStateException(e);
}
}
Also used :
Account(com.cloud.user.Account)
HashMap(java.util.HashMap)
TransactionStatus(com.cloud.utils.db.TransactionStatus)
NetworkACL(com.cloud.network.vpc.NetworkACL)
InvalidParameterException(java.security.InvalidParameterException)
TransactionCallbackWithException(com.cloud.utils.db.TransactionCallbackWithException)
InsufficientCapacityException(com.cloud.exception.InsufficientCapacityException)
InsufficientAddressCapacityException(com.cloud.exception.InsufficientAddressCapacityException)
ResourceUnavailableException(com.cloud.exception.ResourceUnavailableException)
CloudRuntimeException(com.cloud.utils.exception.CloudRuntimeException)
SQLException(java.sql.SQLException)
UnknownHostException(java.net.UnknownHostException)
InvalidParameterValueException(com.cloud.exception.InvalidParameterValueException)
ResourceAllocationException(com.cloud.exception.ResourceAllocationException)
ConcurrentOperationException(com.cloud.exception.ConcurrentOperationException)
UnsupportedServiceException(com.cloud.exception.UnsupportedServiceException)
ConfigurationException(javax.naming.ConfigurationException)
PermissionDeniedException(com.cloud.exception.PermissionDeniedException)
InvalidParameterValueException(com.cloud.exception.InvalidParameterValueException)
InsufficientCapacityException(com.cloud.exception.InsufficientCapacityException)
ResourceAllocationException(com.cloud.exception.ResourceAllocationException)
Aggregations
NetworkACL (com.cloud.network.vpc.NetworkACL)17
ArrayList (java.util.ArrayList)7
DataCenter (com.cloud.dc.DataCenter)5
Vpc (com.cloud.network.vpc.Vpc)5
ResourceTag (com.cloud.server.ResourceTag)5
HashMap (java.util.HashMap)4
NetworkACLResponse (com.cloud.api.response.NetworkACLResponse)3
PhysicalNetwork (com.cloud.network.PhysicalNetwork)3
NetworkVO (com.cloud.network.dao.NetworkVO)3
PhysicalNetworkVO (com.cloud.network.dao.PhysicalNetworkVO)3
ResourceTagResponse (com.cloud.api.response.ResourceTagResponse)2
Domain (com.cloud.domain.Domain)2
ConcurrentOperationException (com.cloud.exception.ConcurrentOperationException)2
InsufficientAddressCapacityException (com.cloud.exception.InsufficientAddressCapacityException)2
InsufficientCapacityException (com.cloud.exception.InsufficientCapacityException)2
InvalidParameterValueException (com.cloud.exception.InvalidParameterValueException)2
PermissionDeniedException (com.cloud.exception.PermissionDeniedException)2
ResourceAllocationException (com.cloud.exception.ResourceAllocationException)2
ResourceUnavailableException (com.cloud.exception.ResourceUnavailableException)2
UnsupportedServiceException (com.cloud.exception.UnsupportedServiceException)2
