Example 1 with PrivateGateway
use of com.cloud.network.vpc.PrivateGateway in project cosmic by MissionCriticalCloud.
the class NetworkACLManagerTest method driveTestApplyNetworkACL.
public void driveTestApplyNetworkACL(final boolean result, final boolean applyNetworkACLs, final boolean applyACLToPrivateGw) throws Exception {
// In order to test ONLY our scope method, we mock the others
final NetworkACLManager aclManager = Mockito.spy(_aclMgr);
// Prepare
// Reset mocked objects to reuse
Mockito.reset(_networkACLItemDao);
// Make sure it is handled
final long aclId = 1L;
final NetworkVO network = Mockito.mock(NetworkVO.class);
final List<NetworkVO> networks = new ArrayList<>();
networks.add(network);
Mockito.when(_networkDao.listByAclId(Matchers.anyLong())).thenReturn(networks);
Mockito.when(_networkDao.findById(Matchers.anyLong())).thenReturn(network);
Mockito.when(_networkModel.isProviderSupportServiceInNetwork(Matchers.anyLong(), Matchers.any(Network.Service.class), Matchers.any(Network.Provider.class))).thenReturn(true);
Mockito.when(_networkAclElements.get(0).applyNetworkACLs(Matchers.any(Network.class), Matchers.anyList())).thenReturn(applyNetworkACLs);
// Make sure it applies ACL to private gateway
final List<VpcGatewayVO> vpcGateways = new ArrayList<>();
final VpcGatewayVO vpcGateway = Mockito.mock(VpcGatewayVO.class);
final PrivateGateway privateGateway = Mockito.mock(PrivateGateway.class);
Mockito.when(_vpcSvc.getVpcPrivateGateway(Mockito.anyLong())).thenReturn(privateGateway);
vpcGateways.add(vpcGateway);
Mockito.when(_vpcGatewayDao.listByAclIdAndType(aclId, VpcGateway.Type.Private)).thenReturn(vpcGateways);
// Create 4 rules to test all 4 scenarios: only revoke should
// be deleted, only add should update
final List<NetworkACLItemVO> rules = new ArrayList<>();
final NetworkACLItemVO ruleActive = Mockito.mock(NetworkACLItemVO.class);
final NetworkACLItemVO ruleStaged = Mockito.mock(NetworkACLItemVO.class);
final NetworkACLItemVO rule2Revoke = Mockito.mock(NetworkACLItemVO.class);
final NetworkACLItemVO rule2Add = Mockito.mock(NetworkACLItemVO.class);
Mockito.when(ruleActive.getState()).thenReturn(NetworkACLItem.State.Active);
Mockito.when(ruleStaged.getState()).thenReturn(NetworkACLItem.State.Staged);
Mockito.when(rule2Add.getState()).thenReturn(NetworkACLItem.State.Add);
Mockito.when(rule2Revoke.getState()).thenReturn(NetworkACLItem.State.Revoke);
rules.add(ruleActive);
rules.add(ruleStaged);
rules.add(rule2Add);
rules.add(rule2Revoke);
final long revokeId = 8;
Mockito.when(rule2Revoke.getId()).thenReturn(revokeId);
final long addId = 9;
Mockito.when(rule2Add.getId()).thenReturn(addId);
Mockito.when(_networkACLItemDao.findById(addId)).thenReturn(rule2Add);
Mockito.when(_networkACLItemDao.listByACL(aclId)).thenReturn(rules);
// Mock methods to avoid
Mockito.doReturn(applyACLToPrivateGw).when(aclManager).applyACLToPrivateGw(privateGateway);
// Execute
assertEquals("Result was not congruent with applyNetworkACLs and applyACLToPrivateGw", result, aclManager.applyNetworkACL(aclId));
// Assert if conditions met, network ACL was applied
final int timesProcessingDone = applyNetworkACLs && applyACLToPrivateGw ? 1 : 0;
Mockito.verify(_networkACLItemDao, Mockito.times(timesProcessingDone)).remove(revokeId);
Mockito.verify(rule2Add, Mockito.times(timesProcessingDone)).setState(NetworkACLItem.State.Active);
Mockito.verify(_networkACLItemDao, Mockito.times(timesProcessingDone)).update(addId, rule2Add);
}
Also used :
NetworkVO(com.cloud.network.dao.NetworkVO)
VpcGatewayVO(com.cloud.network.vpc.VpcGatewayVO)
ArrayList(java.util.ArrayList)
NetworkOrchestrationService(com.cloud.engine.orchestration.service.NetworkOrchestrationService)
VpcService(com.cloud.network.vpc.VpcService)
NetworkACLItemVO(com.cloud.network.vpc.NetworkACLItemVO)
NetworkACLManager(com.cloud.network.vpc.NetworkACLManager)
NetworkACLServiceProvider(com.cloud.network.element.NetworkACLServiceProvider)
PrivateGateway(com.cloud.network.vpc.PrivateGateway)
Network(com.cloud.network.Network)
Example 2 with PrivateGateway
use of com.cloud.network.vpc.PrivateGateway in project cosmic by MissionCriticalCloud.
the class ListPrivateGatewaysCmd method execute.
@Override
public void execute() {
final Pair<List<PrivateGateway>, Integer> gateways = _vpcService.listPrivateGateway(this);
final ListResponse<PrivateGatewayResponse> response = new ListResponse<>();
final List<PrivateGatewayResponse> projectResponses = new ArrayList<>();
for (final PrivateGateway gateway : gateways.first()) {
final PrivateGatewayResponse gatewayResponse = _responseGenerator.createPrivateGatewayResponse(gateway);
projectResponses.add(gatewayResponse);
}
response.setResponses(projectResponses, gateways.second());
response.setResponseName(getCommandName());
setResponseObject(response);
}
Also used :
PrivateGatewayResponse(com.cloud.api.response.PrivateGatewayResponse)
ListResponse(com.cloud.api.response.ListResponse)
ArrayList(java.util.ArrayList)
ArrayList(java.util.ArrayList)
List(java.util.List)
PrivateGateway(com.cloud.network.vpc.PrivateGateway)
Example 3 with PrivateGateway
use of com.cloud.network.vpc.PrivateGateway in project cloudstack by apache.
the class VpcNetworkHelperImpl method reallocateRouterNetworks.
@Override
public void reallocateRouterNetworks(final RouterDeploymentDefinition vpcRouterDeploymentDefinition, final VirtualRouter router, final VMTemplateVO template, final HypervisorType hType) throws ConcurrentOperationException, InsufficientCapacityException {
final TreeSet<String> publicVlans = new TreeSet<String>();
if (vpcRouterDeploymentDefinition.isPublicNetwork()) {
publicVlans.add(vpcRouterDeploymentDefinition.getSourceNatIP().getVlanTag());
}
// 1) allocate nic for control and source nat public ip
final LinkedHashMap<Network, List<? extends NicProfile>> networks = configureDefaultNics(vpcRouterDeploymentDefinition);
final Long vpcId = vpcRouterDeploymentDefinition.getVpc().getId();
// 2) allocate nic for private gateways if needed
final List<PrivateGateway> privateGateways = vpcMgr.getVpcPrivateGateways(vpcId);
if (privateGateways != null && !privateGateways.isEmpty()) {
for (final PrivateGateway privateGateway : privateGateways) {
final NicProfile privateNic = nicProfileHelper.createPrivateNicProfileForGateway(privateGateway, router);
final Network privateNetwork = _networkModel.getNetwork(privateGateway.getNetworkId());
networks.put(privateNetwork, new ArrayList<NicProfile>(Arrays.asList(privateNic)));
}
}
// 3) allocate nic for guest gateway if needed
final List<? extends Network> guestNetworks = vpcMgr.getVpcNetworks(vpcId);
for (final Network guestNetwork : guestNetworks) {
if (_networkModel.isPrivateGateway(guestNetwork.getId())) {
continue;
}
if (guestNetwork.getState() == Network.State.Implemented || guestNetwork.getState() == Network.State.Setup) {
final NicProfile guestNic = nicProfileHelper.createGuestNicProfileForVpcRouter(vpcRouterDeploymentDefinition, guestNetwork);
networks.put(guestNetwork, new ArrayList<NicProfile>(Arrays.asList(guestNic)));
}
}
// 4) allocate nic for additional public network(s)
final List<IPAddressVO> ips = _ipAddressDao.listByAssociatedVpc(vpcId, false);
final List<NicProfile> publicNics = new ArrayList<NicProfile>();
Network publicNetwork = null;
final Map<Network.Service, Set<Network.Provider>> vpcOffSvcProvidersMap = vpcMgr.getVpcOffSvcProvidersMap(vpcRouterDeploymentDefinition.getVpc().getVpcOfferingId());
boolean vpcIsStaticNatProvider = vpcOffSvcProvidersMap.get(Network.Service.StaticNat) != null && vpcOffSvcProvidersMap.get(Network.Service.StaticNat).contains(Network.Provider.VPCVirtualRouter);
final ServiceOfferingVO routerOffering = _serviceOfferingDao.findById(vpcRouterDeploymentDefinition.getServiceOfferingId());
for (final IPAddressVO ip : ips) {
if (vpcIsStaticNatProvider || !ip.isOneToOneNat()) {
final PublicIp publicIp = PublicIp.createFromAddrAndVlan(ip, _vlanDao.findById(ip.getVlanId()));
if ((ip.getState() == IpAddress.State.Allocated || ip.getState() == IpAddress.State.Allocating) && vpcMgr.isIpAllocatedToVpc(ip) && !publicVlans.contains(publicIp.getVlanTag())) {
s_logger.debug("Allocating nic for router in vlan " + publicIp.getVlanTag());
final NicProfile publicNic = new NicProfile();
publicNic.setDefaultNic(false);
publicNic.setIPv4Address(publicIp.getAddress().addr());
publicNic.setIPv4Gateway(publicIp.getGateway());
publicNic.setIPv4Netmask(publicIp.getNetmask());
publicNic.setMacAddress(publicIp.getMacAddress());
publicNic.setBroadcastType(BroadcastDomainType.Vlan);
publicNic.setBroadcastUri(BroadcastDomainType.Vlan.toUri(publicIp.getVlanTag()));
publicNic.setIsolationUri(IsolationType.Vlan.toUri(publicIp.getVlanTag()));
final NetworkOffering publicOffering = _networkModel.getSystemAccountNetworkOfferings(NetworkOffering.SystemPublicNetwork).get(0);
if (publicNetwork == null) {
final List<? extends Network> publicNetworks = _networkMgr.setupNetwork(s_systemAccount, publicOffering, vpcRouterDeploymentDefinition.getPlan(), null, null, false);
publicNetwork = publicNetworks.get(0);
}
publicNics.add(publicNic);
publicVlans.add(publicIp.getVlanTag());
}
}
}
if (publicNetwork != null) {
if (networks.get(publicNetwork) != null) {
@SuppressWarnings("unchecked") final List<NicProfile> publicNicProfiles = (List<NicProfile>) networks.get(publicNetwork);
publicNicProfiles.addAll(publicNics);
networks.put(publicNetwork, publicNicProfiles);
} else {
networks.put(publicNetwork, publicNics);
}
}
_itMgr.allocate(router.getInstanceName(), template, routerOffering, networks, vpcRouterDeploymentDefinition.getPlan(), hType);
}
Also used :
TreeSet(java.util.TreeSet)
Set(java.util.Set)
PublicIp(com.cloud.network.addr.PublicIp)
NetworkOffering(com.cloud.offering.NetworkOffering)
ArrayList(java.util.ArrayList)
NicProfile(com.cloud.vm.NicProfile)
ServiceOfferingVO(com.cloud.service.ServiceOfferingVO)
PrivateGateway(com.cloud.network.vpc.PrivateGateway)
TreeSet(java.util.TreeSet)
Network(com.cloud.network.Network)
ArrayList(java.util.ArrayList)
List(java.util.List)
IPAddressVO(com.cloud.network.dao.IPAddressVO)
Example 4 with PrivateGateway
use of com.cloud.network.vpc.PrivateGateway in project cloudstack by apache.
the class NetworkACLManagerTest method driveTestApplyNetworkACL.
@SuppressWarnings("unchecked")
public void driveTestApplyNetworkACL(final boolean result, final boolean applyNetworkACLs, final boolean applyACLToPrivateGw) throws Exception {
// In order to test ONLY our scope method, we mock the others
final NetworkACLManager aclManager = Mockito.spy(_aclMgr);
// Prepare
// Reset mocked objects to reuse
Mockito.reset(_networkACLItemDao);
// Make sure it is handled
final long aclId = 1L;
final NetworkVO network = Mockito.mock(NetworkVO.class);
final List<NetworkVO> networks = new ArrayList<NetworkVO>();
networks.add(network);
NetworkServiceMapDao ntwkSrvcDao = mock(NetworkServiceMapDao.class);
when(ntwkSrvcDao.canProviderSupportServiceInNetwork(anyLong(), eq(Network.Service.NetworkACL), nullable(Network.Provider.class))).thenReturn(true);
Mockito.when(_networkDao.listByAclId(anyLong())).thenReturn(networks);
Mockito.when(_networkDao.findById(anyLong())).thenReturn(network);
Mockito.when(_networkModel.isProviderSupportServiceInNetwork(anyLong(), any(Network.Service.class), any(Network.Provider.class))).thenReturn(true);
Mockito.when(_networkAclElements.get(0).getProvider()).thenReturn(Mockito.mock(Network.Provider.class));
Mockito.when(_networkAclElements.get(0).applyNetworkACLs(any(Network.class), anyList())).thenReturn(applyNetworkACLs);
// Make sure it applies ACL to private gateway
final List<VpcGatewayVO> vpcGateways = new ArrayList<VpcGatewayVO>();
final VpcGatewayVO vpcGateway = Mockito.mock(VpcGatewayVO.class);
final PrivateGateway privateGateway = Mockito.mock(PrivateGateway.class);
Mockito.when(_vpcSvc.getVpcPrivateGateway(anyLong())).thenReturn(privateGateway);
vpcGateways.add(vpcGateway);
Mockito.when(_vpcGatewayDao.listByAclIdAndType(aclId, VpcGateway.Type.Private)).thenReturn(vpcGateways);
// Create 4 rules to test all 4 scenarios: only revoke should
// be deleted, only add should update
final List<NetworkACLItemVO> rules = new ArrayList<NetworkACLItemVO>();
final NetworkACLItemVO ruleActive = Mockito.mock(NetworkACLItemVO.class);
final NetworkACLItemVO ruleStaged = Mockito.mock(NetworkACLItemVO.class);
final NetworkACLItemVO rule2Revoke = Mockito.mock(NetworkACLItemVO.class);
final NetworkACLItemVO rule2Add = Mockito.mock(NetworkACLItemVO.class);
Mockito.when(ruleActive.getState()).thenReturn(NetworkACLItem.State.Active);
Mockito.when(ruleStaged.getState()).thenReturn(NetworkACLItem.State.Staged);
Mockito.when(rule2Add.getState()).thenReturn(NetworkACLItem.State.Add);
Mockito.when(rule2Revoke.getState()).thenReturn(NetworkACLItem.State.Revoke);
rules.add(ruleActive);
rules.add(ruleStaged);
rules.add(rule2Add);
rules.add(rule2Revoke);
final long revokeId = 8;
Mockito.when(rule2Revoke.getId()).thenReturn(revokeId);
final long addId = 9;
Mockito.when(rule2Add.getId()).thenReturn(addId);
Mockito.when(_networkACLItemDao.findById(addId)).thenReturn(rule2Add);
Mockito.when(_networkACLItemDao.listByACL(aclId)).thenReturn(rules);
// Mock methods to avoid
Mockito.doReturn(applyACLToPrivateGw).when(aclManager).applyACLToPrivateGw(privateGateway);
// Execute
assertEquals("Result was not congruent with applyNetworkACLs and applyACLToPrivateGw", result, aclManager.applyNetworkACL(aclId));
// Assert if conditions met, network ACL was applied
final int timesProcessingDone = applyNetworkACLs && applyACLToPrivateGw ? 1 : 0;
Mockito.verify(_networkACLItemDao, Mockito.times(timesProcessingDone)).remove(revokeId);
Mockito.verify(rule2Add, Mockito.times(timesProcessingDone)).setState(NetworkACLItem.State.Active);
Mockito.verify(_networkACLItemDao, Mockito.times(timesProcessingDone)).update(addId, rule2Add);
}
Also used :
NetworkVO(com.cloud.network.dao.NetworkVO)
VpcGatewayVO(com.cloud.network.vpc.VpcGatewayVO)
ArrayList(java.util.ArrayList)
NetworkOrchestrationService(org.apache.cloudstack.engine.orchestration.service.NetworkOrchestrationService)
VpcService(com.cloud.network.vpc.VpcService)
NetworkACLItemVO(com.cloud.network.vpc.NetworkACLItemVO)
NetworkACLManager(com.cloud.network.vpc.NetworkACLManager)
NetworkACLServiceProvider(com.cloud.network.element.NetworkACLServiceProvider)
PrivateGateway(com.cloud.network.vpc.PrivateGateway)
NetworkServiceMapDao(com.cloud.network.dao.NetworkServiceMapDao)
Network(com.cloud.network.Network)
Example 5 with PrivateGateway
use of com.cloud.network.vpc.PrivateGateway in project cloudstack by apache.
the class CreatePrivateGatewayCmd method create.
@Override
public void create() throws ResourceAllocationException {
PrivateGateway result = null;
try {
result = _vpcService.createVpcPrivateGateway(getVpcId(), getPhysicalNetworkId(), getBroadcastUri(), getStartIp(), getGateway(), getNetmask(), getEntityOwnerId(), getNetworkOfferingId(), getIsSourceNat(), getAclId(), getBypassVlanOverlapCheck());
} catch (InsufficientCapacityException ex) {
s_logger.info(ex);
s_logger.trace(ex);
throw new ServerApiException(ApiErrorCode.INSUFFICIENT_CAPACITY_ERROR, ex.getMessage());
} catch (ConcurrentOperationException ex) {
s_logger.warn("Exception: ", ex);
throw new ServerApiException(ApiErrorCode.INTERNAL_ERROR, ex.getMessage());
}
if (result != null) {
setEntityId(result.getId());
setEntityUuid(result.getUuid());
} else {
throw new ServerApiException(ApiErrorCode.INTERNAL_ERROR, "Failed to create private gateway");
}
}
Also used :
ServerApiException(org.apache.cloudstack.api.ServerApiException)
InsufficientCapacityException(com.cloud.exception.InsufficientCapacityException)
ConcurrentOperationException(com.cloud.exception.ConcurrentOperationException)
PrivateGateway(com.cloud.network.vpc.PrivateGateway)
Aggregations
PrivateGateway (com.cloud.network.vpc.PrivateGateway)10
ArrayList (java.util.ArrayList)6
Network (com.cloud.network.Network)4
List (java.util.List)4
ServerApiException (com.cloud.api.ServerApiException)2
PrivateGatewayResponse (com.cloud.api.response.PrivateGatewayResponse)2
ConcurrentOperationException (com.cloud.exception.ConcurrentOperationException)2
InsufficientCapacityException (com.cloud.exception.InsufficientCapacityException)2
PublicIp (com.cloud.network.addr.PublicIp)2
IPAddressVO (com.cloud.network.dao.IPAddressVO)2
NetworkVO (com.cloud.network.dao.NetworkVO)2
NetworkACLServiceProvider (com.cloud.network.element.NetworkACLServiceProvider)2
NetworkACLItemVO (com.cloud.network.vpc.NetworkACLItemVO)2
NetworkACLManager (com.cloud.network.vpc.NetworkACLManager)2
VpcGatewayVO (com.cloud.network.vpc.VpcGatewayVO)2
VpcService (com.cloud.network.vpc.VpcService)2
NetworkOffering (com.cloud.offering.NetworkOffering)2
ServiceOfferingVO (com.cloud.service.ServiceOfferingVO)2
NicProfile (com.cloud.vm.NicProfile)2
TreeSet (java.util.TreeSet)2
