Examples with NetworkOffering com.cloud.offering.NetworkOffering used on opensource projects

Example 31 with NetworkOffering

use of com.cloud.offering.NetworkOffering in project cloudstack by apache.

the class ConsoleProxyManagerImpl method createProxyInstance.

protected Map<String, Object> createProxyInstance(long dataCenterId, VMTemplateVO template) throws ConcurrentOperationException {
    long id = _consoleProxyDao.getNextInSequence(Long.class, "id");
    String name = VirtualMachineName.getConsoleProxyName(id, _instance);
    DataCenterVO dc = _dcDao.findById(dataCenterId);
    Account systemAcct = _accountMgr.getSystemAccount();
    DataCenterDeployment plan = new DataCenterDeployment(dataCenterId);
    NetworkVO defaultNetwork = getDefaultNetworkForCreation(dc);
    List<? extends NetworkOffering> offerings = _networkModel.getSystemAccountNetworkOfferings(NetworkOffering.SystemControlNetwork, NetworkOffering.SystemManagementNetwork);
    LinkedHashMap<Network, List<? extends NicProfile>> networks = new LinkedHashMap<Network, List<? extends NicProfile>>(offerings.size() + 1);
    NicProfile defaultNic = new NicProfile();
    defaultNic.setDefaultNic(true);
    defaultNic.setDeviceId(2);
    networks.put(_networkMgr.setupNetwork(systemAcct, _networkOfferingDao.findById(defaultNetwork.getNetworkOfferingId()), plan, null, null, false).get(0), new ArrayList<NicProfile>(Arrays.asList(defaultNic)));
    for (NetworkOffering offering : offerings) {
        networks.put(_networkMgr.setupNetwork(systemAcct, offering, plan, null, null, false).get(0), new ArrayList<NicProfile>());
    }
    ServiceOfferingVO serviceOffering = _serviceOffering;
    if (serviceOffering == null) {
        serviceOffering = _offeringDao.findDefaultSystemOffering(ServiceOffering.consoleProxyDefaultOffUniqueName, ConfigurationManagerImpl.SystemVMUseLocalStorage.valueIn(dataCenterId));
    }
    ConsoleProxyVO proxy = new ConsoleProxyVO(id, serviceOffering.getId(), name, template.getId(), template.getHypervisorType(), template.getGuestOSId(), dataCenterId, systemAcct.getDomainId(), systemAcct.getId(), _accountMgr.getSystemUser().getId(), 0, serviceOffering.getOfferHA());
    proxy.setDynamicallyScalable(template.isDynamicallyScalable());
    proxy = _consoleProxyDao.persist(proxy);
    try {
        _itMgr.allocate(name, template, serviceOffering, networks, plan, null);
    } catch (InsufficientCapacityException e) {
        s_logger.warn("InsufficientCapacity", e);
        throw new CloudRuntimeException("Insufficient capacity exception", e);
    }
    Map<String, Object> context = new HashMap<String, Object>();
    context.put("dc", dc);
    HostPodVO pod = _podDao.findById(proxy.getPodIdToDeployIn());
    context.put("pod", pod);
    context.put("proxyVmId", proxy.getId());
    return context;
}

Example 32 with NetworkOffering

use of com.cloud.offering.NetworkOffering in project cloudstack by apache.

the class RulesManagerImpl method createStaticNatRule.

@Override
@DB
@ActionEvent(eventType = EventTypes.EVENT_NET_RULE_ADD, eventDescription = "creating static nat rule", create = true)
public StaticNatRule createStaticNatRule(final StaticNatRule rule, final boolean openFirewall) throws NetworkRuleConflictException {
    final Account caller = CallContext.current().getCallingAccount();
    final Long ipAddrId = rule.getSourceIpAddressId();
    IPAddressVO ipAddress = _ipAddressDao.findById(ipAddrId);
    // Validate ip address
    if (ipAddress == null) {
        throw new InvalidParameterValueException("Unable to create static nat rule; ip id=" + ipAddrId + " doesn't exist in the system");
    } else if (ipAddress.isSourceNat() || !ipAddress.isOneToOneNat() || ipAddress.getAssociatedWithVmId() == null) {
        throw new NetworkRuleConflictException("Can't do static nat on ip address: " + ipAddress.getAddress());
    }
    _firewallMgr.validateFirewallRule(caller, ipAddress, rule.getSourcePortStart(), rule.getSourcePortEnd(), rule.getProtocol(), Purpose.StaticNat, FirewallRuleType.User, null, rule.getTrafficType());
    final Long networkId = ipAddress.getAssociatedWithNetworkId();
    final Long accountId = ipAddress.getAllocatedToAccountId();
    final Long domainId = ipAddress.getAllocatedInDomainId();
    _networkModel.checkIpForService(ipAddress, Service.StaticNat, null);
    Network network = _networkModel.getNetwork(networkId);
    NetworkOffering off = _entityMgr.findById(NetworkOffering.class, network.getNetworkOfferingId());
    if (off.getElasticIp()) {
        throw new InvalidParameterValueException("Can't create ip forwarding rules for the network where elasticIP service is enabled");
    }
    //String dstIp = _networkModel.getIpInNetwork(ipAddress.getAssociatedWithVmId(), networkId);
    final String dstIp = ipAddress.getVmIp();
    return Transaction.execute(new TransactionCallbackWithException<StaticNatRule, NetworkRuleConflictException>() {

        @Override
        public StaticNatRule doInTransaction(TransactionStatus status) throws NetworkRuleConflictException {
            FirewallRuleVO newRule = new FirewallRuleVO(rule.getXid(), rule.getSourceIpAddressId(), rule.getSourcePortStart(), rule.getSourcePortEnd(), rule.getProtocol().toLowerCase(), networkId, accountId, domainId, rule.getPurpose(), null, null, null, null, null);
            newRule = _firewallDao.persist(newRule);
            // create firewallRule for 0.0.0.0/0 cidr
            if (openFirewall) {
                _firewallMgr.createRuleForAllCidrs(ipAddrId, caller, rule.getSourcePortStart(), rule.getSourcePortEnd(), rule.getProtocol(), null, null, newRule.getId(), networkId);
            }
            try {
                _firewallMgr.detectRulesConflict(newRule);
                if (!_firewallDao.setStateToAdd(newRule)) {
                    throw new CloudRuntimeException("Unable to update the state to add for " + newRule);
                }
                CallContext.current().setEventDetails("Rule Id: " + newRule.getId());
                UsageEventUtils.publishUsageEvent(EventTypes.EVENT_NET_RULE_ADD, newRule.getAccountId(), 0, newRule.getId(), null, FirewallRule.class.getName(), newRule.getUuid());
                StaticNatRule staticNatRule = new StaticNatRuleImpl(newRule, dstIp);
                return staticNatRule;
            } catch (Exception e) {
                if (newRule != null) {
                    // no need to apply the rule as it wasn't programmed on the backend yet
                    _firewallMgr.revokeRelatedFirewallRule(newRule.getId(), false);
                    _firewallMgr.removeRule(newRule);
                }
                if (e instanceof NetworkRuleConflictException) {
                    throw (NetworkRuleConflictException) e;
                }
                throw new CloudRuntimeException("Unable to add static nat rule for the ip id=" + newRule.getSourceIpAddressId(), e);
            }
        }
    });
}

Example 33 with NetworkOffering

use of com.cloud.offering.NetworkOffering in project cloudstack by apache.

the class RulesManagerImpl method isIpReadyForStaticNat.

protected void isIpReadyForStaticNat(long vmId, IPAddressVO ipAddress, String vmIp, Account caller, long callerUserId) throws NetworkRuleConflictException, ResourceUnavailableException {
    if (ipAddress.isSourceNat()) {
        throw new InvalidParameterValueException("Can't enable static, ip address " + ipAddress + " is a sourceNat ip address");
    }
    if (!ipAddress.isOneToOneNat()) {
        // Dont allow to enable static nat if PF/LB rules exist for the IP
        List<FirewallRuleVO> portForwardingRules = _firewallDao.listByIpAndPurposeAndNotRevoked(ipAddress.getId(), Purpose.PortForwarding);
        if (portForwardingRules != null && !portForwardingRules.isEmpty()) {
            throw new NetworkRuleConflictException("Failed to enable static nat for the ip address " + ipAddress + " as it already has PortForwarding rules assigned");
        }
        List<FirewallRuleVO> loadBalancingRules = _firewallDao.listByIpAndPurposeAndNotRevoked(ipAddress.getId(), Purpose.LoadBalancing);
        if (loadBalancingRules != null && !loadBalancingRules.isEmpty()) {
            throw new NetworkRuleConflictException("Failed to enable static nat for the ip address " + ipAddress + " as it already has LoadBalancing rules assigned");
        }
    } else if (ipAddress.getAssociatedWithVmId() != null && ipAddress.getAssociatedWithVmId().longValue() != vmId) {
        throw new NetworkRuleConflictException("Failed to enable static for the ip address " + ipAddress + " and vm id=" + vmId + " as it's already assigned to antoher vm");
    }
    //check wether the vm ip is alreday associated with any public ip address
    IPAddressVO oldIP = _ipAddressDao.findByAssociatedVmIdAndVmIp(vmId, vmIp);
    if (oldIP != null) {
        // If elasticIP functionality is supported in the network, we always have to disable static nat on the old
        // ip in order to re-enable it on the new one
        Long networkId = oldIP.getAssociatedWithNetworkId();
        VMInstanceVO vm = _vmInstanceDao.findById(vmId);
        boolean reassignStaticNat = false;
        if (networkId != null) {
            Network guestNetwork = _networkModel.getNetwork(networkId);
            NetworkOffering offering = _entityMgr.findById(NetworkOffering.class, guestNetwork.getNetworkOfferingId());
            if (offering.getElasticIp()) {
                reassignStaticNat = true;
            }
        }
        // If there is public ip address already associated with the vm, throw an exception
        if (!reassignStaticNat) {
            throw new InvalidParameterValueException("Failed to enable static nat on the  ip " + ipAddress.getAddress() + " with Id " + ipAddress.getUuid() + " as the vm " + vm.getInstanceName() + " with Id " + vm.getUuid() + " is already associated with another public ip " + oldIP.getAddress() + " with id " + oldIP.getUuid());
        }
        // unassign old static nat rule
        s_logger.debug("Disassociating static nat for ip " + oldIP);
        if (!disableStaticNat(oldIP.getId(), caller, callerUserId, true)) {
            throw new CloudRuntimeException("Failed to disable old static nat rule for vm " + vm.getInstanceName() + " with id " + vm.getUuid() + "  and public ip " + oldIP);
        }
    }
}

Example 34 with NetworkOffering

use of com.cloud.offering.NetworkOffering in project cloudstack by apache.

the class NetworkACLManagerImpl method replaceNetworkACL.

@Override
public boolean replaceNetworkACL(final NetworkACL acl, final NetworkVO network) throws ResourceUnavailableException {
    final NetworkOffering guestNtwkOff = _entityMgr.findById(NetworkOffering.class, network.getNetworkOfferingId());
    if (guestNtwkOff == null) {
        throw new InvalidParameterValueException("Can't find network offering associated with network: " + network.getUuid());
    }
    //verify that ACLProvider is supported by network offering
    if (!_ntwkModel.areServicesSupportedByNetworkOffering(guestNtwkOff.getId(), Service.NetworkACL)) {
        throw new InvalidParameterValueException("Cannot apply NetworkACL. Network Offering does not support NetworkACL service");
    }
    if (network.getNetworkACLId() != null) {
        //Revoke ACL Items of the existing ACL if the new ACL is empty
        //Existing rules won't be removed otherwise
        final List<NetworkACLItemVO> aclItems = _networkACLItemDao.listByACL(acl.getId());
        if (aclItems == null || aclItems.isEmpty()) {
            s_logger.debug("New network ACL is empty. Revoke existing rules before applying ACL");
            if (!revokeACLItemsForNetwork(network.getId())) {
                throw new CloudRuntimeException("Failed to replace network ACL. Error while removing existing ACL items for network: " + network.getId());
            }
        }
    }
    network.setNetworkACLId(acl.getId());
    //Update Network ACL
    if (_networkDao.update(network.getId(), network)) {
        s_logger.debug("Updated network: " + network.getId() + " with Network ACL Id: " + acl.getId() + ", Applying ACL items");
        //Apply ACL to network
        final Boolean result = applyACLToNetwork(network.getId());
        if (result) {
            // public message on message bus, so that network elements implementing distributed routing capability
            // can act on the event
            _messageBus.publish(_name, "Network_ACL_Replaced", PublishScope.LOCAL, network);
        }
        return result;
    }
    return false;
}

Example 35 with NetworkOffering

use of com.cloud.offering.NetworkOffering in project cloudstack by apache.

the class RulesManagerImpl method getSystemIpAndEnableStaticNatForVm.

@Override
public void getSystemIpAndEnableStaticNatForVm(VirtualMachine vm, boolean getNewIp) throws InsufficientAddressCapacityException {
    boolean success = true;
    // enable static nat if eIp capability is supported
    List<? extends Nic> nics = _nicDao.listByVmId(vm.getId());
    for (Nic nic : nics) {
        Network guestNetwork = _networkModel.getNetwork(nic.getNetworkId());
        NetworkOffering offering = _entityMgr.findById(NetworkOffering.class, guestNetwork.getNetworkOfferingId());
        if (offering.getElasticIp()) {
            boolean isSystemVM = (vm.getType() == Type.ConsoleProxy || vm.getType() == Type.SecondaryStorageVm);
            // for user VM's associate public IP only if offering is marked to associate a public IP by default on start of VM
            if (!isSystemVM && !offering.getAssociatePublicIP()) {
                continue;
            }
            // check if there is already static nat enabled
            if (_ipAddressDao.findByAssociatedVmId(vm.getId()) != null && !getNewIp) {
                s_logger.debug("Vm " + vm + " already has ip associated with it in guest network " + guestNetwork);
                continue;
            }
            s_logger.debug("Allocating system ip and enabling static nat for it for the vm " + vm + " in guest network " + guestNetwork);
            IpAddress ip = _ipAddrMgr.assignSystemIp(guestNetwork.getId(), _accountMgr.getAccount(vm.getAccountId()), false, true);
            if (ip == null) {
                throw new CloudRuntimeException("Failed to allocate system ip for vm " + vm + " in guest network " + guestNetwork);
            }
            s_logger.debug("Allocated system ip " + ip + ", now enabling static nat on it for vm " + vm);
            try {
                success = enableStaticNat(ip.getId(), vm.getId(), guestNetwork.getId(), isSystemVM, null);
            } catch (NetworkRuleConflictException ex) {
                s_logger.warn("Failed to enable static nat as a part of enabling elasticIp and staticNat for vm " + vm + " in guest network " + guestNetwork + " due to exception ", ex);
                success = false;
            } catch (ResourceUnavailableException ex) {
                s_logger.warn("Failed to enable static nat as a part of enabling elasticIp and staticNat for vm " + vm + " in guest network " + guestNetwork + " due to exception ", ex);
                success = false;
            }
            if (!success) {
                s_logger.warn("Failed to enable static nat on system ip " + ip + " for the vm " + vm + ", releasing the ip...");
                _ipAddrMgr.handleSystemIpRelease(ip);
                throw new CloudRuntimeException("Failed to enable static nat on system ip for the vm " + vm);
            } else {
                s_logger.warn("Succesfully enabled static nat on system ip " + ip + " for the vm " + vm);
            }
        }
    }
}