Search in sources :

Example 1 with ExecutionException

use of com.cloud.utils.exception.ExecutionException in project cloudstack by apache.

the class CiscoVnmcResource method execute.

private Answer execute(SetPortForwardingRulesCommand cmd, int numRetries) {
    String vlanId = cmd.getContextParam(NetworkElementCommand.GUEST_VLAN_TAG);
    String tenant = "vlan-" + vlanId;
    PortForwardingRuleTO[] rules = cmd.getRules();
    Map<String, List<PortForwardingRuleTO>> publicIpRulesMap = new HashMap<String, List<PortForwardingRuleTO>>();
    for (PortForwardingRuleTO rule : rules) {
        String publicIp = rule.getSrcIp();
        if (!publicIpRulesMap.containsKey(publicIp)) {
            List<PortForwardingRuleTO> publicIpRulesList = new ArrayList<PortForwardingRuleTO>();
            publicIpRulesMap.put(publicIp, publicIpRulesList);
        }
        publicIpRulesMap.get(publicIp).add(rule);
    }
    try {
        if (!_connection.createTenantVDCNatPolicySet(tenant)) {
            throw new ExecutionException("Failed to create NAT policy set in VNMC for guest network with vlan " + vlanId);
        }
        if (!_connection.createTenantVDCAclPolicySet(tenant, true)) {
            throw new ExecutionException("Failed to create ACL ingress policy set in VNMC for guest network with vlan " + vlanId);
        }
        if (!_connection.createTenantVDCAclPolicySet(tenant, false)) {
            throw new ExecutionException("Failed to create ACL egress policy set in VNMC for guest network with vlan " + vlanId);
        }
        for (String publicIp : publicIpRulesMap.keySet()) {
            String policyIdentifier = publicIp.replace('.', '-');
            if (!_connection.createTenantVDCPFPolicy(tenant, policyIdentifier)) {
                throw new ExecutionException("Failed to create PF policy in VNMC for guest network with vlan " + vlanId);
            }
            if (!_connection.createTenantVDCPFPolicyRef(tenant, policyIdentifier)) {
                throw new ExecutionException("Failed to associate PF policy with NAT policy set in VNMC for guest network with vlan " + vlanId);
            }
            if (!_connection.createTenantVDCAclPolicy(tenant, policyIdentifier)) {
                throw new ExecutionException("Failed to create ACL policy in VNMC for guest network with vlan " + vlanId);
            }
            if (!_connection.createTenantVDCAclPolicyRef(tenant, policyIdentifier, true)) {
                throw new ExecutionException("Failed to associate ACL policy with ACL ingress policy set in VNMC for guest network with vlan " + vlanId);
            }
            if (!_connection.createTenantVDCAclPolicyRef(tenant, policyIdentifier, false)) {
                throw new ExecutionException("Failed to associate ACL policy with ACL egress policy set in VNMC for guest network with vlan " + vlanId);
            }
            for (PortForwardingRuleTO rule : publicIpRulesMap.get(publicIp)) {
                if (rule.revoked()) {
                    if (!_connection.deleteTenantVDCPFRule(tenant, rule.getId(), policyIdentifier)) {
                        throw new ExecutionException("Failed to delete PF rule in VNMC for guest network with vlan " + vlanId);
                    }
                } else {
                    if (!_connection.createTenantVDCPFIpPool(tenant, Long.toString(rule.getId()), rule.getDstIp())) {
                        throw new ExecutionException("Failed to create PF ip pool in VNMC for guest network with vlan " + vlanId);
                    }
                    if (!_connection.createTenantVDCPFPortPool(tenant, Long.toString(rule.getId()), Integer.toString(rule.getDstPortRange()[0]), Integer.toString(rule.getDstPortRange()[1]))) {
                        throw new ExecutionException("Failed to create PF port pool in VNMC for guest network with vlan " + vlanId);
                    }
                    if (!_connection.createTenantVDCPFRule(tenant, rule.getId(), policyIdentifier, rule.getProtocol().toUpperCase(), rule.getSrcIp(), Integer.toString(rule.getSrcPortRange()[0]), Integer.toString(rule.getSrcPortRange()[1]))) {
                        throw new ExecutionException("Failed to create PF rule in VNMC for guest network with vlan " + vlanId);
                    }
                }
            }
        }
        if (!_connection.associateAclPolicySet(tenant)) {
            throw new ExecutionException("Failed to associate source NAT policy set with edge security profile in VNMC for guest network with vlan " + vlanId);
        }
    } catch (ExecutionException e) {
        String msg = "SetPortForwardingRulesCommand failed due to " + e.getMessage();
        s_logger.error(msg, e);
        return new Answer(cmd, false, msg);
    }
    return new Answer(cmd, true, "Success");
}
Also used : ReadyAnswer(com.cloud.agent.api.ReadyAnswer) Answer(com.cloud.agent.api.Answer) MaintainAnswer(com.cloud.agent.api.MaintainAnswer) ExternalNetworkResourceUsageAnswer(com.cloud.agent.api.ExternalNetworkResourceUsageAnswer) IpAssocAnswer(com.cloud.agent.api.routing.IpAssocAnswer) PortForwardingRuleTO(com.cloud.agent.api.to.PortForwardingRuleTO) HashMap(java.util.HashMap) ArrayList(java.util.ArrayList) ArrayList(java.util.ArrayList) List(java.util.List) ExecutionException(com.cloud.utils.exception.ExecutionException)

Example 2 with ExecutionException

use of com.cloud.utils.exception.ExecutionException in project cloudstack by apache.

the class CiscoVnmcResource method execute.

private Answer execute(SetSourceNatCommand cmd, int numRetries) {
    String vlanId = cmd.getContextParam(NetworkElementCommand.GUEST_VLAN_TAG);
    String tenant = "vlan-" + vlanId;
    String policyIdentifier = cmd.getIpAddress().getPublicIp().replace('.', '-');
    try {
        if (!_connection.createTenantVDCNatPolicySet(tenant)) {
            throw new ExecutionException("Failed to create NAT policy set in VNMC for guest network with vlan " + vlanId);
        }
        if (!_connection.createTenantVDCSourceNatPolicy(tenant, policyIdentifier)) {
            throw new ExecutionException("Failed to create source NAT policy in VNMC for guest network with vlan " + vlanId);
        }
        if (!_connection.createTenantVDCSourceNatPolicyRef(tenant, policyIdentifier)) {
            throw new ExecutionException("Failed to associate source NAT policy with NAT policy set in VNMC for guest network with vlan " + vlanId);
        }
        if (!_connection.createTenantVDCSourceNatIpPool(tenant, policyIdentifier, cmd.getIpAddress().getPublicIp())) {
            throw new ExecutionException("Failed to create source NAT ip pool in VNMC for guest network with vlan " + vlanId);
        }
        String[] ipRange = getIpRangeFromCidr(cmd.getContextParam(NetworkElementCommand.GUEST_NETWORK_CIDR));
        if (!_connection.createTenantVDCSourceNatRule(tenant, policyIdentifier, ipRange[0], ipRange[1])) {
            throw new ExecutionException("Failed to create source NAT rule in VNMC for guest network with vlan " + vlanId);
        }
        if (!_connection.associateNatPolicySet(tenant)) {
            throw new ExecutionException("Failed to associate source NAT policy set with edge security profile in VNMC for guest network with vlan " + vlanId);
        }
    } catch (ExecutionException e) {
        String msg = "SetSourceNatCommand failed due to " + e.getMessage();
        s_logger.error(msg, e);
        return new Answer(cmd, false, msg);
    }
    return new Answer(cmd, true, "Success");
}
Also used : ReadyAnswer(com.cloud.agent.api.ReadyAnswer) Answer(com.cloud.agent.api.Answer) MaintainAnswer(com.cloud.agent.api.MaintainAnswer) ExternalNetworkResourceUsageAnswer(com.cloud.agent.api.ExternalNetworkResourceUsageAnswer) IpAssocAnswer(com.cloud.agent.api.routing.IpAssocAnswer) ExecutionException(com.cloud.utils.exception.ExecutionException)

Example 3 with ExecutionException

use of com.cloud.utils.exception.ExecutionException in project cloudstack by apache.

the class JuniperSrxResource method execute.

private Answer execute(SetStaticNatRulesCommand cmd, int numRetries) {
    StaticNatRuleTO[] allRules = cmd.getRules();
    Map<String, ArrayList<FirewallRuleTO>> activeRules = getActiveRules(allRules);
    Map<String, String> vlanTagMap = getVlanTagMap(allRules);
    try {
        openConfiguration();
        Set<String> ipPairs = activeRules.keySet();
        for (String ipPair : ipPairs) {
            String[] ipPairComponents = ipPair.split("-");
            String publicIp = ipPairComponents[0];
            String privateIp = ipPairComponents[1];
            List<FirewallRuleTO> activeRulesForIpPair = activeRules.get(ipPair);
            Long publicVlanTag = getVlanTag(vlanTagMap.get(publicIp));
            // Delete the existing static NAT rule for this IP pair
            removeStaticNatRule(publicVlanTag, publicIp, privateIp);
            if (activeRulesForIpPair.size() > 0) {
                // If there are active FirewallRules for this IP pair, add the static NAT rule and open the specified port ranges
                addStaticNatRule(publicVlanTag, publicIp, privateIp, activeRulesForIpPair);
            }
        }
        commitConfiguration();
        return new Answer(cmd);
    } catch (ExecutionException e) {
        s_logger.error(e);
        closeConfiguration();
        if (numRetries > 0 && refreshSrxConnection()) {
            int numRetriesRemaining = numRetries - 1;
            s_logger.debug("Retrying SetPortForwardingRulesCommand. Number of retries remaining: " + numRetriesRemaining);
            return execute(cmd, numRetriesRemaining);
        } else {
            return new Answer(cmd, e);
        }
    }
}
Also used : StaticNatRuleTO(com.cloud.agent.api.to.StaticNatRuleTO) ArrayList(java.util.ArrayList) FirewallRuleTO(com.cloud.agent.api.to.FirewallRuleTO) Answer(com.cloud.agent.api.Answer) MaintainAnswer(com.cloud.agent.api.MaintainAnswer) IpAssocAnswer(com.cloud.agent.api.routing.IpAssocAnswer) ReadyAnswer(com.cloud.agent.api.ReadyAnswer) ExternalNetworkResourceUsageAnswer(com.cloud.agent.api.ExternalNetworkResourceUsageAnswer) ExecutionException(com.cloud.utils.exception.ExecutionException)

Example 4 with ExecutionException

use of com.cloud.utils.exception.ExecutionException in project cloudstack by apache.

the class JuniperSrxResource method parseApplicationName.

private Object[] parseApplicationName(SecurityPolicyType type, String applicationName) throws ExecutionException {
    String errorMsg = "Invalid application: " + applicationName;
    String[] applicationComponents = applicationName.split("-");
    Protocol protocol;
    Integer startPort;
    Integer endPort;
    int offset = 0;
    try {
        offset = (type.equals(SecurityPolicyType.SECURITYPOLICY_EGRESS) || type.equals(SecurityPolicyType.SECURITYPOLICY_EGRESS_DEFAULT)) ? 1 : 0;
        protocol = getProtocol(applicationComponents[offset + 0]);
        startPort = Integer.parseInt(applicationComponents[offset + 1]);
        endPort = Integer.parseInt(applicationComponents[offset + 2]);
    } catch (Exception e) {
        throw new ExecutionException(errorMsg);
    }
    return new Object[] { protocol, startPort, endPort };
}
Also used : ExecutionException(com.cloud.utils.exception.ExecutionException) ExecutionException(com.cloud.utils.exception.ExecutionException) ConfigurationException(javax.naming.ConfigurationException) SocketTimeoutException(java.net.SocketTimeoutException) IOException(java.io.IOException)

Example 5 with ExecutionException

use of com.cloud.utils.exception.ExecutionException in project cloudstack by apache.

the class JuniperSrxResource method execute.

private Answer execute(SetPortForwardingRulesCommand cmd, int numRetries) {
    PortForwardingRuleTO[] allRules = cmd.getRules();
    Map<String, ArrayList<FirewallRuleTO>> activeRules = getActiveRules(allRules);
    try {
        openConfiguration();
        Set<String> ipPairs = activeRules.keySet();
        for (String ipPair : ipPairs) {
            String[] ipPairComponents = ipPair.split("-");
            String publicIp = ipPairComponents[0];
            String privateIp = ipPairComponents[1];
            List<FirewallRuleTO> activeRulesForIpPair = activeRules.get(ipPair);
            // Get a list of all destination NAT rules for the public/private IP address pair
            List<String[]> destNatRules = getDestNatRules(RuleMatchCondition.PUBLIC_PRIVATE_IPS, publicIp, privateIp, null, null);
            Map<String, Long> publicVlanTags = getPublicVlanTagsForNatRules(destNatRules);
            // Delete all of these rules, along with the destination NAT pools and security policies they use
            removeDestinationNatRules(null, publicVlanTags, destNatRules);
            // If there are active rules for the public/private IP address pair, add them back
            for (FirewallRuleTO rule : activeRulesForIpPair) {
                Long publicVlanTag = getVlanTag(rule.getSrcVlanTag());
                PortForwardingRuleTO portForwardingRule = (PortForwardingRuleTO) rule;
                addDestinationNatRule(getProtocol(rule.getProtocol()), publicVlanTag, portForwardingRule.getSrcIp(), portForwardingRule.getDstIp(), portForwardingRule.getSrcPortRange()[0], portForwardingRule.getSrcPortRange()[1], portForwardingRule.getDstPortRange()[0], portForwardingRule.getDstPortRange()[1]);
            }
        }
        commitConfiguration();
        return new Answer(cmd);
    } catch (ExecutionException e) {
        s_logger.error(e);
        closeConfiguration();
        if (numRetries > 0 && refreshSrxConnection()) {
            int numRetriesRemaining = numRetries - 1;
            s_logger.debug("Retrying SetPortForwardingRulesCommand. Number of retries remaining: " + numRetriesRemaining);
            return execute(cmd, numRetriesRemaining);
        } else {
            return new Answer(cmd, e);
        }
    }
}
Also used : PortForwardingRuleTO(com.cloud.agent.api.to.PortForwardingRuleTO) ArrayList(java.util.ArrayList) FirewallRuleTO(com.cloud.agent.api.to.FirewallRuleTO) Answer(com.cloud.agent.api.Answer) MaintainAnswer(com.cloud.agent.api.MaintainAnswer) IpAssocAnswer(com.cloud.agent.api.routing.IpAssocAnswer) ReadyAnswer(com.cloud.agent.api.ReadyAnswer) ExternalNetworkResourceUsageAnswer(com.cloud.agent.api.ExternalNetworkResourceUsageAnswer) ExecutionException(com.cloud.utils.exception.ExecutionException)

Aggregations

ExecutionException (com.cloud.utils.exception.ExecutionException)83 ConfigurationException (javax.naming.ConfigurationException)31 IOException (java.io.IOException)30 ArrayList (java.util.ArrayList)23 IpAssocAnswer (com.cloud.agent.api.routing.IpAssocAnswer)20 RemoteException (java.rmi.RemoteException)20 ExternalNetworkResourceUsageAnswer (com.cloud.agent.api.ExternalNetworkResourceUsageAnswer)19 Answer (com.cloud.agent.api.Answer)17 MaintainAnswer (com.cloud.agent.api.MaintainAnswer)16 ReadyAnswer (com.cloud.agent.api.ReadyAnswer)16 com.citrix.netscaler.nitro.exception.nitro_exception (com.citrix.netscaler.nitro.exception.nitro_exception)13 Document (org.w3c.dom.Document)12 XPathExpressionException (javax.xml.xpath.XPathExpressionException)11 HashMap (java.util.HashMap)10 XPath (javax.xml.xpath.XPath)8 XPathExpression (javax.xml.xpath.XPathExpression)8 NodeList (org.w3c.dom.NodeList)7 com.citrix.netscaler.nitro.resource.config.gslb.gslbvserver (com.citrix.netscaler.nitro.resource.config.gslb.gslbvserver)5 com.citrix.netscaler.nitro.resource.config.lb.lbvserver (com.citrix.netscaler.nitro.resource.config.lb.lbvserver)5 com.citrix.netscaler.nitro.resource.config.ns.nsconfig (com.citrix.netscaler.nitro.resource.config.ns.nsconfig)5