Esempio n. 1
0
 public ExtantNetwork extantNetwork()
     throws NotEnoughResourcesException, TransientEntityException {
   if (!NetworkGroups.networkingConfiguration().hasNetworking()) {
     ExtantNetwork bogusNet = ExtantNetwork.bogus(this);
     if (!this.hasExtantNetwork()) this.setExtantNetwork(bogusNet);
     return bogusNet;
   } else if (!Entities.isPersistent(this)) {
     throw new TransientEntityException(this.toString());
   } else {
     ExtantNetwork exNet = this.getExtantNetwork();
     if (exNet == null) {
       for (Integer i : Numbers.shuffled(NetworkGroups.networkTagInterval())) {
         try {
           Entities.uniqueResult(ExtantNetwork.named(i));
           continue;
         } catch (Exception ex) {
           exNet = ExtantNetwork.create(this, i);
           Entities.persist(exNet);
           this.setExtantNetwork(exNet);
           return this.getExtantNetwork();
         }
       }
       throw new NotEnoughResourcesException(
           "Failed to allocate network tag for network: "
               + this.getFullName()
               + ": no network tags are free.");
     } else {
       return this.getExtantNetwork();
     }
   }
 }
Esempio n. 2
0
    @Override
    public boolean apply(Allocation allocInfo) throws MetadataException {
      Context ctx = allocInfo.getContext();
      NetworkGroups.lookup(
          ctx.getUserFullName().asAccountFullName(), NetworkGroups.defaultNetworkName());

      Set<String> networkNames = Sets.newHashSet(allocInfo.getRequest().getGroupSet());
      if (networkNames.isEmpty()) {
        networkNames.add(NetworkGroups.defaultNetworkName());
      }

      Map<String, NetworkGroup> networkRuleGroups = Maps.newHashMap();
      for (String groupName : networkNames) {
        NetworkGroup group =
            NetworkGroups.lookup(ctx.getUserFullName().asAccountFullName(), groupName);
        if (!ctx.hasAdministrativePrivileges()
            && !RestrictedTypes.filterPrivileged().apply(group)) {
          throw new IllegalMetadataAccessException(
              "Not authorized to use network group "
                  + groupName
                  + " for "
                  + ctx.getUser().getName());
        }
        networkRuleGroups.put(groupName, group);
      }
      Set<String> missingNets = Sets.difference(networkNames, networkRuleGroups.keySet());
      if (!missingNets.isEmpty()) {
        throw new NoSuchMetadataException("Failed to find security group info for: " + missingNets);
      } else {
        allocInfo.setNetworkRules(networkRuleGroups);
      }
      return true;
    }
Esempio n. 3
0
 public static List<Integer> networkTagInterval() {
   final List<Integer> interval = Lists.newArrayList();
   for (Integer i = NetworkGroups.networkingConfiguration().getMinNetworkTag();
       i < NetworkGroups.networkingConfiguration().getMaxNetworkTag();
       i++) {
     interval.add(i);
   }
   return interval;
 }
Esempio n. 4
0
 public static List<Long> networkIndexInterval() {
   final List<Long> interval = Lists.newArrayList();
   for (Long i = NetworkGroups.networkingConfiguration().getMinNetworkIndex();
       i < NetworkGroups.networkingConfiguration().getMaxNetworkIndex();
       i++) {
     interval.add(i);
   }
   return interval;
 }
Esempio n. 5
0
 public ExtantNetwork reclaim(Integer i)
     throws NotEnoughResourcesException, TransientEntityException {
   if (!NetworkGroups.networkingConfiguration().hasNetworking()) {
     return ExtantNetwork.bogus(this);
   } else if (!Entities.isPersistent(this)) {
     throw new TransientEntityException(this.toString());
   } else {
     ExtantNetwork exNet = Entities.persist(ExtantNetwork.create(this, i));
     this.setExtantNetwork(exNet);
     return this.getExtantNetwork();
   }
 }
Esempio n. 6
0
 /**
  * Resolve Group Names / Identifiers for the given permissions.
  *
  * <p>Caller must have open transaction.
  *
  * @param permissions - The permissions to update
  * @throws MetadataException If an error occurs
  */
 public static void resolvePermissions(final Iterable<IpPermissionType> permissions)
     throws MetadataException {
   for (final IpPermissionType ipPermission : permissions) {
     if (ipPermission.getGroups() != null)
       for (final UserIdGroupPairType groupInfo : ipPermission.getGroups()) {
         if (!Strings.isNullOrEmpty(groupInfo.getSourceGroupId())) {
           final NetworkGroup networkGroup =
               NetworkGroups.lookupByGroupId(groupInfo.getSourceGroupId());
           groupInfo.setSourceUserId(networkGroup.getOwnerAccountNumber());
           groupInfo.setSourceGroupName(networkGroup.getDisplayName());
         } else if (Strings.isNullOrEmpty(groupInfo.getSourceUserId())
             || Strings.isNullOrEmpty(groupInfo.getSourceGroupName())) {
           throw new MetadataException("Group ID or User ID/Group Name required.");
         } else {
           final NetworkGroup networkGroup =
               NetworkGroups.lookup(
                   AccountFullName.getInstance(groupInfo.getSourceUserId()),
                   groupInfo.getSourceGroupName());
           groupInfo.setSourceGroupId(networkGroup.getGroupId());
         }
       }
   }
 }
Esempio n. 7
0
 /**
  * Update network tag information by marking reported tags as being EXTANT and removing previously
  * EXTANT tags which are no longer reported
  *
  * @param activeNetworks
  */
 public static void updateExtantNetworks(
     ServiceConfiguration cluster, List<NetworkInfoType> activeNetworks) {
   ActiveTags.INSTANCE.update(cluster, activeNetworks);
   /**
    * For each of the reported active network tags ensure that the locally stored extant network
    * state reflects that the network has now been EXTANT in the system (i.e. is no longer PENDING)
    */
   for (NetworkInfoType activeNetInfo : activeNetworks) {
     EntityTransaction tx = Entities.get(NetworkGroup.class);
     try {
       NetworkGroup net = NetworkGroups.lookupByNaturalId(activeNetInfo.getUuid());
       if (net.hasExtantNetwork()) {
         ExtantNetwork exNet = net.extantNetwork();
         if (Reference.State.PENDING.equals(exNet.getState())) {
           LOG.debug(
               "Found PENDING extant network for " + net.getFullName() + " updating to EXTANT.");
           exNet.setState(Reference.State.EXTANT);
         } else {
           LOG.debug(
               "Found "
                   + exNet.getState()
                   + " extant network for "
                   + net.getFullName()
                   + ": skipped.");
         }
       } else {
         LOG.warn(
             "Failed to find extant network for "
                 + net.getFullName()); // TODO:GRZE: likely we should be trying to reclaim tag here
       }
       tx.commit();
     } catch (Exception ex) {
       LOG.debug(ex);
       Logs.extreme().error(ex, ex);
     } finally {
       if (tx.isActive()) tx.rollback();
     }
   }
   /**
    * For each defined network group check to see if the extant network is in the set of active
    * tags and remove it if appropriate.
    *
    * <p>It is appropriate to remove the network when the state of the extant network is {@link
    * Reference.State.RELEASING}.
    *
    * <p>Otherwise, if {@link ActiveTags#INSTANCE#isActive()} is false and:
    *
    * <ol>
    *   <li>The state of the extant network is {@link Reference.State.EXTANT}
    *   <li>The state of the extant network is {@link Reference.State.PENDING} and has exceeded
    *       {@link NetworksGroups#NETWORK_TAG_PENDING_TIMEOUT}
    * </ol>
    *
    * Then the state of the extant network is updated to {@link Reference.State.RELEASING}.
    */
   try {
     final List<NetworkGroup> groups = NetworkGroups.lookupAll(null, null);
     for (NetworkGroup net : groups) {
       final EntityTransaction tx = Entities.get(NetworkGroup.class);
       try {
         net = Entities.merge(net);
         if (net.hasExtantNetwork()) {
           ExtantNetwork exNet = net.getExtantNetwork();
           Integer exNetTag = exNet.getTag();
           if (!ActiveTags.INSTANCE.isActive(exNetTag)) {
             if (Reference.State.EXTANT.equals(exNet.getState())) {
               exNet.setState(Reference.State.RELEASING);
             } else if (Reference.State.PENDING.equals(exNet.getState())
                 && exNet.lastUpdateMillis()
                     > 60L * 1000 * NetworkGroups.NETWORK_TAG_PENDING_TIMEOUT) {
               exNet.setState(Reference.State.RELEASING);
             } else if (Reference.State.RELEASING.equals(exNet.getState())) {
               exNet.teardown();
               Entities.delete(exNet);
               net.setExtantNetwork(null);
             }
           }
         }
         tx.commit();
       } catch (final Exception ex) {
         LOG.debug(ex);
         Logs.extreme().error(ex, ex);
       } finally {
         if (tx.isActive()) tx.rollback();
       }
     }
   } catch (MetadataException ex) {
     LOG.error(ex);
   }
 }