private DomainRouterVO getVirtualRouter(Network network) {
List<DomainRouterVO> routers =
_routerDao.listByNetworkAndRole(network.getId(), VirtualRouter.Role.VIRTUAL_ROUTER);
if (routers.isEmpty()) {
throw new CloudRuntimeException(
String.format(
"cannot find any running virtual router on network[id:%s, uuid:%s]",
network.getId(), network.getUuid()));
}
if (routers.size() > 1) {
throw new CloudRuntimeException(
String.format("baremetal hasn't supported redundant router yet"));
}
DomainRouterVO vr = routers.get(0);
if (!Hypervisor.HypervisorType.VMware.equals(vr.getHypervisorType())) {
throw new CloudRuntimeException(
String.format(
"baremetal only support vmware virtual router, but get %s", vr.getHypervisorType()));
}
return vr;
}
@Override
@ActionEvent(
eventType = EventTypes.EVENT_FIREWALL_OPEN,
eventDescription = "creating firewall rule",
create = true)
public FirewallRule createEgressFirewallRule(FirewallRule rule)
throws NetworkRuleConflictException {
Account caller = CallContext.current().getCallingAccount();
Network network = _networkDao.findById(rule.getNetworkId());
if (network.getGuestType() == Network.GuestType.Shared) {
throw new InvalidParameterValueException(
"Egress firewall rules are not supported for " + network.getGuestType() + " networks");
}
return createFirewallRule(
null,
caller,
rule.getXid(),
rule.getSourcePortStart(),
rule.getSourcePortEnd(),
rule.getProtocol(),
rule.getSourceCidrList(),
rule.getIcmpCode(),
rule.getIcmpType(),
null,
rule.getType(),
rule.getNetworkId(),
rule.getTrafficType());
}
public boolean applyACLItemsToNetwork(long networkId, List<NetworkACLItemVO> rules)
throws ResourceUnavailableException {
Network network = _networkDao.findById(networkId);
boolean handled = false;
boolean foundProvider = false;
for (NetworkACLServiceProvider element : _networkAclElements) {
Network.Provider provider = element.getProvider();
boolean isAclProvider =
_networkModel.isProviderSupportServiceInNetwork(
network.getId(), Service.NetworkACL, provider);
if (!isAclProvider) {
continue;
}
foundProvider = true;
s_logger.debug(
"Applying NetworkACL for network: "
+ network.getId()
+ " with Network ACL service provider");
handled = element.applyNetworkACLs(network, rules);
if (handled) break;
}
if (!foundProvider) {
s_logger.debug("Unable to find NetworkACL service provider for network: " + network.getId());
}
return handled;
}
@Override
public boolean removeVpcRouterFromGuestNetwork(final VirtualRouter router, final Network network)
throws ConcurrentOperationException, ResourceUnavailableException {
if (network.getTrafficType() != TrafficType.Guest) {
s_logger.warn("Network " + network + " is not of type " + TrafficType.Guest);
return false;
}
boolean result = true;
try {
// Check if router is a part of the Guest network
if (!_networkModel.isVmPartOfNetwork(router.getId(), network.getId())) {
s_logger.debug("Router " + router + " is not a part of the Guest network " + network);
return result;
}
result =
setupVpcGuestNetwork(
network, router, false, _networkModel.getNicProfile(router, network.getId(), null));
if (!result) {
s_logger.warn("Failed to destroy guest network config " + network + " on router " + router);
return false;
}
result = result && _itMgr.removeVmFromNetwork(router, network, null);
} finally {
if (result) {
_routerDao.removeRouterFromGuestNetwork(router.getId(), network.getId());
}
}
return result;
}
@Override
public NicProfile allocate(
Network config, NicProfile nic, VirtualMachineProfile<? extends VirtualMachine> vm)
throws InsufficientVirtualNetworkCapcityException, InsufficientAddressCapacityException {
if (_networkModel.networkIsConfiguredForExternalNetworking(
config.getDataCenterId(), config.getId())
&& nic != null
&& nic.getRequestedIpv4() != null) {
throw new CloudRuntimeException("Does not support custom ip allocation at this time: " + nic);
}
NicProfile profile = super.allocate(config, nic, vm);
boolean _isEnabled = Boolean.parseBoolean(_configDao.getValue(Config.OvsTunnelNetwork.key()));
if (_isEnabled) {
return null;
}
if (_networkModel.networkIsConfiguredForExternalNetworking(
config.getDataCenterId(), config.getId())) {
profile.setStrategy(ReservationStrategy.Start);
/* We won't clear IP address, because router may set gateway as it IP, and it would be updated properly later */
// profile.setIp4Address(null);
profile.setGateway(null);
profile.setNetmask(null);
}
return profile;
}
@Override
public boolean applyLBRules(final Network network, final List<LoadBalancingRule> rules)
throws ResourceUnavailableException {
boolean result = true;
if (canHandle(network, Service.Lb)) {
if (!canHandleLbRules(rules)) {
return false;
}
final List<DomainRouterVO> routers =
_routerDao.listByNetworkAndRole(network.getId(), Role.VIRTUAL_ROUTER);
if (routers == null || routers.isEmpty()) {
s_logger.debug(
"Virtual router elemnt doesn't need to apply firewall rules on the backend; virtual "
+ "router doesn't exist in the network "
+ network.getId());
return true;
}
final DataCenterVO dcVO = _dcDao.findById(network.getDataCenterId());
final NetworkTopology networkTopology = _networkTopologyContext.retrieveNetworkTopology(dcVO);
for (final DomainRouterVO domainRouterVO : routers) {
result = result && networkTopology.applyLoadBalancingRules(network, rules, domainRouterVO);
if (!result) {
s_logger.debug("Failed to apply load balancing rules in network " + network.getId());
}
}
}
return result;
}
protected LinkedHashMap<Network, List<? extends NicProfile>> configurePublicNic(
final RouterDeploymentDefinition routerDeploymentDefinition, final boolean hasGuestNic) {
final LinkedHashMap<Network, List<? extends NicProfile>> publicConfig =
new LinkedHashMap<Network, List<? extends NicProfile>>(3);
if (routerDeploymentDefinition.isPublicNetwork()) {
s_logger.debug("Adding nic for Virtual Router in Public network ");
// if source nat service is supported by the network, get the source
// nat ip address
final NicProfile defaultNic = new NicProfile();
defaultNic.setDefaultNic(true);
final PublicIp sourceNatIp = routerDeploymentDefinition.getSourceNatIP();
defaultNic.setIPv4Address(sourceNatIp.getAddress().addr());
defaultNic.setIPv4Gateway(sourceNatIp.getGateway());
defaultNic.setIPv4Netmask(sourceNatIp.getNetmask());
defaultNic.setMacAddress(sourceNatIp.getMacAddress());
// get broadcast from public network
final Network pubNet = _networkDao.findById(sourceNatIp.getNetworkId());
if (pubNet.getBroadcastDomainType() == BroadcastDomainType.Vxlan) {
defaultNic.setBroadcastType(BroadcastDomainType.Vxlan);
defaultNic.setBroadcastUri(BroadcastDomainType.Vxlan.toUri(sourceNatIp.getVlanTag()));
defaultNic.setIsolationUri(BroadcastDomainType.Vxlan.toUri(sourceNatIp.getVlanTag()));
} else {
defaultNic.setBroadcastType(BroadcastDomainType.Vlan);
defaultNic.setBroadcastUri(BroadcastDomainType.Vlan.toUri(sourceNatIp.getVlanTag()));
defaultNic.setIsolationUri(IsolationType.Vlan.toUri(sourceNatIp.getVlanTag()));
}
// If guest nic has already been added we will have 2 devices in the list.
if (hasGuestNic) {
defaultNic.setDeviceId(2);
}
final NetworkOffering publicOffering =
_networkModel
.getSystemAccountNetworkOfferings(NetworkOffering.SystemPublicNetwork)
.get(0);
final List<? extends Network> publicNetworks =
_networkMgr.setupNetwork(
s_systemAccount,
publicOffering,
routerDeploymentDefinition.getPlan(),
null,
null,
false);
final String publicIp = defaultNic.getIPv4Address();
// We want to use the identical MAC address for RvR on public
// interface if possible
final NicVO peerNic =
_nicDao.findByIp4AddressAndNetworkId(publicIp, publicNetworks.get(0).getId());
if (peerNic != null) {
s_logger.info("Use same MAC as previous RvR, the MAC is " + peerNic.getMacAddress());
defaultNic.setMacAddress(peerNic.getMacAddress());
}
publicConfig.put(publicNetworks.get(0), new ArrayList<NicProfile>(Arrays.asList(defaultNic)));
}
return publicConfig;
}
@Override
public List<NetworkACLItemVO> listNetworkACLItems(long guestNtwkId) {
Network network = _networkMgr.getNetwork(guestNtwkId);
if (network.getNetworkACLId() == null) {
return null;
}
return _networkACLItemDao.listByACL(network.getNetworkACLId());
}
public NetworkType getNetworkType() {
Network ntwk = _entityMgr.findById(Network.class, getNetworkId());
if (ntwk != null) {
DataCenter dc = _entityMgr.findById(DataCenter.class, ntwk.getDataCenterId());
return dc.getNetworkType();
}
return null;
}
@Override
public boolean applyACLToNetwork(long networkId) throws ResourceUnavailableException {
Network network = _networkDao.findById(networkId);
if (network.getNetworkACLId() == null) {
return true;
}
List<NetworkACLItemVO> rules = _networkACLItemDao.listByACL(network.getNetworkACLId());
return applyACLItemsToNetwork(networkId, rules);
}
private boolean canHandle(Network network) {
if (canHandle(_physicalNetworkDao.findById(network.getPhysicalNetworkId()))) {
if (!_ntwkSrvcDao.canProviderSupportServiceInNetwork(
network.getId(), Service.Connectivity, getProvider())) {
s_logger.info("SSP is implicitly active for " + network);
}
return true;
}
return false;
}
public boolean deleteNicEnv(Network network, NicProfile nic, ReservationContext context) {
if (context == null) {
s_logger.error("ReservationContext was null for " + nic + " " + network);
return false;
}
String reservationId = context.getReservationId();
SspUuidVO deleteTarget = null;
SspUuidVO remainingTarget = null;
List<SspUuidVO> tenantPortUuidVos = _sspUuidDao.listUUidVoByNicProfile(nic);
for (SspUuidVO tenantPortUuidVo : tenantPortUuidVos) {
if (reservationId.equals(tenantPortUuidVo.getReservationId())) {
deleteTarget = tenantPortUuidVo;
} else {
remainingTarget = tenantPortUuidVo;
}
}
if (deleteTarget != null) { // delete the target ssp uuid (tenant-port)
String tenantPortUuid = deleteTarget.getUuid();
boolean processed = false;
for (SspClient client :
fetchSspClients(network.getPhysicalNetworkId(), network.getDataCenterId(), true)) {
SspClient.TenantPort sspPort = client.updateTenantVifBinding(tenantPortUuid, null);
if (sspPort != null) {
processed = true;
break;
}
}
if (!processed) {
s_logger.warn("Ssp api nic detach failed " + nic.toString());
}
processed = false;
for (SspClient client :
fetchSspClients(network.getPhysicalNetworkId(), network.getDataCenterId(), true)) {
if (client.deleteTenantPort(tenantPortUuid)) {
_sspUuidDao.removeUuid(tenantPortUuid);
processed = true;
break;
}
}
if (!processed) {
s_logger.warn("Ssp api tenant port deletion failed " + nic.toString());
}
_sspUuidDao.removeUuid(tenantPortUuid);
}
if (remainingTarget != null) {
NicVO nicVo = _nicDao.findById(nic.getId());
nicVo.setReservationId(remainingTarget.getReservationId());
_nicDao.persist(nicVo); // persist the new reservationId
}
return true;
}
private boolean canHandle(Network config) {
DataCenter zone = _configMgr.getZone(config.getDataCenterId());
if ((zone.getNetworkType() == NetworkType.Advanced
&& config.getGuestType() != Network.GuestType.Isolated)
|| (zone.getNetworkType() == NetworkType.Basic
&& config.getGuestType() != Network.GuestType.Shared)) {
s_logger.trace("Not handling network type = " + config.getGuestType());
return false;
}
return _networkManager.networkIsConfiguredForExternalNetworking(zone.getId(), config.getId());
}
@Override
public boolean applyRules(Network network, Purpose purpose, List<? extends FirewallRule> rules)
throws ResourceUnavailableException {
boolean handled = false;
switch (purpose) {
/* StaticNatRule would be applied by Firewall provider, since the incompatible of two object */
case StaticNat:
case Firewall:
for (FirewallServiceProvider fwElement : _firewallElements) {
Network.Provider provider = fwElement.getProvider();
boolean isFwProvider =
_networkModel.isProviderSupportServiceInNetwork(
network.getId(), Service.Firewall, provider);
if (!isFwProvider) {
continue;
}
handled = fwElement.applyFWRules(network, rules);
if (handled) break;
}
break;
case PortForwarding:
for (PortForwardingServiceProvider element : _pfElements) {
Network.Provider provider = element.getProvider();
boolean isPfProvider =
_networkModel.isProviderSupportServiceInNetwork(
network.getId(), Service.PortForwarding, provider);
if (!isPfProvider) {
continue;
}
handled = element.applyPFRules(network, (List<PortForwardingRule>) rules);
if (handled) break;
}
break;
/* case NetworkACL:
for (NetworkACLServiceProvider element: _networkAclElements) {
Network.Provider provider = element.getProvider();
boolean isAclProvider = _networkModel.isProviderSupportServiceInNetwork(network.getId(), Service.NetworkACL, provider);
if (!isAclProvider) {
continue;
}
handled = element.applyNetworkACLs(network, rules);
if (handled)
break;
}
break;*/
default:
assert (false) : "Unexpected fall through in applying rules to the network elements";
s_logger.error("FirewallManager cannot process rules of type " + purpose);
throw new CloudRuntimeException("FirewallManager cannot process rules of type " + purpose);
}
return handled;
}
@Override
public CiscoAsa1000vDevice assignAsa1000vToNetwork(Network network) {
List<CiscoAsa1000vDeviceVO> asaList =
_ciscoAsa1000vDao.listByPhysicalNetwork(network.getPhysicalNetworkId());
for (CiscoAsa1000vDeviceVO asa : asaList) {
NetworkAsa1000vMapVO assignedToNetwork = _networkAsa1000vMapDao.findByAsa1000vId(asa.getId());
if (assignedToNetwork == null) {
NetworkAsa1000vMapVO networkAsaMap = new NetworkAsa1000vMapVO(network.getId(), asa.getId());
_networkAsa1000vMapDao.persist(networkAsaMap);
return asa;
}
}
return null;
}
@Override
public boolean applyLoadBalancerRules(Network network, List<? extends FirewallRule> rules)
throws ResourceUnavailableException {
if (rules == null || rules.isEmpty()) {
return true;
}
if (rules.get(0).getPurpose() != Purpose.LoadBalancing) {
s_logger.warn("ELB: Not handling non-LB firewall rules");
return false;
}
DomainRouterVO elbVm = findElbVmForLb(rules.get(0));
if (elbVm == null) {
s_logger.warn(
"Unable to apply lb rules, ELB vm doesn't exist in the network " + network.getId());
throw new ResourceUnavailableException(
"Unable to apply lb rules", DataCenter.class, network.getDataCenterId());
}
if (elbVm.getState() == State.Running) {
// resend all rules for the public ip
List<LoadBalancerVO> lbs = _lbDao.listByIpAddress(rules.get(0).getSourceIpAddressId());
List<LoadBalancingRule> lbRules = new ArrayList<LoadBalancingRule>();
for (LoadBalancerVO lb : lbs) {
List<LbDestination> dstList = _lbMgr.getExistingDestinations(lb.getId());
List<LbStickinessPolicy> policyList = _lbMgr.getStickinessPolicies(lb.getId());
List<LbHealthCheckPolicy> hcPolicyList = _lbMgr.getHealthCheckPolicies(lb.getId());
LoadBalancingRule loadBalancing =
new LoadBalancingRule(lb, dstList, policyList, hcPolicyList);
lbRules.add(loadBalancing);
}
return applyLBRules(elbVm, lbRules, network.getId());
} else if (elbVm.getState() == State.Stopped || elbVm.getState() == State.Stopping) {
s_logger.debug(
"ELB VM is in "
+ elbVm.getState()
+ ", so not sending apply LoadBalancing rules commands to the backend");
return true;
} else {
s_logger.warn(
"Unable to apply loadbalancing rules, ELB VM is not in the right state "
+ elbVm.getState());
throw new ResourceUnavailableException(
"Unable to apply loadbalancing rules, ELB VM is not in the right state",
VirtualRouter.class,
elbVm.getId());
}
}
protected boolean canHandle(Network network) {
if (network.getBroadcastDomainType() != BroadcastDomainType.Vlan) {
return false; // TODO: should handle VxLAN as well
}
return true;
}
@Override
public void reserve(
NicProfile nic,
Network config,
VirtualMachineProfile<? extends VirtualMachine> vm,
DeployDestination dest,
ReservationContext context)
throws InsufficientVirtualNetworkCapcityException, InsufficientAddressCapacityException {
assert nic.getTrafficType() == TrafficType.Control;
if (dest.getHost().getHypervisorType() == HypervisorType.VmWare
&& vm.getType() == VirtualMachine.Type.DomainRouter) {
super.reserve(nic, config, vm, dest, context);
String mac = _networkMgr.getNextAvailableMacAddressInNetwork(config.getId());
nic.setMacAddress(mac);
return;
}
String ip =
_dcDao.allocateLinkLocalIpAddress(
dest.getDataCenter().getId(),
dest.getPod().getId(),
nic.getId(),
context.getReservationId());
nic.setIp4Address(ip);
nic.setMacAddress(NetUtils.long2Mac(NetUtils.ip2Long(ip) | (14l << 40)));
nic.setNetmask("255.255.0.0");
nic.setFormat(AddressFormat.Ip4);
nic.setGateway(NetUtils.getLinkLocalGateway());
}
@Override
public boolean applyNetworkACLs(
final Network network,
final List<? extends NetworkACLItem> rules,
final VirtualRouter router,
final boolean isPrivateGateway)
throws ResourceUnavailableException {
if (rules == null || rules.isEmpty()) {
s_logger.debug("No network ACLs to be applied for network " + network.getId());
return true;
}
s_logger.debug("APPLYING NETWORK ACLs RULES");
final String typeString = "network acls";
final boolean isPodLevelException = false;
final boolean failWhenDisconnect = false;
final Long podId = null;
final NetworkAclsRules aclsRules = new NetworkAclsRules(network, rules, isPrivateGateway);
final boolean result =
applyRules(
network,
router,
typeString,
isPodLevelException,
podId,
failWhenDisconnect,
new RuleApplierWrapper<RuleApplier>(aclsRules));
return result;
}
@Override
public void updateNicProfile(NicProfile profile, Network network) {
DataCenter dc = _dcDao.findById(network.getDataCenterId());
if (profile != null) {
profile.setDns1(dc.getDns1());
profile.setDns2(dc.getDns2());
}
}
@Override
public boolean shutdown(Network network, ReservationContext context, boolean cleanup)
throws ConcurrentOperationException, ResourceUnavailableException {
unassignAsa1000vFromNetwork(network);
String vlan = network.getBroadcastUri().getHost();
long vlanId = Long.parseLong(vlan);
List<CiscoVnmcControllerVO> devices =
_ciscoVnmcDao.listByPhysicalNetwork(network.getPhysicalNetworkId());
if (!devices.isEmpty()) {
CiscoVnmcControllerVO ciscoVnmcDevice = devices.get(0);
HostVO ciscoVnmcHost = _hostDao.findById(ciscoVnmcDevice.getHostId());
cleanupLogicalEdgeFirewall(vlanId, ciscoVnmcHost.getId());
}
return true;
}
@Override
public boolean associatePublicIP(
final Network network,
final List<? extends PublicIpAddress> ipAddresses,
final VirtualRouter router)
throws ResourceUnavailableException {
if (ipAddresses == null || ipAddresses.isEmpty()) {
s_logger.debug("No ip association rules to be applied for network " + network.getId());
return true;
}
if (network.getVpcId() == null) {
return super.associatePublicIP(network, ipAddresses, router);
}
s_logger.debug("APPLYING VPC IP RULES");
final String typeString = "vpc ip association";
final boolean isPodLevelException = false;
final boolean failWhenDisconnect = false;
final Long podId = null;
final NicPlugInOutRules nicPlugInOutRules = new NicPlugInOutRules(network, ipAddresses);
nicPlugInOutRules.accept(_advancedVisitor, router);
final VpcIpAssociationRules ipAssociationRules =
new VpcIpAssociationRules(network, ipAddresses);
final boolean result =
applyRules(
network,
router,
typeString,
isPodLevelException,
podId,
failWhenDisconnect,
new RuleApplierWrapper<RuleApplier>(ipAssociationRules));
if (result) {
_advancedVisitor.visit(nicPlugInOutRules);
}
return result;
}
@Override
@DB
public void deallocate(
Network config, NicProfile nic, VirtualMachineProfile<? extends VirtualMachine> vm) {
super.deallocate(config, nic, vm);
if (Boolean.parseBoolean(_configDao.getValue(Config.OvsTunnelNetwork.key()))) {
return;
}
if (_networkModel.networkIsConfiguredForExternalNetworking(
config.getDataCenterId(), config.getId())) {
nic.setIp4Address(null);
nic.setGateway(null);
nic.setNetmask(null);
nic.setBroadcastUri(null);
nic.setIsolationUri(null);
}
}
@Override
public Network implement(
Network config,
NetworkOffering offering,
DeployDestination destination,
ReservationContext context) {
assert config.getTrafficType() == TrafficType.Control
: "Why are you sending this configuration to me " + config;
return config;
}
@Override
public boolean implement(
final Network network,
final NetworkOffering offering,
final DeployDestination dest,
final ReservationContext context)
throws ConcurrentOperationException, ResourceUnavailableException,
InsufficientCapacityException {
s_logger.debug(
"entering OvsElement implement function for network "
+ network.getDisplayText()
+ " (state "
+ network.getState()
+ ")");
if (!canHandle(network, Service.Connectivity)) {
return false;
}
return true;
}
public boolean deleteNetwork(Network network) {
String tenantNetworkUuid = _sspUuidDao.findUuidByNetwork(network);
if (tenantNetworkUuid != null) {
boolean processed = false;
for (SspClient client :
fetchSspClients(network.getPhysicalNetworkId(), network.getDataCenterId(), true)) {
if (client.deleteTenantNetwork(tenantNetworkUuid)) {
_sspUuidDao.removeUuid(tenantNetworkUuid);
processed = true;
break;
}
}
if (!processed) {
s_logger.error("Ssp api tenant network deletion failed " + network.toString());
}
} else {
s_logger.debug("Silently skipping #deleteNetwork() for " + network.toString());
}
return true;
}
protected boolean canHandle(final Network network, final Service service) {
s_logger.debug(
"Checking if OvsElement can handle service "
+ service.getName()
+ " on network "
+ network.getDisplayText());
if (network.getBroadcastDomainType() != BroadcastDomainType.Vswitch) {
return false;
}
if (!_networkModel.isProviderForNetwork(getProvider(), network.getId())) {
s_logger.debug("OvsElement is not a provider for network " + network.getDisplayText());
return false;
}
if (!_ntwkSrvcDao.canProviderSupportServiceInNetwork(
network.getId(), service, Network.Provider.Ovs)) {
s_logger.debug(
"OvsElement can't provide the "
+ service.getName()
+ " service on network "
+ network.getDisplayText());
return false;
}
return true;
}
@Override
protected void allocateVnet(
Network network,
NetworkVO implemented,
long dcId,
long physicalNetworkId,
String reservationId)
throws InsufficientVirtualNetworkCapcityException {
if (network.getBroadcastUri() == null) {
String vnet =
_dcDao.allocateVnet(
dcId,
physicalNetworkId,
network.getAccountId(),
reservationId,
UseSystemGuestVlans.valueIn(network.getAccountId()));
if (vnet == null) {
throw new InsufficientVirtualNetworkCapcityException(
"Unable to allocate vnet as a part of network " + network + " implement ",
DataCenter.class,
dcId);
}
implemented.setBroadcastUri(BroadcastDomainType.Vswitch.toUri(vnet));
ActionEventUtils.onCompletedActionEvent(
CallContext.current().getCallingUserId(),
network.getAccountId(),
EventVO.LEVEL_INFO,
EventTypes.EVENT_ZONE_VLAN_ASSIGN,
"Assigned Zone Vlan: " + vnet + " Network Id: " + network.getId(),
0);
} else {
implemented.setBroadcastUri(network.getBroadcastUri());
}
}
@Override
public boolean validateLBRule(final Network network, final LoadBalancingRule rule) {
final List<LoadBalancingRule> rules = new ArrayList<LoadBalancingRule>();
rules.add(rule);
if (canHandle(network, Service.Lb) && canHandleLbRules(rules)) {
final List<DomainRouterVO> routers =
_routerDao.listByNetworkAndRole(network.getId(), Role.VIRTUAL_ROUTER);
if (routers == null || routers.isEmpty()) {
return true;
}
return validateHAProxyLBRule(rule);
}
return true;
}
@Override
public NicProfile allocate(
Network config, NicProfile nic, VirtualMachineProfile<? extends VirtualMachine> vm)
throws InsufficientVirtualNetworkCapcityException, InsufficientAddressCapacityException {
if (config.getTrafficType() != TrafficType.Control) {
return null;
}
if (vm.getHypervisorType() == HypervisorType.VmWare
&& vm.getType() != VirtualMachine.Type.DomainRouter) {
NicProfile nicProf = new NicProfile(ReservationStrategy.Create, null, null, null, null);
String mac = _networkMgr.getNextAvailableMacAddressInNetwork(config.getId());
nicProf.setMacAddress(mac);
return nicProf;
}
if (nic != null) {
throw new CloudRuntimeException("Does not support nic specification at this time: " + nic);
}
return new NicProfile(ReservationStrategy.Start, null, null, null, null);
}