public LBStickinessPolicyResponse(StickinessPolicy stickinesspolicy) {
    this.name = stickinesspolicy.getName();
    List<Pair<String, String>> paramsList = stickinesspolicy.getParams();
    this.methodName = stickinesspolicy.getMethodName();
    this.description = stickinesspolicy.getDescription();
    if (stickinesspolicy.isRevoke()) {
      this.setState("Revoked");
    }
    if (stickinesspolicy.getId() != 0) setId(stickinesspolicy.getId());

    /* Get the param and values from the database and fill the response object
     *  The following loop is to
     *    1) convert from List of Pair<String,String> to Map<String, String>
     *    2)  combine all params with name with ":" , currently we have one param called "domain" that can appear multiple times.
     * */

    Map<String, String> tempParamList = new HashMap<String, String>();
    for (Pair<String, String> paramKV : paramsList) {
      String key = paramKV.first();
      String value = paramKV.second();
      StringBuilder sb = new StringBuilder();
      sb.append(value);
      if (tempParamList.get(key) != null) {
        sb.append(":").append(tempParamList.get(key));
      }

      tempParamList.put(key, sb.toString());
    }

    this.params = tempParamList;
    setObjectName("stickinesspolicy");
  }
Exemplo n.º 2
0
  protected boolean shutdownRouterVM(DomainRouterVO router) {
    if (s_logger.isDebugEnabled()) {
      s_logger.debug("Try to shutdown router VM " + router.getInstanceName() + " directly.");
    }

    Pair<Boolean, String> result;
    try {
      result =
          SshHelper.sshExecute(
              router.getPrivateIpAddress(),
              DEFAULT_DOMR_SSHPORT,
              "root",
              getSystemVMKeyFile(),
              null,
              "poweroff -f");

      if (!result.first()) {
        s_logger.debug("Unable to shutdown " + router.getInstanceName() + " directly");
        return false;
      }
    } catch (Throwable e) {
      s_logger.warn("Unable to shutdown router " + router.getInstanceName() + " directly.");
      return false;
    }
    if (s_logger.isDebugEnabled()) {
      s_logger.debug("Shutdown router " + router.getInstanceName() + " successful.");
    }
    return true;
  }
Exemplo n.º 3
0
  @Override
  public long getAllocatedPoolCapacity(StoragePoolVO pool, VMTemplateVO templateForVmCreation) {

    // Get size for all the volumes
    Pair<Long, Long> sizes = _volumeDao.getCountAndTotalByPool(pool.getId());
    long totalAllocatedSize = sizes.second() + sizes.first() * _extraBytesPerVolume;

    // Get size for VM Snapshots
    totalAllocatedSize = totalAllocatedSize + getVMSnapshotAllocatedCapacity(pool);

    // Iterate through all templates on this storage pool
    boolean tmpinstalled = false;
    List<VMTemplateStoragePoolVO> templatePoolVOs;
    templatePoolVOs = _templatePoolDao.listByPoolId(pool.getId());

    for (VMTemplateStoragePoolVO templatePoolVO : templatePoolVOs) {
      if ((templateForVmCreation != null)
          && !tmpinstalled
          && (templatePoolVO.getTemplateId() == templateForVmCreation.getId())) {
        tmpinstalled = true;
      }
      long templateSize = templatePoolVO.getTemplateSize();
      totalAllocatedSize += templateSize + _extraBytesPerVolume;
    }

    // Add the size for the templateForVmCreation if its not already present
    /*if ((templateForVmCreation != null) && !tmpinstalled) {

    }*/

    return totalAllocatedSize;
  }
Exemplo n.º 4
0
 public State getState(String clusterId, String name) {
   HashMap<String, Pair<String, State>> vms = getClusterVmState(clusterId);
   Pair<String, State> pv = vms.get(name);
   return pv == null
       ? State.Stopped
       : pv.second(); // if a VM is absent on the cluster, it is effectively in stopped state.
 }
Exemplo n.º 5
0
 private static void updateVmUsageData(
     Map<String, Pair<String, Long>> usageDataMap, String key, String vmName, long duration) {
   Pair<String, Long> vmUsageInfo = usageDataMap.get(key);
   if (vmUsageInfo == null) {
     vmUsageInfo = new Pair<String, Long>(vmName, new Long(duration));
   } else {
     Long runningTime = vmUsageInfo.second();
     runningTime = new Long(runningTime.longValue() + duration);
     vmUsageInfo = new Pair<String, Long>(vmUsageInfo.first(), runningTime);
   }
   usageDataMap.put(key, vmUsageInfo);
 }
 private static void updatePFUsageData(
     Map<String, Pair<Long, Long>> usageDataMap, String key, long pfId, long duration) {
   Pair<Long, Long> pfUsageInfo = usageDataMap.get(key);
   if (pfUsageInfo == null) {
     pfUsageInfo = new Pair<Long, Long>(new Long(pfId), new Long(duration));
   } else {
     Long runningTime = pfUsageInfo.second();
     runningTime = new Long(runningTime.longValue() + duration);
     pfUsageInfo = new Pair<Long, Long>(pfUsageInfo.first(), runningTime);
   }
   usageDataMap.put(key, pfUsageInfo);
 }
Exemplo n.º 7
0
  public void testSsh() {
    try {
      File file = new File("c:\\temp\\id_rsa.kelven");
      if (!file.exists()) {
        System.out.println("key file does not exist!");
      }

      Pair<Boolean, String> result =
          SshHelper.sshExecute("192.168.1.107", 22, "kelven", file, null, "ls -al");
      System.out.println("Result: " + result.second());
    } catch (Exception e) {
      s_logger.error("Unexpected exception : ", e);
    }
  }
Exemplo n.º 8
0
    @Override
    public JsonElement serialize(
        Pair<Long, Long> src, java.lang.reflect.Type typeOfSrc, JsonSerializationContext context) {
      JsonArray array = new JsonArray();
      if (src.first() != null) {
        array.add(s_gson.toJsonTree(src.first()));
      } else {
        array.add(new JsonNull());
      }

      if (src.second() != null) {
        array.add(s_gson.toJsonTree(src.second()));
      } else {
        array.add(new JsonNull());
      }

      return array;
    }
Exemplo n.º 9
0
    @Override
    public Pair<Long, Long> deserialize(
        JsonElement json, java.lang.reflect.Type type, JsonDeserializationContext context)
        throws JsonParseException {
      Pair<Long, Long> pairs = new Pair<Long, Long>(null, null);
      JsonArray array = json.getAsJsonArray();
      if (array.size() != 2) {
        return pairs;
      }
      JsonElement element = array.get(0);
      if (!element.isJsonNull()) {
        pairs.first(element.getAsLong());
      }

      element = array.get(1);
      if (!element.isJsonNull()) {
        pairs.second(element.getAsLong());
      }

      return pairs;
    }
  private boolean preparePxeInAdvancedZone(
      VirtualMachineProfile profile,
      NicProfile nic,
      Network network,
      DeployDestination dest,
      ReservationContext context)
      throws Exception {
    DomainRouterVO vr = getVirtualRouter(network);
    List<NicVO> nics = _nicDao.listByVmId(vr.getId());
    NicVO mgmtNic = null;
    for (NicVO nicvo : nics) {
      if (ControlNetworkGuru.class.getSimpleName().equals(nicvo.getReserver())) {
        mgmtNic = nicvo;
        break;
      }
    }

    if (mgmtNic == null) {
      throw new CloudRuntimeException(
          String.format("cannot find management nic on virtual router[id:%s]", vr.getId()));
    }

    String internalServerIp = _configDao.getValue(Config.BaremetalInternalStorageServer.key());
    if (internalServerIp == null) {
      throw new CloudRuntimeException(
          String.format(
              "please specify 'baremetal.internal.storage.server.ip', which is the http server/nfs server storing kickstart files and ISO files, in global setting"));
    }

    List<String> tuple = parseKickstartUrl(profile);
    String cmd =
        String.format(
            "/usr/bin/prepare_pxe.sh %s %s %s %s %s %s",
            tuple.get(1),
            tuple.get(2),
            profile.getTemplate().getUuid(),
            String.format("01-%s", nic.getMacAddress().replaceAll(":", "-")).toLowerCase(),
            tuple.get(0),
            nic.getMacAddress().toLowerCase());
    s_logger.debug(
        String.format(
            "prepare pxe on virtual router[ip:%s], cmd: %s", mgmtNic.getIp4Address(), cmd));
    Pair<Boolean, String> ret =
        SshHelper.sshExecute(
            mgmtNic.getIp4Address(), 3922, "root", getSystemVMKeyFile(), null, cmd);
    if (!ret.first()) {
      throw new CloudRuntimeException(
          String.format(
              "failed preparing PXE in virtual router[id:%s], because %s",
              vr.getId(), ret.second()));
    }

    // String internalServerIp = "10.223.110.231";
    cmd =
        String.format(
            "/usr/bin/baremetal_snat.sh %s %s %s",
            mgmtNic.getIp4Address(), internalServerIp, mgmtNic.getGateway());
    s_logger.debug(
        String.format(
            "prepare SNAT on virtual router[ip:%s], cmd: %s", mgmtNic.getIp4Address(), cmd));
    ret =
        SshHelper.sshExecute(
            mgmtNic.getIp4Address(), 3922, "root", getSystemVMKeyFile(), null, cmd);
    if (!ret.first()) {
      throw new CloudRuntimeException(
          String.format(
              "failed preparing PXE in virtual router[id:%s], because %s",
              vr.getId(), ret.second()));
    }

    return true;
  }
  @Override
  @DB
  public RemoteAccessVpn createRemoteAccessVpn(
      final long publicIpId, String ipRange, boolean openFirewall, final Boolean forDisplay)
      throws NetworkRuleConflictException {
    CallContext ctx = CallContext.current();
    final Account caller = ctx.getCallingAccount();

    Long networkId = null;

    // make sure ip address exists
    final PublicIpAddress ipAddr = _networkMgr.getPublicIpAddress(publicIpId);
    if (ipAddr == null) {
      throw new InvalidParameterValueException(
          "Unable to create remote access vpn, invalid public IP address id" + publicIpId);
    }

    _accountMgr.checkAccess(caller, null, true, ipAddr);

    if (!ipAddr.readyToUse()) {
      throw new InvalidParameterValueException(
          "The Ip address is not ready to be used yet: " + ipAddr.getAddress());
    }

    IPAddressVO ipAddress = _ipAddressDao.findById(publicIpId);

    networkId = ipAddress.getAssociatedWithNetworkId();
    if (networkId != null) {
      _networkMgr.checkIpForService(ipAddress, Service.Vpn, null);
    }

    final Long vpcId = ipAddress.getVpcId();
    /* IP Address used for VPC must be the source NAT IP of whole VPC */
    if (vpcId != null && ipAddress.isSourceNat()) {
      assert networkId == null;
      // No firewall setting for VPC, it would be open internally
      openFirewall = false;
    }

    final boolean openFirewallFinal = openFirewall;

    if (networkId == null && vpcId == null) {
      throw new InvalidParameterValueException(
          "Unable to create remote access vpn for the ipAddress: "
              + ipAddr.getAddress().addr()
              + " as ip is not associated with any network or VPC");
    }

    RemoteAccessVpnVO vpnVO = _remoteAccessVpnDao.findByPublicIpAddress(publicIpId);

    if (vpnVO != null) {
      // if vpn is in Added state, return it to the api
      if (vpnVO.getState() == RemoteAccessVpn.State.Added) {
        return vpnVO;
      }
      throw new InvalidParameterValueException(
          "A Remote Access VPN already exists for this public Ip address");
    }

    if (ipRange == null) {
      ipRange = RemoteAccessVpnClientIpRange.valueIn(ipAddr.getAccountId());
    }
    final String[] range = ipRange.split("-");
    if (range.length != 2) {
      throw new InvalidParameterValueException("Invalid ip range");
    }
    if (!NetUtils.isValidIp(range[0]) || !NetUtils.isValidIp(range[1])) {
      throw new InvalidParameterValueException("Invalid ip in range specification " + ipRange);
    }
    if (!NetUtils.validIpRange(range[0], range[1])) {
      throw new InvalidParameterValueException("Invalid ip range " + ipRange);
    }

    Pair<String, Integer> cidr = null;

    // TODO: assumes one virtual network / domr per account per zone
    if (networkId != null) {
      vpnVO = _remoteAccessVpnDao.findByAccountAndNetwork(ipAddr.getAccountId(), networkId);
      if (vpnVO != null) {
        // if vpn is in Added state, return it to the api
        if (vpnVO.getState() == RemoteAccessVpn.State.Added) {
          return vpnVO;
        }
        throw new InvalidParameterValueException(
            "A Remote Access VPN already exists for this account");
      }
      // Verify that vpn service is enabled for the network
      Network network = _networkMgr.getNetwork(networkId);
      if (!_networkMgr.areServicesSupportedInNetwork(network.getId(), Service.Vpn)) {
        throw new InvalidParameterValueException(
            "Vpn service is not supported in network id=" + ipAddr.getAssociatedWithNetworkId());
      }
      cidr = NetUtils.getCidr(network.getCidr());
    } else { // Don't need to check VPC because there is only one IP(source NAT IP) available for
             // VPN
      Vpc vpc = _vpcDao.findById(vpcId);
      cidr = NetUtils.getCidr(vpc.getCidr());
    }

    // FIXME: This check won't work for the case where the guest ip range
    // changes depending on the vlan allocated.
    String[] guestIpRange = NetUtils.getIpRangeFromCidr(cidr.first(), cidr.second());
    if (NetUtils.ipRangesOverlap(range[0], range[1], guestIpRange[0], guestIpRange[1])) {
      throw new InvalidParameterValueException(
          "Invalid ip range: "
              + ipRange
              + " overlaps with guest ip range "
              + guestIpRange[0]
              + "-"
              + guestIpRange[1]);
    }
    // TODO: check sufficient range
    // TODO: check overlap with private and public ip ranges in datacenter

    long startIp = NetUtils.ip2Long(range[0]);
    final String newIpRange = NetUtils.long2Ip(++startIp) + "-" + range[1];
    final String sharedSecret = PasswordGenerator.generatePresharedKey(_pskLength);

    return Transaction.execute(
        new TransactionCallbackWithException<RemoteAccessVpn, NetworkRuleConflictException>() {
          @Override
          public RemoteAccessVpn doInTransaction(TransactionStatus status)
              throws NetworkRuleConflictException {
            if (vpcId == null) {
              _rulesMgr.reservePorts(
                  ipAddr,
                  NetUtils.UDP_PROTO,
                  Purpose.Vpn,
                  openFirewallFinal,
                  caller,
                  NetUtils.VPN_PORT,
                  NetUtils.VPN_L2TP_PORT,
                  NetUtils.VPN_NATT_PORT);
            }
            RemoteAccessVpnVO vpnVO =
                new RemoteAccessVpnVO(
                    ipAddr.getAccountId(),
                    ipAddr.getDomainId(),
                    ipAddr.getAssociatedWithNetworkId(),
                    publicIpId,
                    vpcId,
                    range[0],
                    newIpRange,
                    sharedSecret);

            if (forDisplay != null) {
              vpnVO.setDisplay(forDisplay);
            }
            return _remoteAccessVpnDao.persist(vpnVO);
          }
        });
  }
Exemplo n.º 12
0
  @Override
  public boolean postStateTransitionEvent(
      State oldState,
      Event event,
      State newState,
      VirtualMachine vm,
      boolean status,
      Object opaque) {
    if (!status) {
      return false;
    }
    @SuppressWarnings("unchecked")
    Pair<Long, Long> hosts = (Pair<Long, Long>) opaque;
    Long oldHostId = hosts.first();

    s_logger.debug(
        "VM state transitted from :"
            + oldState
            + " to "
            + newState
            + " with event: "
            + event
            + "vm's original host id: "
            + vm.getLastHostId()
            + " new host id: "
            + vm.getHostId()
            + " host id before state transition: "
            + oldHostId);

    if (oldState == State.Starting) {
      if (newState != State.Running) {
        releaseVmCapacity(vm, false, false, oldHostId);
      }
    } else if (oldState == State.Running) {
      if (event == Event.AgentReportStopped) {
        releaseVmCapacity(vm, false, true, oldHostId);
      } else if (event == Event.AgentReportMigrated) {
        releaseVmCapacity(vm, false, false, oldHostId);
      }
    } else if (oldState == State.Migrating) {
      if (event == Event.AgentReportStopped) {
        /* Release capacity from original host */
        releaseVmCapacity(vm, false, false, vm.getLastHostId());
        releaseVmCapacity(vm, false, false, oldHostId);
      } else if (event == Event.OperationFailed) {
        /* Release from dest host */
        releaseVmCapacity(vm, false, false, oldHostId);
      } else if (event == Event.OperationSucceeded) {
        releaseVmCapacity(vm, false, false, vm.getLastHostId());
      }
    } else if (oldState == State.Stopping) {
      if (event == Event.OperationSucceeded) {
        releaseVmCapacity(vm, false, true, oldHostId);
      } else if (event == Event.AgentReportStopped) {
        releaseVmCapacity(vm, false, false, oldHostId);
      } else if (event == Event.AgentReportMigrated) {
        releaseVmCapacity(vm, false, false, oldHostId);
      }
    } else if (oldState == State.Stopped) {
      if (event == Event.DestroyRequested || event == Event.ExpungeOperation) {
        releaseVmCapacity(vm, true, false, vm.getLastHostId());
      } else if (event == Event.AgentReportMigrated) {
        releaseVmCapacity(vm, false, false, oldHostId);
      }
    }

    if ((newState == State.Starting
            || newState == State.Migrating
            || event == Event.AgentReportMigrated)
        && vm.getHostId() != null) {
      boolean fromLastHost = false;
      if (vm.getLastHostId() == vm.getHostId()) {
        s_logger.debug("VM starting again on the last host it was stopped on");
        fromLastHost = true;
      }
      allocateVmCapacity(vm, fromLastHost);
    }

    return true;
  }
Exemplo n.º 13
0
  public HttpTemplateDownloader(
      StorageLayer storageLayer,
      String downloadUrl,
      String toDir,
      DownloadCompleteCallback callback,
      long maxTemplateSizeInBytes,
      String user,
      String password,
      Proxy proxy,
      ResourceType resourceType) {
    this._storage = storageLayer;
    this.downloadUrl = downloadUrl;
    this.setToDir(toDir);
    this.status = TemplateDownloader.Status.NOT_STARTED;
    this.resourceType = resourceType;
    this.MAX_TEMPLATE_SIZE_IN_BYTES = maxTemplateSizeInBytes;

    this.totalBytes = 0;
    this.client = new HttpClient();

    myretryhandler =
        new HttpMethodRetryHandler() {
          public boolean retryMethod(
              final HttpMethod method, final IOException exception, int executionCount) {
            if (executionCount >= 2) {
              // Do not retry if over max retry count
              return false;
            }
            if (exception instanceof NoHttpResponseException) {
              // Retry if the server dropped connection on us
              return true;
            }
            if (!method.isRequestSent()) {
              // Retry if the request has not been sent fully or
              // if it's OK to retry methods that have been sent
              return true;
            }
            // otherwise do not retry
            return false;
          }
        };

    try {
      this.request = new GetMethod(downloadUrl);
      this.request.getParams().setParameter(HttpMethodParams.RETRY_HANDLER, myretryhandler);
      this.completionCallback = callback;
      // this.request.setFollowRedirects(false);

      File f = File.createTempFile("dnld", "tmp_", new File(toDir));

      if (_storage != null) {
        _storage.setWorldReadableAndWriteable(f);
      }

      toFile = f.getAbsolutePath();
      Pair<String, Integer> hostAndPort = validateUrl(downloadUrl);

      if (proxy != null) {
        client.getHostConfiguration().setProxy(proxy.getHost(), proxy.getPort());
        if (proxy.getUserName() != null) {
          Credentials proxyCreds =
              new UsernamePasswordCredentials(proxy.getUserName(), proxy.getPassword());
          client.getState().setProxyCredentials(AuthScope.ANY, proxyCreds);
        }
      }
      if ((user != null) && (password != null)) {
        client.getParams().setAuthenticationPreemptive(true);
        Credentials defaultcreds = new UsernamePasswordCredentials(user, password);
        client
            .getState()
            .setCredentials(
                new AuthScope(hostAndPort.first(), hostAndPort.second(), AuthScope.ANY_REALM),
                defaultcreds);
        s_logger.info(
            "Added username="******", password="******"for host "
                + hostAndPort.first()
                + ":"
                + hostAndPort.second());
      } else {
        s_logger.info(
            "No credentials configured for host="
                + hostAndPort.first()
                + ":"
                + hostAndPort.second());
      }
    } catch (IllegalArgumentException iae) {
      errorString = iae.getMessage();
      status = TemplateDownloader.Status.UNRECOVERABLE_ERROR;
      inited = false;
    } catch (Exception ex) {
      errorString = "Unable to start download -- check url? ";
      status = TemplateDownloader.Status.UNRECOVERABLE_ERROR;
      s_logger.warn("Exception in constructor -- " + ex.toString());
    } catch (Throwable th) {
      s_logger.warn("throwable caught ", th);
    }
  }
  @Override
  public List<LoadBalancerVO> searchForLoadBalancers(ListLoadBalancerRulesCmd cmd) {
    Account caller = UserContext.current().getCaller();
    Long ipId = cmd.getPublicIpId();
    Long zoneId = cmd.getZoneId();
    String path = null;

    Pair<String, Long> accountDomainPair =
        _accountMgr.finalizeAccountDomainForList(caller, cmd.getAccountName(), cmd.getDomainId());
    String accountName = accountDomainPair.first();
    Long domainId = accountDomainPair.second();

    if (caller.getType() == Account.ACCOUNT_TYPE_DOMAIN_ADMIN
        || caller.getType() == Account.ACCOUNT_TYPE_RESOURCE_DOMAIN_ADMIN) {
      Domain domain = _domainMgr.getDomain(caller.getDomainId());
      path = domain.getPath();
    }

    Filter searchFilter =
        new Filter(LoadBalancerVO.class, "id", true, cmd.getStartIndex(), cmd.getPageSizeVal());

    Object id = cmd.getId();
    Object name = cmd.getLoadBalancerRuleName();
    Object keyword = cmd.getKeyword();
    Object instanceId = cmd.getVirtualMachineId();

    SearchBuilder<LoadBalancerVO> sb = _lbDao.createSearchBuilder();
    sb.and("id", sb.entity().getId(), SearchCriteria.Op.EQ);
    sb.and("name", sb.entity().getName(), SearchCriteria.Op.LIKE);
    sb.and("sourceIpAddress", sb.entity().getSourceIpAddressId(), SearchCriteria.Op.EQ);
    sb.and("accountId", sb.entity().getAccountId(), SearchCriteria.Op.EQ);
    sb.and("domainId", sb.entity().getDomainId(), SearchCriteria.Op.EQ);

    if (instanceId != null) {
      SearchBuilder<LoadBalancerVMMapVO> lbVMSearch = _lb2VmMapDao.createSearchBuilder();
      lbVMSearch.and("instanceId", lbVMSearch.entity().getInstanceId(), SearchCriteria.Op.EQ);
      sb.join(
          "lbVMSearch",
          lbVMSearch,
          sb.entity().getId(),
          lbVMSearch.entity().getLoadBalancerId(),
          JoinBuilder.JoinType.INNER);
    }

    if (path != null) {
      // for domain admin we should show only subdomains information
      SearchBuilder<DomainVO> domainSearch = _domainDao.createSearchBuilder();
      domainSearch.and("path", domainSearch.entity().getPath(), SearchCriteria.Op.LIKE);
      sb.join(
          "domainSearch",
          domainSearch,
          sb.entity().getDomainId(),
          domainSearch.entity().getId(),
          JoinBuilder.JoinType.INNER);
    }

    if (zoneId != null) {
      SearchBuilder<IPAddressVO> ipSearch = _ipAddressDao.createSearchBuilder();
      ipSearch.and("zoneId", ipSearch.entity().getDataCenterId(), SearchCriteria.Op.EQ);
      sb.join(
          "ipSearch",
          ipSearch,
          sb.entity().getSourceIpAddressId(),
          ipSearch.entity().getId(),
          JoinBuilder.JoinType.INNER);
    }

    SearchCriteria<LoadBalancerVO> sc = sb.create();
    if (keyword != null) {
      SearchCriteria<LoadBalancerVO> ssc = _lbDao.createSearchCriteria();
      ssc.addOr("name", SearchCriteria.Op.LIKE, "%" + keyword + "%");
      ssc.addOr("description", SearchCriteria.Op.LIKE, "%" + keyword + "%");

      sc.addAnd("name", SearchCriteria.Op.SC, ssc);
    }

    if (name != null) {
      sc.setParameters("name", "%" + name + "%");
    }

    if (id != null) {
      sc.setParameters("id", id);
    }

    if (ipId != null) {
      sc.setParameters("sourceIpAddress", ipId);
    }

    if (instanceId != null) {
      sc.setJoinParameters("lbVMSearch", "instanceId", instanceId);
    }

    if (domainId != null) {
      sc.setParameters("domainId", domainId);
      if (accountName != null) {
        Account account = _accountMgr.getActiveAccountByName(accountName, domainId);
        sc.setParameters("accountId", account.getId());
      }
    }

    if (path != null) {
      sc.setJoinParameters("domainSearch", "path", path + "%");
    }

    if (zoneId != null) {
      sc.setJoinParameters("ipSearch", "zoneId", zoneId);
    }

    return _lbDao.search(sc, searchFilter);
  }
  @Override
  public boolean finalizeCommandsOnStart(final Commands cmds, final VirtualMachineProfile profile) {
    final DomainRouterVO domainRouterVO = _routerDao.findById(profile.getId());

    final boolean isVpc = domainRouterVO.getVpcId() != null;
    if (!isVpc) {
      return super.finalizeCommandsOnStart(cmds, profile);
    }

    if (domainRouterVO.getState() == State.Starting || domainRouterVO.getState() == State.Running) {
      // 1) FORM SSH CHECK COMMAND
      final NicProfile controlNic = getControlNic(profile);
      if (controlNic == null) {
        s_logger.error("Control network doesn't exist for the router " + domainRouterVO);
        return false;
      }

      finalizeSshAndVersionAndNetworkUsageOnStart(cmds, profile, domainRouterVO, controlNic);

      // 2) FORM PLUG NIC COMMANDS
      final List<Pair<Nic, Network>> guestNics = new ArrayList<Pair<Nic, Network>>();
      final List<Pair<Nic, Network>> publicNics = new ArrayList<Pair<Nic, Network>>();
      final Map<String, String> vlanMacAddress = new HashMap<String, String>();

      final List<? extends Nic> routerNics = _nicDao.listByVmId(profile.getId());
      for (final Nic routerNic : routerNics) {
        final Network network = _networkModel.getNetwork(routerNic.getNetworkId());
        if (network.getTrafficType() == TrafficType.Guest) {
          final Pair<Nic, Network> guestNic = new Pair<Nic, Network>(routerNic, network);
          guestNics.add(guestNic);
        } else if (network.getTrafficType() == TrafficType.Public) {
          final Pair<Nic, Network> publicNic = new Pair<Nic, Network>(routerNic, network);
          publicNics.add(publicNic);
          final String vlanTag = BroadcastDomainType.getValue(routerNic.getBroadcastUri());
          vlanMacAddress.put(vlanTag, routerNic.getMacAddress());
        }
      }

      final List<Command> usageCmds = new ArrayList<Command>();

      // 3) PREPARE PLUG NIC COMMANDS
      try {
        // add VPC router to public networks
        final List<PublicIp> sourceNat = new ArrayList<PublicIp>(1);
        for (final Pair<Nic, Network> nicNtwk : publicNics) {
          final Nic publicNic = nicNtwk.first();
          final Network publicNtwk = nicNtwk.second();
          final IPAddressVO userIp =
              _ipAddressDao.findByIpAndSourceNetworkId(
                  publicNtwk.getId(), publicNic.getIPv4Address());

          if (userIp.isSourceNat()) {
            final PublicIp publicIp =
                PublicIp.createFromAddrAndVlan(userIp, _vlanDao.findById(userIp.getVlanId()));
            sourceNat.add(publicIp);

            if (domainRouterVO.getPublicIpAddress() == null) {
              final DomainRouterVO routerVO = _routerDao.findById(domainRouterVO.getId());
              routerVO.setPublicIpAddress(publicNic.getIPv4Address());
              routerVO.setPublicNetmask(publicNic.getIPv4Netmask());
              routerVO.setPublicMacAddress(publicNic.getMacAddress());
              _routerDao.update(routerVO.getId(), routerVO);
            }
          }
          final PlugNicCommand plugNicCmd =
              new PlugNicCommand(
                  _nwHelper.getNicTO(
                      domainRouterVO,
                      publicNic.getNetworkId(),
                      publicNic.getBroadcastUri().toString()),
                  domainRouterVO.getInstanceName(),
                  domainRouterVO.getType());
          cmds.addCommand(plugNicCmd);
          final VpcVO vpc = _vpcDao.findById(domainRouterVO.getVpcId());
          final NetworkUsageCommand netUsageCmd =
              new NetworkUsageCommand(
                  domainRouterVO.getPrivateIpAddress(),
                  domainRouterVO.getInstanceName(),
                  true,
                  publicNic.getIPv4Address(),
                  vpc.getCidr());
          usageCmds.add(netUsageCmd);
          UserStatisticsVO stats =
              _userStatsDao.findBy(
                  domainRouterVO.getAccountId(),
                  domainRouterVO.getDataCenterId(),
                  publicNtwk.getId(),
                  publicNic.getIPv4Address(),
                  domainRouterVO.getId(),
                  domainRouterVO.getType().toString());
          if (stats == null) {
            stats =
                new UserStatisticsVO(
                    domainRouterVO.getAccountId(),
                    domainRouterVO.getDataCenterId(),
                    publicNic.getIPv4Address(),
                    domainRouterVO.getId(),
                    domainRouterVO.getType().toString(),
                    publicNtwk.getId());
            _userStatsDao.persist(stats);
          }
        }

        // create ip assoc for source nat
        if (!sourceNat.isEmpty()) {
          _commandSetupHelper.createVpcAssociatePublicIPCommands(
              domainRouterVO, sourceNat, cmds, vlanMacAddress);
        }

        // add VPC router to guest networks
        for (final Pair<Nic, Network> nicNtwk : guestNics) {
          final Nic guestNic = nicNtwk.first();
          // plug guest nic
          final PlugNicCommand plugNicCmd =
              new PlugNicCommand(
                  _nwHelper.getNicTO(domainRouterVO, guestNic.getNetworkId(), null),
                  domainRouterVO.getInstanceName(),
                  domainRouterVO.getType());
          cmds.addCommand(plugNicCmd);
          if (!_networkModel.isPrivateGateway(guestNic.getNetworkId())) {
            // set guest network
            final VirtualMachine vm = _vmDao.findById(domainRouterVO.getId());
            final NicProfile nicProfile =
                _networkModel.getNicProfile(vm, guestNic.getNetworkId(), null);
            final SetupGuestNetworkCommand setupCmd =
                _commandSetupHelper.createSetupGuestNetworkCommand(
                    domainRouterVO, true, nicProfile);
            cmds.addCommand(setupCmd);
          } else {

            // set private network
            final PrivateIpVO ipVO =
                _privateIpDao.findByIpAndSourceNetworkId(
                    guestNic.getNetworkId(), guestNic.getIPv4Address());
            final Network network = _networkDao.findById(guestNic.getNetworkId());
            BroadcastDomainType.getValue(network.getBroadcastUri());
            final String netmask = NetUtils.getCidrNetmask(network.getCidr());
            final PrivateIpAddress ip =
                new PrivateIpAddress(
                    ipVO,
                    network.getBroadcastUri().toString(),
                    network.getGateway(),
                    netmask,
                    guestNic.getMacAddress());

            final List<PrivateIpAddress> privateIps = new ArrayList<PrivateIpAddress>(1);
            privateIps.add(ip);
            _commandSetupHelper.createVpcAssociatePrivateIPCommands(
                domainRouterVO, privateIps, cmds, true);

            final Long privateGwAclId =
                _vpcGatewayDao.getNetworkAclIdForPrivateIp(
                    ipVO.getVpcId(), ipVO.getNetworkId(), ipVO.getIpAddress());

            if (privateGwAclId != null) {
              // set network acl on private gateway
              final List<NetworkACLItemVO> networkACLs =
                  _networkACLItemDao.listByACL(privateGwAclId);
              s_logger.debug(
                  "Found "
                      + networkACLs.size()
                      + " network ACLs to apply as a part of VPC VR "
                      + domainRouterVO
                      + " start for private gateway ip = "
                      + ipVO.getIpAddress());

              _commandSetupHelper.createNetworkACLsCommands(
                  networkACLs, domainRouterVO, cmds, ipVO.getNetworkId(), true);
            }
          }
        }
      } catch (final Exception ex) {
        s_logger.warn(
            "Failed to add router " + domainRouterVO + " to network due to exception ", ex);
        return false;
      }

      // 4) RE-APPLY ALL STATIC ROUTE RULES
      final List<? extends StaticRoute> routes =
          _staticRouteDao.listByVpcId(domainRouterVO.getVpcId());
      final List<StaticRouteProfile> staticRouteProfiles =
          new ArrayList<StaticRouteProfile>(routes.size());
      final Map<Long, VpcGateway> gatewayMap = new HashMap<Long, VpcGateway>();
      for (final StaticRoute route : routes) {
        VpcGateway gateway = gatewayMap.get(route.getVpcGatewayId());
        if (gateway == null) {
          gateway = _entityMgr.findById(VpcGateway.class, route.getVpcGatewayId());
          gatewayMap.put(gateway.getId(), gateway);
        }
        staticRouteProfiles.add(new StaticRouteProfile(route, gateway));
      }

      s_logger.debug(
          "Found "
              + staticRouteProfiles.size()
              + " static routes to apply as a part of vpc route "
              + domainRouterVO
              + " start");
      if (!staticRouteProfiles.isEmpty()) {
        _commandSetupHelper.createStaticRouteCommands(staticRouteProfiles, domainRouterVO, cmds);
      }

      // 5) RE-APPLY ALL REMOTE ACCESS VPNs
      final RemoteAccessVpnVO vpn =
          _vpnDao.findByAccountAndVpc(domainRouterVO.getAccountId(), domainRouterVO.getVpcId());
      if (vpn != null) {
        _commandSetupHelper.createApplyVpnCommands(true, vpn, domainRouterVO, cmds);
      }

      // 6) REPROGRAM GUEST NETWORK
      boolean reprogramGuestNtwks = true;
      if (profile.getParameter(Param.ReProgramGuestNetworks) != null
          && (Boolean) profile.getParameter(Param.ReProgramGuestNetworks) == false) {
        reprogramGuestNtwks = false;
      }

      final VirtualRouterProvider vrProvider =
          _vrProviderDao.findById(domainRouterVO.getElementId());
      if (vrProvider == null) {
        throw new CloudRuntimeException(
            "Cannot find related virtual router provider of router: "
                + domainRouterVO.getHostName());
      }
      final Provider provider = Network.Provider.getProvider(vrProvider.getType().toString());
      if (provider == null) {
        throw new CloudRuntimeException(
            "Cannot find related provider of virtual router provider: "
                + vrProvider.getType().toString());
      }

      for (final Pair<Nic, Network> nicNtwk : guestNics) {
        final Nic guestNic = nicNtwk.first();
        final AggregationControlCommand startCmd =
            new AggregationControlCommand(
                Action.Start,
                domainRouterVO.getInstanceName(),
                controlNic.getIPv4Address(),
                _routerControlHelper.getRouterIpInNetwork(
                    guestNic.getNetworkId(), domainRouterVO.getId()));
        cmds.addCommand(startCmd);
        if (reprogramGuestNtwks) {
          finalizeIpAssocForNetwork(
              cmds, domainRouterVO, provider, guestNic.getNetworkId(), vlanMacAddress);
          finalizeNetworkRulesForNetwork(cmds, domainRouterVO, provider, guestNic.getNetworkId());
        }

        finalizeUserDataAndDhcpOnStart(cmds, domainRouterVO, provider, guestNic.getNetworkId());
        final AggregationControlCommand finishCmd =
            new AggregationControlCommand(
                Action.Finish,
                domainRouterVO.getInstanceName(),
                controlNic.getIPv4Address(),
                _routerControlHelper.getRouterIpInNetwork(
                    guestNic.getNetworkId(), domainRouterVO.getId()));
        cmds.addCommand(finishCmd);
      }

      // Add network usage commands
      cmds.addCommands(usageCmds);
    }
    return true;
  }
  @Override
  public RemoteAccessVpn createRemoteAccessVpn(
      long publicIpId, String ipRange, boolean openFirewall, long networkId)
      throws NetworkRuleConflictException {
    UserContext ctx = UserContext.current();
    Account caller = ctx.getCaller();

    // make sure ip address exists
    PublicIpAddress ipAddr = _networkMgr.getPublicIpAddress(publicIpId);
    if (ipAddr == null) {
      throw new InvalidParameterValueException(
          "Unable to create remote access vpn, invalid public IP address id" + publicIpId);
    }

    _accountMgr.checkAccess(caller, null, true, ipAddr);

    if (!ipAddr.readyToUse()) {
      throw new InvalidParameterValueException(
          "The Ip address is not ready to be used yet: " + ipAddr.getAddress());
    }

    IPAddressVO ipAddress = _ipAddressDao.findById(publicIpId);
    _networkMgr.checkIpForService(ipAddress, Service.Vpn, null);

    RemoteAccessVpnVO vpnVO = _remoteAccessVpnDao.findByPublicIpAddress(publicIpId);

    if (vpnVO != null) {
      // if vpn is in Added state, return it to the api
      if (vpnVO.getState() == RemoteAccessVpn.State.Added) {
        return vpnVO;
      }
      throw new InvalidParameterValueException(
          "A Remote Access VPN already exists for this public Ip address");
    }

    // TODO: assumes one virtual network / domr per account per zone
    vpnVO = _remoteAccessVpnDao.findByAccountAndNetwork(ipAddr.getAccountId(), networkId);
    if (vpnVO != null) {
      // if vpn is in Added state, return it to the api
      if (vpnVO.getState() == RemoteAccessVpn.State.Added) {
        return vpnVO;
      }
      throw new InvalidParameterValueException(
          "A Remote Access VPN already exists for this account");
    }

    // Verify that vpn service is enabled for the network
    Network network = _networkMgr.getNetwork(networkId);
    if (!_networkMgr.areServicesSupportedInNetwork(network.getId(), Service.Vpn)) {
      throw new InvalidParameterValueException(
          "Vpn service is not supported in network id=" + ipAddr.getAssociatedWithNetworkId());
    }

    if (ipRange == null) {
      ipRange = _clientIpRange;
    }
    String[] range = ipRange.split("-");
    if (range.length != 2) {
      throw new InvalidParameterValueException("Invalid ip range");
    }
    if (!NetUtils.isValidIp(range[0]) || !NetUtils.isValidIp(range[1])) {
      throw new InvalidParameterValueException("Invalid ip in range specification " + ipRange);
    }
    if (!NetUtils.validIpRange(range[0], range[1])) {
      throw new InvalidParameterValueException("Invalid ip range " + ipRange);
    }

    Pair<String, Integer> cidr = NetUtils.getCidr(network.getCidr());

    // FIXME: This check won't work for the case where the guest ip range
    // changes depending on the vlan allocated.
    String[] guestIpRange = NetUtils.getIpRangeFromCidr(cidr.first(), cidr.second());
    if (NetUtils.ipRangesOverlap(range[0], range[1], guestIpRange[0], guestIpRange[1])) {
      throw new InvalidParameterValueException(
          "Invalid ip range: "
              + ipRange
              + " overlaps with guest ip range "
              + guestIpRange[0]
              + "-"
              + guestIpRange[1]);
    }
    // TODO: check sufficient range
    // TODO: check overlap with private and public ip ranges in datacenter

    long startIp = NetUtils.ip2Long(range[0]);
    String newIpRange = NetUtils.long2Ip(++startIp) + "-" + range[1];
    String sharedSecret = PasswordGenerator.generatePresharedKey(_pskLength);
    _rulesMgr.reservePorts(
        ipAddr,
        NetUtils.UDP_PROTO,
        Purpose.Vpn,
        openFirewall,
        caller,
        NetUtils.VPN_PORT,
        NetUtils.VPN_L2TP_PORT,
        NetUtils.VPN_NATT_PORT);
    vpnVO =
        new RemoteAccessVpnVO(
            ipAddr.getAccountId(),
            ipAddr.getDomainId(),
            ipAddr.getAssociatedWithNetworkId(),
            publicIpId,
            range[0],
            newIpRange,
            sharedSecret);
    return _remoteAccessVpnDao.persist(vpnVO);
  }
Exemplo n.º 17
0
  @Override
  @DB
  public void recalculateCapacity() {
    // FIXME: the right way to do this is to register a listener (see RouterStatsListener,
    // VMSyncListener)
    //        for the vm sync state.  The listener model has connects/disconnects to keep things in
    // sync much better
    //        than this model right now, so when a VM is started, we update the amount allocated,
    // and when a VM
    //        is stopped we updated the amount allocated, and when VM sync reports a changed state,
    // we update
    //        the amount allocated.  Hopefully it's limited to 3 entry points and will keep the
    // amount allocated
    //        per host accurate.

    try {

      if (s_logger.isDebugEnabled()) {
        s_logger.debug("recalculating system capacity");
        s_logger.debug("Executing cpu/ram capacity update");
      }

      // Calculate CPU and RAM capacities
      // 	get all hosts...even if they are not in 'UP' state
      List<HostVO> hosts = _resourceMgr.listAllHostsInAllZonesByType(Host.Type.Routing);
      for (HostVO host : hosts) {
        _capacityMgr.updateCapacityForHost(host);
      }

      if (s_logger.isDebugEnabled()) {
        s_logger.debug("Done executing cpu/ram capacity update");
        s_logger.debug("Executing storage capacity update");
      }
      // Calculate storage pool capacity
      List<StoragePoolVO> storagePools = _storagePoolDao.listAll();
      for (StoragePoolVO pool : storagePools) {
        long disk = 0l;
        Pair<Long, Long> sizes = _volumeDao.getCountAndTotalByPool(pool.getId());
        disk = sizes.second();
        if (pool.isShared()) {
          _storageMgr.createCapacityEntry(pool, Capacity.CAPACITY_TYPE_STORAGE_ALLOCATED, disk);
        } else {
          _storageMgr.createCapacityEntry(pool, Capacity.CAPACITY_TYPE_LOCAL_STORAGE, disk);
        }
      }

      if (s_logger.isDebugEnabled()) {
        s_logger.debug("Done executing storage capacity update");
        s_logger.debug("Executing capacity updates public ip and Vlans");
      }

      List<DataCenterVO> datacenters = _dcDao.listAll();
      for (DataCenterVO datacenter : datacenters) {
        long dcId = datacenter.getId();

        // NOTE
        // What happens if we have multiple vlans? Dashboard currently shows stats
        // with no filter based on a vlan
        // ideal way would be to remove out the vlan param, and filter only on dcId
        // implementing the same

        // Calculate new Public IP capacity for Virtual Network
        if (datacenter.getNetworkType() == NetworkType.Advanced) {
          createOrUpdateIpCapacity(dcId, null, CapacityVO.CAPACITY_TYPE_VIRTUAL_NETWORK_PUBLIC_IP);
        }

        // Calculate new Public IP capacity for Direct Attached Network
        createOrUpdateIpCapacity(dcId, null, CapacityVO.CAPACITY_TYPE_DIRECT_ATTACHED_PUBLIC_IP);

        if (datacenter.getNetworkType() == NetworkType.Advanced) {
          // Calculate VLAN's capacity
          createOrUpdateVlanCapacity(dcId);
        }
      }

      if (s_logger.isDebugEnabled()) {
        s_logger.debug("Done capacity updates for public ip and Vlans");
        s_logger.debug("Executing capacity updates for private ip");
      }

      // Calculate new Private IP capacity
      List<HostPodVO> pods = _podDao.listAll();
      for (HostPodVO pod : pods) {
        long podId = pod.getId();
        long dcId = pod.getDataCenterId();

        createOrUpdateIpCapacity(dcId, podId, CapacityVO.CAPACITY_TYPE_PRIVATE_IP);
      }

      if (s_logger.isDebugEnabled()) {
        s_logger.debug("Done executing capacity updates for private ip");
        s_logger.debug("Done recalculating system capacity");
      }

    } catch (Throwable t) {
      s_logger.error("Caught exception in recalculating capacity", t);
    }
  }
  public static boolean parse(AccountVO account, Date startDate, Date endDate) {
    if (s_logger.isDebugEnabled()) {
      s_logger.debug("Parsing all PortForwardingRule usage events for account: " + account.getId());
    }
    if ((endDate == null) || endDate.after(new Date())) {
      endDate = new Date();
    }

    // - query usage_volume table with the following criteria:
    //     - look for an entry for accountId with start date in the given range
    //     - look for an entry for accountId with end date in the given range
    //     - look for an entry for accountId with end date null (currently running vm or owned IP)
    //     - look for an entry for accountId with start date before given range *and* end date after
    // given range
    List<UsagePortForwardingRuleVO> usagePFs =
        s_usagePFRuleDao.getUsageRecords(
            account.getId(), account.getDomainId(), startDate, endDate, false, 0);

    if (usagePFs.isEmpty()) {
      s_logger.debug("No port forwarding usage events for this period");
      return true;
    }

    // This map has both the running time *and* the usage amount.
    Map<String, Pair<Long, Long>> usageMap = new HashMap<String, Pair<Long, Long>>();
    Map<String, PFInfo> pfMap = new HashMap<String, PFInfo>();

    // loop through all the port forwarding rule, create a usage record for each
    for (UsagePortForwardingRuleVO usagePF : usagePFs) {
      long pfId = usagePF.getId();
      String key = "" + pfId;

      pfMap.put(key, new PFInfo(pfId, usagePF.getZoneId()));

      Date pfCreateDate = usagePF.getCreated();
      Date pfDeleteDate = usagePF.getDeleted();

      if ((pfDeleteDate == null) || pfDeleteDate.after(endDate)) {
        pfDeleteDate = endDate;
      }

      // clip the start date to the beginning of our aggregation range if the vm has been running
      // for a while
      if (pfCreateDate.before(startDate)) {
        pfCreateDate = startDate;
      }

      if (pfCreateDate.after(endDate)) {
        // Ignore records created after endDate
        continue;
      }

      long currentDuration =
          (pfDeleteDate.getTime() - pfCreateDate.getTime())
              + 1; // make sure this is an inclusive check for milliseconds (i.e. use n - m + 1 to
                   // find total number of millis to charge)

      updatePFUsageData(usageMap, key, usagePF.getId(), currentDuration);
    }

    for (String pfIdKey : usageMap.keySet()) {
      Pair<Long, Long> sgtimeInfo = usageMap.get(pfIdKey);
      long useTime = sgtimeInfo.second().longValue();

      // Only create a usage record if we have a runningTime of bigger than zero.
      if (useTime > 0L) {
        PFInfo info = pfMap.get(pfIdKey);
        createUsageRecord(
            UsageTypes.PORT_FORWARDING_RULE,
            useTime,
            startDate,
            endDate,
            account,
            info.getId(),
            info.getZoneId());
      }
    }

    return true;
  }
Exemplo n.º 19
0
  public static boolean validateHAProxyLBRule(final LoadBalancingRule rule) {
    final String timeEndChar = "dhms";

    for (final LbStickinessPolicy stickinessPolicy : rule.getStickinessPolicies()) {
      final List<Pair<String, String>> paramsList = stickinessPolicy.getParams();

      if (StickinessMethodType.LBCookieBased.getName()
          .equalsIgnoreCase(stickinessPolicy.getMethodName())) {

      } else if (StickinessMethodType.SourceBased.getName()
          .equalsIgnoreCase(stickinessPolicy.getMethodName())) {
        String tablesize = "200k"; // optional
        String expire = "30m"; // optional

        /* overwrite default values with the stick parameters */
        for (final Pair<String, String> paramKV : paramsList) {
          final String key = paramKV.first();
          final String value = paramKV.second();
          if ("tablesize".equalsIgnoreCase(key)) {
            tablesize = value;
          }
          if ("expire".equalsIgnoreCase(key)) {
            expire = value;
          }
        }
        if (expire != null && !containsOnlyNumbers(expire, timeEndChar)) {
          throw new InvalidParameterValueException(
              "Failed LB in validation rule id: "
                  + rule.getId()
                  + " Cause: expire is not in timeformat: "
                  + expire);
        }
        if (tablesize != null && !containsOnlyNumbers(tablesize, "kmg")) {
          throw new InvalidParameterValueException(
              "Failed LB in validation rule id: "
                  + rule.getId()
                  + " Cause: tablesize is not in size format: "
                  + tablesize);
        }
      } else if (StickinessMethodType.AppCookieBased.getName()
          .equalsIgnoreCase(stickinessPolicy.getMethodName())) {
        String length = null; // optional
        String holdTime = null; // optional

        for (final Pair<String, String> paramKV : paramsList) {
          final String key = paramKV.first();
          final String value = paramKV.second();
          if ("length".equalsIgnoreCase(key)) {
            length = value;
          }
          if ("holdtime".equalsIgnoreCase(key)) {
            holdTime = value;
          }
        }

        if (length != null && !containsOnlyNumbers(length, null)) {
          throw new InvalidParameterValueException(
              "Failed LB in validation rule id: "
                  + rule.getId()
                  + " Cause: length is not a number: "
                  + length);
        }
        if (holdTime != null
            && !containsOnlyNumbers(holdTime, timeEndChar)
            && !containsOnlyNumbers(holdTime, null)) {
          throw new InvalidParameterValueException(
              "Failed LB in validation rule id: "
                  + rule.getId()
                  + " Cause: holdtime is not in timeformat: "
                  + holdTime);
        }
      }
    }
    return true;
  }
Exemplo n.º 20
0
  public static boolean parse(AccountVO account, Date startDate, Date endDate) {
    if (s_logger.isDebugEnabled()) {
      s_logger.debug("Parsing all VMInstance usage events for account: " + account.getId());
    }
    if ((endDate == null) || endDate.after(new Date())) {
      endDate = new Date();
    }

    // - query usage_vm_instance table with the following criteria:
    //     - look for an entry for accountId with start date in the given range
    //     - look for an entry for accountId with end date in the given range
    //     - look for an entry for accountId with end date null (currently running vm or owned IP)
    //     - look for an entry for accountId with start date before given range *and* end date after
    // given range
    List<UsageVMInstanceVO> usageInstances =
        s_usageInstanceDao.getUsageRecords(account.getId(), startDate, endDate);
    // ToDo: Add domainID for getting usage records

    // This map has both the running time *and* the usage amount.
    Map<String, Pair<String, Long>> usageVMUptimeMap = new HashMap<String, Pair<String, Long>>();
    Map<String, Pair<String, Long>> allocatedVMMap = new HashMap<String, Pair<String, Long>>();

    Map<String, VMInfo> vmServiceOfferingMap = new HashMap<String, VMInfo>();

    // loop through all the usage instances, create a usage record for each
    for (UsageVMInstanceVO usageInstance : usageInstances) {
      long vmId = usageInstance.getVmInstanceId();
      long soId = usageInstance.getSerivceOfferingId();
      long zoneId = usageInstance.getZoneId();
      long tId = usageInstance.getTemplateId();
      int usageType = usageInstance.getUsageType();
      String key = vmId + "-" + soId + "-" + usageType;

      // store the info in the service offering map
      vmServiceOfferingMap.put(
          key, new VMInfo(vmId, zoneId, soId, tId, usageInstance.getHypervisorType()));

      Date vmStartDate = usageInstance.getStartDate();
      Date vmEndDate = usageInstance.getEndDate();

      if ((vmEndDate == null) || vmEndDate.after(endDate)) {
        vmEndDate = endDate;
      }

      // clip the start date to the beginning of our aggregation range if the vm has been running
      // for a while
      if (vmStartDate.before(startDate)) {
        vmStartDate = startDate;
      }

      long currentDuration =
          (vmEndDate.getTime() - vmStartDate.getTime())
              + 1; // make sure this is an inclusive check for milliseconds (i.e. use n - m + 1 to
                   // find total number of millis to charge)

      switch (usageType) {
        case UsageTypes.ALLOCATED_VM:
          updateVmUsageData(allocatedVMMap, key, usageInstance.getVmName(), currentDuration);
          break;
        case UsageTypes.RUNNING_VM:
          updateVmUsageData(usageVMUptimeMap, key, usageInstance.getVmName(), currentDuration);
          break;
      }
    }

    for (String vmIdKey : usageVMUptimeMap.keySet()) {
      Pair<String, Long> vmUptimeInfo = usageVMUptimeMap.get(vmIdKey);
      long runningTime = vmUptimeInfo.second().longValue();

      // Only create a usage record if we have a runningTime of bigger than zero.
      if (runningTime > 0L) {
        VMInfo info = vmServiceOfferingMap.get(vmIdKey);
        createUsageRecord(
            UsageTypes.RUNNING_VM,
            runningTime,
            startDate,
            endDate,
            account,
            info.getVirtualMachineId(),
            vmUptimeInfo.first(),
            info.getZoneId(),
            info.getServiceOfferingId(),
            info.getTemplateId(),
            info.getHypervisorType());
      }
    }

    for (String vmIdKey : allocatedVMMap.keySet()) {
      Pair<String, Long> vmAllocInfo = allocatedVMMap.get(vmIdKey);
      long allocatedTime = vmAllocInfo.second().longValue();

      // Only create a usage record if we have a runningTime of bigger than zero.
      if (allocatedTime > 0L) {
        VMInfo info = vmServiceOfferingMap.get(vmIdKey);
        createUsageRecord(
            UsageTypes.ALLOCATED_VM,
            allocatedTime,
            startDate,
            endDate,
            account,
            info.getVirtualMachineId(),
            vmAllocInfo.first(),
            info.getZoneId(),
            info.getServiceOfferingId(),
            info.getTemplateId(),
            info.getHypervisorType());
      }
    }

    return true;
  }
Exemplo n.º 21
0
  @DB
  protected void CheckAndCreateTunnel(VirtualMachine instance, DeployDestination dest) {
    if (!_isEnabled) {
      return;
    }

    if (instance.getType() != VirtualMachine.Type.User
        && instance.getType() != VirtualMachine.Type.DomainRouter) {
      return;
    }

    long hostId = dest.getHost().getId();
    long accountId = instance.getAccountId();
    List<UserVmVO> vms = _userVmDao.listByAccountId(accountId);
    List<DomainRouterVO> routers =
        _routerDao.findBy(accountId, instance.getDataCenterIdToDeployIn());
    List<VMInstanceVO> ins = new ArrayList<VMInstanceVO>();
    if (vms != null) {
      ins.addAll(vms);
    }
    if (routers.size() != 0) {
      ins.addAll(routers);
    }
    List<Pair<Long, Integer>> toHosts = new ArrayList<Pair<Long, Integer>>();
    List<Pair<Long, Integer>> fromHosts = new ArrayList<Pair<Long, Integer>>();
    int key;

    for (VMInstanceVO v : ins) {
      Long rh = v.getHostId();
      if (rh == null || rh.longValue() == hostId) {
        continue;
      }

      OvsTunnelAccountVO ta =
          _tunnelAccountDao.getByFromToAccount(hostId, rh.longValue(), accountId);
      if (ta == null) {
        key = getGreKey(hostId, rh.longValue(), accountId);
        if (key == -1) {
          s_logger.warn(
              String.format(
                  "Cannot get GRE key for from=%1$s to=%2$s accountId=%3$s, tunnel create failed",
                  hostId, rh.longValue(), accountId));
          continue;
        }

        Pair<Long, Integer> p = new Pair<Long, Integer>(rh, Integer.valueOf(key));
        if (!toHosts.contains(p)) {
          toHosts.add(p);
        }
      }

      ta = _tunnelAccountDao.getByFromToAccount(rh.longValue(), hostId, accountId);
      if (ta == null) {
        key = getGreKey(rh.longValue(), hostId, accountId);
        if (key == -1) {
          s_logger.warn(
              String.format(
                  "Cannot get GRE key for from=%1$s to=%2$s accountId=%3$s, tunnel create failed",
                  rh.longValue(), hostId, accountId));
          continue;
        }

        Pair<Long, Integer> p = new Pair<Long, Integer>(rh, Integer.valueOf(key));
        if (!fromHosts.contains(p)) {
          fromHosts.add(p);
        }
      }
    }

    try {
      String myIp = dest.getHost().getPrivateIpAddress();
      for (Pair<Long, Integer> i : toHosts) {
        HostVO rHost = _hostDao.findById(i.first());
        Commands cmds =
            new Commands(
                new OvsCreateTunnelCommand(
                    rHost.getPrivateIpAddress(),
                    i.second().toString(),
                    Long.valueOf(hostId),
                    i.first(),
                    accountId,
                    myIp));
        s_logger.debug("Ask host " + hostId + " to create gre tunnel to " + i.first());
        Answer[] answers = _agentMgr.send(hostId, cmds);
        handleCreateTunnelAnswer(answers);
      }

      for (Pair<Long, Integer> i : fromHosts) {
        HostVO rHost = _hostDao.findById(i.first());
        Commands cmd2s =
            new Commands(
                new OvsCreateTunnelCommand(
                    myIp,
                    i.second().toString(),
                    i.first(),
                    Long.valueOf(hostId),
                    accountId,
                    rHost.getPrivateIpAddress()));
        s_logger.debug("Ask host " + i.first() + " to create gre tunnel to " + hostId);
        Answer[] answers = _agentMgr.send(i.first(), cmd2s);
        handleCreateTunnelAnswer(answers);
      }
    } catch (Exception e) {
      s_logger.debug("Ovs Tunnel network created tunnel failed", e);
    }
  }
Exemplo n.º 22
0
  @Override
  public boolean verifyRequest(Map<String, Object[]> requestParameters, Long userId)
      throws ServerApiException {
    try {
      String apiKey = null;
      String secretKey = null;
      String signature = null;
      String unsignedRequest = null;

      String[] command = (String[]) requestParameters.get("command");
      if (command == null) {
        s_logger.info("missing command, ignoring request...");
        return false;
      }

      String commandName = command[0];

      // if userId not null, that mean that user is logged in
      if (userId != null) {
        User user = ApiDBUtils.findUserById(userId);

        try {
          checkCommandAvailable(user, commandName);
        } catch (RequestLimitException ex) {
          s_logger.debug(ex.getMessage());
          throw new ServerApiException(ApiErrorCode.API_LIMIT_EXCEED, ex.getMessage());
        } catch (PermissionDeniedException ex) {
          s_logger.debug(
              "The given command:"
                  + commandName
                  + " does not exist or it is not available for user with id:"
                  + userId);
          throw new ServerApiException(
              ApiErrorCode.UNSUPPORTED_ACTION_ERROR,
              "The given command does not exist or it is not available for user");
        }
        return true;
      } else {
        // check against every available command to see if the command exists or not
        if (!_apiNameCmdClassMap.containsKey(commandName)
            && !commandName.equals("login")
            && !commandName.equals("logout")) {
          s_logger.debug(
              "The given command:"
                  + commandName
                  + " does not exist or it is not available for user with id:"
                  + userId);
          throw new ServerApiException(
              ApiErrorCode.UNSUPPORTED_ACTION_ERROR,
              "The given command does not exist or it is not available for user");
        }
      }

      // - build a request string with sorted params, make sure it's all lowercase
      // - sign the request, verify the signature is the same
      List<String> parameterNames = new ArrayList<String>();

      for (Object paramNameObj : requestParameters.keySet()) {
        parameterNames.add((String) paramNameObj); // put the name in a list that we'll sort later
      }

      Collections.sort(parameterNames);

      String signatureVersion = null;
      String expires = null;

      for (String paramName : parameterNames) {
        // parameters come as name/value pairs in the form String/String[]
        String paramValue = ((String[]) requestParameters.get(paramName))[0];

        if ("signature".equalsIgnoreCase(paramName)) {
          signature = paramValue;
        } else {
          if ("apikey".equalsIgnoreCase(paramName)) {
            apiKey = paramValue;
          } else if ("signatureversion".equalsIgnoreCase(paramName)) {
            signatureVersion = paramValue;
          } else if ("expires".equalsIgnoreCase(paramName)) {
            expires = paramValue;
          }

          if (unsignedRequest == null) {
            unsignedRequest =
                paramName + "=" + URLEncoder.encode(paramValue, "UTF-8").replaceAll("\\+", "%20");
          } else {
            unsignedRequest =
                unsignedRequest
                    + "&"
                    + paramName
                    + "="
                    + URLEncoder.encode(paramValue, "UTF-8").replaceAll("\\+", "%20");
          }
        }
      }

      // if api/secret key are passed to the parameters
      if ((signature == null) || (apiKey == null)) {
        s_logger.debug(
            "Expired session, missing signature, or missing apiKey -- ignoring request. Signature: "
                + signature
                + ", apiKey: "
                + apiKey);
        return false; // no signature, bad request
      }

      Date expiresTS = null;
      // FIXME: Hard coded signature, why not have an enum
      if ("3".equals(signatureVersion)) {
        // New signature authentication. Check for expire parameter and its validity
        if (expires == null) {
          s_logger.debug(
              "Missing Expires parameter -- ignoring request. Signature: "
                  + signature
                  + ", apiKey: "
                  + apiKey);
          return false;
        }
        synchronized (_dateFormat) {
          try {
            expiresTS = _dateFormat.parse(expires);
          } catch (ParseException pe) {
            s_logger.debug("Incorrect date format for Expires parameter", pe);
            return false;
          }
        }
        Date now = new Date(System.currentTimeMillis());
        if (expiresTS.before(now)) {
          s_logger.debug(
              "Request expired -- ignoring ...sig: " + signature + ", apiKey: " + apiKey);
          return false;
        }
      }

      TransactionLegacy txn = TransactionLegacy.open(TransactionLegacy.CLOUD_DB);
      txn.close();
      User user = null;
      // verify there is a user with this api key
      Pair<User, Account> userAcctPair = _accountMgr.findUserByApiKey(apiKey);
      if (userAcctPair == null) {
        s_logger.debug(
            "apiKey does not map to a valid user -- ignoring request, apiKey: " + apiKey);
        return false;
      }

      user = userAcctPair.first();
      Account account = userAcctPair.second();

      if (user.getState() != Account.State.enabled
          || !account.getState().equals(Account.State.enabled)) {
        s_logger.info(
            "disabled or locked user accessing the api, userid = "
                + user.getId()
                + "; name = "
                + user.getUsername()
                + "; state: "
                + user.getState()
                + "; accountState: "
                + account.getState());
        return false;
      }

      try {
        checkCommandAvailable(user, commandName);
      } catch (PermissionDeniedException ex) {
        s_logger.debug(
            "The given command:" + commandName + " does not exist or it is not available for user");
        throw new ServerApiException(
            ApiErrorCode.UNSUPPORTED_ACTION_ERROR,
            "The given command:"
                + commandName
                + " does not exist or it is not available for user with id:"
                + userId);
      }

      // verify secret key exists
      secretKey = user.getSecretKey();
      if (secretKey == null) {
        s_logger.info(
            "User does not have a secret key associated with the account -- ignoring request, username: "******"HmacSHA1");
      SecretKeySpec keySpec = new SecretKeySpec(secretKey.getBytes(), "HmacSHA1");
      mac.init(keySpec);
      mac.update(unsignedRequest.getBytes());
      byte[] encryptedBytes = mac.doFinal();
      String computedSignature = Base64.encodeBase64String(encryptedBytes);
      boolean equalSig = signature.equals(computedSignature);
      if (!equalSig) {
        s_logger.info(
            "User signature: "
                + signature
                + " is not equaled to computed signature: "
                + computedSignature);
      } else {
        CallContext.register(user, account);
      }
      return equalSig;
    } catch (ServerApiException ex) {
      throw ex;
    } catch (Exception ex) {
      s_logger.error("unable to verify request signature");
    }
    return false;
  }
Exemplo n.º 23
0
  public static boolean parse(AccountVO account, Date startDate, Date endDate) {
    if (s_logger.isDebugEnabled()) {
      s_logger.debug("Parsing IP Address usage for account: " + account.getId());
    }
    if ((endDate == null) || endDate.after(new Date())) {
      endDate = new Date();
    }

    // - query usage_ip_address table with the following criteria:
    //     - look for an entry for accountId with start date in the given range
    //     - look for an entry for accountId with end date in the given range
    //     - look for an entry for accountId with end date null (currently running vm or owned IP)
    //     - look for an entry for accountId with start date before given range *and* end date after
    // given range
    List<UsageIPAddressVO> usageIPAddress =
        m_usageIPAddressDao.getUsageRecords(
            account.getId(), account.getDomainId(), startDate, endDate);

    if (usageIPAddress.isEmpty()) {
      s_logger.debug("No IP Address usage for this period");
      return true;
    }

    // This map has both the running time *and* the usage amount.
    Map<String, Pair<Long, Long>> usageMap = new HashMap<String, Pair<Long, Long>>();

    Map<String, IpInfo> IPMap = new HashMap<String, IpInfo>();

    // loop through all the usage IPs, create a usage record for each
    for (UsageIPAddressVO usageIp : usageIPAddress) {
      long IpId = usageIp.getId();

      String key = "" + IpId;

      // store the info in the IP map
      IPMap.put(
          key, new IpInfo(usageIp.getZoneId(), IpId, usageIp.getAddress(), usageIp.isSourceNat()));

      Date IpAssignDate = usageIp.getAssigned();
      Date IpReleaseDeleteDate = usageIp.getReleased();

      if ((IpReleaseDeleteDate == null) || IpReleaseDeleteDate.after(endDate)) {
        IpReleaseDeleteDate = endDate;
      }

      // clip the start date to the beginning of our aggregation range if the vm has been running
      // for a while
      if (IpAssignDate.before(startDate)) {
        IpAssignDate = startDate;
      }

      long currentDuration =
          (IpReleaseDeleteDate.getTime() - IpAssignDate.getTime())
              + 1; // make sure this is an inclusive check for milliseconds (i.e. use n - m + 1 to
                   // find total number of millis to charge)

      updateIpUsageData(usageMap, key, usageIp.getId(), currentDuration);
    }

    for (String ipIdKey : usageMap.keySet()) {
      Pair<Long, Long> ipTimeInfo = usageMap.get(ipIdKey);
      long useTime = ipTimeInfo.second().longValue();

      // Only create a usage record if we have a runningTime of bigger than zero.
      if (useTime > 0L) {
        IpInfo info = IPMap.get(ipIdKey);
        createUsageRecord(
            info.getZoneId(),
            useTime,
            startDate,
            endDate,
            account,
            info.getIpId(),
            info.getIPAddress(),
            info.isSourceNat());
      }
    }

    return true;
  }