/** @param network */
private void mockDAOs(final NetworkVO network, final NetworkOfferingVO offering) {
when(_networkDao.acquireInLockTable(
network.getId(), NetworkOrchestrationService.NetworkLockTimeout.value()))
.thenReturn(network);
when(_networksDao.acquireInLockTable(
network.getId(), NetworkOrchestrationService.NetworkLockTimeout.value()))
.thenReturn(network);
when(_physicalProviderDao.findByServiceProvider(0L, "VirtualRouter"))
.thenReturn(new PhysicalNetworkServiceProviderVO());
when(_vrProviderDao.findByNspIdAndType(0L, Type.VirtualRouter))
.thenReturn(new VirtualRouterProviderVO());
when(_networkOfferingDao.findById(0L)).thenReturn(offering);
// watchit: (in this test) there can be only one
when(_routerDao.getNextInSequence(Long.class, "id")).thenReturn(0L);
final ServiceOfferingVO svcoff =
new ServiceOfferingVO(
"name",
/* cpu */ 1,
/* ramsize */ 1024 * 1024,
/* (clock?)speed */ 1024 * 1024 * 1024,
/* rateMbps */ 1,
/* multicastRateMbps */ 0,
/* offerHA */ false,
"displayText",
ProvisioningType.THIN,
/* useLocalStorage */ false,
/* recreatable */ false,
"tags",
/* systemUse */ false,
VirtualMachine.Type.DomainRouter,
/* defaultUse */ false);
when(_serviceOfferingDao.findById(0L)).thenReturn(svcoff);
final DomainRouterVO router =
new DomainRouterVO(
/* id */ 1L,
/* serviceOfferingId */ 1L,
/* elementId */ 0L,
"name",
/* templateId */ 0L,
HypervisorType.XenServer,
/* guestOSId */ 0L,
/* domainId */ 0L,
/* accountId */ 1L,
/* userId */ 1L,
/* isRedundantRouter */ false,
RedundantState.UNKNOWN,
/* haEnabled */ false,
/* stopPending */ false,
/* vpcId */ null);
when(_routerDao.getNextInSequence(Long.class, "id")).thenReturn(1L);
when(_templateDao.findRoutingTemplate(
HypervisorType.XenServer, "SystemVM Template (XenServer)"))
.thenReturn(new VMTemplateVO());
when(_routerDao.persist(any(DomainRouterVO.class))).thenReturn(router);
when(_routerDao.findById(router.getId())).thenReturn(router);
}
@Override
public boolean deleteNetworkACL(NetworkACL acl) {
List<NetworkACLItemVO> aclItems = _networkACLItemDao.listByACL(acl.getId());
if (aclItems.size() > 0) {
throw new CloudRuntimeException(
"ACL is not empty. Cannot delete network ACL: " + acl.getUuid());
}
List<NetworkVO> networks = _networkDao.listByAclId(acl.getId());
if (networks != null && networks.size() > 0) {
throw new CloudRuntimeException(
"ACL is still associated with "
+ networks.size()
+ " tier(s). Cannot delete network ACL: "
+ acl.getUuid());
}
List<VpcGatewayVO> pvtGateways =
_vpcGatewayDao.listByAclIdAndType(acl.getId(), VpcGateway.Type.Private);
if (pvtGateways != null && pvtGateways.size() > 0) {
throw new CloudRuntimeException(
"ACL is still associated with "
+ pvtGateways.size()
+ " private gateway(s). Cannot delete network ACL: "
+ acl.getUuid());
}
return _networkACLDao.remove(acl.getId());
}
public DomainRouterVO deployLoadBalancerVM(Long networkId, IPAddressVO ipAddr, Long accountId) {
NetworkVO network = _networkDao.findById(networkId);
DataCenter dc = _dcDao.findById(network.getDataCenterId());
Long podId = getPodIdForDirectIp(ipAddr);
Pod pod = podId == null ? null : _podDao.findById(podId);
Map<VirtualMachineProfile.Param, Object> params =
new HashMap<VirtualMachineProfile.Param, Object>(1);
params.put(VirtualMachineProfile.Param.ReProgramGuestNetworks, true);
Account owner = _accountService.getActiveAccountByName("system", new Long(1));
DeployDestination dest = new DeployDestination(dc, pod, null, null);
s_logger.debug("About to deploy ELB vm ");
try {
DomainRouterVO elbVm = deployELBVm(network, dest, owner, params);
if (elbVm == null) {
throw new InvalidParameterValueException("Could not deploy or find existing ELB VM");
}
s_logger.debug("Deployed ELB vm = " + elbVm);
return elbVm;
} catch (Throwable t) {
s_logger.warn("Error while deploying ELB VM: ", t);
return null;
}
}
@Override
public void shutdown(final NetworkProfile profile, final NetworkOffering offering) {
final NetworkVO networkObject = networkDao.findById(profile.getId());
if (networkObject.getBroadcastDomainType() != BroadcastDomainType.Lswitch
|| networkObject.getBroadcastUri() == null) {
s_logger.warn(
"BroadcastUri is empty or incorrect for guestnetwork " + networkObject.getDisplayText());
return;
}
final List<NiciraNvpDeviceVO> devices =
niciraNvpDao.listByPhysicalNetwork(networkObject.getPhysicalNetworkId());
if (devices.isEmpty()) {
s_logger.error(
"No NiciraNvp Controller on physical network " + networkObject.getPhysicalNetworkId());
return;
}
final NiciraNvpDeviceVO niciraNvpDevice = devices.get(0);
final HostVO niciraNvpHost = hostDao.findById(niciraNvpDevice.getHostId());
final DeleteLogicalSwitchCommand cmd =
new DeleteLogicalSwitchCommand(
BroadcastDomainType.getValue(networkObject.getBroadcastUri()));
final DeleteLogicalSwitchAnswer answer =
(DeleteLogicalSwitchAnswer) agentMgr.easySend(niciraNvpHost.getId(), cmd);
if (answer == null || !answer.getResult()) {
s_logger.error("DeleteLogicalSwitchCommand failed");
}
super.shutdown(profile, offering);
}
public boolean applyACLItemsToNetwork(long networkId, List<NetworkACLItemVO> rules)
throws ResourceUnavailableException {
Network network = _networkDao.findById(networkId);
boolean handled = false;
boolean foundProvider = false;
for (NetworkACLServiceProvider element : _networkAclElements) {
Network.Provider provider = element.getProvider();
boolean isAclProvider =
_networkModel.isProviderSupportServiceInNetwork(
network.getId(), Service.NetworkACL, provider);
if (!isAclProvider) {
continue;
}
foundProvider = true;
s_logger.debug(
"Applying NetworkACL for network: "
+ network.getId()
+ " with Network ACL service provider");
handled = element.applyNetworkACLs(network, rules);
if (handled) break;
}
if (!foundProvider) {
s_logger.debug("Unable to find NetworkACL service provider for network: " + network.getId());
}
return handled;
}
@Override
@ActionEvent(
eventType = EventTypes.EVENT_FIREWALL_OPEN,
eventDescription = "creating firewall rule",
create = true)
public FirewallRule createEgressFirewallRule(FirewallRule rule)
throws NetworkRuleConflictException {
Account caller = CallContext.current().getCallingAccount();
Network network = _networkDao.findById(rule.getNetworkId());
if (network.getGuestType() == Network.GuestType.Shared) {
throw new InvalidParameterValueException(
"Egress firewall rules are not supported for " + network.getGuestType() + " networks");
}
return createFirewallRule(
null,
caller,
rule.getXid(),
rule.getSourcePortStart(),
rule.getSourcePortEnd(),
rule.getProtocol(),
rule.getSourceCidrList(),
rule.getIcmpCode(),
rule.getIcmpType(),
null,
rule.getType(),
rule.getNetworkId(),
rule.getTrafficType());
}
protected LinkedHashMap<Network, List<? extends NicProfile>> configurePublicNic(
final RouterDeploymentDefinition routerDeploymentDefinition, final boolean hasGuestNic) {
final LinkedHashMap<Network, List<? extends NicProfile>> publicConfig =
new LinkedHashMap<Network, List<? extends NicProfile>>(3);
if (routerDeploymentDefinition.isPublicNetwork()) {
s_logger.debug("Adding nic for Virtual Router in Public network ");
// if source nat service is supported by the network, get the source
// nat ip address
final NicProfile defaultNic = new NicProfile();
defaultNic.setDefaultNic(true);
final PublicIp sourceNatIp = routerDeploymentDefinition.getSourceNatIP();
defaultNic.setIPv4Address(sourceNatIp.getAddress().addr());
defaultNic.setIPv4Gateway(sourceNatIp.getGateway());
defaultNic.setIPv4Netmask(sourceNatIp.getNetmask());
defaultNic.setMacAddress(sourceNatIp.getMacAddress());
// get broadcast from public network
final Network pubNet = _networkDao.findById(sourceNatIp.getNetworkId());
if (pubNet.getBroadcastDomainType() == BroadcastDomainType.Vxlan) {
defaultNic.setBroadcastType(BroadcastDomainType.Vxlan);
defaultNic.setBroadcastUri(BroadcastDomainType.Vxlan.toUri(sourceNatIp.getVlanTag()));
defaultNic.setIsolationUri(BroadcastDomainType.Vxlan.toUri(sourceNatIp.getVlanTag()));
} else {
defaultNic.setBroadcastType(BroadcastDomainType.Vlan);
defaultNic.setBroadcastUri(BroadcastDomainType.Vlan.toUri(sourceNatIp.getVlanTag()));
defaultNic.setIsolationUri(IsolationType.Vlan.toUri(sourceNatIp.getVlanTag()));
}
// If guest nic has already been added we will have 2 devices in the list.
if (hasGuestNic) {
defaultNic.setDeviceId(2);
}
final NetworkOffering publicOffering =
_networkModel
.getSystemAccountNetworkOfferings(NetworkOffering.SystemPublicNetwork)
.get(0);
final List<? extends Network> publicNetworks =
_networkMgr.setupNetwork(
s_systemAccount,
publicOffering,
routerDeploymentDefinition.getPlan(),
null,
null,
false);
final String publicIp = defaultNic.getIPv4Address();
// We want to use the identical MAC address for RvR on public
// interface if possible
final NicVO peerNic =
_nicDao.findByIp4AddressAndNetworkId(publicIp, publicNetworks.get(0).getId());
if (peerNic != null) {
s_logger.info("Use same MAC as previous RvR, the MAC is " + peerNic.getMacAddress());
defaultNic.setMacAddress(peerNic.getMacAddress());
}
publicConfig.put(publicNetworks.get(0), new ArrayList<NicProfile>(Arrays.asList(defaultNic)));
}
return publicConfig;
}
@Override
public boolean applyACLToNetwork(long networkId) throws ResourceUnavailableException {
Network network = _networkDao.findById(networkId);
if (network.getNetworkACLId() == null) {
return true;
}
List<NetworkACLItemVO> rules = _networkACLItemDao.listByACL(network.getNetworkACLId());
return applyACLItemsToNetwork(networkId, rules);
}
@Override
public boolean replaceNetworkACL(NetworkACL acl, NetworkVO network)
throws ResourceUnavailableException {
NetworkOffering guestNtwkOff =
_entityMgr.findById(NetworkOffering.class, network.getNetworkOfferingId());
if (guestNtwkOff == null) {
throw new InvalidParameterValueException(
"Can't find network offering associated with network: " + network.getUuid());
}
// verify that ACLProvider is supported by network offering
if (!_ntwkModel.areServicesSupportedByNetworkOffering(
guestNtwkOff.getId(), Service.NetworkACL)) {
throw new InvalidParameterValueException(
"Cannot apply NetworkACL. Network Offering does not support NetworkACL service");
}
if (network.getNetworkACLId() != null) {
// Revoke ACL Items of the existing ACL if the new ACL is empty
// Existing rules won't be removed otherwise
List<NetworkACLItemVO> aclItems = _networkACLItemDao.listByACL(acl.getId());
if (aclItems == null || aclItems.isEmpty()) {
s_logger.debug("New network ACL is empty. Revoke existing rules before applying ACL");
if (!revokeACLItemsForNetwork(network.getId())) {
throw new CloudRuntimeException(
"Failed to replace network ACL. Error while removing existing ACL items for network: "
+ network.getId());
}
}
}
network.setNetworkACLId(acl.getId());
// Update Network ACL
if (_networkDao.update(network.getId(), network)) {
s_logger.debug(
"Updated network: "
+ network.getId()
+ " with Network ACL Id: "
+ acl.getId()
+ ", Applying ACL items");
// Apply ACL to network
return applyACLToNetwork(network.getId());
}
return false;
}
@Override
public boolean applyDefaultEgressFirewallRule(Long networkId, boolean defaultPolicy)
throws ResourceUnavailableException {
if (defaultPolicy == false) {
// If default policy is false no need apply rules on backend because firewall provider blocks
// by default
return true;
}
s_logger.debug("applying default firewall egress rules ");
NetworkVO network = _networkDao.findById(networkId);
List<String> sourceCidr = new ArrayList<String>();
sourceCidr.add(NetUtils.ALL_CIDRS);
FirewallRuleVO ruleVO =
new FirewallRuleVO(
null,
null,
null,
null,
"all",
networkId,
network.getAccountId(),
network.getDomainId(),
Purpose.Firewall,
sourceCidr,
null,
null,
null,
FirewallRule.TrafficType.Egress,
FirewallRuleType.System);
List<FirewallRuleVO> rules = new ArrayList<FirewallRuleVO>();
rules.add(ruleVO);
try {
// this is not required to store in db because we don't to add this rule along with the normal
// rules
if (!applyRules(rules, false, false)) {
return false;
}
} catch (ResourceUnavailableException ex) {
s_logger.warn("Failed to apply default egress rules for guest network due to ", ex);
return false;
}
return true;
}
@Override
public String[] applyVpnUsers(RemoteAccessVpn vpn, List<? extends VpnUser> users)
throws ResourceUnavailableException {
Network config = _networksDao.findById(vpn.getNetworkId());
if (!canHandle(config)) {
return null;
}
boolean result = _externalNetworkManager.manageRemoteAccessVpnUsers(config, vpn, users);
String[] results = new String[users.size()];
for (int i = 0; i < results.length; i++) {
results[i] = String.valueOf(result);
}
return results;
}
@Override
public boolean release(
NicProfile nic, VirtualMachineProfile<? extends VirtualMachine> vm, String reservationId) {
if (Boolean.parseBoolean(_configDao.getValue(Config.OvsTunnelNetwork.key()))) {
return true;
}
NetworkVO network = _networkDao.findById(nic.getNetworkId());
if (network != null
&& _networkModel.networkIsConfiguredForExternalNetworking(
network.getDataCenterId(), network.getId())) {
return true;
} else {
return super.release(nic, vm, reservationId);
}
}
@Override
public boolean applyNetworkACL(long aclId) throws ResourceUnavailableException {
boolean handled = true;
boolean aclApplyStatus = true;
List<NetworkACLItemVO> rules = _networkACLItemDao.listByACL(aclId);
// Find all networks using this ACL and apply the ACL
List<NetworkVO> networks = _networkDao.listByAclId(aclId);
for (NetworkVO network : networks) {
if (!applyACLItemsToNetwork(network.getId(), rules)) {
handled = false;
break;
}
}
List<VpcGatewayVO> vpcGateways =
_vpcGatewayDao.listByAclIdAndType(aclId, VpcGateway.Type.Private);
for (VpcGatewayVO vpcGateway : vpcGateways) {
PrivateGateway privateGateway = _vpcMgr.getVpcPrivateGateway(vpcGateway.getId());
if (!applyACLToPrivateGw(privateGateway)) {
aclApplyStatus = false;
s_logger.debug(
"failed to apply network acl item on private gateway "
+ privateGateway.getId()
+ "acl id "
+ aclId);
break;
}
}
if (handled && aclApplyStatus) {
for (NetworkACLItem rule : rules) {
if (rule.getState() == NetworkACLItem.State.Revoke) {
removeRule(rule);
} else if (rule.getState() == NetworkACLItem.State.Add) {
NetworkACLItemVO ruleVO = _networkACLItemDao.findById(rule.getId());
ruleVO.setState(NetworkACLItem.State.Active);
_networkACLItemDao.update(ruleVO.getId(), ruleVO);
}
}
}
return handled && aclApplyStatus;
}
private boolean preparePxeInBasicZone(
VirtualMachineProfile profile,
NicProfile nic,
DeployDestination dest,
ReservationContext context)
throws AgentUnavailableException, OperationTimedoutException {
NetworkVO nwVO = _nwDao.findById(nic.getNetworkId());
QueryBuilder<BaremetalPxeVO> sc = QueryBuilder.create(BaremetalPxeVO.class);
sc.and(sc.entity().getDeviceType(), Op.EQ, BaremetalPxeType.KICK_START.toString());
sc.and(sc.entity().getPhysicalNetworkId(), Op.EQ, nwVO.getPhysicalNetworkId());
BaremetalPxeVO pxeVo = sc.find();
if (pxeVo == null) {
throw new CloudRuntimeException(
"No kickstart PXE server found in pod: "
+ dest.getPod().getId()
+ ", you need to add it before starting VM");
}
VMTemplateVO template = _tmpDao.findById(profile.getTemplateId());
List<String> tuple = parseKickstartUrl(profile);
String ks = tuple.get(0);
String kernel = tuple.get(1);
String initrd = tuple.get(2);
PrepareKickstartPxeServerCommand cmd = new PrepareKickstartPxeServerCommand();
cmd.setKsFile(ks);
cmd.setInitrd(initrd);
cmd.setKernel(kernel);
cmd.setMac(nic.getMacAddress());
cmd.setTemplateUuid(template.getUuid());
Answer aws = _agentMgr.send(pxeVo.getHostId(), cmd);
if (!aws.getResult()) {
s_logger.warn(
"Unable to set host: "
+ dest.getHost().getId()
+ " to PXE boot because "
+ aws.getDetails());
return false;
}
return true;
}
@Override
public boolean configure(String name, Map<String, Object> params) throws ConfigurationException {
AllocatedIpSearch = _ipAddressDao.createSearchBuilder();
AllocatedIpSearch.and("allocated", AllocatedIpSearch.entity().getAllocatedTime(), Op.NNULL);
AllocatedIpSearch.and("dc", AllocatedIpSearch.entity().getDataCenterId(), Op.EQ);
SearchBuilder<NetworkVO> networkJoin = _networksDao.createSearchBuilder();
networkJoin.and("guestType", networkJoin.entity().getGuestType(), Op.EQ);
AllocatedIpSearch.join(
"network",
networkJoin,
AllocatedIpSearch.entity().getSourceNetworkId(),
networkJoin.entity().getId(),
JoinBuilder.JoinType.INNER);
AllocatedIpSearch.done();
_networkStatsInterval =
NumbersUtil.parseInt(_configDao.getValue(Config.DirectNetworkStatsInterval.key()), 86400);
_TSinclZones = _configDao.getValue(Config.TrafficSentinelIncludeZones.key());
_TSexclZones = _configDao.getValue(Config.TrafficSentinelExcludeZones.key());
_agentMgr.registerForHostEvents(
new DirectNetworkStatsListener(_networkStatsInterval), true, false, false);
_resourceMgr.registerResourceStateAdapter(this.getClass().getSimpleName(), this);
return true;
}
@Override
public boolean revokeACLItemsForNetwork(long networkId) throws ResourceUnavailableException {
Network network = _networkDao.findById(networkId);
if (network.getNetworkACLId() == null) {
return true;
}
List<NetworkACLItemVO> aclItems = _networkACLItemDao.listByACL(network.getNetworkACLId());
if (aclItems.isEmpty()) {
s_logger.debug("Found no network ACL Items for network id=" + networkId);
return true;
}
if (s_logger.isDebugEnabled()) {
s_logger.debug(
"Releasing " + aclItems.size() + " Network ACL Items for network id=" + networkId);
}
for (NetworkACLItemVO aclItem : aclItems) {
// Mark all Network ACLs rules as Revoke, but don't update in DB
if (aclItem.getState() == State.Add || aclItem.getState() == State.Active) {
aclItem.setState(State.Revoke);
}
}
boolean success = applyACLItemsToNetwork(network.getId(), aclItems);
if (s_logger.isDebugEnabled() && success) {
s_logger.debug(
"Successfully released Network ACLs for network id="
+ networkId
+ " and # of rules now = "
+ aclItems.size());
}
return success;
}
@DB
public LoadBalancer createLoadBalancer(CreateLoadBalancerRuleCmd lb, boolean openFirewall)
throws NetworkRuleConflictException {
long ipId = lb.getSourceIpAddressId();
UserContext caller = UserContext.current();
int srcPortStart = lb.getSourcePortStart();
int defPortStart = lb.getDefaultPortStart();
int srcPortEnd = lb.getSourcePortEnd();
IPAddressVO ipAddr = _ipAddressDao.findById(lb.getSourceIpAddressId());
Long networkId = ipAddr.getSourceNetworkId();
// make sure ip address exists
if (ipAddr == null || !ipAddr.readyToUse()) {
throw new InvalidParameterValueException(
"Unable to create load balancer rule, invalid IP address id" + ipId);
}
_firewallMgr.validateFirewallRule(
caller.getCaller(),
ipAddr,
srcPortStart,
srcPortEnd,
lb.getProtocol(),
Purpose.LoadBalancing);
networkId = ipAddr.getAssociatedWithNetworkId();
if (networkId == null) {
throw new InvalidParameterValueException(
"Unable to create load balancer rule ; ip id="
+ ipId
+ " is not associated with any network");
}
NetworkVO network = _networkDao.findById(networkId);
_accountMgr.checkAccess(caller.getCaller(), null, ipAddr);
// verify that lb service is supported by the network
if (!_networkMgr.isServiceSupported(network.getNetworkOfferingId(), Service.Lb)) {
throw new InvalidParameterValueException(
"LB service is not supported in network id= " + networkId);
}
Transaction txn = Transaction.currentTxn();
txn.start();
LoadBalancerVO newRule =
new LoadBalancerVO(
lb.getXid(),
lb.getName(),
lb.getDescription(),
lb.getSourceIpAddressId(),
lb.getSourcePortEnd(),
lb.getDefaultPortStart(),
lb.getAlgorithm(),
network.getId(),
ipAddr.getAccountId(),
ipAddr.getDomainId());
newRule = _lbDao.persist(newRule);
if (openFirewall) {
_firewallMgr.createRuleForAllCidrs(
ipId,
caller.getCaller(),
lb.getSourcePortStart(),
lb.getSourcePortEnd(),
lb.getProtocol(),
null,
null,
newRule.getId());
}
boolean success = true;
try {
_firewallMgr.detectRulesConflict(newRule, ipAddr);
if (!_firewallDao.setStateToAdd(newRule)) {
throw new CloudRuntimeException("Unable to update the state to add for " + newRule);
}
s_logger.debug(
"Load balancer "
+ newRule.getId()
+ " for Ip address id="
+ ipId
+ ", public port "
+ srcPortStart
+ ", private port "
+ defPortStart
+ " is added successfully.");
UserContext.current().setEventDetails("Load balancer Id: " + newRule.getId());
UsageEventVO usageEvent =
new UsageEventVO(
EventTypes.EVENT_LOAD_BALANCER_CREATE,
ipAddr.getAllocatedToAccountId(),
ipAddr.getDataCenterId(),
newRule.getId(),
null);
_usageEventDao.persist(usageEvent);
txn.commit();
return newRule;
} catch (Exception e) {
success = false;
if (e instanceof NetworkRuleConflictException) {
throw (NetworkRuleConflictException) e;
}
throw new CloudRuntimeException(
"Unable to add rule for ip address id=" + newRule.getSourceIpAddressId(), e);
} finally {
if (!success && newRule != null) {
txn.start();
_firewallMgr.revokeRelatedFirewallRule(newRule.getId(), false);
_lbDao.remove(newRule.getId());
txn.commit();
}
}
}
@Override
public boolean finalizeVirtualMachineProfile(
VirtualMachineProfile<DomainRouterVO> profile,
DeployDestination dest,
ReservationContext context) {
DomainRouterVO elbVm = profile.getVirtualMachine();
List<NicProfile> elbNics = profile.getNics();
Long guestNtwkId = null;
for (NicProfile routerNic : elbNics) {
if (routerNic.getTrafficType() == TrafficType.Guest) {
guestNtwkId = routerNic.getNetworkId();
break;
}
}
NetworkVO guestNetwork = _networkDao.findById(guestNtwkId);
DataCenter dc = dest.getDataCenter();
StringBuilder buf = profile.getBootArgsBuilder();
buf.append(" template=domP type=" + _systemVmType);
buf.append(" name=").append(profile.getHostName());
NicProfile controlNic = null;
String defaultDns1 = null;
String defaultDns2 = null;
for (NicProfile nic : profile.getNics()) {
int deviceId = nic.getDeviceId();
buf.append(" eth").append(deviceId).append("ip=").append(nic.getIp4Address());
buf.append(" eth").append(deviceId).append("mask=").append(nic.getNetmask());
if (nic.isDefaultNic()) {
buf.append(" gateway=").append(nic.getGateway());
defaultDns1 = nic.getDns1();
defaultDns2 = nic.getDns2();
}
if (nic.getTrafficType() == TrafficType.Management) {
buf.append(" localgw=").append(dest.getPod().getGateway());
} else if (nic.getTrafficType() == TrafficType.Control) {
// control command is sent over management network in VMware
if (dest.getHost().getHypervisorType() == HypervisorType.VMware) {
if (s_logger.isInfoEnabled()) {
s_logger.info(
"Check if we need to add management server explicit route to ELB vm. pod cidr: "
+ dest.getPod().getCidrAddress()
+ "/"
+ dest.getPod().getCidrSize()
+ ", pod gateway: "
+ dest.getPod().getGateway()
+ ", management host: "
+ _mgmtHost);
}
if (s_logger.isDebugEnabled()) {
s_logger.debug("Added management server explicit route to ELB vm.");
}
// always add management explicit route, for basic networking setup
buf.append(" mgmtcidr=").append(_mgmtCidr);
buf.append(" localgw=").append(dest.getPod().getGateway());
if (dc.getNetworkType() == NetworkType.Basic) {
// ask elb vm to setup SSH on guest network
buf.append(" sshonguest=true");
}
}
controlNic = nic;
}
}
String domain = guestNetwork.getNetworkDomain();
if (domain != null) {
buf.append(" domain=" + domain);
}
buf.append(" dns1=").append(defaultDns1);
if (defaultDns2 != null) {
buf.append(" dns2=").append(defaultDns2);
}
if (s_logger.isDebugEnabled()) {
s_logger.debug("Boot Args for " + profile + ": " + buf.toString());
}
if (controlNic == null) {
throw new CloudRuntimeException("Didn't start a control port");
}
return true;
}
public DomainRouterVO deployELBVm(
Network guestNetwork, DeployDestination dest, Account owner, Map<Param, Object> params)
throws ConcurrentOperationException, ResourceUnavailableException,
InsufficientCapacityException {
long dcId = dest.getDataCenter().getId();
// lock guest network
Long guestNetworkId = guestNetwork.getId();
guestNetwork = _networkDao.acquireInLockTable(guestNetworkId);
if (guestNetwork == null) {
throw new ConcurrentOperationException("Unable to acquire network lock: " + guestNetworkId);
}
try {
if (_networkModel.isNetworkSystem(guestNetwork)
|| guestNetwork.getGuestType() == Network.GuestType.Shared) {
owner = _accountService.getSystemAccount();
}
if (s_logger.isDebugEnabled()) {
s_logger.debug(
"Starting a ELB vm for network configurations: " + guestNetwork + " in " + dest);
}
assert guestNetwork.getState() == Network.State.Implemented
|| guestNetwork.getState() == Network.State.Setup
|| guestNetwork.getState() == Network.State.Implementing
: "Network is not yet fully implemented: " + guestNetwork;
DataCenterDeployment plan = null;
DomainRouterVO elbVm = null;
plan = new DataCenterDeployment(dcId, dest.getPod().getId(), null, null, null, null);
if (elbVm == null) {
long id = _routerDao.getNextInSequence(Long.class, "id");
if (s_logger.isDebugEnabled()) {
s_logger.debug("Creating the ELB vm " + id);
}
List<? extends NetworkOffering> offerings =
_networkModel.getSystemAccountNetworkOfferings(NetworkOffering.SystemControlNetwork);
NetworkOffering controlOffering = offerings.get(0);
NetworkVO controlConfig =
_networkMgr.setupNetwork(_systemAcct, controlOffering, plan, null, null, false).get(0);
List<Pair<NetworkVO, NicProfile>> networks = new ArrayList<Pair<NetworkVO, NicProfile>>(2);
NicProfile guestNic = new NicProfile();
guestNic.setDefaultNic(true);
networks.add(new Pair<NetworkVO, NicProfile>(controlConfig, null));
networks.add(new Pair<NetworkVO, NicProfile>((NetworkVO) guestNetwork, guestNic));
VMTemplateVO template = _templateDao.findSystemVMTemplate(dcId);
String typeString = "ElasticLoadBalancerVm";
Long physicalNetworkId = _networkModel.getPhysicalNetworkId(guestNetwork);
PhysicalNetworkServiceProvider provider =
_physicalProviderDao.findByServiceProvider(physicalNetworkId, typeString);
if (provider == null) {
throw new CloudRuntimeException(
"Cannot find service provider "
+ typeString
+ " in physical network "
+ physicalNetworkId);
}
VirtualRouterProvider vrProvider =
_vrProviderDao.findByNspIdAndType(
provider.getId(), VirtualRouterProviderType.ElasticLoadBalancerVm);
if (vrProvider == null) {
throw new CloudRuntimeException(
"Cannot find virtual router provider "
+ typeString
+ " as service provider "
+ provider.getId());
}
elbVm =
new DomainRouterVO(
id,
_elasticLbVmOffering.getId(),
vrProvider.getId(),
VirtualMachineName.getSystemVmName(id, _instance, _elbVmNamePrefix),
template.getId(),
template.getHypervisorType(),
template.getGuestOSId(),
owner.getDomainId(),
owner.getId(),
false,
0,
false,
RedundantState.UNKNOWN,
_elasticLbVmOffering.getOfferHA(),
false,
VirtualMachine.Type.ElasticLoadBalancerVm,
null);
elbVm.setRole(Role.LB);
elbVm = _itMgr.allocate(elbVm, template, _elasticLbVmOffering, networks, plan, null, owner);
// TODO: create usage stats
}
State state = elbVm.getState();
if (state != State.Running) {
elbVm =
this.start(
elbVm, _accountService.getSystemUser(), _accountService.getSystemAccount(), params);
}
return elbVm;
} finally {
_networkDao.releaseFromLockTable(guestNetworkId);
}
}
