http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/1e38515f/plugins/network-elements/cisco-vnmc/src/com/cloud/network/element/CiscoVnmcElement.java ---------------------------------------------------------------------- diff --git a/plugins/network-elements/cisco-vnmc/src/com/cloud/network/element/CiscoVnmcElement.java b/plugins/network-elements/cisco-vnmc/src/com/cloud/network/element/CiscoVnmcElement.java index d3f9cab..c96abac 100644 --- a/plugins/network-elements/cisco-vnmc/src/com/cloud/network/element/CiscoVnmcElement.java +++ b/plugins/network-elements/cisco-vnmc/src/com/cloud/network/element/CiscoVnmcElement.java @@ -104,7 +104,6 @@ import com.cloud.utils.component.AdapterBase; import com.cloud.utils.component.Inject; import com.cloud.utils.db.Transaction; import com.cloud.utils.exception.CloudRuntimeException; -import com.cloud.utils.net.NetUtils; import com.cloud.vm.NicProfile; import com.cloud.vm.ReservationContext; import com.cloud.vm.VirtualMachine; @@ -114,13 +113,13 @@ import com.cloud.vm.VirtualMachineProfile; public class CiscoVnmcElement extends AdapterBase implements SourceNatServiceProvider, FirewallServiceProvider, PortForwardingServiceProvider, IpDeployer, StaticNatServiceProvider, ResourceStateAdapter, NetworkElement, CiscoVnmcElementService, CiscoAsa1000vService { - private static final Logger s_logger = Logger.getLogger(CiscoVnmcElement.class); + private static final Logger s_logger = Logger.getLogger(CiscoVnmcElement.class); private static final Map<Service, Map<Capability, String>> capabilities = setCapabilities(); @Inject AgentManager _agentMgr; @Inject - ResourceManager _resourceMgr; + ResourceManager _resourceMgr; @Inject ConfigurationManager _configMgr; @Inject @@ -155,7 +154,7 @@ public class CiscoVnmcElement extends AdapterBase implements SourceNatServicePro return false; //TODO: should handle VxLAN as well } - return true; + return true; } @Override @@ -212,7 +211,7 @@ public class CiscoVnmcElement extends AdapterBase implements SourceNatServicePro } private boolean configureSourceNat(long vlanId, String guestCidr, - PublicIp sourceNatIp, long hostId) { + PublicIp sourceNatIp, long hostId) { boolean add = (sourceNatIp.getState() == IpAddress.State.Releasing ? false : true); IpAddressTO ip = new IpAddressTO(sourceNatIp.getAccountId(), sourceNatIp.getAddress().addr(), add, false, sourceNatIp.isSourceNat(), sourceNatIp.getVlanTag(), sourceNatIp.getGateway(), sourceNatIp.getNetmask(), sourceNatIp.getMacAddress(), @@ -230,7 +229,7 @@ public class CiscoVnmcElement extends AdapterBase implements SourceNatServicePro } private boolean associateAsaWithLogicalEdgeFirewall(long vlanId, - String asaMgmtIp, long hostId) { + String asaMgmtIp, long hostId) { AssociateAsaWithLogicalEdgeFirewallCommand cmd = new AssociateAsaWithLogicalEdgeFirewallCommand(vlanId, asaMgmtIp); Answer answer = _agentMgr.easySend(hostId, cmd); @@ -239,9 +238,9 @@ public class CiscoVnmcElement extends AdapterBase implements SourceNatServicePro @Override public boolean implement(Network network, NetworkOffering offering, - DeployDestination dest, ReservationContext context) - throws ConcurrentOperationException, ResourceUnavailableException, - InsufficientCapacityException { + DeployDestination dest, ReservationContext context) + throws ConcurrentOperationException, ResourceUnavailableException, + InsufficientCapacityException { DataCenter zone = _configMgr.getZone(network.getDataCenterId()); if (zone.getNetworkType() == NetworkType.Basic) { @@ -280,13 +279,13 @@ public class CiscoVnmcElement extends AdapterBase implements SourceNatServicePro List<CiscoAsa1000vDeviceVO> asaList = _ciscoAsa1000vDao.listByPhysicalNetwork(network.getPhysicalNetworkId()); if (asaList.isEmpty()) { s_logger.debug("No Cisco ASA 1000v device on network " + network.getName()); - return false; + return false; } NetworkAsa1000vMapVO asaForNetwork = _networkAsa1000vMapDao.findByNetworkId(network.getId()); if (asaForNetwork != null) { s_logger.debug("Cisco ASA 1000v device already associated with network " + network.getName()); - return true; + return true; } if (!_networkMgr.isProviderSupportServiceInNetwork(network.getId(), Service.SourceNat, Provider.CiscoVnmc)) { @@ -294,13 +293,13 @@ public class CiscoVnmcElement extends AdapterBase implements SourceNatServicePro return false; } - Transaction txn = Transaction.currentTxn(); - boolean status = false; + Transaction txn = Transaction.currentTxn(); + boolean status = false; try { - txn.start(); + txn.start(); // ensure that there is an ASA 1000v assigned to this network - CiscoAsa1000vDevice assignedAsa = assignAsa1000vToNetwork(network); + CiscoAsa1000vDevice assignedAsa = assignAsa1000vToNetwork(network); if (assignedAsa == null) { s_logger.error("Unable to assign ASA 1000v device to network " + network.getName()); return false; @@ -354,84 +353,84 @@ public class CiscoVnmcElement extends AdapterBase implements SourceNatServicePro return true; } - @Override - public boolean prepare(Network network, NicProfile nic, - VirtualMachineProfile<? extends VirtualMachine> vm, - DeployDestination dest, ReservationContext context) - throws ConcurrentOperationException, ResourceUnavailableException, - InsufficientCapacityException { - //Ensure that there is an ASA 1000v assigned to this network - return true; - } - - @Override - public boolean release(Network network, NicProfile nic, - VirtualMachineProfile<? extends VirtualMachine> vm, - ReservationContext context) throws ConcurrentOperationException, - ResourceUnavailableException { - // TODO Auto-generated method stub - return false; - } - - @Override - public boolean shutdown(Network network, ReservationContext context, - boolean cleanup) throws ConcurrentOperationException, - ResourceUnavailableException { - // TODO Auto-generated method stub - return false; - } - - @Override - public boolean isReady(PhysicalNetworkServiceProvider provider) { - // TODO Auto-generated method stub - return false; - } - - @Override - public boolean shutdownProviderInstances( - PhysicalNetworkServiceProvider provider, ReservationContext context) - throws ConcurrentOperationException, ResourceUnavailableException { - // TODO Auto-generated method stub - return false; - } - - @Override - public boolean canEnableIndividualServices() { - return true; - } - - @Override - public boolean verifyServicesCombination(Set<Service> services) { + @Override + public boolean prepare(Network network, NicProfile nic, + VirtualMachineProfile<? extends VirtualMachine> vm, + DeployDestination dest, ReservationContext context) + throws ConcurrentOperationException, ResourceUnavailableException, + InsufficientCapacityException { + //Ensure that there is an ASA 1000v assigned to this network + return true; + } + + @Override + public boolean release(Network network, NicProfile nic, + VirtualMachineProfile<? extends VirtualMachine> vm, + ReservationContext context) throws ConcurrentOperationException, + ResourceUnavailableException { + // TODO Auto-generated method stub + return false; + } + + @Override + public boolean shutdown(Network network, ReservationContext context, + boolean cleanup) throws ConcurrentOperationException, + ResourceUnavailableException { + // TODO Auto-generated method stub + return false; + } + + @Override + public boolean isReady(PhysicalNetworkServiceProvider provider) { + // TODO Auto-generated method stub + return false; + } + + @Override + public boolean shutdownProviderInstances( + PhysicalNetworkServiceProvider provider, ReservationContext context) + throws ConcurrentOperationException, ResourceUnavailableException { + // TODO Auto-generated method stub + return false; + } + + @Override + public boolean canEnableIndividualServices() { + return true; + } + + @Override + public boolean verifyServicesCombination(Set<Service> services) { if (!services.contains(Service.Firewall)) { s_logger.warn("CiscoVnmc must be used as Firewall Service Provider in the network"); return false; } return true; - } - - @Override - public boolean applyFWRules(Network network, - List<? extends FirewallRule> rules) - throws ResourceUnavailableException { - // TODO Auto-generated method stub - return false; - } - - @Override - public boolean destroy(Network network, ReservationContext context) - throws ConcurrentOperationException, ResourceUnavailableException { - // TODO Auto-generated method stub - return false; - } - - @Override - public List<Class<?>> getCommands() { - // TODO Auto-generated method stub - return null; - } - - @Override - public CiscoVnmcController addCiscoVnmcResource(AddCiscoVnmcResourceCmd cmd) { + } + + @Override + public boolean applyFWRules(Network network, + List<? extends FirewallRule> rules) + throws ResourceUnavailableException { + // TODO Auto-generated method stub + return false; + } + + @Override + public boolean destroy(Network network, ReservationContext context) + throws ConcurrentOperationException, ResourceUnavailableException { + // TODO Auto-generated method stub + return false; + } + + @Override + public List<Class<?>> getCommands() { + // TODO Auto-generated method stub + return null; + } + + @Override + public CiscoVnmcController addCiscoVnmcResource(AddCiscoVnmcResourceCmd cmd) { String deviceName = Provider.CiscoVnmc.getName(); NetworkDevice networkDevice = NetworkDevice.getNetworkDevice(deviceName); Long physicalNetworkId = cmd.getPhysicalNetworkId(); @@ -469,7 +468,7 @@ public class CiscoVnmcElement extends AdapterBase implements SourceNatServicePro Map<String, Object> hostdetails = new HashMap<String,Object>(); hostdetails.putAll(params); - ServerResource resource = new CiscoVnmcResource(); + ServerResource resource = new CiscoVnmcResource(); Transaction txn = Transaction.currentTxn(); try { resource.configure(cmd.getHost(), hostdetails); @@ -495,114 +494,114 @@ public class CiscoVnmcElement extends AdapterBase implements SourceNatServicePro } } - @Override - public CiscoVnmcResourceResponse createCiscoVnmcResourceResponse( - CiscoVnmcController ciscoVnmcResourceVO) { - HostVO ciscoVnmcHost = _hostDao.findById(ciscoVnmcResourceVO.getHostId()); - - CiscoVnmcResourceResponse response = new CiscoVnmcResourceResponse(); - response.setId(ciscoVnmcResourceVO.getUuid()); - response.setPhysicalNetworkId(ciscoVnmcResourceVO.getPhysicalNetworkId()); - response.setProviderName(ciscoVnmcResourceVO.getProviderName()); - response.setResourceName(ciscoVnmcHost.getName()); - - return response; - } - - @Override - public boolean deleteCiscoVnmcResource(DeleteCiscoVnmcResourceCmd cmd) { - // TODO Auto-generated method stub - return false; - } - - @Override - public List<CiscoVnmcControllerVO> listCiscoVnmcResources( - ListCiscoVnmcResourcesCmd cmd) { - Long physicalNetworkId = cmd.getPhysicalNetworkId(); - Long ciscoVnmcResourceId = cmd.getCiscoVnmcResourceId(); - List<CiscoVnmcControllerVO> responseList = new ArrayList<CiscoVnmcControllerVO>(); - - if (physicalNetworkId == null && ciscoVnmcResourceId == null) { - throw new InvalidParameterValueException("Either physical network Id or vnmc device Id must be specified"); - } - - if (ciscoVnmcResourceId != null) { - CiscoVnmcControllerVO ciscoVnmcResource = _ciscoVnmcDao.findById(ciscoVnmcResourceId); - if (ciscoVnmcResource == null) { - throw new InvalidParameterValueException("Could not find Cisco Vnmc device with id: " + ciscoVnmcResource); - } - responseList.add(ciscoVnmcResource); - } - else { - PhysicalNetworkVO physicalNetwork = _physicalNetworkDao.findById(physicalNetworkId); - if (physicalNetwork == null) { - throw new InvalidParameterValueException("Could not find a physical network with id: " + physicalNetworkId); - } - responseList = _ciscoVnmcDao.listByPhysicalNetwork(physicalNetworkId); - } - - return responseList; - } - - @Override - public IpDeployer getIpDeployer(Network network) { - // TODO Auto-generated method stub - return null; - } - - @Override - public boolean applyPFRules(Network network, List<PortForwardingRule> rules) - throws ResourceUnavailableException { - // TODO Auto-generated method stub - return false; - } - - @Override - public boolean applyStaticNats(Network config, - List<? extends StaticNat> rules) - throws ResourceUnavailableException { - // TODO Auto-generated method stub - return false; - } - - @Override - public boolean applyIps(Network network, - List<? extends PublicIpAddress> ipAddress, Set<Service> services) - throws ResourceUnavailableException { - // TODO Auto-generated method stub - return false; - } - - @Override - public HostVO createHostVOForConnectedAgent(HostVO host, - StartupCommand[] cmd) { - // TODO Auto-generated method stub - return null; - } - - @Override - public HostVO createHostVOForDirectConnectAgent(HostVO host, - StartupCommand[] startup, ServerResource resource, - Map<String, String> details, List<String> hostTags) { + @Override + public CiscoVnmcResourceResponse createCiscoVnmcResourceResponse( + CiscoVnmcController ciscoVnmcResourceVO) { + HostVO ciscoVnmcHost = _hostDao.findById(ciscoVnmcResourceVO.getHostId()); + + CiscoVnmcResourceResponse response = new CiscoVnmcResourceResponse(); + response.setId(ciscoVnmcResourceVO.getUuid()); + response.setPhysicalNetworkId(ciscoVnmcResourceVO.getPhysicalNetworkId()); + response.setProviderName(ciscoVnmcResourceVO.getProviderName()); + response.setResourceName(ciscoVnmcHost.getName()); + + return response; + } + + @Override + public boolean deleteCiscoVnmcResource(DeleteCiscoVnmcResourceCmd cmd) { + // TODO Auto-generated method stub + return false; + } + + @Override + public List<CiscoVnmcControllerVO> listCiscoVnmcResources( + ListCiscoVnmcResourcesCmd cmd) { + Long physicalNetworkId = cmd.getPhysicalNetworkId(); + Long ciscoVnmcResourceId = cmd.getCiscoVnmcResourceId(); + List<CiscoVnmcControllerVO> responseList = new ArrayList<CiscoVnmcControllerVO>(); + + if (physicalNetworkId == null && ciscoVnmcResourceId == null) { + throw new InvalidParameterValueException("Either physical network Id or vnmc device Id must be specified"); + } + + if (ciscoVnmcResourceId != null) { + CiscoVnmcControllerVO ciscoVnmcResource = _ciscoVnmcDao.findById(ciscoVnmcResourceId); + if (ciscoVnmcResource == null) { + throw new InvalidParameterValueException("Could not find Cisco Vnmc device with id: " + ciscoVnmcResource); + } + responseList.add(ciscoVnmcResource); + } + else { + PhysicalNetworkVO physicalNetwork = _physicalNetworkDao.findById(physicalNetworkId); + if (physicalNetwork == null) { + throw new InvalidParameterValueException("Could not find a physical network with id: " + physicalNetworkId); + } + responseList = _ciscoVnmcDao.listByPhysicalNetwork(physicalNetworkId); + } + + return responseList; + } + + @Override + public IpDeployer getIpDeployer(Network network) { + // TODO Auto-generated method stub + return null; + } + + @Override + public boolean applyPFRules(Network network, List<PortForwardingRule> rules) + throws ResourceUnavailableException { + // TODO Auto-generated method stub + return false; + } + + @Override + public boolean applyStaticNats(Network config, + List<? extends StaticNat> rules) + throws ResourceUnavailableException { + // TODO Auto-generated method stub + return false; + } + + @Override + public boolean applyIps(Network network, + List<? extends PublicIpAddress> ipAddress, Set<Service> services) + throws ResourceUnavailableException { + // TODO Auto-generated method stub + return false; + } + + @Override + public HostVO createHostVOForConnectedAgent(HostVO host, + StartupCommand[] cmd) { + // TODO Auto-generated method stub + return null; + } + + @Override + public HostVO createHostVOForDirectConnectAgent(HostVO host, + StartupCommand[] startup, ServerResource resource, + Map<String, String> details, List<String> hostTags) { if (!(startup[0] instanceof StartupExternalFirewallCommand)) { return null; } host.setType(Host.Type.ExternalFirewall); return host; - } + } - @Override - public DeleteHostAnswer deleteHost(HostVO host, boolean isForced, - boolean isForceDeleteStorage) throws UnableDeleteHostException { + @Override + public DeleteHostAnswer deleteHost(HostVO host, boolean isForced, + boolean isForceDeleteStorage) throws UnableDeleteHostException { if (host.getType() != com.cloud.host.Host.Type.ExternalFirewall) { return null; } return new DeleteHostAnswer(true); - } + } - @Override - public CiscoAsa1000vDevice addCiscoAsa1000vResource( - AddCiscoAsa1000vResourceCmd cmd) { + @Override + public CiscoAsa1000vDevice addCiscoAsa1000vResource( + AddCiscoAsa1000vResourceCmd cmd) { Long physicalNetworkId = cmd.getPhysicalNetworkId(); CiscoAsa1000vDevice ciscoAsa1000vResource = null; @@ -615,56 +614,56 @@ public class CiscoVnmcElement extends AdapterBase implements SourceNatServicePro _ciscoAsa1000vDao.persist((CiscoAsa1000vDeviceVO)ciscoAsa1000vResource); return ciscoAsa1000vResource; - } - - @Override - public CiscoAsa1000vResourceResponse createCiscoAsa1000vResourceResponse( - CiscoAsa1000vDevice ciscoAsa1000vDeviceVO) { - CiscoAsa1000vResourceResponse response = new CiscoAsa1000vResourceResponse(); - response.setId(ciscoAsa1000vDeviceVO.getUuid()); - response.setManagementIp(ciscoAsa1000vDeviceVO.getManagementIp()); - response.setInPortProfile(ciscoAsa1000vDeviceVO.getInPortProfile()); - - return response; - } - - @Override - public boolean deleteCiscoAsa1000vResource( - DeleteCiscoAsa1000vResourceCmd cmd) { - // TODO Auto-generated method stub - return false; - } - - @Override - public List<CiscoAsa1000vDeviceVO> listCiscoAsa1000vResources( - ListCiscoAsa1000vResourcesCmd cmd) { - Long physicalNetworkId = cmd.getPhysicalNetworkId(); - Long ciscoAsa1000vResourceId = cmd.getCiscoAsa1000vResourceId(); - List<CiscoAsa1000vDeviceVO> responseList = new ArrayList<CiscoAsa1000vDeviceVO>(); - - if (physicalNetworkId == null && ciscoAsa1000vResourceId == null) { - throw new InvalidParameterValueException("Either physical network Id or Asa 1000v device Id must be specified"); - } - - if (ciscoAsa1000vResourceId != null) { - CiscoAsa1000vDeviceVO ciscoAsa1000vResource = _ciscoAsa1000vDao.findById(ciscoAsa1000vResourceId); - if (ciscoAsa1000vResource == null) { - throw new InvalidParameterValueException("Could not find Cisco Asa 1000v device with id: " + ciscoAsa1000vResourceId); - } - responseList.add(ciscoAsa1000vResource); - } else { - PhysicalNetworkVO physicalNetwork = _physicalNetworkDao.findById(physicalNetworkId); - if (physicalNetwork == null) { - throw new InvalidParameterValueException("Could not find a physical network with id: " + physicalNetworkId); - } - responseList = _ciscoAsa1000vDao.listByPhysicalNetwork(physicalNetworkId); - } - - return responseList; - } - - @Override - public CiscoAsa1000vDevice assignAsa1000vToNetwork(Network network) { + } + + @Override + public CiscoAsa1000vResourceResponse createCiscoAsa1000vResourceResponse( + CiscoAsa1000vDevice ciscoAsa1000vDeviceVO) { + CiscoAsa1000vResourceResponse response = new CiscoAsa1000vResourceResponse(); + response.setId(ciscoAsa1000vDeviceVO.getUuid()); + response.setManagementIp(ciscoAsa1000vDeviceVO.getManagementIp()); + response.setInPortProfile(ciscoAsa1000vDeviceVO.getInPortProfile()); + + return response; + } + + @Override + public boolean deleteCiscoAsa1000vResource( + DeleteCiscoAsa1000vResourceCmd cmd) { + // TODO Auto-generated method stub + return false; + } + + @Override + public List<CiscoAsa1000vDeviceVO> listCiscoAsa1000vResources( + ListCiscoAsa1000vResourcesCmd cmd) { + Long physicalNetworkId = cmd.getPhysicalNetworkId(); + Long ciscoAsa1000vResourceId = cmd.getCiscoAsa1000vResourceId(); + List<CiscoAsa1000vDeviceVO> responseList = new ArrayList<CiscoAsa1000vDeviceVO>(); + + if (physicalNetworkId == null && ciscoAsa1000vResourceId == null) { + throw new InvalidParameterValueException("Either physical network Id or Asa 1000v device Id must be specified"); + } + + if (ciscoAsa1000vResourceId != null) { + CiscoAsa1000vDeviceVO ciscoAsa1000vResource = _ciscoAsa1000vDao.findById(ciscoAsa1000vResourceId); + if (ciscoAsa1000vResource == null) { + throw new InvalidParameterValueException("Could not find Cisco Asa 1000v device with id: " + ciscoAsa1000vResourceId); + } + responseList.add(ciscoAsa1000vResource); + } else { + PhysicalNetworkVO physicalNetwork = _physicalNetworkDao.findById(physicalNetworkId); + if (physicalNetwork == null) { + throw new InvalidParameterValueException("Could not find a physical network with id: " + physicalNetworkId); + } + responseList = _ciscoAsa1000vDao.listByPhysicalNetwork(physicalNetworkId); + } + + return responseList; + } + + @Override + public CiscoAsa1000vDevice assignAsa1000vToNetwork(Network network) { List<CiscoAsa1000vDeviceVO> asaList = _ciscoAsa1000vDao.listByPhysicalNetwork(network.getPhysicalNetworkId()); for (CiscoAsa1000vDeviceVO asa : asaList) { NetworkAsa1000vMapVO assignedToNetwork = _networkAsa1000vMapDao.findByAsa1000vId(asa.getId()); @@ -672,7 +671,7 @@ public class CiscoVnmcElement extends AdapterBase implements SourceNatServicePro NetworkAsa1000vMapVO networkAsaMap = new NetworkAsa1000vMapVO(network.getId(), asa.getId()); _networkAsa1000vMapDao.persist(networkAsaMap); return asa; - } + } } return null; }
http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/1e38515f/plugins/network-elements/cisco-vnmc/src/com/cloud/network/resource/CiscoVnmcResource.java ---------------------------------------------------------------------- diff --git a/plugins/network-elements/cisco-vnmc/src/com/cloud/network/resource/CiscoVnmcResource.java b/plugins/network-elements/cisco-vnmc/src/com/cloud/network/resource/CiscoVnmcResource.java index 83d0588..3e58398 100644 --- a/plugins/network-elements/cisco-vnmc/src/com/cloud/network/resource/CiscoVnmcResource.java +++ b/plugins/network-elements/cisco-vnmc/src/com/cloud/network/resource/CiscoVnmcResource.java @@ -42,9 +42,11 @@ import com.cloud.agent.api.StartupExternalFirewallCommand; import com.cloud.agent.api.routing.IpAssocAnswer; import com.cloud.agent.api.routing.IpAssocCommand; import com.cloud.agent.api.routing.NetworkElementCommand; +import com.cloud.agent.api.routing.SetFirewallRulesCommand; import com.cloud.agent.api.routing.SetPortForwardingRulesCommand; import com.cloud.agent.api.routing.SetSourceNatCommand; import com.cloud.agent.api.routing.SetStaticNatRulesCommand; +import com.cloud.agent.api.to.FirewallRuleTO; import com.cloud.host.Host; import com.cloud.network.cisco.CiscoVnmcConnectionImpl; import com.cloud.resource.ServerResource; @@ -71,7 +73,7 @@ public class CiscoVnmcResource implements ServerResource{ private String _publicInterface; private String _privateInterface; - CiscoVnmcConnectionImpl _connection; + CiscoVnmcConnectionImpl _connection; private final Logger s_logger = Logger.getLogger(CiscoVnmcResource.class); @@ -84,6 +86,8 @@ public class CiscoVnmcResource implements ServerResource{ return execute((IpAssocCommand) cmd); } else if (cmd instanceof SetSourceNatCommand) { return execute((SetSourceNatCommand) cmd); + } else if (cmd instanceof SetFirewallRulesCommand) { + return execute((SetFirewallRulesCommand) cmd); } else if (cmd instanceof SetStaticNatRulesCommand) { return execute((SetStaticNatRulesCommand) cmd); } else if (cmd instanceof SetPortForwardingRulesCommand) { @@ -93,9 +97,9 @@ public class CiscoVnmcResource implements ServerResource{ } else if (cmd instanceof CreateLogicalEdgeFirewallCommand) { return execute((CreateLogicalEdgeFirewallCommand)cmd); } else if (cmd instanceof ConfigureNexusVsmForAsaCommand) { - return execute((ConfigureNexusVsmForAsaCommand)cmd); + return execute((ConfigureNexusVsmForAsaCommand)cmd); } else if (cmd instanceof AssociateAsaWithLogicalEdgeFirewallCommand) { - return execute((AssociateAsaWithLogicalEdgeFirewallCommand)cmd); + return execute((AssociateAsaWithLogicalEdgeFirewallCommand)cmd); } else { return Answer.createUnsupportedCommandAnswer(cmd); } @@ -131,7 +135,7 @@ public class CiscoVnmcResource implements ServerResource{ _password = (String) params.get("password"); if (_password == null) { throw new ConfigurationException("Unable to find password"); - } + } _publicInterface = (String) params.get("publicinterface"); if (_publicInterface == null) { @@ -232,7 +236,7 @@ public class CiscoVnmcResource implements ServerResource{ } private ExternalNetworkResourceUsageAnswer execute(ExternalNetworkResourceUsageCommand cmd) { - return new ExternalNetworkResourceUsageAnswer(cmd); + return new ExternalNetworkResourceUsageAnswer(cmd); } /* @@ -243,13 +247,13 @@ public class CiscoVnmcResource implements ServerResource{ try { ret = _connection.login(); } catch (ExecutionException ex) { - s_logger.error("Login to Vnmc failed", ex); + s_logger.error("Login to Vnmc failed", ex); } return ret; } private synchronized Answer execute(IpAssocCommand cmd) { - refreshVnmcConnection(); + refreshVnmcConnection(); return execute(cmd, _numRetries); } @@ -262,17 +266,17 @@ public class CiscoVnmcResource implements ServerResource{ * Source NAT */ private synchronized Answer execute(SetSourceNatCommand cmd) { - refreshVnmcConnection(); + refreshVnmcConnection(); return execute(cmd, _numRetries); } private Answer execute(SetSourceNatCommand cmd, int numRetries) { - String vlanId = cmd.getContextParam(NetworkElementCommand.GUEST_VLAN_TAG); + String vlanId = cmd.getContextParam(NetworkElementCommand.GUEST_VLAN_TAG); String tenant = "vlan-" + vlanId; try { // create-nat-policy-set if (!_connection.createTenantVDCNatPolicySet(tenant)) { - throw new Exception("Failed to create NAT policy set in VNMC for guest network with vlan " + vlanId); + throw new Exception("Failed to create NAT policy set in VNMC for guest network with vlan " + vlanId); } // create-source-nat-pool @@ -305,10 +309,65 @@ public class CiscoVnmcResource implements ServerResource{ } /* + * Firewall rule + */ + private synchronized Answer execute(SetFirewallRulesCommand cmd) { + refreshVnmcConnection(); + return execute(cmd, _numRetries); + } + + private Answer execute(SetFirewallRulesCommand cmd, int numRetries) { + String vlanId = cmd.getContextParam(NetworkElementCommand.GUEST_VLAN_TAG); + String tenant = "vlan-" + vlanId; + try { + // create-acl-policy-set for ingress + _connection.createTenantVDCAclPolicySet(tenant, true); + + // delete-acl-policy for ingress + _connection.deleteTenantVDCAclPolicy(tenant, true); + // delete-acl-policy for egress + + // create-acl-policy for ingress + _connection.createTenantVDCAclPolicy(tenant, true); + + // create-acl-policy-set for egress + // create-acl-policy for egress + + FirewallRuleTO[] rules = cmd.getRules(); + for (FirewallRuleTO rule : rules) { + if (rule.revoked()) { + // delete-acl-rule + //_connection.deleteAclRule(tenant, Long.toString(rule.getId())); + } else { + String cidr = rule.getSourceCidrList().get(0); + String[] result = cidr.split("\\/"); + assert (result.length == 2) : "Something is wrong with source cidr " + cidr; + long size = Long.valueOf(result[1]); + String startIp = NetUtils.getIpRangeStartIpFromCidr(result[0], size); + String endIp = NetUtils.getIpRangeEndIpFromCidr(result[0], size); + // create-ingress-acl-rule + _connection.createIngressAclRule(tenant, + Long.toString(rule.getId()), rule.getProtocol().toUpperCase(), startIp, endIp, + Integer.toString(rule.getSrcPortRange()[0]), Integer.toString(rule.getSrcPortRange()[1]), rule.getSrcIp()); + } + } + + // associate-acl-policy-set + _connection.associateAclPolicySet(tenant); + } catch (Throwable e) { + String msg = "SetFirewallRulesCommand failed due to " + e.getMessage(); + s_logger.error(msg, e); + return new Answer(cmd, false, msg); + } + + return new Answer(cmd); + } + + /* * Static NAT */ private synchronized Answer execute(SetStaticNatRulesCommand cmd) { - refreshVnmcConnection(); + refreshVnmcConnection(); return execute(cmd, _numRetries); } @@ -320,7 +379,7 @@ public class CiscoVnmcResource implements ServerResource{ * Destination NAT */ private synchronized Answer execute(SetPortForwardingRulesCommand cmd) { - refreshVnmcConnection(); + refreshVnmcConnection(); return execute(cmd, _numRetries); } @@ -332,7 +391,7 @@ public class CiscoVnmcResource implements ServerResource{ * Logical edge firewall */ private synchronized Answer execute(CreateLogicalEdgeFirewallCommand cmd) { - refreshVnmcConnection(); + refreshVnmcConnection(); return execute(cmd, _numRetries); } @@ -341,19 +400,19 @@ public class CiscoVnmcResource implements ServerResource{ try { // create tenant if (!_connection.createTenant(tenant)) - throw new Exception("Failed to create tenant in VNMC for guest network with vlan " + cmd.getVlanId()); + throw new Exception("Failed to create tenant in VNMC for guest network with vlan " + cmd.getVlanId()); // create tenant VDC if (!_connection.createTenantVDC(tenant)) - throw new Exception("Failed to create tenant VDC in VNMC for guest network with vlan " + cmd.getVlanId()); + throw new Exception("Failed to create tenant VDC in VNMC for guest network with vlan " + cmd.getVlanId()); // create edge security profile if (!_connection.createTenantVDCEdgeSecurityProfile(tenant)) - throw new Exception("Failed to create tenant edge security profile in VNMC for guest network with vlan " + cmd.getVlanId()); + throw new Exception("Failed to create tenant edge security profile in VNMC for guest network with vlan " + cmd.getVlanId()); // create logical edge firewall if (!_connection.createEdgeFirewall(tenant, cmd.getPublicIp(), cmd.getInternalIp(), cmd.getPublicSubnet(), cmd.getInternalSubnet())) - throw new Exception("Failed to create edge firewall in VNMC for guest network with vlan " + cmd.getVlanId()); + throw new Exception("Failed to create edge firewall in VNMC for guest network with vlan " + cmd.getVlanId()); } catch (Throwable e) { String msg = "CreateLogicalEdgeFirewallCommand failed due to " + e.getMessage(); s_logger.error(msg, e); @@ -371,7 +430,7 @@ public class CiscoVnmcResource implements ServerResource{ } private Answer execute(ConfigureNexusVsmForAsaCommand cmd, int numRetries) { - String vlanId = Long.toString(cmd.getVlanId()); + String vlanId = Long.toString(cmd.getVlanId()); NetconfHelper helper = null; List<Pair<OperationType, String>> params = new ArrayList<Pair<OperationType, String>>(); params.add(new Pair<OperationType, String>(OperationType.addvlanid, vlanId)); http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/1e38515f/plugins/network-elements/cisco-vnmc/test/com/cloud/network/cisco/CiscoVnmcConnectionTest.java ---------------------------------------------------------------------- diff --git a/plugins/network-elements/cisco-vnmc/test/com/cloud/network/cisco/CiscoVnmcConnectionTest.java b/plugins/network-elements/cisco-vnmc/test/com/cloud/network/cisco/CiscoVnmcConnectionTest.java index d116a52..9325951 100644 --- a/plugins/network-elements/cisco-vnmc/test/com/cloud/network/cisco/CiscoVnmcConnectionTest.java +++ b/plugins/network-elements/cisco-vnmc/test/com/cloud/network/cisco/CiscoVnmcConnectionTest.java @@ -30,229 +30,215 @@ import com.cloud.utils.exception.ExecutionException; @Ignore("Requires actual VNMC to connect to") public class CiscoVnmcConnectionTest { - static CiscoVnmcConnectionImpl connection; - static String tenantName = "TenantE"; - static Map<String, String> fwDns = null; - - @BeforeClass - public static void setUpClass() throws Exception { - connection = new CiscoVnmcConnectionImpl("10.223.56.5", "admin", "C1sco123"); - try { - boolean response = connection.login(); - assertTrue(response); - } catch (ExecutionException e) { - // TODO Auto-generated catch block - e.printStackTrace(); - } - } + static CiscoVnmcConnectionImpl connection; + static String tenantName = "TenantE"; + static Map<String, String> fwDns = null; - - @Test - public void testLogin() { - //fail("Not yet implemented"); - try { - boolean response = connection.login(); - assertTrue(response); - } catch (ExecutionException e) { - // TODO Auto-generated catch block - e.printStackTrace(); - } - } + @BeforeClass + public static void setUpClass() throws Exception { + connection = new CiscoVnmcConnectionImpl("10.223.56.5", "admin", "C1sco123"); + try { + boolean response = connection.login(); + assertTrue(response); + } catch (ExecutionException e) { + // TODO Auto-generated catch block + e.printStackTrace(); + } + } - - @Test - public void testCreateTenant() { - //fail("Not yet implemented"); - try { - boolean response = connection.createTenant(tenantName); - assertTrue(response); - } catch (ExecutionException e) { - // TODO Auto-generated catch block - e.printStackTrace(); - } - } - - - @Test - public void testCreateTenantVDC() { - //fail("Not yet implemented"); - try { - boolean response = connection.createTenantVDC(tenantName); - assertTrue(response); - } catch (ExecutionException e) { - // TODO Auto-generated catch block - e.printStackTrace(); - } - } - - - @Test - public void testCreateTenantVDCEdgeDeviceProfile() { - //fail("Not yet implemented"); - try { - boolean response = connection.createTenantVDCEdgeDeviceProfile(tenantName); - assertTrue(response); - } catch (ExecutionException e) { - // TODO Auto-generated catch block - e.printStackTrace(); - } - } - - - @Test - public void testCreateTenantVDCEdgeDeviceRoutePolicy() { - try { - boolean response = connection.createTenantVDCEdgeStaticRoutePolicy(tenantName); - assertTrue(response); - } catch (ExecutionException e) { - // TODO Auto-generated catch block - e.printStackTrace(); - } - } - - - @Test - public void testCreateTenantVDCEdgeDeviceRoute() { - try { - boolean response = connection.createTenantVDCEdgeStaticRoute(tenantName, - "10.223.136.1", "Edge_Outside", "0.0.0.0", "0.0.0.0"); - assertTrue(response); - } catch (ExecutionException e) { - // TODO Auto-generated catch block - e.printStackTrace(); - } - } - - - @Test - public void testAssociateRoutePolicyWithEdgeProfile() { - try { - boolean response = connection.associateTenantVDCEdgeStaticRoutePolicy(tenantName); - assertTrue(response); - } catch (ExecutionException e) { - // TODO Auto-generated catch block - e.printStackTrace(); - } - } - - - @Test - public void testAssociateTenantVDCEdgeDhcpPolicy() { - try { - boolean response = connection.associateTenantVDCEdgeDhcpPolicy(tenantName, "Edge_Inside"); - assertTrue(response); - } catch (ExecutionException e) { - // TODO Auto-generated catch block - e.printStackTrace(); - } - } - - - @Test - public void testCreateTenantVDCEdgeDhcpPolicy() { - try { - boolean response = connection.createTenantVDCEdgeDhcpPolicy(tenantName, - "10.1.1.2", "10.1.1.254", "255.255.255.0","4.4.4.4", tenantName+ ".net"); - assertTrue(response); - } catch (ExecutionException e) { - // TODO Auto-generated catch block - e.printStackTrace(); - } - } - - - @Test - public void testCreateTenantVDCEdgeSecurityProfile() { - try { - boolean response = connection.createTenantVDCEdgeSecurityProfile(tenantName); - assertTrue(response); - } catch (ExecutionException e) { - // TODO Auto-generated catch block - e.printStackTrace(); - } - } - - - @Test - public void testCreateTenantVDCSourceNATPool() { - try { - boolean response = connection.createTenantVDCSourceNATPool(tenantName, "10.223.136.10"); - assertTrue(response); - } catch (ExecutionException e) { - // TODO Auto-generated catch block - e.printStackTrace(); - } - } - - - @Test - public void testCreateTenantVDCSourceNATPolicy() { - try { - boolean response = connection.createTenantVDCSourceNATPolicy(tenantName, "10.1.1.2", "10.1.1.254"); - assertTrue(response); - } catch (ExecutionException e) { - // TODO Auto-generated catch block - e.printStackTrace(); - } - } - - - @Test - public void testCreateTenantVDCNatPolicySet() { - try { - boolean response = connection.createTenantVDCNatPolicySet(tenantName); - assertTrue(response); - } catch (ExecutionException e) { - // TODO Auto-generated catch block - e.printStackTrace(); - } - } - - - @Test - public void testAssociateNatPolicySet() { - try { - boolean response = connection.associateNatPolicySet(tenantName); - assertTrue(response); - } catch (ExecutionException e) { - // TODO Auto-generated catch block - e.printStackTrace(); - } - } - - - @Test - public void testCreateEdgeFirewall() { - try { - boolean response = connection.createEdgeFirewall(tenantName, - "44.44.44.44", "192.168.1.1", "255.255.255.0", "255.255.255.192"); - assertTrue(response); - } catch (ExecutionException e) { - e.printStackTrace(); - } - } - - @Test - public void testListUnassocAsa1000v() { - try { - Map<String, String> response = connection.listUnAssocAsa1000v(); - assertTrue(response.size() >=0); - fwDns = response; - } catch (ExecutionException e) { - // TODO Auto-generated catch block - e.printStackTrace(); - } - } - - - @Test - public void assocAsa1000v() { - try { - boolean result = connection.assocAsa1000v(tenantName, fwDns.get(0)); - assertTrue(result); - } catch (ExecutionException e) { - // TODO Auto-generated catch block - e.printStackTrace(); - } - } + + @Test + public void testLogin() { + //fail("Not yet implemented"); + try { + boolean response = connection.login(); + assertTrue(response); + } catch (ExecutionException e) { + // TODO Auto-generated catch block + e.printStackTrace(); + } + } + + + @Test + public void testCreateTenant() { + //fail("Not yet implemented"); + try { + boolean response = connection.createTenant(tenantName); + assertTrue(response); + } catch (ExecutionException e) { + // TODO Auto-generated catch block + e.printStackTrace(); + } + } + + @Test + public void testCreateTenantVDC() { + //fail("Not yet implemented"); + try { + boolean response = connection.createTenantVDC(tenantName); + assertTrue(response); + } catch (ExecutionException e) { + // TODO Auto-generated catch block + e.printStackTrace(); + } + } + + @Test + public void testCreateTenantVDCEdgeDeviceProfile() { + //fail("Not yet implemented"); + try { + boolean response = connection.createTenantVDCEdgeDeviceProfile(tenantName); + assertTrue(response); + } catch (ExecutionException e) { + // TODO Auto-generated catch block + e.printStackTrace(); + } + } + + @Test + public void testCreateTenantVDCEdgeDeviceRoutePolicy() { + try { + boolean response = connection.createTenantVDCEdgeStaticRoutePolicy(tenantName); + assertTrue(response); + } catch (ExecutionException e) { + // TODO Auto-generated catch block + e.printStackTrace(); + } + } + + @Test + public void testCreateTenantVDCEdgeDeviceRoute() { + try { + boolean response = connection.createTenantVDCEdgeStaticRoute(tenantName, + "10.223.136.1", "Edge_Outside", "0.0.0.0", "0.0.0.0"); + assertTrue(response); + } catch (ExecutionException e) { + // TODO Auto-generated catch block + e.printStackTrace(); + } + } + + @Test + public void testAssociateRoutePolicyWithEdgeProfile() { + try { + boolean response = connection.associateTenantVDCEdgeStaticRoutePolicy(tenantName); + assertTrue(response); + } catch (ExecutionException e) { + // TODO Auto-generated catch block + e.printStackTrace(); + } + } + + @Test + public void testAssociateTenantVDCEdgeDhcpPolicy() { + try { + boolean response = connection.associateTenantVDCEdgeDhcpPolicy(tenantName, "Edge_Inside"); + assertTrue(response); + } catch (ExecutionException e) { + // TODO Auto-generated catch block + e.printStackTrace(); + } + } + + @Test + public void testCreateTenantVDCEdgeDhcpPolicy() { + try { + boolean response = connection.createTenantVDCEdgeDhcpPolicy(tenantName, + "10.1.1.2", "10.1.1.254", "255.255.255.0","4.4.4.4", tenantName+ ".net"); + assertTrue(response); + } catch (ExecutionException e) { + // TODO Auto-generated catch block + e.printStackTrace(); + } + } + + @Test + public void testCreateTenantVDCEdgeSecurityProfile() { + try { + boolean response = connection.createTenantVDCEdgeSecurityProfile(tenantName); + assertTrue(response); + } catch (ExecutionException e) { + // TODO Auto-generated catch block + e.printStackTrace(); + } + } + + @Test + public void testCreateTenantVDCSourceNATPool() { + try { + boolean response = connection.createTenantVDCSourceNATPool(tenantName, "10.223.136.10"); + assertTrue(response); + } catch (ExecutionException e) { + // TODO Auto-generated catch block + e.printStackTrace(); + } + } + + @Test + public void testCreateTenantVDCSourceNATPolicy() { + try { + boolean response = connection.createTenantVDCSourceNATPolicy(tenantName, "10.1.1.2", "10.1.1.254"); + assertTrue(response); + } catch (ExecutionException e) { + // TODO Auto-generated catch block + e.printStackTrace(); + } + } + + @Test + public void testCreateTenantVDCNatPolicySet() { + try { + boolean response = connection.createTenantVDCNatPolicySet(tenantName); + assertTrue(response); + } catch (ExecutionException e) { + // TODO Auto-generated catch block + e.printStackTrace(); + } + } + + @Test + public void testAssociateNatPolicySet() { + try { + boolean response = connection.associateNatPolicySet(tenantName); + assertTrue(response); + } catch (ExecutionException e) { + // TODO Auto-generated catch block + e.printStackTrace(); + } + } + + @Test + public void testCreateEdgeFirewall() { + try { + boolean response = connection.createEdgeFirewall(tenantName, + "44.44.44.44", "192.168.1.1", "255.255.255.0", "255.255.255.192"); + assertTrue(response); + } catch (ExecutionException e) { + e.printStackTrace(); + } + } + + @Test + public void testListUnassocAsa1000v() { + try { + Map<String, String> response = connection.listUnAssocAsa1000v(); + assertTrue(response.size() >=0); + fwDns = response; + } catch (ExecutionException e) { + // TODO Auto-generated catch block + e.printStackTrace(); + } + } + + @Test + public void assocAsa1000v() { + try { + boolean result = connection.assocAsa1000v(tenantName, fwDns.get(0)); + assertTrue(result); + } catch (ExecutionException e) { + // TODO Auto-generated catch block + e.printStackTrace(); + } + } }
