add kvm support & LB service
Project: http://git-wip-us.apache.org/repos/asf/cloudstack/repo Commit: http://git-wip-us.apache.org/repos/asf/cloudstack/commit/3df8b912 Tree: http://git-wip-us.apache.org/repos/asf/cloudstack/tree/3df8b912 Diff: http://git-wip-us.apache.org/repos/asf/cloudstack/diff/3df8b912 Branch: refs/heads/master Commit: 3df8b912fc8709de63a6a443facbb06eff536a0b Parents: 9c702ff Author: tuna <[email protected]> Authored: Mon Sep 16 16:10:56 2013 +0700 Committer: tuna <[email protected]> Committed: Mon Dec 9 23:33:14 2013 +0700 ---------------------------------------------------------------------- api/src/com/cloud/event/EventTypes.java | 3 + .../org/apache/cloudstack/api/ApiConstants.java | 5 + client/pom.xml | 7 + plugins/hypervisors/kvm/pom.xml | 5 + .../kvm/resource/LibvirtComputingResource.java | 218 +++++- .../com/cloud/network/element/OvsElement.java | 308 +++++++- .../cloud/network/ovs/OvsTunnelManagerImpl.java | 13 +- plugins/pom.xml | 1 + .../vm/hypervisor/kvm/cloudstack_pluginlib.py | 219 ++++++ scripts/vm/hypervisor/xenserver/ovstunnel | 18 +- scripts/vm/network/vnet/ovstunnel.py | 182 +++++ .../cloud/consoleproxy/ConsoleProxyManager.java | 1 + .../src/com/cloud/network/NetworkModelImpl.java | 19 +- ui/scripts/system.js | 745 ++++++++++++++++--- 14 files changed, 1618 insertions(+), 126 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/cloudstack/blob/3df8b912/api/src/com/cloud/event/EventTypes.java ---------------------------------------------------------------------- diff --git a/api/src/com/cloud/event/EventTypes.java b/api/src/com/cloud/event/EventTypes.java index d3c29e9..5d6ee6f 100755 --- a/api/src/com/cloud/event/EventTypes.java +++ b/api/src/com/cloud/event/EventTypes.java @@ -400,6 +400,9 @@ public class EventTypes { public static final String EVENT_EXTERNAL_NVP_CONTROLLER_CONFIGURE = "PHYSICAL.NVPCONTROLLER.CONFIGURE"; public static final String EVENT_EXTERNAL_OVS_CONTROLLER_ADD = "PHYSICAL.OVSCONTROLLER.ADD"; public static final String EVENT_EXTERNAL_OVS_CONTROLLER_DELETE = "PHYSICAL.OVSCONTROLLER.DELETE"; + public static final String EVENT_EXTERNAL_ODL_CONTROLLER_ADD = "PHYSICAL.ODLCONTROLLER.ADD"; + public static final String EVENT_EXTERNAL_ODL_CONTROLLER_DELETE = "PHYSICAL.ODLCONTROLLER.DELETE"; + public static final String EVENT_EXTERNAL_ODL_CONTROLLER_CONFIGURE = "PHYSICAL.ODLCONTROLLER.CONFIGURE"; // AutoScale public static final String EVENT_COUNTER_CREATE = "COUNTER.CREATE"; http://git-wip-us.apache.org/repos/asf/cloudstack/blob/3df8b912/api/src/org/apache/cloudstack/api/ApiConstants.java ---------------------------------------------------------------------- diff --git a/api/src/org/apache/cloudstack/api/ApiConstants.java b/api/src/org/apache/cloudstack/api/ApiConstants.java index 0cde5ba..745a722 100755 --- a/api/src/org/apache/cloudstack/api/ApiConstants.java +++ b/api/src/org/apache/cloudstack/api/ApiConstants.java @@ -412,6 +412,11 @@ public class ApiConstants { // Ovs controller public static final String OVS_DEVICE_ID = "ovsdeviceid"; public static final String OVS_DEVICE_NAME = "ovsdevicename"; + // OpenDaylight controller + public static final String ODL_DEVICE_ID = "odldeviceid"; + public static final String ODL_DEVICE_NAME = "odldevicename"; + public static final String ODL_TRANSPORT_ZONE_UUID = "transportzoneuuid"; + public static final String ODL_GATEWAYSERVICE_UUID = "l3gatewayserviceuuid"; public static final String EXTERNAL_SWITCH_MGMT_DEVICE_ID = "vsmdeviceid"; public static final String EXTERNAL_SWITCH_MGMT_DEVICE_NAME = "vsmdevicename"; http://git-wip-us.apache.org/repos/asf/cloudstack/blob/3df8b912/client/pom.xml ---------------------------------------------------------------------- diff --git a/client/pom.xml b/client/pom.xml index fc01113..1f01693 100644 --- a/client/pom.xml +++ b/client/pom.xml @@ -85,6 +85,13 @@ <artifactId>cloud-plugin-network-nvp</artifactId> <version>${project.version}</version> </dependency> +<!-- + <dependency> + <groupId>org.apache.cloudstack</groupId> + <artifactId>cloud-plugin-network-odl</artifactId> + <version>${project.version}</version> + </dependency> + --> <dependency> <groupId>org.apache.cloudstack</groupId> <artifactId>cloud-plugin-network-contrail</artifactId> http://git-wip-us.apache.org/repos/asf/cloudstack/blob/3df8b912/plugins/hypervisors/kvm/pom.xml ---------------------------------------------------------------------- diff --git a/plugins/hypervisors/kvm/pom.xml b/plugins/hypervisors/kvm/pom.xml index ebe05e5..81cc372 100644 --- a/plugins/hypervisors/kvm/pom.xml +++ b/plugins/hypervisors/kvm/pom.xml @@ -44,6 +44,11 @@ <version>${cs.libvirt-java.version}</version> </dependency> <dependency> + <groupId>org.apache.cloudstack</groupId> + <artifactId>cloud-plugin-network-ovs</artifactId> + <version>${project.version}</version> + </dependency> + <dependency> <groupId>com.ceph</groupId> <artifactId>rados</artifactId> <version>${cs.rados-java.version}</version> http://git-wip-us.apache.org/repos/asf/cloudstack/blob/3df8b912/plugins/hypervisors/kvm/src/com/cloud/hypervisor/kvm/resource/LibvirtComputingResource.java ---------------------------------------------------------------------- diff --git a/plugins/hypervisors/kvm/src/com/cloud/hypervisor/kvm/resource/LibvirtComputingResource.java b/plugins/hypervisors/kvm/src/com/cloud/hypervisor/kvm/resource/LibvirtComputingResource.java index b951b212..9a680ac 100755 --- a/plugins/hypervisors/kvm/src/com/cloud/hypervisor/kvm/resource/LibvirtComputingResource.java +++ b/plugins/hypervisors/kvm/src/com/cloud/hypervisor/kvm/resource/LibvirtComputingResource.java @@ -132,6 +132,13 @@ import com.cloud.agent.api.NetworkRulesSystemVmCommand; import com.cloud.agent.api.NetworkRulesVmSecondaryIpCommand; import com.cloud.agent.api.NetworkUsageAnswer; import com.cloud.agent.api.NetworkUsageCommand; +import com.cloud.agent.api.OvsCreateTunnelAnswer; +import com.cloud.agent.api.OvsCreateTunnelCommand; +import com.cloud.agent.api.OvsDestroyBridgeCommand; +import com.cloud.agent.api.OvsDestroyTunnelCommand; +import com.cloud.agent.api.OvsFetchInterfaceAnswer; +import com.cloud.agent.api.OvsFetchInterfaceCommand; +import com.cloud.agent.api.OvsSetupBridgeCommand; import com.cloud.agent.api.PingCommand; import com.cloud.agent.api.PingRoutingCommand; import com.cloud.agent.api.PingRoutingWithNwGroupsCommand; @@ -294,6 +301,7 @@ public class LibvirtComputingResource extends ServerResourceBase implements Serv private String _ovsPvlanDhcpHostPath; private String _ovsPvlanVmPath; private String _routerProxyPath; + private String _ovsTunnelPath; private String _host; private String _dcId; private String _pod; @@ -599,6 +607,11 @@ public class LibvirtComputingResource extends ServerResourceBase implements Serv throw new ConfigurationException("Unable to find the security_group.py"); } + _ovsTunnelPath = Script.findScript(networkScriptsDir, "ovstunnel.py"); + if (_ovsTunnelPath == null) { + throw new ConfigurationException("Unable to find the ovstunnel.py"); + } + _routerProxyPath = Script.findScript("scripts/network/domr/", "router_proxy.sh"); if (_routerProxyPath == null) { throw new ConfigurationException("Unable to find the router_proxy.sh"); @@ -1271,7 +1284,17 @@ public class LibvirtComputingResource extends ServerResourceBase implements Serv return execute((SetMonitorServiceCommand)cmd); } else if (cmd instanceof CheckOnHostCommand) { return execute((CheckOnHostCommand)cmd); - } else { + } else if (cmd instanceof OvsFetchInterfaceCommand) { + return execute((OvsFetchInterfaceCommand) cmd); + } else if (cmd instanceof OvsSetupBridgeCommand) { + return execute((OvsSetupBridgeCommand) cmd); + } else if (cmd instanceof OvsDestroyBridgeCommand) { + return execute((OvsDestroyBridgeCommand) cmd); + } else if (cmd instanceof OvsCreateTunnelCommand) { + return execute((OvsCreateTunnelCommand) cmd); + } else if (cmd instanceof OvsDestroyTunnelCommand) { + return execute((OvsDestroyTunnelCommand) cmd); + } else { s_logger.warn("Unsupported command "); return Answer.createUnsupportedCommandAnswer(cmd); } @@ -1280,6 +1303,188 @@ public class LibvirtComputingResource extends ServerResourceBase implements Serv } } + // Tuna added + private OvsFetchInterfaceAnswer execute(OvsFetchInterfaceCommand cmd) { + String label = cmd.getLabel(); + s_logger.debug("Will look for network with name-label:" + label); + try { + String ipadd = Script.runSimpleBashScript("ifconfig " + label + " | grep 'inet addr:' | cut -d: -f2 | awk '{ print $1}'"); + String mask = Script.runSimpleBashScript("ifconfig " + label + " | grep 'inet addr:' | cut -d: -f4"); + String mac = Script.runSimpleBashScript("ifconfig " + label + " | grep HWaddr | awk -F \" \" '{print $5}'"); + return new OvsFetchInterfaceAnswer(cmd, true, "Interface " + label + + " retrieved successfully", ipadd, mask, mac); + + } catch (Exception e) { + s_logger.warn("Caught execption when fetching interface", e); + return new OvsFetchInterfaceAnswer(cmd, false, "EXCEPTION:" + + e.getMessage()); + } + + } + + private Answer execute(OvsSetupBridgeCommand cmd) { + findOrCreateTunnelNetwork(cmd.getKey()); + configureTunnelNetwork(cmd.getNetworkId(), cmd.getHostId(), + cmd.getKey()); + s_logger.debug("OVS Bridge configured"); + return new Answer(cmd, true, null); + } + + private Answer execute(OvsDestroyBridgeCommand cmd) { + destroyTunnelNetwork(cmd.getKey()); + s_logger.debug("OVS Bridge destroyed"); + return new Answer(cmd, true, null); + } + + private synchronized void destroyTunnelNetwork(int key) { + try { + findOrCreateTunnelNetwork(key); + String bridge = "OVSTunnel" + key; + Script cmd = new Script(_ovsTunnelPath, _timeout, s_logger); + cmd.add("destroy_ovs_bridge"); + cmd.add("--bridge", bridge); + String result = cmd.execute(); + String[] res = result.split(":"); + if (res.length != 2 || !res[0].equalsIgnoreCase("SUCCESS")) { + // TODO: Should make this error not fatal? + // Can Concurrent VM shutdown/migration/reboot events can cause + // this method + // to be executed on a bridge which has already been removed? + throw new CloudRuntimeException("Unable to remove OVS bridge " + + bridge + ":" + res); + } + return; + } catch (Exception e) { + s_logger.warn("destroyTunnelNetwork failed:", e); + return; + } + } + + private boolean networkExist(String nwName) { + Script.runSimpleBashScript("ifconfig " + nwName); + String result = Script.runSimpleBashScript("echo $?"); + return result.equals("0"); + } + + private synchronized boolean findOrCreateTunnelNetwork(long key) { + try { + String nwName = "OVSTunnel" + key; + if (networkExist(nwName)) { + return true; + } + // if not found, create a new one + Map<String, String> otherConfig = new HashMap<String, String>(); + otherConfig.put("ovs-host-setup", ""); + Script.runSimpleBashScript("ovs-vsctl -- --may-exist add-br " + + nwName + " -- set bridge " + nwName + + " other_config:ovs_host_setup=\" \""); + s_logger.debug("### KVM network for tunnels created:" + nwName); + } catch (Exception e) { + s_logger.warn("createTunnelNetwork failed", e); + } + return true; + } + + private synchronized boolean configureTunnelNetwork(long networkId, + long hostId, int key) { + try { + findOrCreateTunnelNetwork(key); + String nwName = "OVSTunnel" + key; + String configuredHosts = Script + .runSimpleBashScript("ovs-vsctl get bridge " + nwName + + " other_config:ovs_host_setup"); + boolean configured = false; + if (configuredHosts != null) { + String hostIdsStr[] = configuredHosts.split(","); + for (String hostIdStr : hostIdsStr) { + if (hostIdStr.equals(((Long) hostId).toString())) { + configured = true; + break; + } + } + } + if (!configured) { + Script cmd = new Script(_ovsTunnelPath, _timeout, s_logger); + cmd.add("setup_ovs_bridge"); + cmd.add("--key", String.valueOf(key)); + cmd.add("--cs_host_id", ((Long) hostId).toString()); + cmd.add("--bridge", nwName); + String result = cmd.execute(); + String[] res = result.split(":"); + if (res.length != 2 || !res[0].equalsIgnoreCase("SUCCESS")) { + throw new CloudRuntimeException( + "Unable to pre-configure OVS bridge " + nwName + + " for network ID:" + networkId + " - " + + res); + } + } + } catch (Exception e) { + s_logger.warn("createandConfigureTunnelNetwork failed", e); + return false; + } + return true; + } + + private OvsCreateTunnelAnswer execute(OvsCreateTunnelCommand cmd) { + String bridge = "OVSTunnel" + cmd.getKey(); + try { + if (!findOrCreateTunnelNetwork(cmd.getKey())) { + s_logger.debug("Error during bridge setup"); + return new OvsCreateTunnelAnswer(cmd, false, + "Cannot create network", bridge); + } + + configureTunnelNetwork(cmd.getNetworkId(), cmd.getFrom(), + cmd.getKey()); + Script command = new Script(_ovsTunnelPath, _timeout, s_logger); + command.add("create_tunnel"); + command.add("--bridge", bridge); + command.add("--remote_ip", cmd.getRemoteIp()); + command.add("--key", cmd.getKey().toString()); + command.add("--src_host", cmd.getFrom().toString()); + command.add("--dst_host", cmd.getTo().toString()); + + String result = command.execute(); + String[] res = result.split(":"); + if (res.length == 2 && res[0].equalsIgnoreCase("SUCCESS")) { + return new OvsCreateTunnelAnswer(cmd, true, result, res[1], + bridge); + } else { + return new OvsCreateTunnelAnswer(cmd, false, result, bridge); + } + } catch (Exception e) { + s_logger.debug("Error during tunnel setup"); + s_logger.warn("Caught execption when creating ovs tunnel", e); + return new OvsCreateTunnelAnswer(cmd, false, e.getMessage(), bridge); + } + } + + private Answer execute(OvsDestroyTunnelCommand cmd) { + try { + if (!findOrCreateTunnelNetwork(cmd.getKey())) { + s_logger.warn("Unable to find tunnel network for GRE key:" + + cmd.getKey()); + return new Answer(cmd, false, "No network found"); + } + + String bridge = "OVSTunnel" + cmd.getKey(); + Script command = new Script(_ovsTunnelPath, _timeout, s_logger); + command.add("destroy_tunnel"); + command.add("--bridge", bridge); + command.add("--iface_name", cmd.getInPortName()); + String result = command.execute(); + if (result.equalsIgnoreCase("SUCCESS")) { + return new Answer(cmd, true, result); + } else { + return new Answer(cmd, false, result); + } + } catch (Exception e) { + s_logger.warn("caught execption when destroy ovs tunnel", e); + return new Answer(cmd, false, e.getMessage()); + } + } + // end Tuna added + private CheckNetworkAnswer execute(CheckNetworkCommand cmd) { List<PhysicalNetworkSetupInfo> phyNics = cmd.getPhysicalNetworkInfoList(); String errMsg = null; @@ -3025,7 +3230,8 @@ public class LibvirtComputingResource extends ServerResourceBase implements Serv } } - private Answer execute(RebootCommand cmd) { + + private Answer execute(RebootCommand cmd) { synchronized (_vms) { _vms.put(cmd.getVmName(), State.Starting); @@ -3106,7 +3312,8 @@ public class LibvirtComputingResource extends ServerResourceBase implements Serv } } - protected Answer execute(StopCommand cmd) { + + protected Answer execute(StopCommand cmd) { final String vmName = cmd.getVmName(); State state = null; @@ -3422,6 +3629,11 @@ public class LibvirtComputingResource extends ServerResourceBase implements Serv } // pass cmdline info to system vms + // if (vmSpec.getType() != VirtualMachine.Type.User) { + // passCmdLine(vmName, vmSpec.getBootArgs() ); + // } + // merge with master branch + // pass cmdline info to system vms if (vmSpec.getType() != VirtualMachine.Type.User) { if ((conn.getVersion() < 1001000)) { // CLOUDSTACK-2823: try passCmdLine some times if kernel < 2.6.34 and qemu < 1.1.0 on hypervisor (for instance, CentOS 6.4) //wait for 5 minutes at most http://git-wip-us.apache.org/repos/asf/cloudstack/blob/3df8b912/plugins/network-elements/ovs/src/com/cloud/network/element/OvsElement.java ---------------------------------------------------------------------- diff --git a/plugins/network-elements/ovs/src/com/cloud/network/element/OvsElement.java b/plugins/network-elements/ovs/src/com/cloud/network/element/OvsElement.java index 9af708c..2622bdc 100644 --- a/plugins/network-elements/ovs/src/com/cloud/network/element/OvsElement.java +++ b/plugins/network-elements/ovs/src/com/cloud/network/element/OvsElement.java @@ -30,9 +30,11 @@ import org.apache.log4j.Logger; import com.cloud.agent.api.StartupCommand; import com.cloud.agent.api.StartupOvsCommand; +import com.cloud.agent.api.to.LoadBalancerTO; import com.cloud.deploy.DeployDestination; import com.cloud.exception.ConcurrentOperationException; import com.cloud.exception.InsufficientCapacityException; +import com.cloud.exception.InvalidParameterValueException; import com.cloud.exception.ResourceUnavailableException; import com.cloud.host.Host; import com.cloud.host.HostVO; @@ -46,9 +48,14 @@ import com.cloud.network.Networks.BroadcastDomainType; import com.cloud.network.PhysicalNetworkServiceProvider; import com.cloud.network.PublicIpAddress; import com.cloud.network.dao.NetworkServiceMapDao; +import com.cloud.network.lb.LoadBalancingRule; +import com.cloud.network.lb.LoadBalancingRule.LbStickinessPolicy; import com.cloud.network.ovs.OvsTunnelManager; import com.cloud.network.router.VirtualRouter.Role; import com.cloud.network.router.VpcVirtualNetworkApplianceManager; +import com.cloud.network.rules.LbStickinessMethod; +import com.cloud.network.rules.LbStickinessMethod.StickinessMethodType; +import com.cloud.network.rules.LoadBalancerContainer; import com.cloud.network.rules.PortForwardingRule; import com.cloud.network.rules.StaticNat; import com.cloud.offering.NetworkOffering; @@ -56,19 +63,22 @@ import com.cloud.resource.ResourceManager; import com.cloud.resource.ResourceStateAdapter; import com.cloud.resource.ServerResource; import com.cloud.resource.UnableDeleteHostException; +import com.cloud.utils.Pair; import com.cloud.utils.component.AdapterBase; +import com.cloud.utils.exception.CloudRuntimeException; import com.cloud.vm.DomainRouterVO; import com.cloud.vm.NicProfile; import com.cloud.vm.ReservationContext; import com.cloud.vm.VirtualMachineProfile; import com.cloud.vm.dao.DomainRouterDao; +import com.google.gson.Gson; @Local(value = { NetworkElement.class, ConnectivityProvider.class, SourceNatServiceProvider.class, StaticNatServiceProvider.class, PortForwardingServiceProvider.class, IpDeployer.class }) public class OvsElement extends AdapterBase implements NetworkElement, OvsElementService, ConnectivityProvider, ResourceStateAdapter, - PortForwardingServiceProvider, + PortForwardingServiceProvider, LoadBalancingServiceProvider, StaticNatServiceProvider, IpDeployer { @Inject OvsTunnelManager _ovsTunnelMgr; @@ -237,9 +247,6 @@ public class OvsElement extends AdapterBase implements NetworkElement, // L2 Support : SDN provisioning capabilities.put(Service.Connectivity, null); - // L3 Support : Generic? - // capabilities.put(Service.Gateway, null); - // L3 Support : SourceNat // Map<Capability, String> sourceNatCapabilities = new // HashMap<Capability, String>(); @@ -254,8 +261,116 @@ public class OvsElement extends AdapterBase implements NetworkElement, // L3 support : StaticNat capabilities.put(Service.StaticNat, null); + // L3 support : Load Balancer + // Set capabilities for LB service + Map<Capability, String> lbCapabilities = new HashMap<Capability, String>(); + lbCapabilities.put(Capability.SupportedLBAlgorithms, "roundrobin,leastconn,source"); + lbCapabilities.put(Capability.SupportedLBIsolation, "dedicated"); + lbCapabilities.put(Capability.SupportedProtocols, "tcp, udp"); + lbCapabilities.put(Capability.SupportedStickinessMethods, getHAProxyStickinessCapability()); + lbCapabilities.put(Capability.LbSchemes, LoadBalancerContainer.Scheme.Public.toString()); + + capabilities.put(Service.Lb, lbCapabilities); + return capabilities; } + + public static String getHAProxyStickinessCapability() { + LbStickinessMethod method; + List<LbStickinessMethod> methodList = new ArrayList<LbStickinessMethod>(1); + + method = new LbStickinessMethod(StickinessMethodType.LBCookieBased, "This is loadbalancer cookie based stickiness method."); + method.addParam("cookie-name", false, "Cookie name passed in http header by the LB to the client.", false); + method.addParam("mode", false, + "Valid values: insert, rewrite, prefix. Default value: insert. In the insert mode cookie will be created" + + " by the LB. In other modes, cookie will be created by the server and LB modifies it.", false); + method.addParam( + "nocache", + false, + "This option is recommended in conjunction with the insert mode when there is a cache between the client" + + " and HAProxy, as it ensures that a cacheable response will be tagged non-cacheable if a cookie needs " + + "to be inserted. This is important because if all persistence cookies are added on a cacheable home page" + + " for instance, then all customers will then fetch the page from an outer cache and will all share the " + + "same persistence cookie, leading to one server receiving much more traffic than others. See also the " + + "insert and postonly options. ", + true); + method.addParam( + "indirect", + false, + "When this option is specified in insert mode, cookies will only be added when the server was not reached" + + " after a direct access, which means that only when a server is elected after applying a load-balancing algorithm," + + " or after a redispatch, then the cookie will be inserted. If the client has all the required information" + + " to connect to the same server next time, no further cookie will be inserted. In all cases, when the " + + "indirect option is used in insert mode, the cookie is always removed from the requests transmitted to " + + "the server. The persistence mechanism then becomes totally transparent from the application point of view.", + true); + method.addParam( + "postonly", + false, + "This option ensures that cookie insertion will only be performed on responses to POST requests. It is an" + + " alternative to the nocache option, because POST responses are not cacheable, so this ensures that the " + + "persistence cookie will never get cached.Since most sites do not need any sort of persistence before the" + + " first POST which generally is a login request, this is a very efficient method to optimize caching " + + "without risking to find a persistence cookie in the cache. See also the insert and nocache options.", + true); + method.addParam( + "domain", + false, + "This option allows to specify the domain at which a cookie is inserted. It requires exactly one parameter:" + + " a valid domain name. If the domain begins with a dot, the browser is allowed to use it for any host " + + "ending with that name. It is also possible to specify several domain names by invoking this option multiple" + + " times. Some browsers might have small limits on the number of domains, so be careful when doing that. " + + "For the record, sending 10 domains to MSIE 6 or Firefox 2 works as expected.", + false); + methodList.add(method); + + method = new LbStickinessMethod(StickinessMethodType.AppCookieBased, + "This is App session based sticky method. Define session stickiness on an existing application cookie. " + + "It can be used only for a specific http traffic"); + method.addParam("cookie-name", false, "This is the name of the cookie used by the application and which LB will " + + "have to learn for each new session. Default value: Auto geneared based on ip", false); + method.addParam("length", false, "This is the max number of characters that will be memorized and checked in " + + "each cookie value. Default value:52", false); + method.addParam( + "holdtime", + false, + "This is the time after which the cookie will be removed from memory if unused. The value should be in " + + "the format Example : 20s or 30m or 4h or 5d . only seconds(s), minutes(m) hours(h) and days(d) are valid," + + " cannot use th combinations like 20h30m. Default value:3h ", + false); + method.addParam( + "request-learn", + false, + "If this option is specified, then haproxy will be able to learn the cookie found in the request in case the server does not specify any in response. This is typically what happens with PHPSESSID cookies, or when haproxy's session expires before the application's session and the correct server is selected. It is recommended to specify this option to improve reliability", + true); + method.addParam( + "prefix", + false, + "When this option is specified, haproxy will match on the cookie prefix (or URL parameter prefix). " + + "The appsession value is the data following this prefix. Example : appsession ASPSESSIONID len 64 timeout 3h prefix This will match the cookie ASPSESSIONIDXXXX=XXXXX, the appsession value will be XXXX=XXXXX.", + true); + method.addParam( + "mode", + false, + "This option allows to change the URL parser mode. 2 modes are currently supported : - path-parameters " + + ": The parser looks for the appsession in the path parameters part (each parameter is separated by a semi-colon), " + + "which is convenient for JSESSIONID for example.This is the default mode if the option is not set. - query-string :" + + " In this mode, the parser will look for the appsession in the query string.", + false); + methodList.add(method); + + method = new LbStickinessMethod(StickinessMethodType.SourceBased, "This is source based Stickiness method, " + + "it can be used for any type of protocol."); + method.addParam("tablesize", false, "Size of table to store source ip addresses. example: tablesize=200k or 300m" + + " or 400g. Default value:200k", false); + method.addParam("expire", false, "Entry in source ip table will expire after expire duration. units can be s,m,h,d ." + + " example: expire=30m 20s 50h 4d. Default value:3h", false); + methodList.add(method); + + Gson gson = new Gson(); + String capability = gson.toJson(methodList); + return capability; + } @Override public List<Class<?>> getCommands() { @@ -355,4 +470,189 @@ public class OvsElement extends AdapterBase implements NetworkElement, return _routerMgr.applyFirewallRules(network, rules, routers); } + + @Override + public boolean applyLBRules(Network network, List<LoadBalancingRule> rules) + throws ResourceUnavailableException { + if (canHandle(network, Service.Lb)) { + if (!canHandleLbRules(rules)) { + return false; + } + + List<DomainRouterVO> routers = _routerDao.listByNetworkAndRole( + network.getId(), Role.VIRTUAL_ROUTER); + if (routers == null || routers.isEmpty()) { + s_logger.debug("Virtual router elemnt doesn't need to apply firewall rules on the backend; virtual " + + "router doesn't exist in the network " + + network.getId()); + return true; + } + + if (!_routerMgr.applyLoadBalancingRules(network, rules, routers)) { + throw new CloudRuntimeException( + "Failed to apply load balancing rules in network " + + network.getId()); + } else { + return true; + } + } else { + return false; + } + } + + @Override + public boolean validateLBRule(Network network, LoadBalancingRule rule) { + List<LoadBalancingRule> rules = new ArrayList<LoadBalancingRule>(); + rules.add(rule); + if (canHandle(network, Service.Lb) && canHandleLbRules(rules)) { + List<DomainRouterVO> routers = _routerDao.listByNetworkAndRole( + network.getId(), Role.VIRTUAL_ROUTER); + if (routers == null || routers.isEmpty()) { + return true; + } + return validateHAProxyLBRule(rule); + } + return true; + } + + @Override + public List<LoadBalancerTO> updateHealthChecks(Network network, + List<LoadBalancingRule> lbrules) { + // TODO Auto-generated method stub + return null; + } + + private boolean canHandleLbRules(List<LoadBalancingRule> rules) { + Map<Capability, String> lbCaps = this.getCapabilities().get(Service.Lb); + if (!lbCaps.isEmpty()) { + String schemeCaps = lbCaps.get(Capability.LbSchemes); + if (schemeCaps != null) { + for (LoadBalancingRule rule : rules) { + if (!schemeCaps.contains(rule.getScheme().toString())) { + s_logger.debug("Scheme " + rules.get(0).getScheme() + + " is not supported by the provider " + + this.getName()); + return false; + } + } + } + } + return true; + } + + public static boolean validateHAProxyLBRule(LoadBalancingRule rule) { + String timeEndChar = "dhms"; + + for (LbStickinessPolicy stickinessPolicy : rule.getStickinessPolicies()) { + List<Pair<String, String>> paramsList = stickinessPolicy + .getParams(); + + if (StickinessMethodType.LBCookieBased.getName().equalsIgnoreCase( + stickinessPolicy.getMethodName())) { + + } else if (StickinessMethodType.SourceBased.getName() + .equalsIgnoreCase(stickinessPolicy.getMethodName())) { + String tablesize = "200k"; // optional + String expire = "30m"; // optional + + /* overwrite default values with the stick parameters */ + for (Pair<String, String> paramKV : paramsList) { + String key = paramKV.first(); + String value = paramKV.second(); + if ("tablesize".equalsIgnoreCase(key)) + tablesize = value; + if ("expire".equalsIgnoreCase(key)) + expire = value; + } + if ((expire != null) + && !containsOnlyNumbers(expire, timeEndChar)) { + throw new InvalidParameterValueException( + "Failed LB in validation rule id: " + rule.getId() + + " Cause: expire is not in timeformat: " + + expire); + } + if ((tablesize != null) + && !containsOnlyNumbers(tablesize, "kmg")) { + throw new InvalidParameterValueException( + "Failed LB in validation rule id: " + + rule.getId() + + " Cause: tablesize is not in size format: " + + tablesize); + + } + } else if (StickinessMethodType.AppCookieBased.getName() + .equalsIgnoreCase(stickinessPolicy.getMethodName())) { + /* + * FORMAT : appsession <cookie> len <length> timeout <holdtime> + * [request-learn] [prefix] [mode + * <path-parameters|query-string>] + */ + /* example: appsession JSESSIONID len 52 timeout 3h */ + String cookieName = null; // optional + String length = null; // optional + String holdTime = null; // optional + + for (Pair<String, String> paramKV : paramsList) { + String key = paramKV.first(); + String value = paramKV.second(); + if ("cookie-name".equalsIgnoreCase(key)) + cookieName = value; + if ("length".equalsIgnoreCase(key)) + length = value; + if ("holdtime".equalsIgnoreCase(key)) + holdTime = value; + } + + if ((length != null) && (!containsOnlyNumbers(length, null))) { + throw new InvalidParameterValueException( + "Failed LB in validation rule id: " + rule.getId() + + " Cause: length is not a number: " + + length); + } + if ((holdTime != null) + && (!containsOnlyNumbers(holdTime, timeEndChar) && !containsOnlyNumbers( + holdTime, null))) { + throw new InvalidParameterValueException( + "Failed LB in validation rule id: " + rule.getId() + + " Cause: holdtime is not in timeformat: " + + holdTime); + } + } + } + return true; + } + + /* + * This function detects numbers like 12 ,32h ,42m .. etc,. 1) plain number + * like 12 2) time or tablesize like 12h, 34m, 45k, 54m , here last + * character is non-digit but from known characters . + */ + private static boolean containsOnlyNumbers(String str, String endChar) { + if (str == null) + return false; + + String number = str; + if (endChar != null) { + boolean matchedEndChar = false; + if (str.length() < 2) + return false; // atleast one numeric and one char. example: + // 3h + char strEnd = str.toCharArray()[str.length() - 1]; + for (char c : endChar.toCharArray()) { + if (strEnd == c) { + number = str.substring(0, str.length() - 1); + matchedEndChar = true; + break; + } + } + if (!matchedEndChar) + return false; + } + try { + int i = Integer.parseInt(number); + } catch (NumberFormatException e) { + return false; + } + return true; + } } http://git-wip-us.apache.org/repos/asf/cloudstack/blob/3df8b912/plugins/network-elements/ovs/src/com/cloud/network/ovs/OvsTunnelManagerImpl.java ---------------------------------------------------------------------- diff --git a/plugins/network-elements/ovs/src/com/cloud/network/ovs/OvsTunnelManagerImpl.java b/plugins/network-elements/ovs/src/com/cloud/network/ovs/OvsTunnelManagerImpl.java index a03055f..bfead90 100644 --- a/plugins/network-elements/ovs/src/com/cloud/network/ovs/OvsTunnelManagerImpl.java +++ b/plugins/network-elements/ovs/src/com/cloud/network/ovs/OvsTunnelManagerImpl.java @@ -262,13 +262,20 @@ public class OvsTunnelManagerImpl extends ManagerBase implements OvsTunnelManage _physNetTTDao.findBy(physNetId, TrafficType.Guest); HypervisorType hvType = host.getHypervisorType(); + String label = null; switch (hvType) { case XenServer: - String label = physNetTT.getXenNetworkLabel(); + label = physNetTT.getXenNetworkLabel(); if ((label!=null) && (!label.equals(""))) { physNetLabel = label; } break; + case KVM: + label = physNetTT.getKvmNetworkLabel(); + if ((label != null) && (!label.equals(""))) { + physNetLabel = label; + } + break; default: throw new CloudRuntimeException("Hypervisor " + hvType.toString() + @@ -321,9 +328,6 @@ public class OvsTunnelManagerImpl extends ManagerBase implements OvsTunnelManage @DB protected void CheckAndCreateTunnel(VirtualMachine instance, Network nw, DeployDestination dest) { - // if (!_isEnabled) { - // return; - // } s_logger.debug("Creating tunnels with OVS tunnel manager"); if (instance.getType() != VirtualMachine.Type.User @@ -436,7 +440,6 @@ public class OvsTunnelManagerImpl extends ManagerBase implements OvsTunnelManage @Override public boolean isOvsTunnelEnabled() { - // return _isEnabled; return true; } http://git-wip-us.apache.org/repos/asf/cloudstack/blob/3df8b912/plugins/pom.xml ---------------------------------------------------------------------- diff --git a/plugins/pom.xml b/plugins/pom.xml index 17dd8af..0b65b98 100755 --- a/plugins/pom.xml +++ b/plugins/pom.xml @@ -46,6 +46,7 @@ <module>network-elements/juniper-contrail</module> <module>network-elements/palo-alto</module> <module>network-elements/nicira-nvp</module> +<!-- <module>network-elements/odl</module> --> <module>network-elements/bigswitch-vns</module> <module>network-elements/midonet</module> <module>network-elements/stratosphere-ssp</module> http://git-wip-us.apache.org/repos/asf/cloudstack/blob/3df8b912/scripts/vm/hypervisor/kvm/cloudstack_pluginlib.py ---------------------------------------------------------------------- diff --git a/scripts/vm/hypervisor/kvm/cloudstack_pluginlib.py b/scripts/vm/hypervisor/kvm/cloudstack_pluginlib.py new file mode 100755 index 0000000..f886aa3 --- /dev/null +++ b/scripts/vm/hypervisor/kvm/cloudstack_pluginlib.py @@ -0,0 +1,219 @@ +# Licensed to the Apache Software Foundation (ASF) under one +# or more contributor license agreements. See the NOTICE file +# distributed with this work for additional information +# regarding copyright ownership. The ASF licenses this file +# to you under the Apache License, Version 2.0 (the +# "License"); you may not use this file except in compliance +# with the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, +# software distributed under the License is distributed on an +# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +# KIND, either express or implied. See the License for the +# specific language governing permissions and limitations +# under the License. + +# cloudstack_pluginlib for openvswitch on KVM hypervisor + +import ConfigParser +import logging +import os +import subprocess + +from time import localtime, asctime + +DEFAULT_LOG_FORMAT = "%(asctime)s %(levelname)8s [%(name)s] %(message)s" +DEFAULT_LOG_DATE_FORMAT = "%Y-%m-%d %H:%M:%S" +DEFAULT_LOG_FILE = "/var/log/cloudstack_plugins.log" + +PLUGIN_CONFIG_PATH = "/usr/share/cloudstack-common/scripts/vm/hypervisor/xenserver/cloudstack_plugins.conf" +OVSDB_PID_PATH = "/var/run/openvswitch/ovsdb-server.pid" +OVSDB_DAEMON_PATH = "ovsdb-server" +OVS_PID_PATH = "/var/run/openvswitch/ovs-vswitchd.pid" +OVS_DAEMON_PATH = "ovs-vswitchd" +VSCTL_PATH = "/usr/bin/ovs-vsctl" +OFCTL_PATH = "/usr/bin/ovs-ofctl" + +class PluginError(Exception): + """Base Exception class for all plugin errors.""" + def __init__(self, *args): + Exception.__init__(self, *args) + + +def setup_logging(log_file=None): + debug = False + verbose = False + log_format = DEFAULT_LOG_FORMAT + log_date_format = DEFAULT_LOG_DATE_FORMAT + # try to read plugin configuration file + if os.path.exists(PLUGIN_CONFIG_PATH): + config = ConfigParser.ConfigParser() + config.read(PLUGIN_CONFIG_PATH) + try: + options = config.options('LOGGING') + if 'debug' in options: + debug = config.getboolean('LOGGING', 'debug') + if 'verbose' in options: + verbose = config.getboolean('LOGGING', 'verbose') + if 'format' in options: + log_format = config.get('LOGGING', 'format') + if 'date_format' in options: + log_date_format = config.get('LOGGING', 'date_format') + if 'file' in options: + log_file_2 = config.get('LOGGING', 'file') + except ValueError: + # configuration file contained invalid attributes + # ignore them + pass + except ConfigParser.NoSectionError: + # Missing 'Logging' section in configuration file + pass + + root_logger = logging.root + if debug: + root_logger.setLevel(logging.DEBUG) + elif verbose: + root_logger.setLevel(logging.INFO) + else: + root_logger.setLevel(logging.WARNING) + formatter = logging.Formatter(log_format, log_date_format) + + log_filename = log_file or log_file_2 or DEFAULT_LOG_FILE + + logfile_handler = logging.FileHandler(log_filename) + logfile_handler.setFormatter(formatter) + root_logger.addHandler(logfile_handler) + + +def do_cmd(cmd): + """Abstracts out the basics of issuing system commands. If the command + returns anything in stderr, a PluginError is raised with that information. + Otherwise, the output from stdout is returned. + """ + + pipe = subprocess.PIPE + logging.debug("Executing:%s", cmd) + proc = subprocess.Popen(cmd, shell=False, stdin=pipe, stdout=pipe, + stderr=pipe, close_fds=True) + ret_code = proc.wait() + err = proc.stderr.read() + if ret_code: + logging.debug("The command exited with the error code: " + + "%s (stderr output:%s)" % (ret_code, err)) + raise PluginError(err) + output = proc.stdout.read() + if output.endswith('\n'): + output = output[:-1] + return output + + +def _is_process_run(pidFile, name): + try: + fpid = open(pidFile, "r") + pid = fpid.readline() + fpid.close() + except IOError, e: + return -1 + + pid = pid[:-1] + ps = os.popen("ps -ae") + for l in ps: + if pid in l and name in l: + ps.close() + return 0 + + ps.close() + return -2 + + +def _is_tool_exist(name): + if os.path.exists(name): + return 0 + return -1 + + +def check_switch(): + global result + + ret = _is_process_run(OVSDB_PID_PATH, OVSDB_DAEMON_PATH) + if ret < 0: + if ret == -1: + return "NO_DB_PID_FILE" + if ret == -2: + return "DB_NOT_RUN" + + ret = _is_process_run(OVS_PID_PATH, OVS_DAEMON_PATH) + if ret < 0: + if ret == -1: + return "NO_SWITCH_PID_FILE" + if ret == -2: + return "SWITCH_NOT_RUN" + + if _is_tool_exist(VSCTL_PATH) < 0: + return "NO_VSCTL" + + if _is_tool_exist(OFCTL_PATH) < 0: + return "NO_OFCTL" + + return "SUCCESS" + + +def _build_flow_expr(**kwargs): + is_delete_expr = kwargs.get('delete', False) + flow = "" + if not is_delete_expr: + flow = "hard_timeout=%s,idle_timeout=%s,priority=%s"\ + % (kwargs.get('hard_timeout', '0'), + kwargs.get('idle_timeout', '0'), + kwargs.get('priority', '1')) + in_port = 'in_port' in kwargs and ",in_port=%s" % kwargs['in_port'] or '' + dl_type = 'dl_type' in kwargs and ",dl_type=%s" % kwargs['dl_type'] or '' + dl_src = 'dl_src' in kwargs and ",dl_src=%s" % kwargs['dl_src'] or '' + dl_dst = 'dl_dst' in kwargs and ",dl_dst=%s" % kwargs['dl_dst'] or '' + nw_src = 'nw_src' in kwargs and ",nw_src=%s" % kwargs['nw_src'] or '' + nw_dst = 'nw_dst' in kwargs and ",nw_dst=%s" % kwargs['nw_dst'] or '' + proto = 'proto' in kwargs and ",%s" % kwargs['proto'] or '' + ip = ('nw_src' in kwargs or 'nw_dst' in kwargs) and ',ip' or '' + flow = (flow + in_port + dl_type + dl_src + dl_dst + + (ip or proto) + nw_src + nw_dst) + return flow + + +def add_flow(bridge, **kwargs): + """ + Builds a flow expression for **kwargs and adds the flow entry + to an Open vSwitch instance + """ + flow = _build_flow_expr(**kwargs) + actions = 'actions' in kwargs and ",actions=%s" % kwargs['actions'] or '' + flow = flow + actions + addflow = [OFCTL_PATH, "add-flow", bridge, flow] + do_cmd(addflow) + + +def del_flows(bridge, **kwargs): + """ + Removes flows according to criteria passed as keyword. + """ + flow = _build_flow_expr(delete=True, **kwargs) + # out_port condition does not exist for all flow commands + out_port = ("out_port" in kwargs and + ",out_port=%s" % kwargs['out_port'] or '') + flow = flow + out_port + delFlow = [OFCTL_PATH, 'del-flows', bridge, flow] + do_cmd(delFlow) + + +def del_all_flows(bridge): + delFlow = [OFCTL_PATH, "del-flows", bridge] + do_cmd(delFlow) + + normalFlow = "priority=0 idle_timeout=0 hard_timeout=0 actions=normal" + add_flow(bridge, normalFlow) + + +def del_port(bridge, port): + delPort = [VSCTL_PATH, "del-port", bridge, port] + do_cmd(delPort) http://git-wip-us.apache.org/repos/asf/cloudstack/blob/3df8b912/scripts/vm/hypervisor/xenserver/ovstunnel ---------------------------------------------------------------------- diff --git a/scripts/vm/hypervisor/xenserver/ovstunnel b/scripts/vm/hypervisor/xenserver/ovstunnel index 2b26ed6..a38a066 100755 --- a/scripts/vm/hypervisor/xenserver/ovstunnel +++ b/scripts/vm/hypervisor/xenserver/ovstunnel @@ -275,15 +275,15 @@ def getLabel(session, args): pif_list_cmd = [lib.XE_PATH, 'pif-list', '--minimal'] pif_list_str = lib.do_cmd(pif_list_cmd) while True: - pif_uuid = pif_list_str.split(',')[i].strip() - network_cmd = [lib.XE_PATH, 'pif-param-get', 'uuid=%s' % pif_uuid, 'param-name=network-uuid'] - network_uuid = lib.do_cmd(network_cmd).split('.')[0] - iface_cmd = [lib.XE_PATH, 'network-param-get', 'uuid=%s' % network_uuid, 'param-name=bridge'] - iface = lib.do_cmd(iface_cmd) - status,output = commands.getstatusoutput("ifconfig "+iface+" | grep inet") - if (status != 0): - i += 1 - continue + pif_uuid = pif_list_str.split(',')[i].strip() + network_cmd = [lib.XE_PATH, 'pif-param-get', 'uuid=%s' % pif_uuid, 'param-name=network-uuid'] + network_uuid = lib.do_cmd(network_cmd).split('.')[0] + iface_cmd = [lib.XE_PATH, 'network-param-get', 'uuid=%s' % network_uuid, 'param-name=bridge'] + iface = lib.do_cmd(iface_cmd) + status,output = commands.getstatusoutput("ifconfig "+iface+" | grep inet") + if (status != 0): + i += 1 + continue label_cmd = [lib.XE_PATH, 'network-param-get', 'uuid=%s' % network_uuid, 'param-name=name-label'] label = lib.do_cmd(label_cmd).split('.')[0] return label http://git-wip-us.apache.org/repos/asf/cloudstack/blob/3df8b912/scripts/vm/network/vnet/ovstunnel.py ---------------------------------------------------------------------- diff --git a/scripts/vm/network/vnet/ovstunnel.py b/scripts/vm/network/vnet/ovstunnel.py new file mode 100755 index 0000000..67ef89b --- /dev/null +++ b/scripts/vm/network/vnet/ovstunnel.py @@ -0,0 +1,182 @@ +#!/usr/bin/python +# Licensed to the Apache Software Foundation (ASF) under one +# or more contributor license agreements. See the NOTICE file +# distributed with this work for additional information +# regarding copyright ownership. The ASF licenses this file +# to you under the Apache License, Version 2.0 (the +# "License"); you may not use this file except in compliance +# with the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, +# software distributed under the License is distributed on an +# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +# KIND, either express or implied. See the License for the +# specific language governing permissions and limitations +# under the License. + + +# Creates a tunnel mesh across xenserver hosts +# Enforces broadcast drop rules on ingress GRE tunnels + +import cloudstack_pluginlib as lib +import logging +import commands +import os +import sys +import subprocess +import time + +from time import localtime as _localtime, asctime as _asctime + +lib.setup_logging("/var/log/ovstunnel.log") + +def setup_ovs_bridge(bridge, key, cs_host_id): + + res = lib.check_switch() + if res != "SUCCESS": + return "FAILURE:%s" % res + + logging.debug("About to manually create the bridge:%s" % bridge) + #set gre_key to bridge + res = lib.do_cmd([lib.VSCTL_PATH, "set", "bridge", bridge, + "other_config:gre_key=%s" % key]) + logging.debug("Bridge has been manually created:%s" % res) + if res: + result = "FAILURE:%s" % res + else: + # Verify the bridge actually exists, with the gre_key properly set + res = lib.do_cmd([lib.VSCTL_PATH, "get", "bridge", + bridge, "other_config:gre_key"]) + if key in res: + result = "SUCCESS:%s" % bridge + else: + result = "FAILURE:%s" % res + + lib.do_cmd([lib.VSCTL_PATH, "set", "bridge", bridge, "other_config:is-ovs-tun-network=True"]) + #get list of hosts using this bridge + conf_hosts = lib.do_cmd([lib.VSCTL_PATH, "get","bridge", bridge,"other_config:ovs-host-setup"]) + #add cs_host_id to list of hosts using this bridge + conf_hosts = cs_host_id + (conf_hosts and ',%s' % conf_hosts or '') + lib.do_cmd([lib.VSCTL_PATH, "set", "bridge", bridge, + "other_config:ovs-host-setup=%s" % conf_hosts]) + + logging.debug("Setup_ovs_bridge completed with result:%s" % result) + return result + +def destroy_ovs_bridge(bridge): + + res = lib.check_switch() + if res != "SUCCESS": + return res + res = lib.do_cmd([lib.VSCTL_PATH, "del-br", bridge]) + logging.debug("Bridge has been manually removed:%s" % res) + if res: + result = "FAILURE:%s" % res + else: + result = "SUCCESS:%s" % bridge + + logging.debug("Destroy_ovs_bridge completed with result:%s" % result) + return result + +def create_tunnel(bridge, remote_ip, gre_key, src_host, dst_host): + + logging.debug("Entering create_tunnel") + + res = lib.check_switch() + if res != "SUCCESS": + logging.debug("Openvswitch running: NO") + return "FAILURE:%s" % res + + # We need to keep the name below 14 characters + # src and target are enough - consider a fixed length hash + name = "t%s-%s-%s" % (gre_key, src_host, dst_host) + + # Verify the bridge to be created + # NOTE: Timeout should not be necessary anymore + wait = [lib.VSCTL_PATH, "--timeout=30", "wait-until", "bridge", + bridge, "--", "get", "bridge", bridge, "name"] + res = lib.do_cmd(wait) + if bridge not in res: + logging.debug("WARNING:Can't find bridge %s for creating " + + "tunnel!" % bridge) + return "FAILURE:NO_BRIDGE" + logging.debug("bridge %s for creating tunnel - VERIFIED" % bridge) + tunnel_setup = False + drop_flow_setup = False + try: + # Create a port and configure the tunnel interface for it + add_tunnel = [lib.VSCTL_PATH, "add-port", bridge, + name, "--", "set", "interface", + name, "type=gre", "options:key=%s" % gre_key, + "options:remote_ip=%s" % remote_ip] + lib.do_cmd(add_tunnel) + tunnel_setup = True + # verify port + verify_port = [lib.VSCTL_PATH, "get", "port", name, "interfaces"] + res = lib.do_cmd(verify_port) + # Expecting python-style list as output + iface_list = [] + if len(res) > 2: + iface_list = res.strip()[1:-1].split(',') + if len(iface_list) != 1: + logging.debug("WARNING: Unexpected output while verifying " + + "port %s on bridge %s" % (name, bridge)) + return "FAILURE:VERIFY_PORT_FAILED" + + # verify interface + iface_uuid = iface_list[0] + verify_interface_key = [lib.VSCTL_PATH, "get", "interface", + iface_uuid, "options:key"] + verify_interface_ip = [lib.VSCTL_PATH, "get", "interface", + iface_uuid, "options:remote_ip"] + + key_validation = lib.do_cmd(verify_interface_key) + ip_validation = lib.do_cmd(verify_interface_ip) + + if not gre_key in key_validation or not remote_ip in ip_validation: + logging.debug("WARNING: Unexpected output while verifying " + + "interface %s on bridge %s" % (name, bridge)) + return "FAILURE:VERIFY_INTERFACE_FAILED" + logging.debug("Tunnel interface validated:%s" % verify_interface_ip) + cmd_tun_ofport = [lib.VSCTL_PATH, "get", "interface", + iface_uuid, "ofport"] + tun_ofport = lib.do_cmd(cmd_tun_ofport) + # Ensure no trailing LF + if tun_ofport.endswith('\n'): + tun_ofport = tun_ofport[:-1] + # add flow entryies for dropping broadcast coming in from gre tunnel + lib.add_flow(bridge, priority=1000, in_port=tun_ofport, + dl_dst='ff:ff:ff:ff:ff:ff', actions='drop') + lib.add_flow(bridge, priority=1000, in_port=tun_ofport, + nw_dst='224.0.0.0/24', actions='drop') + drop_flow_setup = True + logging.debug("Broadcast drop rules added") + return "SUCCESS:%s" % name + except: + logging.debug("An unexpected error occured. Rolling back") + if tunnel_setup: + logging.debug("Deleting GRE interface") + # Destroy GRE port and interface + lib.del_port(bridge, name) + if drop_flow_setup: + # Delete flows + logging.debug("Deleting flow entries from GRE interface") + lib.del_flows(bridge, in_port=tun_ofport) + # This will not cancel the original exception + raise + +def destroy_tunnel(bridge, iface_name): + + logging.debug("Destroying tunnel at port %s for bridge %s" + % (iface_name, bridge)) + ofport = get_field_of_interface(iface_name, "ofport") + lib.del_flows(bridge, in_port=ofport) + lib.del_port(bridge, iface_name) + return "SUCCESS" + +def get_field_of_interface(iface_name, field): + get_iface_cmd = [lib.VSCTL_PATH, "get", "interface", iface_name, field] + res = lib.do_cmd(get_iface_cmd) + return res http://git-wip-us.apache.org/repos/asf/cloudstack/blob/3df8b912/server/src/com/cloud/consoleproxy/ConsoleProxyManager.java ---------------------------------------------------------------------- diff --git a/server/src/com/cloud/consoleproxy/ConsoleProxyManager.java b/server/src/com/cloud/consoleproxy/ConsoleProxyManager.java index 3e3a25f..9d22b7f 100755 --- a/server/src/com/cloud/consoleproxy/ConsoleProxyManager.java +++ b/server/src/com/cloud/consoleproxy/ConsoleProxyManager.java @@ -47,4 +47,5 @@ public interface ConsoleProxyManager extends Manager, ConsoleProxyService { public boolean rebootProxy(long proxyVmId); public boolean destroyProxy(long proxyVmId); + } http://git-wip-us.apache.org/repos/asf/cloudstack/blob/3df8b912/server/src/com/cloud/network/NetworkModelImpl.java ---------------------------------------------------------------------- diff --git a/server/src/com/cloud/network/NetworkModelImpl.java b/server/src/com/cloud/network/NetworkModelImpl.java index 450a7e0..2a38ac1 100755 --- a/server/src/com/cloud/network/NetworkModelImpl.java +++ b/server/src/com/cloud/network/NetworkModelImpl.java @@ -296,7 +296,7 @@ public class NetworkModelImpl extends ManagerBase implements NetworkModel { ex.addProxyObject(ipAddrUuid, "networkId"); throw ex; } - } + } ipToServices.put(ip, services); // if IP in allocating state then it will not have any rules attached so skip IPAssoc to network service @@ -433,11 +433,15 @@ public class NetworkModelImpl extends ManagerBase implements NetworkModel { NetworkElement oldElement = getElementImplementingProvider(oldProvider.getName()); NetworkElement newElement = getElementImplementingProvider(newProvider.getName()); if (oldElement instanceof IpDeployingRequester && newElement instanceof IpDeployingRequester) { - IpDeployer oldIpDeployer = ((IpDeployingRequester)oldElement).getIpDeployer(network); - IpDeployer newIpDeployer = ((IpDeployingRequester)newElement).getIpDeployer(network); - if (!oldIpDeployer.getProvider().getName().equals(newIpDeployer.getProvider().getName())) { - throw new InvalidParameterException("There would be multiple providers for IP " + publicIp.getAddress() + "!"); - } + IpDeployer oldIpDeployer = ((IpDeployingRequester)oldElement).getIpDeployer(network); + IpDeployer newIpDeployer = ((IpDeployingRequester)newElement).getIpDeployer(network); + // if + // (!oldIpDeployer.getProvider().getName().equals(newIpDeployer.getProvider().getName())) + // { + // throw new + // InvalidParameterException("There would be multiple providers for IP " + // + publicIp.getAddress() + "!"); + // } } else { throw new InvalidParameterException("Ip cannot be applied for new provider!"); } @@ -517,7 +521,6 @@ public class NetworkModelImpl extends ManagerBase implements NetworkModel { SearchCriteria<IPAddressVO> sc = IpAddressSearch.create(); sc.setParameters("accountId", accountId); sc.setParameters("associatedWithNetworkId", associatedNetworkId); - if (sourceNat != null) { sc.addAnd("sourceNat", SearchCriteria.Op.EQ, sourceNat); } @@ -1885,7 +1888,6 @@ public class NetworkModelImpl extends ManagerBase implements NetworkModel { new NicProfile(nic, network, nic.getBroadcastUri(), nic.getIsolationUri(), networkRate, isSecurityGroupSupportedInNetwork(network), getNetworkTag( vm.getHypervisorType(), network)); // guru.updateNicProfile(profile, network); - return profile; } @@ -2010,7 +2012,6 @@ public class NetworkModelImpl extends ManagerBase implements NetworkModel { return PublicIp.createFromAddrAndVlan(sourceNatIp, _vlanDao.findById(sourceNatIp.getVlanId())); } } - } return null;
