Updated Branches: refs/heads/master 0e2e6995b -> ed3e1b95b
VPC Support for contrail networking Signed-off-by: Sheng Yang <sheng.y...@citrix.com> Project: http://git-wip-us.apache.org/repos/asf/cloudstack/repo Commit: http://git-wip-us.apache.org/repos/asf/cloudstack/commit/ed3e1b95 Tree: http://git-wip-us.apache.org/repos/asf/cloudstack/tree/ed3e1b95 Diff: http://git-wip-us.apache.org/repos/asf/cloudstack/diff/ed3e1b95 Branch: refs/heads/master Commit: ed3e1b95b01ed5f84619c2bb1fed816b71528551 Parents: 0e2e699 Author: sbalineni <sbalin...@contrailsystems.com> Authored: Wed Jan 8 03:16:55 2014 +0000 Committer: Sheng Yang <sheng.y...@citrix.com> Committed: Thu Jan 30 18:13:48 2014 -0800 ---------------------------------------------------------------------- api/src/com/cloud/network/Network.java | 1 + .../contrail/spring-contrail-context.xml | 4 + .../contrail/management/ContrailGuru.java | 24 ++- .../contrail/management/ContrailManager.java | 11 + .../management/ContrailManagerImpl.java | 121 ++++++++++- .../management/ContrailVpcElementImpl.java | 199 +++++++++++++++++++ .../contrail/management/ServerDBSyncImpl.java | 18 +- .../contrail/model/NetworkPolicyModel.java | 2 +- .../configuration/ConfigurationManagerImpl.java | 4 +- .../com/cloud/network/vpc/VpcManagerImpl.java | 4 +- 10 files changed, 374 insertions(+), 14 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/cloudstack/blob/ed3e1b95/api/src/com/cloud/network/Network.java ---------------------------------------------------------------------- diff --git a/api/src/com/cloud/network/Network.java b/api/src/com/cloud/network/Network.java index 62151a4..6dc6752 100644 --- a/api/src/com/cloud/network/Network.java +++ b/api/src/com/cloud/network/Network.java @@ -113,6 +113,7 @@ public interface Network extends ControlledEntity, StateObject<Network.State>, I public static final Provider VirtualRouter = new Provider("VirtualRouter", false); public static final Provider JuniperContrailRouter = new Provider("JuniperContrailRouter", false); + public static final Provider JuniperContrailVpcRouter = new Provider("JuniperContrailVpcRouter", false); public static final Provider JuniperSRX = new Provider("JuniperSRX", true); public static final Provider PaloAlto = new Provider("PaloAlto", true); public static final Provider F5BigIp = new Provider("F5BigIp", true); http://git-wip-us.apache.org/repos/asf/cloudstack/blob/ed3e1b95/plugins/network-elements/juniper-contrail/resources/META-INF/cloudstack/contrail/spring-contrail-context.xml ---------------------------------------------------------------------- diff --git a/plugins/network-elements/juniper-contrail/resources/META-INF/cloudstack/contrail/spring-contrail-context.xml b/plugins/network-elements/juniper-contrail/resources/META-INF/cloudstack/contrail/spring-contrail-context.xml index 4614af7..99ab02e 100644 --- a/plugins/network-elements/juniper-contrail/resources/META-INF/cloudstack/contrail/spring-contrail-context.xml +++ b/plugins/network-elements/juniper-contrail/resources/META-INF/cloudstack/contrail/spring-contrail-context.xml @@ -32,6 +32,10 @@ class="org.apache.cloudstack.network.contrail.management.ContrailElementImpl"> <property name="name" value="ContrailElement"/> </bean> + <bean id="ContrailVpcElement" + class="org.apache.cloudstack.network.contrail.management.ContrailVpcElementImpl"> + <property name="name" value="ContrailVpcElement"/> + </bean> <bean id="ContrailGuru" class="org.apache.cloudstack.network.contrail.management.ContrailGuru"> http://git-wip-us.apache.org/repos/asf/cloudstack/blob/ed3e1b95/plugins/network-elements/juniper-contrail/src/org/apache/cloudstack/network/contrail/management/ContrailGuru.java ---------------------------------------------------------------------- diff --git a/plugins/network-elements/juniper-contrail/src/org/apache/cloudstack/network/contrail/management/ContrailGuru.java b/plugins/network-elements/juniper-contrail/src/org/apache/cloudstack/network/contrail/management/ContrailGuru.java index 704dedd..0bb95dd 100644 --- a/plugins/network-elements/juniper-contrail/src/org/apache/cloudstack/network/contrail/management/ContrailGuru.java +++ b/plugins/network-elements/juniper-contrail/src/org/apache/cloudstack/network/contrail/management/ContrailGuru.java @@ -19,6 +19,7 @@ package org.apache.cloudstack.network.contrail.management; import java.io.IOException; import java.net.URI; +import java.util.List; import javax.inject.Inject; import javax.ejb.Local; @@ -54,6 +55,8 @@ import com.cloud.network.guru.NetworkGuru; import com.cloud.network.PhysicalNetwork; import com.cloud.network.dao.PhysicalNetworkDao; import com.cloud.network.dao.PhysicalNetworkVO; +import com.cloud.network.dao.IPAddressVO; +import com.cloud.network.addr.PublicIp; import com.cloud.offering.NetworkOffering; import com.cloud.user.Account; import com.cloud.utils.component.AdapterBase; @@ -94,7 +97,7 @@ public class ContrailGuru extends AdapterBase implements NetworkGuru { private boolean canHandle(NetworkOffering offering, NetworkType networkType, PhysicalNetwork physicalNetwork) { if (networkType == NetworkType.Advanced - && offering.getId() == _manager.getRouterOffering().getId() + && (offering.getId() == _manager.getRouterOffering().getId() || offering.getId() == _manager.getVpcRouterOffering().getId()) && isMyTrafficType(offering.getTrafficType()) && offering.getGuestType() == Network.GuestType.Isolated && physicalNetwork.getIsolationMethods().contains("L3VPN")) @@ -148,6 +151,25 @@ public class ContrailGuru extends AdapterBase implements NetworkGuru { return network; } _manager.getDatabase().getVirtualNetworks().add(vnModel); + + if (network.getVpcId() != null) { + List<IPAddressVO> ips = _ipAddressDao.listByAssociatedVpc(network.getVpcId(), true); + if (ips.isEmpty()) { + s_logger.debug("Creating a source nat ip for network " + network); + Account owner = _accountMgr.getAccount(network.getAccountId()); + try { + PublicIp publicIp = _ipAddrMgr.assignSourceNatIpAddressToGuestNetwork(owner, network); + IPAddressVO ip = publicIp.ip(); + ip.setVpcId(network.getVpcId()); + _ipAddressDao.acquireInLockTable(ip.getId()); + _ipAddressDao.update(ip.getId(), ip); + _ipAddressDao.releaseFromLockTable(ip.getId()); + } catch (Exception e) { + s_logger.error("Unable to allocate source nat ip: " + e); + } + } + } + return network; } http://git-wip-us.apache.org/repos/asf/cloudstack/blob/ed3e1b95/plugins/network-elements/juniper-contrail/src/org/apache/cloudstack/network/contrail/management/ContrailManager.java ---------------------------------------------------------------------- diff --git a/plugins/network-elements/juniper-contrail/src/org/apache/cloudstack/network/contrail/management/ContrailManager.java b/plugins/network-elements/juniper-contrail/src/org/apache/cloudstack/network/contrail/management/ContrailManager.java index 6853d1e..1fe1303 100644 --- a/plugins/network-elements/juniper-contrail/src/org/apache/cloudstack/network/contrail/management/ContrailManager.java +++ b/plugins/network-elements/juniper-contrail/src/org/apache/cloudstack/network/contrail/management/ContrailManager.java @@ -38,12 +38,19 @@ import com.cloud.network.dao.PhysicalNetworkVO; import com.cloud.offering.NetworkOffering; import com.cloud.projects.ProjectVO; import com.cloud.network.vpc.NetworkACLVO; +import com.cloud.network.vpc.VpcOffering; +import com.cloud.network.vpc.VpcVO; public interface ContrailManager { public static final String routerOfferingName = "Juniper Contrail Network Offering"; public static final String routerOfferingDisplayText = "Juniper Contrail Network Offering"; public static final String routerPublicOfferingName = "Juniper Contrail Public Network Offering"; public static final String routerPublicOfferingDisplayText = "Juniper Contrail Public Network Offering"; + public static final String vpcRouterOfferingName = "Juniper Contrail VPC Network Offering"; + public static final String vpcRouterOfferingDisplayText = "Juniper Contrail VPC Network Offering"; + public static final String juniperVPCOfferingName = "Juniper Contrail VPC Offering"; + public static final String juniperVPCOfferingDisplayText = "Juniper Contrail VPC Offering"; + public static final int DB_SYNC_INTERVAL_DEFAULT = 600000; public static final String VNC_ROOT_DOMAIN = "default-domain"; public static final String VNC_DEFAULT_PROJECT = "default-project"; @@ -51,6 +58,8 @@ public interface ContrailManager { public NetworkOffering getRouterOffering(); public NetworkOffering getPublicRouterOffering(); + public NetworkOffering getVpcRouterOffering(); + public VpcOffering getVpcOffering(); public void syncNetworkDB(short syncMode) throws IOException; @@ -116,6 +125,8 @@ public interface ContrailManager { public List<IPAddressVO> findManagedPublicIps(); + public List<VpcVO> findManagedVpcs(); + public List<NetworkACLVO> findManagedACLs(); public VirtualNetwork findDefaultVirtualNetwork(TrafficType trafficType) throws IOException; http://git-wip-us.apache.org/repos/asf/cloudstack/blob/ed3e1b95/plugins/network-elements/juniper-contrail/src/org/apache/cloudstack/network/contrail/management/ContrailManagerImpl.java ---------------------------------------------------------------------- diff --git a/plugins/network-elements/juniper-contrail/src/org/apache/cloudstack/network/contrail/management/ContrailManagerImpl.java b/plugins/network-elements/juniper-contrail/src/org/apache/cloudstack/network/contrail/management/ContrailManagerImpl.java index ef76e4c..616a8c5 100644 --- a/plugins/network-elements/juniper-contrail/src/org/apache/cloudstack/network/contrail/management/ContrailManagerImpl.java +++ b/plugins/network-elements/juniper-contrail/src/org/apache/cloudstack/network/contrail/management/ContrailManagerImpl.java @@ -81,6 +81,12 @@ import com.cloud.offerings.NetworkOfferingVO; import com.cloud.offerings.dao.NetworkOfferingDao; import com.cloud.projects.ProjectVO; import com.cloud.network.vpc.dao.NetworkACLDao; +import com.cloud.network.vpc.dao.VpcDao; +import com.cloud.network.vpc.dao.VpcOfferingDao; +import com.cloud.network.vpc.VpcOffering; +import com.cloud.network.vpc.VpcOfferingVO; +import com.cloud.network.vpc.VpcProvisioningService; +import com.cloud.network.vpc.VpcVO; import com.cloud.network.vpc.NetworkACLVO; import com.cloud.projects.dao.ProjectDao; import com.cloud.user.Account; @@ -132,6 +138,12 @@ public class ContrailManagerImpl extends ManagerBase implements ContrailManager @Inject UserVmDao _vmDao; @Inject + VpcOfferingDao _vpcOffDao; + @Inject + VpcProvisioningService _vpcProvSvc; + @Inject + VpcDao _vpcDao; + @Inject NetworkACLDao _networkAclDao; private static final Logger s_logger = Logger.getLogger(ContrailManager.class); @@ -141,6 +153,9 @@ public class ContrailManagerImpl extends ManagerBase implements ContrailManager private NetworkOffering _offering; private NetworkOffering _routerOffering; private NetworkOffering _routerPublicOffering; + private NetworkOffering _vpcRouterOffering; + private VpcOffering _vpcOffering; + private Timer _dbSyncTimer; private int _dbSyncInterval = DB_SYNC_INTERVAL_DEFAULT; private final String configuration = "contrail.properties"; @@ -175,7 +190,7 @@ public class ContrailManagerImpl extends ManagerBase implements ContrailManager return _database; } - private NetworkOffering LocatePublicNetworkOffering(String offeringName, + private NetworkOffering locatePublicNetworkOffering(String offeringName, String offeringDisplayText, Provider provider) { List<? extends NetworkOffering> offerList = _configService.listNetworkOfferings(TrafficType.Public, false); for (NetworkOffering offer: offerList) { @@ -210,7 +225,7 @@ public class ContrailManagerImpl extends ManagerBase implements ContrailManager return _networkOfferingDao.findById(id); } - private NetworkOffering LocateNetworkOffering(String offeringName, + private NetworkOffering locateNetworkOffering(String offeringName, String offeringDisplayText, Provider provider) { List<? extends NetworkOffering> offerList = _configService.listNetworkOfferings(TrafficType.Guest, false); for (NetworkOffering offer : offerList) { @@ -239,6 +254,38 @@ public class ContrailManagerImpl extends ManagerBase implements ContrailManager return _networkOfferingDao.findById(id); } + private VpcOffering locateVpcOffering() { + VpcOffering vpcOffer = _vpcOffDao.findByUniqueName(juniperVPCOfferingName); + if (vpcOffer != null) { + if (((VpcOfferingVO)vpcOffer).getState() == VpcOffering.State.Enabled) { + return vpcOffer; + } + ((VpcOfferingVO)vpcOffer).setState(VpcOffering.State.Enabled); + long id = vpcOffer.getId(); + _vpcOffDao.update(id, (VpcOfferingVO)vpcOffer); + return vpcOffer; + } + Map<String, List<String>> serviceProviderMap = new HashMap<String, List<String>>(); + List<String> providerSet = new ArrayList<String>(); + providerSet.add(Provider.JuniperContrailVpcRouter.getName()); + final List<String> services = new ArrayList<String>(); + services.add(Service.Connectivity.getName()); + services.add(Service.Dhcp.getName()); + services.add(Service.NetworkACL.getName()); + services.add(Service.StaticNat.getName()); + services.add(Service.SourceNat.getName()); + services.add(Service.Gateway.getName()); + + for (String svc: services) { + serviceProviderMap.put(svc, providerSet); + } + vpcOffer = _vpcProvSvc.createVpcOffering(juniperVPCOfferingName, juniperVPCOfferingDisplayText, services, serviceProviderMap, null); + ((VpcOfferingVO)vpcOffer).setState(VpcOffering.State.Enabled); + long id = vpcOffer.getId(); + _vpcOffDao.update(id, (VpcOfferingVO)vpcOffer); + return _vpcOffDao.findById(id); + } + private NetworkOffering EnableNetworkOffering(long id) { NetworkOfferingVO offering = _networkOfferingDao.createForUpdate(id); offering.setState(NetworkOffering.State.Enabled); @@ -281,10 +328,13 @@ public class ContrailManagerImpl extends ManagerBase implements ContrailManager _controller = new ModelController(this, _api, _vmDao, _networksDao, _nicDao, _vlanDao, _ipAddressDao); - _routerOffering = LocateNetworkOffering(routerOfferingName, routerOfferingDisplayText, + _routerOffering = locateNetworkOffering(routerOfferingName, routerOfferingDisplayText, Provider.JuniperContrailRouter); - _routerPublicOffering = LocatePublicNetworkOffering(routerPublicOfferingName, routerPublicOfferingDisplayText, + _routerPublicOffering = locatePublicNetworkOffering(routerPublicOfferingName, routerPublicOfferingDisplayText, Provider.JuniperContrailRouter); + _vpcRouterOffering = locateNetworkOffering(vpcRouterOfferingName, vpcRouterOfferingDisplayText, + Provider.JuniperContrailVpcRouter); + _vpcOffering = locateVpcOffering(); _eventHandler.subscribe(); @@ -304,6 +354,16 @@ public class ContrailManagerImpl extends ManagerBase implements ContrailManager } @Override + public NetworkOffering getVpcRouterOffering() { + return _vpcRouterOffering; + } + + @Override + public VpcOffering getVpcOffering() { + return _vpcOffering; + } + + @Override public String getPhysicalNetworkName(PhysicalNetworkVO physNet) { String physname = physNet.getName(); physname = physname.replaceAll("\\s", "").replace("_", ""); @@ -465,7 +525,8 @@ public class ContrailManagerImpl extends ManagerBase implements ContrailManager public boolean isManagedPhysicalNetwork(Network network) { List<PhysicalNetworkVO> net_list = _physicalNetworkDao.listByZone(network.getDataCenterId()); for (PhysicalNetworkVO phys : net_list) { - if (_physProviderDao.findByServiceProvider(phys.getId(), Network.Provider.JuniperContrailRouter.getName()) != null) { + if(_physProviderDao.findByServiceProvider(phys.getId(), Provider.JuniperContrailRouter.getName()) != null || + _physProviderDao.findByServiceProvider(phys.getId(), Provider.JuniperContrailVpcRouter.getName()) != null) { return true; } } @@ -564,6 +625,7 @@ public class ContrailManagerImpl extends ManagerBase implements ContrailManager SearchCriteria<NetworkVO> sc = searchBuilder.create(); List<Long> offerings = new ArrayList<Long>(); offerings.add(getRouterOffering().getId()); + offerings.add(getVpcRouterOffering().getId()); offerings.add(getPublicRouterOffering().getId()); sc.setParameters("networkOfferingId", offerings.toArray()); @@ -585,9 +647,11 @@ public class ContrailManagerImpl extends ManagerBase implements ContrailManager List<PhysicalNetworkVO> phys_list = _physicalNetworkDao.listAll(); final String provider = Network.Provider.JuniperContrailRouter.getName(); + final String vpcProvider = Provider.JuniperContrailVpcRouter.getName(); for (Iterator<PhysicalNetworkVO> iter = phys_list.iterator(); iter.hasNext();) { PhysicalNetworkVO phys = iter.next(); - if (_physProviderDao.findByServiceProvider(phys.getId(), provider) != null) { + if (_physProviderDao.findByServiceProvider(phys.getId(), provider) != null || + _physProviderDao.findByServiceProvider(phys.getId(), vpcProvider) != null) { List<NetworkVO> infraNets = new ArrayList<NetworkVO>(); findInfrastructureNetworks(phys, infraNets); for (NetworkVO net : infraNets) { @@ -612,9 +676,50 @@ public class ContrailManagerImpl extends ManagerBase implements ContrailManager } @Override + public List<VpcVO> findManagedVpcs() { + SearchBuilder<VpcVO> searchBuilder = _vpcDao.createSearchBuilder(); + searchBuilder.and("vpcOffering", searchBuilder.entity().getVpcOfferingId(), Op.EQ); + SearchCriteria<VpcVO> sc = searchBuilder.create(); + sc.setParameters("vpcOffering", getVpcOffering().getId()); + List<VpcVO> vpcs = _vpcDao.search(sc, null); + if (vpcs == null || vpcs.size() == 0) { + s_logger.debug("no vpcs found"); + return null; + } + return vpcs; + } + + @Override public List<NetworkACLVO> findManagedACLs() { - /* contrail vpc is not yet implemented */ - return null; + List<VpcVO> vpcs = findManagedVpcs(); + if (vpcs == null || vpcs.isEmpty()) { + return null; + } + List<Long> vpcIds = new ArrayList<Long>(); + /* default-allow, default-deny ACLs will be under vpcId '0', so include it*/ + vpcIds.add((long)0); + for (VpcVO vpc:vpcs) { + vpcIds.add(vpc.getId()); + } + SearchBuilder<NetworkACLVO> searchBuilder = _networkAclDao.createSearchBuilder(); + searchBuilder.and("vpcId", searchBuilder.entity().getVpcId(), Op.IN); + SearchCriteria<NetworkACLVO> sc = searchBuilder.create(); + sc.setParameters("vpcId", vpcIds.toArray()); + List<NetworkACLVO> acls = _networkAclDao.search(sc, null); + if (acls == null || acls.size() == 0) { + s_logger.debug("no acls found"); + return null; + } + /* only return if acl is associated to any network */ + List<NetworkACLVO> jnprAcls = new ArrayList<NetworkACLVO>(); + for (NetworkACLVO acl:acls) { + List<NetworkVO> nets = _networksDao.listByAclId(acl.getId()); + if (nets == null || nets.isEmpty()) { + continue; + } + jnprAcls.add(acl); + } + return jnprAcls; } /* http://git-wip-us.apache.org/repos/asf/cloudstack/blob/ed3e1b95/plugins/network-elements/juniper-contrail/src/org/apache/cloudstack/network/contrail/management/ContrailVpcElementImpl.java ---------------------------------------------------------------------- diff --git a/plugins/network-elements/juniper-contrail/src/org/apache/cloudstack/network/contrail/management/ContrailVpcElementImpl.java b/plugins/network-elements/juniper-contrail/src/org/apache/cloudstack/network/contrail/management/ContrailVpcElementImpl.java new file mode 100644 index 0000000..4a72fcb --- /dev/null +++ b/plugins/network-elements/juniper-contrail/src/org/apache/cloudstack/network/contrail/management/ContrailVpcElementImpl.java @@ -0,0 +1,199 @@ +// Licensed to the Apache Software Foundation (ASF) under one +// or more contributor license agreements. See the NOTICE file +// distributed with this work for additional information +// regarding copyright ownership. The ASF licenses this file +// to you under the Apache License, Version 2.0 (the +// "License"); you may not use this file except in compliance +// with the License. You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, +// software distributed under the License is distributed on an +// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +// KIND, either express or implied. See the License for the +// specific language governing permissions and limitations +// under the License. + +package org.apache.cloudstack.network.contrail.management; + +import java.io.IOException; +import java.util.List; + +import javax.ejb.Local; +import javax.inject.Inject; + +import org.apache.cloudstack.network.contrail.model.VirtualNetworkModel; +import org.apache.cloudstack.network.contrail.model.NetworkPolicyModel; + +import org.apache.log4j.Logger; +import org.springframework.stereotype.Component; + +import com.cloud.deploy.DeployDestination; +import com.cloud.exception.ConcurrentOperationException; +import com.cloud.exception.InsufficientCapacityException; +import com.cloud.exception.ResourceUnavailableException; +import com.cloud.network.Network; +import com.cloud.network.Network.Provider; +import com.cloud.network.element.NetworkACLServiceProvider; +import com.cloud.network.element.VpcProvider; +import com.cloud.network.vpc.NetworkACLItem; +import com.cloud.network.vpc.NetworkACLVO; +import com.cloud.network.vpc.PrivateGateway; +import com.cloud.network.vpc.StaticRouteProfile; +import com.cloud.network.vpc.Vpc; +import com.cloud.network.vpc.dao.NetworkACLDao; +import com.cloud.vm.ReservationContext; + +@Component +@Local(value = {NetworkACLServiceProvider.class, VpcProvider.class, ContrailElementImpl.class}) +public class ContrailVpcElementImpl extends ContrailElementImpl implements NetworkACLServiceProvider, VpcProvider { + private static final Logger s_logger = + Logger.getLogger(ContrailElement.class); + + @Inject + NetworkACLDao _networkACLDao; + + // NetworkElement API + @Override + public Provider getProvider() { + return Provider.JuniperContrailVpcRouter; + } + + @Override + public boolean implementVpc(Vpc vpc, DeployDestination dest, + ReservationContext context) throws ConcurrentOperationException, + ResourceUnavailableException, InsufficientCapacityException { + // TODO Auto-generated method stub + s_logger.debug("NetworkElement implementVpc"); + return true; + } + + @Override + public boolean shutdownVpc(Vpc vpc, ReservationContext context) + throws ConcurrentOperationException, ResourceUnavailableException { + // TODO Auto-generated method stub + s_logger.debug("NetworkElement shutdownVpc"); + return true; + } + + @Override + public boolean createPrivateGateway(PrivateGateway gateway) + throws ConcurrentOperationException, ResourceUnavailableException { + // TODO Auto-generated method stub + s_logger.debug("NetworkElement createPrivateGateway"); + return false; + } + + @Override + public boolean deletePrivateGateway(PrivateGateway privateGateway) + throws ConcurrentOperationException, ResourceUnavailableException { + // TODO Auto-generated method stub + s_logger.debug("NetworkElement deletePrivateGateway"); + return false; + } + + @Override + public boolean applyStaticRoutes(Vpc vpc, List<StaticRouteProfile> routes) + throws ResourceUnavailableException { + // TODO Auto-generated method stub + s_logger.debug("NetworkElement applyStaticRoutes"); + return true; + } + + @Override + public boolean applyNetworkACLs(Network net, + List<? extends NetworkACLItem> rules) + throws ResourceUnavailableException { + s_logger.debug("NetworkElement applyNetworkACLs"); + if (rules == null || rules.isEmpty()) { + s_logger.debug("no rules to apply"); + return true; + } + + Long aclId = rules.get(0).getAclId(); + NetworkACLVO acl = _networkACLDao.findById(aclId); + NetworkPolicyModel policyModel = _manager.getDatabase().lookupNetworkPolicy(acl.getUuid()); + if (policyModel == null) { + /* + * For the first time, when a CS ACL applied to a network, create a network-policy in VNC + * and when there are no networks associated to CS ACL, delete it from VNC. + */ + policyModel = new NetworkPolicyModel(acl.getUuid(), acl.getName()); + net.juniper.contrail.api.types.Project project; + try { + project = _manager.getVncProject(net.getDomainId(), net.getAccountId()); + if (project == null) { + project = _manager.getDefaultVncProject(); + } + } catch (IOException ex) { + s_logger.warn("read project", ex); + return false; + } + policyModel.setProject(project); + } + + VirtualNetworkModel vnModel = _manager.getDatabase().lookupVirtualNetwork(net.getUuid(), + _manager.getCanonicalName(net), net.getTrafficType()); + NetworkPolicyModel oldPolicyModel = null; + /* this method is called when network is destroyed too, hence vn model might have been deleted already */ + if (vnModel != null) { + oldPolicyModel = vnModel.getNetworkPolicyModel(); + vnModel.addToNetworkPolicy(policyModel); + } + + try { + policyModel.build(_manager.getModelController(), rules); + } catch (Exception e) { + s_logger.error(e); + e.printStackTrace(); + return false; + } + + try { + if (!policyModel.verify(_manager.getModelController())) { + policyModel.update(_manager.getModelController()); + } + _manager.getDatabase().getNetworkPolicys().add(policyModel); + } catch (Exception ex) { + s_logger.error("network-policy update: ", ex); + ex.printStackTrace(); + return false; + } + + if (!policyModel.hasPolicyRules()) { + try { + policyModel.delete(_manager.getModelController()); + _manager.getDatabase().getNetworkPolicys().remove(policyModel); + } catch (IOException e) { + e.printStackTrace(); + return false; + } + } + /* + * if no other VNs are associated with the old policy, + * we could delete it from the Contrail VNC + */ + if (policyModel != oldPolicyModel && oldPolicyModel != null && !oldPolicyModel.hasDescendents()) { + try { + oldPolicyModel.delete(_manager.getModelController()); + _manager.getDatabase().getNetworkPolicys().remove(oldPolicyModel); + } catch (IOException e) { + e.printStackTrace(); + return false; + } + } + + return true; + } + + @Override + public boolean applyACLItemsToPrivateGw(PrivateGateway privateGateway, + List<? extends NetworkACLItem> rules) + throws ResourceUnavailableException { + // TODO Auto-generated method stub + s_logger.debug("NetworkElement applyACLItemsToPrivateGw"); + return true; + } + +} http://git-wip-us.apache.org/repos/asf/cloudstack/blob/ed3e1b95/plugins/network-elements/juniper-contrail/src/org/apache/cloudstack/network/contrail/management/ServerDBSyncImpl.java ---------------------------------------------------------------------- diff --git a/plugins/network-elements/juniper-contrail/src/org/apache/cloudstack/network/contrail/management/ServerDBSyncImpl.java b/plugins/network-elements/juniper-contrail/src/org/apache/cloudstack/network/contrail/management/ServerDBSyncImpl.java index b1f4718..b9a3ed3 100644 --- a/plugins/network-elements/juniper-contrail/src/org/apache/cloudstack/network/contrail/management/ServerDBSyncImpl.java +++ b/plugins/network-elements/juniper-contrail/src/org/apache/cloudstack/network/contrail/management/ServerDBSyncImpl.java @@ -68,6 +68,8 @@ import com.cloud.network.vpc.NetworkACLItemDao; import com.cloud.network.vpc.NetworkACLItemVO; import com.cloud.network.vpc.NetworkACLVO; import com.cloud.network.vpc.dao.NetworkACLDao; +import com.cloud.network.vpc.VpcVO; +import com.cloud.network.vpc.dao.VpcDao; import com.cloud.projects.ProjectVO; import com.cloud.projects.dao.ProjectDao; import com.cloud.vm.NicVO; @@ -97,6 +99,8 @@ public class ServerDBSyncImpl implements ServerDBSync { @Inject ContrailManager _manager; @Inject + VpcDao _vpcDao; + @Inject NetworkACLItemDao _networkACLItemDao; @Inject NetworkACLDao _networkACLDao; @@ -990,7 +994,12 @@ public class ServerDBSyncImpl implements ServerDBSync { NetworkPolicyModel policyModel = new NetworkPolicyModel(db.getUuid(), db.getName()); net.juniper.contrail.api.types.Project project = null; try { - project = _manager.getDefaultVncProject(); + VpcVO vpc = _vpcDao.findById(db.getVpcId()); + if (vpc != null) { + project = _manager.getVncProject(vpc.getDomainId(), vpc.getAccountId()); + } else { + project = _manager.getDefaultVncProject(); + } } catch (IOException ex) { s_logger.warn("read project", ex); throw ex; @@ -1055,7 +1064,12 @@ public class ServerDBSyncImpl implements ServerDBSync { NetworkPolicyModel policyModel = new NetworkPolicyModel(db.getUuid(), db.getName()); net.juniper.contrail.api.types.Project project = null; try { - project = _manager.getDefaultVncProject(); + VpcVO vpc = _vpcDao.findById(db.getVpcId()); + if (vpc != null) { + project = _manager.getVncProject(vpc.getDomainId(), vpc.getAccountId()); + } else { + project = _manager.getDefaultVncProject(); + } } catch (IOException ex) { s_logger.warn("read project", ex); } http://git-wip-us.apache.org/repos/asf/cloudstack/blob/ed3e1b95/plugins/network-elements/juniper-contrail/src/org/apache/cloudstack/network/contrail/model/NetworkPolicyModel.java ---------------------------------------------------------------------- diff --git a/plugins/network-elements/juniper-contrail/src/org/apache/cloudstack/network/contrail/model/NetworkPolicyModel.java b/plugins/network-elements/juniper-contrail/src/org/apache/cloudstack/network/contrail/model/NetworkPolicyModel.java index 8ec2ff7..3092cad 100644 --- a/plugins/network-elements/juniper-contrail/src/org/apache/cloudstack/network/contrail/model/NetworkPolicyModel.java +++ b/plugins/network-elements/juniper-contrail/src/org/apache/cloudstack/network/contrail/model/NetworkPolicyModel.java @@ -73,7 +73,7 @@ public class NetworkPolicyModel extends ModelObjectBase { SearchCriteria<NetworkVO> sc = searchBuilder.create(); - sc.setParameters("networkOfferingId", controller.getManager().getRouterOffering().getId()); + sc.setParameters("networkOfferingId", controller.getManager().getVpcRouterOffering().getId()); sc.setParameters("cidr", cidr); sc.setParameters("trafficType", Networks.TrafficType.Guest); http://git-wip-us.apache.org/repos/asf/cloudstack/blob/ed3e1b95/server/src/com/cloud/configuration/ConfigurationManagerImpl.java ---------------------------------------------------------------------- diff --git a/server/src/com/cloud/configuration/ConfigurationManagerImpl.java b/server/src/com/cloud/configuration/ConfigurationManagerImpl.java index 2003716..0109b4b 100755 --- a/server/src/com/cloud/configuration/ConfigurationManagerImpl.java +++ b/server/src/com/cloud/configuration/ConfigurationManagerImpl.java @@ -4294,7 +4294,9 @@ public class ConfigurationManagerImpl extends ManagerBase implements Configurati @Override public boolean isOfferingForVpc(NetworkOffering offering) { - boolean vpcProvider = _ntwkOffServiceMapDao.isProviderForNetworkOffering(offering.getId(), Provider.VPCVirtualRouter); + boolean vpcProvider = _ntwkOffServiceMapDao.isProviderForNetworkOffering(offering.getId(), Provider.VPCVirtualRouter) || + _ntwkOffServiceMapDao.isProviderForNetworkOffering(offering.getId(), Provider.JuniperContrailVpcRouter); + return vpcProvider; } http://git-wip-us.apache.org/repos/asf/cloudstack/blob/ed3e1b95/server/src/com/cloud/network/vpc/VpcManagerImpl.java ---------------------------------------------------------------------- diff --git a/server/src/com/cloud/network/vpc/VpcManagerImpl.java b/server/src/com/cloud/network/vpc/VpcManagerImpl.java index 51e476f..a2521d0 100644 --- a/server/src/com/cloud/network/vpc/VpcManagerImpl.java +++ b/server/src/com/cloud/network/vpc/VpcManagerImpl.java @@ -203,7 +203,7 @@ public class VpcManagerImpl extends ManagerBase implements VpcManager, VpcProvis private final ScheduledExecutorService _executor = Executors.newScheduledThreadPool(1, new NamedThreadFactory("VpcChecker")); private List<VpcProvider> vpcElements = null; private final List<Service> nonSupportedServices = Arrays.asList(Service.SecurityGroup, Service.Firewall); - private final List<Provider> supportedProviders = Arrays.asList(Provider.VPCVirtualRouter, Provider.NiciraNvp, Provider.InternalLbVm, Provider.Netscaler); + private final List<Provider> supportedProviders = Arrays.asList(Provider.VPCVirtualRouter, Provider.NiciraNvp, Provider.InternalLbVm, Provider.Netscaler, Provider.JuniperContrailVpcRouter); int _cleanupInterval; int _maxNetworks; @@ -308,6 +308,7 @@ public class VpcManagerImpl extends ManagerBase implements VpcManager, VpcProvis // Just here for 4.1, replaced by commit 836ce6c1 in newer versions Set<Network.Provider> sdnProviders = new HashSet<Network.Provider>(); sdnProviders.add(Provider.NiciraNvp); + sdnProviders.add(Provider.JuniperContrailVpcRouter); boolean sourceNatSvc = false; boolean firewallSvs = false; @@ -1191,6 +1192,7 @@ public class VpcManagerImpl extends ManagerBase implements VpcManager, VpcProvis if (vpcElements == null) { vpcElements = new ArrayList<VpcProvider>(); vpcElements.add((VpcProvider)_ntwkModel.getElementImplementingProvider(Provider.VPCVirtualRouter.getName())); + vpcElements.add((VpcProvider)_ntwkModel.getElementImplementingProvider(Provider.JuniperContrailVpcRouter.getName())); } if (vpcElements == null) {
