| // |
| // Licensed to the Apache Software Foundation (ASF) under one |
| // or more contributor license agreements. See the NOTICE file |
| // distributed with this work for additional information |
| // regarding copyright ownership. The ASF licenses this file |
| // to you under the Apache License, Version 2.0 (the |
| // "License"); you may not use this file except in compliance |
| // with the License. You may obtain a copy of the License at |
| // |
| // http://www.apache.org/licenses/LICENSE-2.0 |
| // |
| // Unless required by applicable law or agreed to in writing, |
| // software distributed under the License is distributed on an |
| // "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY |
| // KIND, either express or implied. See the License for the |
| // specific language governing permissions and limitations |
| // under the License. |
| // |
| |
| package com.cloud.network.resource.wrapper; |
| |
| import static com.cloud.network.resource.NiciraNvpResource.NUM_RETRIES; |
| |
| import java.util.List; |
| |
| |
| import com.cloud.agent.api.Answer; |
| import com.cloud.agent.api.ConfigurePortForwardingRulesOnLogicalRouterAnswer; |
| import com.cloud.agent.api.ConfigurePortForwardingRulesOnLogicalRouterCommand; |
| import com.cloud.agent.api.to.PortForwardingRuleTO; |
| import com.cloud.network.nicira.NatRule; |
| import com.cloud.network.nicira.NiciraNvpApi; |
| import com.cloud.network.nicira.NiciraNvpApiException; |
| import com.cloud.network.resource.NiciraNvpResource; |
| import com.cloud.network.utils.CommandRetryUtility; |
| import com.cloud.resource.CommandWrapper; |
| import com.cloud.resource.ResourceWrapper; |
| |
| @ResourceWrapper(handles = ConfigurePortForwardingRulesOnLogicalRouterCommand.class) |
| public final class NiciraNvpConfigurePortForwardingRulesCommandWrapper extends CommandWrapper<ConfigurePortForwardingRulesOnLogicalRouterCommand, Answer, NiciraNvpResource> { |
| |
| |
| @Override |
| public Answer execute(final ConfigurePortForwardingRulesOnLogicalRouterCommand command, final NiciraNvpResource niciraNvpResource) { |
| final NiciraNvpApi niciraNvpApi = niciraNvpResource.getNiciraNvpApi(); |
| try { |
| final List<NatRule> existingRules = niciraNvpApi.findNatRulesByLogicalRouterUuid(command.getLogicalRouterUuid()); |
| // Rules of the game (also known as assumptions-that-will-make-stuff-break-later-on) |
| // A SourceNat rule with a match other than a /32 cidr is assumed to be the "main" SourceNat rule |
| // Any other SourceNat rule should have a corresponding DestinationNat rule |
| |
| for (final PortForwardingRuleTO rule : command.getRules()) { |
| if (rule.isAlreadyAdded() && !rule.revoked()) { |
| // Don't need to do anything |
| continue; |
| } |
| |
| if (rule.getDstPortRange()[0] != rule.getDstPortRange()[1] || rule.getSrcPortRange()[0] != rule.getSrcPortRange()[1]) { |
| return new ConfigurePortForwardingRulesOnLogicalRouterAnswer(command, false, "Nicira NVP doesn't support port ranges for port forwarding"); |
| } |
| |
| final NatRule[] rulepair = niciraNvpResource.generatePortForwardingRulePair(rule.getDstIp(), rule.getDstPortRange(), rule.getSrcIp(), rule.getSrcPortRange(), |
| rule.getProtocol()); |
| |
| NatRule incoming = null; |
| NatRule outgoing = null; |
| |
| for (final NatRule storedRule : existingRules) { |
| if (storedRule.equalsIgnoreUuid(rulepair[1])) { |
| // The outgoing rule exists |
| outgoing = storedRule; |
| logger.debug("Found matching outgoing rule " + outgoing.getUuid()); |
| if (incoming != null) { |
| break; |
| } |
| } else if (storedRule.equalsIgnoreUuid(rulepair[0])) { |
| // The incoming rule exists |
| incoming = storedRule; |
| logger.debug("Found matching incoming rule " + incoming.getUuid()); |
| if (outgoing != null) { |
| break; |
| } |
| } |
| } |
| if (incoming != null && outgoing != null) { |
| if (rule.revoked()) { |
| logger.debug("Deleting incoming rule " + incoming.getUuid()); |
| niciraNvpApi.deleteLogicalRouterNatRule(command.getLogicalRouterUuid(), incoming.getUuid()); |
| |
| logger.debug("Deleting outgoing rule " + outgoing.getUuid()); |
| niciraNvpApi.deleteLogicalRouterNatRule(command.getLogicalRouterUuid(), outgoing.getUuid()); |
| } |
| } else { |
| if (rule.revoked()) { |
| logger.warn("Tried deleting a rule that does not exist, " + rule.getSrcIp() + " -> " + rule.getDstIp()); |
| break; |
| } |
| |
| rulepair[0] = niciraNvpApi.createLogicalRouterNatRule(command.getLogicalRouterUuid(), rulepair[0]); |
| logger.debug("Created " + niciraNvpResource.natRuleToString(rulepair[0])); |
| |
| try { |
| rulepair[1] = niciraNvpApi.createLogicalRouterNatRule(command.getLogicalRouterUuid(), rulepair[1]); |
| logger.debug("Created " + niciraNvpResource.natRuleToString(rulepair[1])); |
| } catch (final NiciraNvpApiException ex) { |
| logger.warn("NiciraNvpApiException during create call, rolling back previous create"); |
| niciraNvpApi.deleteLogicalRouterNatRule(command.getLogicalRouterUuid(), rulepair[0].getUuid()); |
| throw ex; // Rethrow the original exception |
| } |
| |
| } |
| } |
| return new ConfigurePortForwardingRulesOnLogicalRouterAnswer(command, true, command.getRules().size() + " PortForwarding rules applied"); |
| } catch (final NiciraNvpApiException e) { |
| final CommandRetryUtility retryUtility = niciraNvpResource.getRetryUtility(); |
| retryUtility.addRetry(command, NUM_RETRIES); |
| return retryUtility.retry(command, ConfigurePortForwardingRulesOnLogicalRouterAnswer.class, e); |
| } |
| } |
| } |