server/src/main/java/com/cloud/network/rules/PrivateGatewayRules.java - cloudstack - Git at Google

 // Licensed to the Apache Software Foundation (ASF) under one
 // or more contributor license agreements.  See the NOTICE file
 // distributed with this work for additional information
 // regarding copyright ownership.  The ASF licenses this file
 // to you under the Apache License, Version 2.0 (the
 // "License"); you may not use this file except in compliance
 // with the License.  You may obtain a copy of the License at
 //
 //   http://www.apache.org/licenses/LICENSE-2.0
 //
 // Unless required by applicable law or agreed to in writing,
 // software distributed under the License is distributed on an
 // "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
 // KIND, either express or implied.  See the License for the
 // specific language governing permissions and limitations
 // under the License.

 package com.cloud.network.rules;

 import org.apache.cloudstack.network.topology.NetworkTopologyVisitor;
 import org.apache.log4j.Logger;

 import com.cloud.exception.ConcurrentOperationException;
 import com.cloud.exception.ResourceUnavailableException;
 import com.cloud.network.Network;
 import com.cloud.network.NetworkModel;
 import com.cloud.network.dao.NetworkDao;
 import com.cloud.network.router.NetworkHelper;
 import com.cloud.network.router.NicProfileHelper;
 import com.cloud.network.router.VirtualRouter;
 import com.cloud.network.vpc.NetworkACLManager;
 import com.cloud.network.vpc.PrivateGateway;
 import com.cloud.network.vpc.PrivateIpVO;
 import com.cloud.vm.NicProfile;
 import com.cloud.vm.VirtualMachineManager;

 public class PrivateGatewayRules extends RuleApplier {

     private static final Logger s_logger = Logger.getLogger(PrivateGatewayRules.class);

     private final PrivateGateway _privateGateway;

     private boolean _isAddOperation;
     private NicProfile _nicProfile;

     public PrivateGatewayRules(final PrivateGateway privateGateway) {
         super(null);
         _privateGateway = privateGateway;
     }

     @Override
     public boolean accept(final NetworkTopologyVisitor visitor, final VirtualRouter router) throws ResourceUnavailableException {
         _router = router;

         boolean result = false;
         try {
             final NetworkModel networkModel = visitor.getVirtualNetworkApplianceFactory().getNetworkModel();
             _network = networkModel.getNetwork(_privateGateway.getNetworkId());

             final NicProfileHelper nicProfileHelper = visitor.getVirtualNetworkApplianceFactory().getNicProfileHelper();
             final NicProfile requested = nicProfileHelper.createPrivateNicProfileForGateway(_privateGateway, _router);

             final NetworkHelper networkHelper = visitor.getVirtualNetworkApplianceFactory().getNetworkHelper();
             if (!networkHelper.checkRouterVersion(_router)) {
                 s_logger.warn("Router requires upgrade. Unable to send command to router: " + _router.getId());
                 return false;
             }
             final VirtualMachineManager itMgr = visitor.getVirtualNetworkApplianceFactory().getItMgr();
             _nicProfile = itMgr.addVmToNetwork(_router, _network, requested);

             // setup source nat
             if (_nicProfile != null) {
                 _isAddOperation = true;
                 // result = setupVpcPrivateNetwork(router, true, guestNic);
                 result = visitor.visit(this);
             }
         } catch (final Exception ex) {
             s_logger.warn("Failed to create private gateway " + _privateGateway + " on router " + _router + " due to ", ex);
         } finally {
             if (!result) {
                 s_logger.debug("Failed to setup gateway " + _privateGateway + " on router " + _router + " with the source nat. Will now remove the gateway.");
                 _isAddOperation = false;
                 final boolean isRemoved = destroyPrivateGateway(visitor);

                 if (isRemoved) {
                     s_logger.debug("Removed the gateway " + _privateGateway + " from router " + _router + " as a part of cleanup");
                 } else {
                     s_logger.warn("Failed to remove the gateway " + _privateGateway + " from router " + _router + " as a part of cleanup");
                 }
             }
         }
         return result;
     }

     public boolean isAddOperation() {
         return _isAddOperation;
     }

     public NicProfile getNicProfile() {
         return _nicProfile;
     }

     public PrivateIpVO retrivePrivateIP(final NetworkTopologyVisitor visitor) {
         final PrivateIpVO ipVO = visitor.getVirtualNetworkApplianceFactory().getPrivateIpDao().findByIpAndSourceNetworkId(_nicProfile.getNetworkId(), _nicProfile.getIPv4Address());
         return ipVO;
     }

     public Network retrievePrivateNetwork(final NetworkTopologyVisitor visitor) {
         // This network might be the same we have already as an instance in the
         // RuleApplier super class.
         // Just doing this here, but will double check is remove if it's not
         // needed.
         final NetworkDao networkDao = visitor.getVirtualNetworkApplianceFactory().getNetworkDao();
         final Network network = networkDao.findById(_nicProfile.getNetworkId());
         return network;
     }

     protected boolean destroyPrivateGateway(final NetworkTopologyVisitor visitor) throws ConcurrentOperationException, ResourceUnavailableException {

         final NetworkModel networkModel = visitor.getVirtualNetworkApplianceFactory().getNetworkModel();
         if (!networkModel.isVmPartOfNetwork(_router.getId(), _privateGateway.getNetworkId())) {
             s_logger.debug("Router doesn't have nic for gateway " + _privateGateway + " so no need to removed it");
             return true;
         }

         final Network privateNetwork = networkModel.getNetwork(_privateGateway.getNetworkId());

         s_logger.debug("Releasing private ip for gateway " + _privateGateway + " from " + _router);

         _nicProfile = networkModel.getNicProfile(_router, privateNetwork.getId(), null);
         boolean result = visitor.visit(this);
         if (!result) {
             s_logger.warn("Failed to release private ip for gateway " + _privateGateway + " on router " + _router);
             return false;
         }

         // revoke network acl on the private gateway.
         final NetworkACLManager networkACLMgr = visitor.getVirtualNetworkApplianceFactory().getNetworkACLMgr();
         if (!networkACLMgr.revokeACLItemsForPrivateGw(_privateGateway)) {
             s_logger.debug("Failed to delete network acl items on " + _privateGateway + " from router " + _router);
             return false;
         }

         s_logger.debug("Removing router " + _router + " from private network " + privateNetwork + " as a part of delete private gateway");
         final VirtualMachineManager itMgr = visitor.getVirtualNetworkApplianceFactory().getItMgr();
         result = result && itMgr.removeVmFromNetwork(_router, privateNetwork, null);
         s_logger.debug("Private gateawy " + _privateGateway + " is removed from router " + _router);
         return result;
     }
 }
	// Licensed to the Apache Software Foundation (ASF) under one
	// or more contributor license agreements. See the NOTICE file
	// distributed with this work for additional information
	// regarding copyright ownership. The ASF licenses this file
	// to you under the Apache License, Version 2.0 (the
	// "License"); you may not use this file except in compliance
	// with the License. You may obtain a copy of the License at
	//
	// http://www.apache.org/licenses/LICENSE-2.0
	//
	// Unless required by applicable law or agreed to in writing,
	// software distributed under the License is distributed on an
	// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
	// KIND, either express or implied. See the License for the
	// specific language governing permissions and limitations
	// under the License.

	package com.cloud.network.rules;

	import org.apache.cloudstack.network.topology.NetworkTopologyVisitor;
	import org.apache.log4j.Logger;

	import com.cloud.exception.ConcurrentOperationException;
	import com.cloud.exception.ResourceUnavailableException;
	import com.cloud.network.Network;
	import com.cloud.network.NetworkModel;
	import com.cloud.network.dao.NetworkDao;
	import com.cloud.network.router.NetworkHelper;
	import com.cloud.network.router.NicProfileHelper;
	import com.cloud.network.router.VirtualRouter;
	import com.cloud.network.vpc.NetworkACLManager;
	import com.cloud.network.vpc.PrivateGateway;
	import com.cloud.network.vpc.PrivateIpVO;
	import com.cloud.vm.NicProfile;
	import com.cloud.vm.VirtualMachineManager;

	public class PrivateGatewayRules extends RuleApplier {

	private static final Logger s_logger = Logger.getLogger(PrivateGatewayRules.class);

	private final PrivateGateway _privateGateway;

	private boolean _isAddOperation;
	private NicProfile _nicProfile;

	public PrivateGatewayRules(final PrivateGateway privateGateway) {
	super(null);
	_privateGateway = privateGateway;
	}

	@Override
	public boolean accept(final NetworkTopologyVisitor visitor, final VirtualRouter router) throws ResourceUnavailableException {
	_router = router;

	boolean result = false;
	try {
	final NetworkModel networkModel = visitor.getVirtualNetworkApplianceFactory().getNetworkModel();
	_network = networkModel.getNetwork(_privateGateway.getNetworkId());

	final NicProfileHelper nicProfileHelper = visitor.getVirtualNetworkApplianceFactory().getNicProfileHelper();
	final NicProfile requested = nicProfileHelper.createPrivateNicProfileForGateway(_privateGateway, _router);

	final NetworkHelper networkHelper = visitor.getVirtualNetworkApplianceFactory().getNetworkHelper();
	if (!networkHelper.checkRouterVersion(_router)) {
	s_logger.warn("Router requires upgrade. Unable to send command to router: " + _router.getId());
	return false;
	}
	final VirtualMachineManager itMgr = visitor.getVirtualNetworkApplianceFactory().getItMgr();
	_nicProfile = itMgr.addVmToNetwork(_router, _network, requested);

	// setup source nat
	if (_nicProfile != null) {
	_isAddOperation = true;
	// result = setupVpcPrivateNetwork(router, true, guestNic);
	result = visitor.visit(this);
	}
	} catch (final Exception ex) {
	s_logger.warn("Failed to create private gateway " + _privateGateway + " on router " + _router + " due to ", ex);
	} finally {
	if (!result) {
	s_logger.debug("Failed to setup gateway " + _privateGateway + " on router " + _router + " with the source nat. Will now remove the gateway.");
	_isAddOperation = false;
	final boolean isRemoved = destroyPrivateGateway(visitor);

	if (isRemoved) {
	s_logger.debug("Removed the gateway " + _privateGateway + " from router " + _router + " as a part of cleanup");
	} else {
	s_logger.warn("Failed to remove the gateway " + _privateGateway + " from router " + _router + " as a part of cleanup");
	}
	}
	}
	return result;
	}

	public boolean isAddOperation() {
	return _isAddOperation;
	}

	public NicProfile getNicProfile() {
	return _nicProfile;
	}

	public PrivateIpVO retrivePrivateIP(final NetworkTopologyVisitor visitor) {
	final PrivateIpVO ipVO = visitor.getVirtualNetworkApplianceFactory().getPrivateIpDao().findByIpAndSourceNetworkId(_nicProfile.getNetworkId(), _nicProfile.getIPv4Address());
	return ipVO;
	}

	public Network retrievePrivateNetwork(final NetworkTopologyVisitor visitor) {
	// This network might be the same we have already as an instance in the
	// RuleApplier super class.
	// Just doing this here, but will double check is remove if it's not
	// needed.
	final NetworkDao networkDao = visitor.getVirtualNetworkApplianceFactory().getNetworkDao();
	final Network network = networkDao.findById(_nicProfile.getNetworkId());
	return network;
	}

	protected boolean destroyPrivateGateway(final NetworkTopologyVisitor visitor) throws ConcurrentOperationException, ResourceUnavailableException {

	final NetworkModel networkModel = visitor.getVirtualNetworkApplianceFactory().getNetworkModel();
	if (!networkModel.isVmPartOfNetwork(_router.getId(), _privateGateway.getNetworkId())) {
	s_logger.debug("Router doesn't have nic for gateway " + _privateGateway + " so no need to removed it");
	return true;
	}

	final Network privateNetwork = networkModel.getNetwork(_privateGateway.getNetworkId());

	s_logger.debug("Releasing private ip for gateway " + _privateGateway + " from " + _router);

	_nicProfile = networkModel.getNicProfile(_router, privateNetwork.getId(), null);
	boolean result = visitor.visit(this);
	if (!result) {
	s_logger.warn("Failed to release private ip for gateway " + _privateGateway + " on router " + _router);
	return false;
	}

	// revoke network acl on the private gateway.
	final NetworkACLManager networkACLMgr = visitor.getVirtualNetworkApplianceFactory().getNetworkACLMgr();
	if (!networkACLMgr.revokeACLItemsForPrivateGw(_privateGateway)) {
	s_logger.debug("Failed to delete network acl items on " + _privateGateway + " from router " + _router);
	return false;
	}

	s_logger.debug("Removing router " + _router + " from private network " + privateNetwork + " as a part of delete private gateway");
	final VirtualMachineManager itMgr = visitor.getVirtualNetworkApplianceFactory().getItMgr();
	result = result && itMgr.removeVmFromNetwork(_router, privateNetwork, null);
	s_logger.debug("Private gateawy " + _privateGateway + " is removed from router " + _router);
	return result;
	}
	}