boolean generateUsageEvent = false; if (lb.getState() == FirewallRule.State.Staged) { if (s_logger.isDebugEnabled()) { s_logger.debug("Found a rule that is still in stage state so just removing it: " + lb); } else if (lb.getState() == FirewallRule.State.Add || lb.getState() == FirewallRule.State.Active) { lb.setState(FirewallRule.State.Revoke); _lbDao.persist(lb); generateUsageEvent = true; Network network = _networkModel.getNetwork(lb.getNetworkId()); UsageEventUtils.publishUsageEvent(EventTypes.EVENT_LOAD_BALANCER_DELETE, lb.getAccountId(), network.getDataCenterId(), lb.getId(), null, LoadBalancingRule.class.getName(), lb.getUuid());
@Override public boolean accept(final NetworkTopologyVisitor visitor, final VirtualRouter router) throws ResourceUnavailableException { _router = router; LoadBalancerDao loadBalancerDao = visitor.getVirtualNetworkApplianceFactory().getLoadBalancerDao(); // For load balancer we have to resend all lb rules for the network final List<LoadBalancerVO> lbs = loadBalancerDao.listByNetworkIdAndScheme(_network.getId(), Scheme.Public); // We are cleaning it before because all the rules have to be sent to the router. _rules.clear(); LoadBalancingRulesManager lbMgr = visitor.getVirtualNetworkApplianceFactory().getLbMgr(); NetworkModel networkModel = visitor.getVirtualNetworkApplianceFactory().getNetworkModel(); for (final LoadBalancerVO lb : lbs) { final List<LbDestination> dstList = lbMgr.getExistingDestinations(lb.getId()); final List<LbStickinessPolicy> policyList = lbMgr.getStickinessPolicies(lb.getId()); final List<LbHealthCheckPolicy> hcPolicyList = lbMgr.getHealthCheckPolicies(lb.getId()); final LbSslCert sslCert = lbMgr.getLbSslCert(lb.getId()); final Ip sourceIp = networkModel.getPublicIpAddress(lb.getSourceIpAddressId()).getAddress(); final LoadBalancingRule loadBalancing = new LoadBalancingRule(lb, dstList, policyList, hcPolicyList, sourceIp, sslCert, lb.getLbProtocol()); _rules.add(loadBalancing); } return visitor.visit(this); }
protected List<LoadBalancerVO> findExistingLoadBalancers(final String lbName, final Long ipId, final Long accountId, final Long domainId, final Integer publicPort) { final SearchBuilder<LoadBalancerVO> sb = _lbDao.createSearchBuilder(); sb.and("name", sb.entity().getName(), SearchCriteria.Op.EQ); sb.and("accountId", sb.entity().getAccountId(), SearchCriteria.Op.EQ); sb.and("publicPort", sb.entity().getSourcePortStart(), SearchCriteria.Op.EQ); if (ipId != null) { sb.and("sourceIpAddress", sb.entity().getSourceIpAddressId(), SearchCriteria.Op.EQ); } if (domainId != null) { sb.and("domainId", sb.entity().getDomainId(), SearchCriteria.Op.EQ); } if (publicPort != null) { sb.and("publicPort", sb.entity().getSourcePortStart(), SearchCriteria.Op.EQ); } final SearchCriteria<LoadBalancerVO> sc = sb.create(); sc.setParameters("name", lbName); sc.setParameters("accountId", accountId); if (ipId != null) { sc.setParameters("sourceIpAddress", ipId); } if (domainId != null) { sc.setParameters("domainId", domainId); } if (publicPort != null) { sc.setParameters("publicPort", publicPort); } final List<LoadBalancerVO> lbs = _lbDao.search(sc, null); return lbs == null || lbs.size() == 0 ? null : lbs; }
@Override public void doInTransactionWithoutResult(TransactionStatus status) { loadBalancer.setState(FirewallRule.State.Active); s_logger.debug("LB rule " + loadBalancer.getId() + " state is set to Active"); _lbDao.persist(loadBalancer); vmGroup.setState(AutoScaleVmGroup.State_Enabled); _autoScaleVmGroupDao.persist(vmGroup); s_logger.debug("LB Auto Scale Vm Group with Id: " + vmGroupid + " is set to Enabled state."); } });
if (lb.getState() == FirewallRule.State.Revoke) { removeLBRule(lb); s_logger.debug("LB " + lb.getId() + " is successfully removed"); checkForReleaseElasticIp = true; } else if (lb.getState() == FirewallRule.State.Add) { lb.setState(FirewallRule.State.Active); s_logger.debug("LB rule " + lb.getId() + " state is set to Active"); _lbDao.persist(lb); List<LoadBalancerVMMapVO> lbVmMaps = _lb2VmMapDao.listByLoadBalancerId(lb.getId(), true); List<Long> instanceIds = new ArrayList<Long>(); _lb2VmMapDao.remove(lb.getId(), lbVmMap.getInstanceId(), lbVmMap.getInstanceIp(), null); s_logger.debug("Load balancer rule id " + lb.getId() + " is removed for vm " + lbVmMap.getInstanceId() + " instance ip " + lbVmMap.getInstanceIp()); if (_lb2VmMapDao.listByLoadBalancerId(lb.getId()).isEmpty()) { lb.setState(FirewallRule.State.Add); _lbDao.persist(lb); s_logger.debug("LB rule " + lb.getId() + " state is set to Add as there are no more active LB-VM mappings"); List<LBStickinessPolicyVO> stickinesspolicies = _lb2stickinesspoliciesDao.listByLoadBalancerId(lb.getId(), true); if (!stickinesspolicies.isEmpty()) { _lb2stickinesspoliciesDao.remove(lb.getId(), true); s_logger.debug("Load balancer rule id " + lb.getId() + " is removed stickiness policies"); List<LBHealthCheckPolicyVO> healthCheckpolicies = _lb2healthcheckDao.listByLoadBalancerId(lb.getId(), true); if (!healthCheckpolicies.isEmpty()) { _lb2healthcheckDao.remove(lb.getId(), true);
private LoadBalancingRule getLoadBalancerRuleToApply(LoadBalancerVO lb) { List<LbStickinessPolicy> policyList = getStickinessPolicies(lb.getId()); Ip sourceIp = getSourceIp(lb); LbSslCert sslCert = getLbSslCert(lb.getId()); LoadBalancingRule loadBalancing = new LoadBalancingRule(lb, null, policyList, null, sourceIp, sslCert, lb.getLbProtocol()); if (_autoScaleVmGroupDao.isAutoScaleLoadBalancer(lb.getId())) { // Get the associated VmGroup AutoScaleVmGroupVO vmGroup = _autoScaleVmGroupDao.listByAll(lb.getId(), null).get(0); LbAutoScaleVmGroup lbAutoScaleVmGroup = getLbAutoScaleVmGroup(vmGroup, vmGroup.getState(), lb); loadBalancing.setAutoScaleVmGroup(lbAutoScaleVmGroup); } else { List<LbDestination> dstList = getExistingDestinations(lb.getId()); loadBalancing.setDestinations(dstList); List<LbHealthCheckPolicy> hcPolicyList = getHealthCheckPolicies(lb.getId()); loadBalancing.setHealthCheckPolicies(hcPolicyList); } return loadBalancing; }
lb.setName(name); lb.setDescription(description); lb.setAlgorithm(algorithm); lb.setUuid(customId); lb.setDisplay(forDisplay); if ((algorithm != null) && (tmplbVo.getAlgorithm().compareTo(algorithm) != 0)){ try { lb.setState(FirewallRule.State.Add); _lbDao.persist(lb); applyLoadBalancerConfig(lbRuleId); if (lbBackup.getName() != null) { lb.setName(lbBackup.getName()); if (lbBackup.getDescription() != null) { lb.setDescription(lbBackup.getDescription()); if (lbBackup.getAlgorithm() != null) { lb.setAlgorithm(lbBackup.getAlgorithm()); lb.setState(lbBackup.getState()); _lbDao.update(lb.getId(), lb); _lbDao.persist(lb);
if (loadBalancer.getAccountId() != certVO.getAccountId()) { throw new InvalidParameterValueException("Access denied for account " + certVO.getAccountId()); String capability = getLBCapability(loadBalancer.getNetworkId(), Capability.SslTermination.getName()); if (capability == null) { throw new InvalidParameterValueException("Ssl termination not supported by the loadbalancer"); LoadBalancerCertMapVO certMapRule = _lbCertMapDao.findByLbRuleId(loadBalancer.getId()); if (certMapRule != null) throw new InvalidParameterValueException("Another certificate is already bound to the LB"); if (loadBalancer.getLbProtocol() == null || !(loadBalancer.getLbProtocol().equals(NetUtils.SSL_PROTO))) throw new InvalidParameterValueException("Bad LB protocol: Expected ssl got " + loadBalancer.getLbProtocol()); FirewallRule.State backupState = loadBalancer.getState(); loadBalancer.setState(FirewallRule.State.Add); _lbDao.persist(loadBalancer); LoadBalancerCertMapVO certMap = new LoadBalancerCertMapVO(lbRuleId, certId, false); _lbCertMapDao.persist(certMap); applyLoadBalancerConfig(loadBalancer.getId()); success = true; } catch (ResourceUnavailableException e) { if (isRollBackAllowedForProvider(loadBalancer)) { loadBalancer.setState(backupState); _lbDao.persist(loadBalancer); LoadBalancerCertMapVO certMap = _lbCertMapDao.findByLbRuleId(lbRuleId); _lbCertMapDao.remove(certMap.getId());
_accountMgr.buildACLSearchBuilder(sb, domainId, isRecursive, permittedAccounts, listProjectResourcesCriteria); sb.and("id", sb.entity().getId(), SearchCriteria.Op.EQ); sb.and("name", sb.entity().getName(), SearchCriteria.Op.LIKE); sb.and("sourceIpAddress", sb.entity().getSourceIpAddressId(), SearchCriteria.Op.EQ); sb.and("networkId", sb.entity().getNetworkId(), SearchCriteria.Op.EQ); sb.and("scheme", sb.entity().getScheme(), SearchCriteria.Op.EQ); sb.and("display", sb.entity().isDisplay(), SearchCriteria.Op.EQ); sb.join("lbVMSearch", lbVMSearch, sb.entity().getId(), lbVMSearch.entity().getLoadBalancerId(), JoinBuilder.JoinType.INNER); SearchBuilder<IPAddressVO> ipSearch = _ipAddressDao.createSearchBuilder(); ipSearch.and("zoneId", ipSearch.entity().getDataCenterId(), SearchCriteria.Op.EQ); sb.join("ipSearch", ipSearch, sb.entity().getSourceIpAddressId(), ipSearch.entity().getId(), JoinBuilder.JoinType.INNER); sb.groupBy(sb.entity().getId()); sb.join("tagSearch", tagSearch, sb.entity().getId(), tagSearch.entity().getResourceId(), JoinBuilder.JoinType.INNER);
@Override @ActionEvent(eventType = EventTypes.EVENT_AUTOSCALEVMGROUP_CREATE, eventDescription = "creating autoscale vm group", create = true) public AutoScaleVmGroup createAutoScaleVmGroup(CreateAutoScaleVmGroupCmd cmd) { int minMembers = cmd.getMinMembers(); int maxMembers = cmd.getMaxMembers(); Integer interval = cmd.getInterval(); Boolean forDisplay = cmd.getDisplay(); if (interval == null) { interval = NetUtils.DEFAULT_AUTOSCALE_POLICY_INTERVAL_TIME; } LoadBalancerVO loadBalancer = getEntityInDatabase(CallContext.current().getCallingAccount(), ApiConstants.LBID, cmd.getLbRuleId(), _lbDao); Long zoneId = _ipAddressDao.findById(loadBalancer.getSourceIpAddressId()).getDataCenterId(); if (_autoScaleVmGroupDao.isAutoScaleLoadBalancer(loadBalancer.getId())) { throw new InvalidParameterValueException("an AutoScaleVmGroup is already attached to the lb rule, the existing vm group has to be first deleted"); } if (_lb2VmMapDao.isVmAttachedToLoadBalancer(loadBalancer.getId())) { throw new InvalidParameterValueException( "there are Vms already bound to the specified LoadBalancing Rule. User bound Vms and AutoScaled Vm Group cannot co-exist on a Load Balancing Rule"); } AutoScaleVmGroupVO vmGroupVO = new AutoScaleVmGroupVO(cmd.getLbRuleId(), zoneId, loadBalancer.getDomainId(), loadBalancer.getAccountId(), minMembers, maxMembers, loadBalancer.getDefaultPortStart(), interval, null, cmd.getProfileId(), AutoScaleVmGroup.State_New); if (forDisplay != null) { vmGroupVO.setDisplay(forDisplay); } vmGroupVO = checkValidityAndPersist(vmGroupVO, cmd.getScaleUpPolicyIds(), cmd.getScaleDownPolicyIds()); s_logger.info("Successfully created Autoscale Vm Group with Id: " + vmGroupVO.getId()); return vmGroupVO; }
protected LoadBalancerDaoImpl() { ListByIp = createSearchBuilder(); ListByIp.and("ipAddressId", ListByIp.entity().getSourceIpAddressId(), SearchCriteria.Op.EQ); ListByIp.and("networkId", ListByIp.entity().getNetworkId(), SearchCriteria.Op.EQ); ListByIp.and("scheme", ListByIp.entity().getScheme(), SearchCriteria.Op.EQ); ListByIp.done(); TransitionStateSearch = createSearchBuilder(); TransitionStateSearch.and("networkId", TransitionStateSearch.entity().getNetworkId(), Op.EQ); TransitionStateSearch.and("state", TransitionStateSearch.entity().getState(), Op.IN); TransitionStateSearch.and("scheme", TransitionStateSearch.entity().getScheme(), Op.EQ); TransitionStateSearch.done(); }
@Override public LoadBalancerVO doInTransaction(TransactionStatus status) throws NetworkRuleConflictException { LoadBalancerVO newRule = new LoadBalancerVO(xId, name, description, sourceIpId, srcPort, destPort, algorithm, networkId, ipAddr.getAllocatedToAccountId(), ipAddr.getAllocatedInDomainId(), lbProtocol); newRule.setDisplay(forDisplay); _firewallMgr.createRuleForAllCidrs(sourceIpId, caller.getCallingAccount(), srcPort, srcPort, protocol, null, null, newRule.getId(), networkId); throw new CloudRuntimeException("Unable to update the state to add for " + newRule); s_logger.debug("Load balancer " + newRule.getId() + " for Ip address id=" + sourceIpId + ", public port " + srcPort + ", private port " + destPort + " is added successfully."); CallContext.current().setEventDetails("Load balancer Id: " + newRule.getId()); UsageEventUtils.publishUsageEvent(EventTypes.EVENT_LOAD_BALANCER_CREATE, ipAddr.getAllocatedToAccountId(), ipAddr.getDataCenterId(), newRule.getId(), null, LoadBalancingRule.class.getName(), newRule.getUuid()); throw (NetworkRuleConflictException)e; throw new CloudRuntimeException("Unable to add rule for ip address id=" + newRule.getSourceIpAddressId(), e); } finally { if (!success && newRule != null) { _firewallMgr.revokeRelatedFirewallRule(newRule.getId(), false); removeLBRule(newRule);
@DB public boolean deleteLoadBalancerRule(final long loadBalancerId, boolean apply, Account caller, long callerUserId, boolean rollBack) { final LoadBalancerVO lb = _lbDao.findById(loadBalancerId); FirewallRule.State backupState = lb.getState(); NetworkVO network = _networkDao.findById(lb.getNetworkId()); if (network != null) { if (_networkModel.networkIsConfiguredForExternalNetworking(network.getDataCenterId(), network.getId())) { lb.setState(backupState); _lbDao.persist(lb); s_logger.debug("LB Rollback rule id: " + loadBalancerId + " while deleting LB rule."); FirewallRuleVO relatedRule = _firewallDao.findByRelatedId(lb.getId()); if (relatedRule != null) { s_logger.warn("Unable to remove firewall rule id=" + lb.getId() + " as it has related firewall rule id=" + relatedRule.getId() + "; leaving it in Revoke state"); return false; s_logger.debug("Load balancer with id " + lb.getId() + " is removed successfully");
@Override public boolean isLoadBalancerRulesMappedToVmGuestIp(long instanceId, String instanceIp, long networkId) { SearchBuilder<LoadBalancerVMMapVO> lbVmMapSearch = _loadBalancerVMMapDao.createSearchBuilder(); lbVmMapSearch.and("instanceIp", lbVmMapSearch.entity().getInstanceIp(),SearchCriteria.Op.EQ); lbVmMapSearch.and("instanceId", lbVmMapSearch.entity().getInstanceId(), SearchCriteria.Op.EQ); SearchBuilder<LoadBalancerVO> firewallRuleIdSearch = createSearchBuilder(); firewallRuleIdSearch.selectFields(firewallRuleIdSearch.entity().getId()); firewallRuleIdSearch.and("networkId",firewallRuleIdSearch.entity().getNetworkId(),Op.EQ); firewallRuleIdSearch.and("purpose",firewallRuleIdSearch.entity().getPurpose(),Op.EQ); firewallRuleIdSearch.and("state",firewallRuleIdSearch.entity().getState(),Op.NEQ); firewallRuleIdSearch.join("LoadBalancerRuleList", lbVmMapSearch, lbVmMapSearch.entity().getLoadBalancerId(), firewallRuleIdSearch.entity().getId(), JoinBuilder.JoinType.INNER); firewallRuleIdSearch.done(); lbVmMapSearch.done(); SearchCriteria<LoadBalancerVO> sc = firewallRuleIdSearch.create(); sc.setParameters("state", State.Revoke); sc.setParameters("networkId", networkId); sc.setParameters("purpose", FirewallRule.Purpose.LoadBalancing); sc.setJoinParameters("LoadBalancerRuleList", "instanceIp", instanceIp); sc.setJoinParameters("LoadBalancerRuleList", "instanceId", instanceId); List<LoadBalancerVO> lbRuleList = customSearch(sc, null); if(lbRuleList == null || lbRuleList.size() > 0) { return true; } return false; }
FirewallRule.State backupState = loadBalancer.getState(); Set<Long> vmIds = vmIdIpMap.keySet(); try { loadBalancer.setState(FirewallRule.State.Add); _lbDao.persist(loadBalancer); _lb2VmMapDao.remove(loadBalancer.getId(), instanceIds, null); return true; s_logger.warn("Failed to remove load balancer rule id " + loadBalancerId + " for vms " + instanceIds); CloudRuntimeException ex = new CloudRuntimeException("Failed to remove specified load balancer rule id for vms " + instanceIds); ex.addProxyObject(loadBalancer.getUuid(), "loadBalancerId"); throw ex; loadBalancer.setState(backupState); _lbDao.persist(loadBalancer); s_logger.debug("LB Rollback rule id: " + loadBalancerId + " while removing vm instances"); ex.addProxyObject(loadBalancer.getUuid(), "loadBalancerId"); throw ex;
List<LoadBalancingRule> lbrules = new ArrayList<LoadBalancingRule>(); for (LoadBalancerVO lb : rules) { List<LbDestination> dstList = getExistingDestinations(lb.getId()); List<LbHealthCheckPolicy> hcPolicyList = getHealthCheckPolicies(lb.getId()); LoadBalancingRule loadBalancing = new LoadBalancingRule(lb, dstList, null, hcPolicyList, sourceIp, null, lb.getLbProtocol()); lbrules.add(loadBalancing); for (LoadBalancerTO lbto : stateRules) { LoadBalancerVO ulb = _lbDao.findByUuid(lbto.getUuid()); List<LoadBalancerVMMapVO> lbVmMaps = _lb2VmMapDao.listByLoadBalancerId(ulb.getId()); for (LoadBalancerVMMapVO lbVmMap : lbVmMaps) { UserVm vm = _vmDao.findById(lbVmMap.getInstanceId()); Nic nic = _nicDao.findByInstanceIdAndNetworkIdIncludingRemoved(ulb.getNetworkId(), vm.getId()); String dstIp = lbVmMap.getInstanceIp() == null ? nic.getIPv4Address(): lbVmMap.getInstanceIp();
long networkId = lb.getNetworkId(); Network network = _networkDao.findById(networkId); if (network == null) { long accountId = lb.getAccountId(); AccountVO account = _accountDao.findById(accountId); if (account == null) { String publicIp = _networkModel.getIp(lb.getSourceIpAddressId()).getAddress().addr(); DataCenterVO zone = _dcDao.findById(network.getDataCenterId()); String statsEntryIdentifier =
if (loadBalancer.getState() == FirewallRule.State.Revoke) { throw new InvalidParameterValueException("Failed: LB rule id: " + cmd.getLbRuleId() + " is in deleting state: "); new LBStickinessPolicyVO(loadBalancer.getId(), cmd.getLBStickinessPolicyName(), cmd.getStickinessMethodName(), cmd.getparamList(), cmd.getDescription()); List<LbStickinessPolicy> policyList = new ArrayList<LbStickinessPolicy>(); policyList.add(new LbStickinessPolicy(cmd.getStickinessMethodName(), lbpolicy.getParams())); Ip sourceIp = getSourceIp(loadBalancer); LoadBalancingRule lbRule = new LoadBalancingRule(loadBalancer, getExistingDestinations(lbpolicy.getId()), policyList, null, sourceIp, null, loadBalancer.getLbProtocol()); if (!validateLbRule(lbRule)) { throw new InvalidParameterValueException("Failed to create Stickiness policy: Validation Failed " + cmd.getLbRuleId()); new LBStickinessPolicyVO(loadBalancer.getId(), cmd.getLBStickinessPolicyName(), cmd.getStickinessMethodName(), cmd.getparamList(), cmd.getDescription()); Boolean forDisplay = cmd.getDisplay(); if (forDisplay != null) {
List<LoadBalancingRule> lbRules = new ArrayList<LoadBalancingRule>(); for (LoadBalancerVO lb : lbs) { List<LbDestination> dstList = _lbMgr.getExistingDestinations(lb.getId()); List<LbStickinessPolicy> policyList = _lbMgr.getStickinessPolicies(lb.getId()); List<LbHealthCheckPolicy> hcPolicyList = _lbMgr.getHealthCheckPolicies(lb.getId()); Ip sourceIp = _networkModel.getPublicIpAddress(lb.getSourceIpAddressId()).getAddress(); LoadBalancingRule loadBalancing = new LoadBalancingRule(lb, dstList, policyList, hcPolicyList, sourceIp); lbRules.add(loadBalancing);
Network network = _networkDao.findById(loadBalancer.getNetworkId()); long dataCenterId = network.getDataCenterId(); long physicalNetworkId = network.getPhysicalNetworkId(); IPAddressVO ip = _ipAddressDao.findById(loadBalancer.getSourceIpAddressId()); SiteLoadBalancerConfig siteLb = new SiteLoadBalancerConfig(gslbLbMapVo.isRevoke(), serviceType, ip.getAddress().addr(), Integer.toString(loadBalancer.getDefaultPortStart()), dataCenterId); GslbServiceProvider gslbProvider = lookupGslbServiceProvider();