@Override public ExternalFirewallDeviceVO findSuitableFirewallForNetwork(Network network) throws InsufficientCapacityException { long physicalNetworkId = network.getPhysicalNetworkId(); List<ExternalFirewallDeviceVO> fwDevices = _externalFirewallDeviceDao.listByPhysicalNetwork(physicalNetworkId); // loop through the firewall device in the physical network and pick the first-fit for (ExternalFirewallDeviceVO fwDevice : fwDevices) { // max number of guest networks that can be mapped to this device long fullCapacity = fwDevice.getCapacity(); if (fullCapacity == 0) { fullCapacity = _defaultFwCapacity; // if capacity not configured then use the default } // get the list of guest networks that are mapped to this load balancer List<NetworkExternalFirewallVO> mappedNetworks = _networkExternalFirewallDao.listByFirewallDeviceId(fwDevice.getId()); long usedCapacity = (mappedNetworks == null) ? 0 : mappedNetworks.size(); if ((fullCapacity - usedCapacity) > 0) { return fwDevice; } } throw new InsufficientNetworkCapacityException("Unable to find a firewall provider with sufficient capcity " + " to implement the network", DataCenter.class, network.getDataCenterId()); }
@Override public PaloAltoFirewallResponse createPaloAltoFirewallResponse(ExternalFirewallDeviceVO fwDeviceVO) { PaloAltoFirewallResponse response = new PaloAltoFirewallResponse(); Map<String, String> fwDetails = _hostDetailDao.findDetails(fwDeviceVO.getHostId()); Host fwHost = _hostDao.findById(fwDeviceVO.getHostId()); response.setId(fwDeviceVO.getUuid()); PhysicalNetwork pnw = ApiDBUtils.findPhysicalNetworkById(fwDeviceVO.getPhysicalNetworkId()); if (pnw != null) { response.setPhysicalNetworkId(pnw.getUuid()); } response.setDeviceName(fwDeviceVO.getDeviceName()); if (fwDeviceVO.getCapacity() == 0) { long defaultFwCapacity = NumbersUtil.parseLong(_configDao.getValue(Config.DefaultExternalFirewallCapacity.key()), 50); response.setDeviceCapacity(defaultFwCapacity); } else { response.setDeviceCapacity(fwDeviceVO.getCapacity()); } response.setProvider(fwDeviceVO.getProviderName()); response.setDeviceState(fwDeviceVO.getDeviceState().name()); response.setIpAddress(fwHost.getPrivateIpAddress()); response.setPublicInterface(fwDetails.get("publicInterface")); response.setUsageInterface(fwDetails.get("usageInterface")); response.setPrivateInterface(fwDetails.get("privateInterface")); response.setPublicZone(fwDetails.get("publicZone")); response.setPrivateZone(fwDetails.get("privateZone")); response.setNumRetries(fwDetails.get("numRetries")); response.setTimeout(fwDetails.get("timeout")); response.setObjectName("paloaltofirewall"); return response; }