private void createDefaultEgressFirewallRule(final List<FirewallRule> rules, final long networkId) { final NetworkVO network = _networkDao.findById(networkId); final NetworkOfferingVO offering = _networkOfferingDao.findById(network.getNetworkOfferingId()); final Boolean defaultEgressPolicy = offering.isEgressDefaultPolicy(); // The default on the router is set to Deny all. So, if the default configuration in the offering is set to true (Allow), we change the Egress here if (defaultEgressPolicy) { final List<String> sourceCidr = new ArrayList<String>(); final List<String> destCidr = new ArrayList<String>(); sourceCidr.add(network.getCidr()); destCidr.add(NetUtils.ALL_IP4_CIDRS); final FirewallRule rule = new FirewallRuleVO(null, null, null, null, "all", networkId, network.getAccountId(), network.getDomainId(), Purpose.Firewall, sourceCidr, destCidr, null, null, null, FirewallRule.TrafficType.Egress, FirewallRule.FirewallRuleType.System); rules.add(rule); } else { s_logger.debug("Egress policy for the Network " + networkId + " is already defined as Deny. So, no need to default the rule to Allow. "); } }
@Override public boolean getNetworkEgressDefaultPolicy(Long networkId) { NetworkVO network = _networksDao.findById(networkId); if (network != null) { NetworkOfferingVO offering = _networkOfferingDao.findById(network.getNetworkOfferingId()); return offering.isEgressDefaultPolicy(); } else { InvalidParameterValueException ex = new InvalidParameterValueException("network with network id does not exist"); throw ex; } }
boolean isNetworkImplemented(final NetworkVO network) { final Network.State state = network.getState(); if (state == Network.State.Implemented) { return true; } else if (state == Network.State.Setup) { final DataCenterVO zone = _dcDao.findById(network.getDataCenterId()); if (!isSharedNetworkOfferingWithServices(network.getNetworkOfferingId()) || zone.getNetworkType() == NetworkType.Basic) { return true; } } return false; }
private void generateNetworkUsageForVm(VirtualMachine vm, boolean isDisplay, String eventType){ List<NicVO> nics = _nicDao.listByVmId(vm.getId()); for (NicVO nic : nics) { NetworkVO network = _networkDao.findById(nic.getNetworkId()); long isDefault = (nic.isDefaultNic()) ? 1 : 0; UsageEventUtils.publishUsageEvent(eventType, vm.getAccountId(), vm.getDataCenterId(), vm.getId(), Long.toString(nic.getId()), network.getNetworkOfferingId(), null, isDefault, vm.getClass().getName(), vm.getUuid(), isDisplay); } }
@Override public boolean restartNetwork(final Long networkId, final Account callerAccount, final User callerUser, final boolean cleanup) throws ConcurrentOperationException, ResourceUnavailableException, InsufficientCapacityException { final NetworkVO network = _networksDao.findById(networkId); s_logger.debug("Restarting network " + networkId + "..."); final ReservationContext context = new ReservationContextImpl(null, null, callerUser, callerAccount); final NetworkOffering offering = _networkOfferingDao.findByIdIncludingRemoved(network.getNetworkOfferingId()); final DeployDestination dest = new DeployDestination(_dcDao.findById(network.getDataCenterId()), null, null, null); if (cleanup) { if (!rollingRestartRouters(network, offering, dest, context)) { setRestartRequired(network, true); return false; } return true; } s_logger.debug("Implementing the network " + network + " elements and resources as a part of network restart without cleanup"); try { implementNetworkElementsAndResources(dest, context, network, offering); setRestartRequired(network, true); return true; } catch (final Exception ex) { s_logger.warn("Failed to implement network " + network + " elements and resources as a part of network restart due to ", ex); return false; } }
defaultNic.setDeviceId(2); networks.put(_networkMgr.setupNetwork(systemAcct, _networkOfferingDao.findById(defaultNetwork.getNetworkOfferingId()), plan, null, null, false).get(0), new ArrayList<NicProfile>(Arrays.asList(defaultNic)));
public NetworkVO cidrToNetwork(ModelController controller, String cidr) { SearchBuilder<NetworkVO> searchBuilder = controller.getNetworkDao().createSearchBuilder(); searchBuilder.and("trafficType", searchBuilder.entity().getTrafficType(), Op.EQ); searchBuilder.and("cidr", searchBuilder.entity().getCidr(), Op.EQ); searchBuilder.and("networkOfferingId", searchBuilder.entity().getNetworkOfferingId(), Op.EQ); SearchCriteria<NetworkVO> sc = searchBuilder.create(); sc.setParameters("networkOfferingId", controller.getManager().getVpcRouterOffering().getId()); sc.setParameters("cidr", cidr); sc.setParameters("trafficType", Networks.TrafficType.Guest); List<NetworkVO> dbNets = controller.getNetworkDao().search(sc, null); if (dbNets == null || dbNets.size() == 0) { return null; } if (dbNets.size() > 1) { s_logger.warn("more than one network found with cidr: " + cidr); } return dbNets.get(0); }
@Override @ActionEvent(eventType = EventTypes.EVENT_NETWORK_MIGRATE, eventDescription = "migrating network", async = true) public Network migrateGuestNetwork(long networkId, long networkOfferingId, Account callerAccount, User callerUser, boolean resume) { NetworkVO network = _networksDao.findById(networkId); NetworkOffering newNtwkOff = _networkOfferingDao.findById(networkOfferingId); //perform below validation if the network is vpc network if (network.getVpcId() != null) { s_logger.warn("Failed to migrate network as the specified network is a vpc tier. Use migrateVpc."); throw new InvalidParameterValueException("Failed to migrate network as the specified network is a vpc tier. Use migrateVpc."); } if (_configMgr.isOfferingForVpc(newNtwkOff)) { s_logger.warn("Failed to migrate network as the specified network offering is a VPC offering"); throw new InvalidParameterValueException("Failed to migrate network as the specified network offering is a VPC offering"); } verifyNetworkCanBeMigrated(callerAccount, network); //Retrieve new Physical NetworkId long newPhysicalNetworkId = findPhysicalNetworkId(network.getDataCenterId(), newNtwkOff.getTags(), newNtwkOff.getTrafficType()); final long oldNetworkOfferingId = network.getNetworkOfferingId(); NetworkOffering oldNtwkOff = _networkOfferingDao.findByIdIncludingRemoved(oldNetworkOfferingId); if (!resume && network.getRelated() != network.getId()) { s_logger.warn("Related network is not equal to network id. You might want to re-run migration with resume = true command."); throw new CloudRuntimeException("Failed to migrate network as previous migration left this network in transient condition. Specify resume as true."); } if (networkNeedsMigration(network, newPhysicalNetworkId, oldNtwkOff, newNtwkOff)) { return migrateNetworkToPhysicalNetwork(network, oldNtwkOff, newNtwkOff, null, null, newPhysicalNetworkId, callerAccount, callerUser); } else { s_logger.info("Network does not need migration."); return network; } }
guru.shutdown(profile, _networkOfferingDao.findById(networkFinal.getNetworkOfferingId())); if (isSharedNetworkOfferingWithServices(networkFinal.getNetworkOfferingId()) && zone.getNetworkType() == NetworkType.Advanced) { networkFinal.setState(Network.State.Setup); } else {
} else if (rule.getTrafficType() == FirewallRule.TrafficType.Egress) { final NetworkVO network = _networkDao.findById(guestNetworkId); final NetworkOfferingVO offering = _networkOfferingDao.findById(network.getNetworkOfferingId()); defaultEgressPolicy = offering.isEgressDefaultPolicy(); assert rule.getSourceIpAddressId() == null : "ipAddressId should be null for egress firewall rule. ";
} else if (rule.getTrafficType() == FirewallRule.TrafficType.Egress) { final NetworkVO network = _networkDao.findById(guestNetworkId); final NetworkOfferingVO offering = _networkOfferingDao.findById(network.getNetworkOfferingId()); defaultEgressPolicy = offering.isEgressDefaultPolicy(); assert rule.getSourceIpAddressId() == null : "ipAddressId should be null for egress firewall rule. ";
@Override public boolean replaceNetworkACL(final NetworkACL acl, final NetworkVO network) throws ResourceUnavailableException { final NetworkOffering guestNtwkOff = _entityMgr.findById(NetworkOffering.class, network.getNetworkOfferingId());
final NetworkGuru guru = AdapterBase.getAdapterByName(networkGurus, networkFinal.getGuruName()); if (!guru.trash(networkFinal, _networkOfferingDao.findById(networkFinal.getNetworkOfferingId()))) { throw new CloudRuntimeException("Failed to trash network."); final NetworkOffering ntwkOff = _entityMgr.findById(NetworkOffering.class, networkFinal.getNetworkOfferingId()); final boolean updateResourceCount = resourceCountNeedsUpdate(ntwkOff, networkFinal.getAclType()); if (updateResourceCount) {
@Override public boolean checkIpForService(IpAddress userIp, Service service, Long networkId) { if (networkId == null) { networkId = userIp.getAssociatedWithNetworkId(); } NetworkVO network = _networksDao.findById(networkId); NetworkOfferingVO offering = _networkOfferingDao.findById(network.getNetworkOfferingId()); if (offering.getGuestType() != GuestType.Isolated) { return true; } IPAddressVO ipVO = _ipAddressDao.findById(userIp.getId()); PublicIp publicIp = PublicIp.createFromAddrAndVlan(ipVO, _vlanDao.findById(userIp.getVlanId())); if (!canIpUsedForService(publicIp, service, networkId)) { return false; } if (!offering.isConserveMode()) { return canIpUsedForNonConserveService(publicIp, service); } return true; }
NetworkVO network = _networkDao.findById(nic.getNetworkId()); UsageEventUtils.publishUsageEvent(EventTypes.EVENT_NETWORK_OFFERING_REMOVE, vo.getAccountId(), vo.getDataCenterId(), vo.getId(), Long.toString(nic.getId()), network.getNetworkOfferingId(), null, 0L, vo.getClass().getName(), vo.getUuid(), vo.isDisplay());
final long isDefault = nic.isDefaultNic() ? 1 : 0; UsageEventUtils.publishUsageEvent(EventTypes.EVENT_NETWORK_OFFERING_REMOVE, vm.getAccountId(), vm.getDataCenterId(), vm.getId(), Long.toString(nic.getId()), network.getNetworkOfferingId(), null, isDefault, VirtualMachine.class.getName(), vm.getUuid(), vm.isDisplay()); } else { s_logger.warn("Failed to unplug nic for the vm " + vm + " from network " + network);
NetworkOfferingVO offering = _networkOfferingDao.findById(networkVO.getNetworkOfferingId()); Boolean defaultEgressPolicy = offering.isEgressDefaultPolicy();
private NicVO findDefaultDnsIp(final long userVmId) { final NicVO defaultNic = _nicDao.findDefaultNicForVM(userVmId); // check if DNS provider is the domR if (!_networkModel.isProviderSupportServiceInNetwork(defaultNic.getNetworkId(), Service.Dns, Provider.VirtualRouter)) { return null; } final NetworkOffering offering = _networkOfferingDao.findById(_networkDao.findById(defaultNic.getNetworkId()).getNetworkOfferingId()); if (offering.isRedundantRouter()) { return findGatewayIp(userVmId); } final DataCenter dc = _dcDao.findById(_networkModel.getNetwork(defaultNic.getNetworkId()).getDataCenterId()); final boolean isZoneBasic = dc.getNetworkType() == NetworkType.Basic; // find domR's nic in the network NicVO domrDefaultNic; if (isZoneBasic) { domrDefaultNic = _nicDao.findByNetworkIdTypeAndGateway(defaultNic.getNetworkId(), VirtualMachine.Type.DomainRouter, defaultNic.getIPv4Gateway()); } else { domrDefaultNic = _nicDao.findByNetworkIdAndType(defaultNic.getNetworkId(), VirtualMachine.Type.DomainRouter); } return domrDefaultNic; }
finalizeNetworkRulesForNetwork(cmds, router, provider, guestNetworkId); final NetworkOffering offering = _networkOfferingDao.findById(_networkDao.findById(guestNetworkId).getNetworkOfferingId());
final NetworkVO nw = _networksDao.findById(nic.getNetworkId()); if (nw.getTrafficType() == TrafficType.Guest) { return _configMgr.getNetworkOfferingNetworkRate(nw.getNetworkOfferingId(), network.getDataCenterId());