Skip to content

Commit 7274c9e

Browse files
author
Daan Hoogland
committed
check if a source NAT IP address is needed before assigning one
1 parent ef1aaa0 commit 7274c9e

File tree

1 file changed

+26
-88
lines changed

1 file changed

+26
-88
lines changed

server/src/main/java/com/cloud/network/IpAddressManagerImpl.java

Lines changed: 26 additions & 88 deletions
Original file line numberDiff line numberDiff line change
@@ -33,9 +33,6 @@
3333

3434
import javax.inject.Inject;
3535

36-
import com.cloud.network.dao.PublicIpQuarantineDao;
37-
import com.cloud.network.vo.PublicIpQuarantineVO;
38-
import com.cloud.resourcelimit.CheckedReservation;
3936
import org.apache.cloudstack.acl.ControlledEntity.ACLType;
4037
import org.apache.cloudstack.acl.SecurityChecker.AccessType;
4138
import org.apache.cloudstack.annotation.AnnotationService;
@@ -57,10 +54,7 @@
5754
import org.apache.cloudstack.reservation.dao.ReservationDao;
5855
import org.apache.commons.collections.CollectionUtils;
5956

60-
import com.cloud.agent.AgentManager;
61-
import com.cloud.alert.AlertManager;
6257
import com.cloud.api.ApiDBUtils;
63-
import com.cloud.configuration.ConfigurationManager;
6458
import com.cloud.configuration.Resource.ResourceType;
6559
import com.cloud.dc.AccountVlanMapVO;
6660
import com.cloud.dc.DataCenter;
@@ -75,18 +69,15 @@
7569
import com.cloud.dc.dao.AccountVlanMapDao;
7670
import com.cloud.dc.dao.DataCenterDao;
7771
import com.cloud.dc.dao.DataCenterIpAddressDao;
78-
import com.cloud.dc.dao.DataCenterVnetDao;
7972
import com.cloud.dc.dao.DomainVlanMapDao;
8073
import com.cloud.dc.dao.HostPodDao;
8174
import com.cloud.dc.dao.PodVlanMapDao;
8275
import com.cloud.dc.dao.VlanDao;
8376
import com.cloud.deploy.DeployDestination;
8477
import com.cloud.domain.Domain;
85-
import com.cloud.domain.dao.DomainDao;
8678
import com.cloud.event.ActionEventUtils;
8779
import com.cloud.event.EventTypes;
8880
import com.cloud.event.UsageEventUtils;
89-
import com.cloud.event.dao.UsageEventDao;
9081
import com.cloud.exception.AccountLimitException;
9182
import com.cloud.exception.ConcurrentOperationException;
9283
import com.cloud.exception.InsufficientAddressCapacityException;
@@ -96,7 +87,6 @@
9687
import com.cloud.exception.PermissionDeniedException;
9788
import com.cloud.exception.ResourceAllocationException;
9889
import com.cloud.exception.ResourceUnavailableException;
99-
import com.cloud.host.dao.HostDao;
10090
import com.cloud.network.IpAddress.State;
10191
import com.cloud.network.Network.Capability;
10292
import com.cloud.network.Network.GuestType;
@@ -107,21 +97,14 @@
10797
import com.cloud.network.Networks.IsolationType;
10898
import com.cloud.network.Networks.TrafficType;
10999
import com.cloud.network.addr.PublicIp;
110-
import com.cloud.network.dao.AccountGuestVlanMapDao;
111100
import com.cloud.network.dao.FirewallRulesDao;
112101
import com.cloud.network.dao.IPAddressDao;
113102
import com.cloud.network.dao.IPAddressVO;
114-
import com.cloud.network.dao.LoadBalancerDao;
115-
import com.cloud.network.dao.NetworkAccountDao;
116103
import com.cloud.network.dao.NetworkDao;
117104
import com.cloud.network.dao.NetworkDetailsDao;
118105
import com.cloud.network.dao.NetworkDetailVO;
119-
import com.cloud.network.dao.NetworkDomainDao;
120-
import com.cloud.network.dao.NetworkServiceMapDao;
121106
import com.cloud.network.dao.PhysicalNetworkDao;
122-
import com.cloud.network.dao.PhysicalNetworkServiceProviderDao;
123-
import com.cloud.network.dao.PhysicalNetworkTrafficTypeDao;
124-
import com.cloud.network.dao.UserIpv6AddressDao;
107+
import com.cloud.network.dao.PublicIpQuarantineDao;
125108
import com.cloud.network.element.IpDeployer;
126109
import com.cloud.network.element.IpDeployingRequester;
127110
import com.cloud.network.element.NetworkElement;
@@ -134,21 +117,20 @@
134117
import com.cloud.network.rules.FirewallRuleVO;
135118
import com.cloud.network.rules.RulesManager;
136119
import com.cloud.network.rules.StaticNat;
137-
import com.cloud.network.rules.dao.PortForwardingRulesDao;
138-
import com.cloud.network.vpc.NetworkACLManager;
120+
import com.cloud.network.vo.PublicIpQuarantineVO;
139121
import com.cloud.network.vpc.VpcManager;
122+
import com.cloud.network.vpc.VpcOffering;
140123
import com.cloud.network.vpc.VpcVO;
141-
import com.cloud.network.vpc.dao.PrivateIpDao;
142124
import com.cloud.network.vpc.dao.VpcDao;
143125
import com.cloud.network.vpc.dao.VpcOfferingDao;
144126
import com.cloud.network.vpn.RemoteAccessVpnService;
145127
import com.cloud.offering.NetworkOffering;
146128
import com.cloud.offering.NetworkOffering.Availability;
147129
import com.cloud.offerings.NetworkOfferingVO;
148130
import com.cloud.offerings.dao.NetworkOfferingDao;
149-
import com.cloud.offerings.dao.NetworkOfferingDetailsDao;
150131
import com.cloud.offerings.dao.NetworkOfferingServiceMapDao;
151132
import com.cloud.org.Grouping;
133+
import com.cloud.resourcelimit.CheckedReservation;
152134
import com.cloud.user.Account;
153135
import com.cloud.user.AccountManager;
154136
import com.cloud.user.ResourceLimitService;
@@ -184,11 +166,7 @@
184166
import com.cloud.vm.ReservationContextImpl;
185167
import com.cloud.vm.VirtualMachine;
186168
import com.cloud.vm.VirtualMachineProfile;
187-
import com.cloud.vm.dao.NicDao;
188169
import com.cloud.vm.dao.NicIpAliasDao;
189-
import com.cloud.vm.dao.NicSecondaryIpDao;
190-
import com.cloud.vm.dao.UserVmDao;
191-
import com.cloud.vm.dao.VMInstanceDao;
192170

193171
public class IpAddressManagerImpl extends ManagerBase implements IpAddressManager, Configurable {
194172

@@ -205,20 +183,12 @@ public class IpAddressManagerImpl extends ManagerBase implements IpAddressManage
205183
@Inject
206184
AccountDao _accountDao;
207185
@Inject
208-
DomainDao _domainDao;
209-
@Inject
210186
UserDao _userDao;
211187
@Inject
212188
ConfigurationDao _configDao;
213189
@Inject
214-
UserVmDao _userVmDao;
215-
@Inject
216-
AlertManager _alertMgr;
217-
@Inject
218190
AccountManager _accountMgr;
219191
@Inject
220-
ConfigurationManager _configMgr;
221-
@Inject
222192
AccountVlanMapDao _accountVlanMapDao;
223193
@Inject
224194
DomainVlanMapDao _domainVlanMapDao;
@@ -229,8 +199,6 @@ public class IpAddressManagerImpl extends ManagerBase implements IpAddressManage
229199
@Inject
230200
NetworkDetailsDao _networkDetailsDao;
231201
@Inject
232-
NicDao _nicDao;
233-
@Inject
234202
RulesManager _rulesMgr;
235203
@Inject
236204
LoadBalancingRulesManager _lbMgr;
@@ -239,22 +207,10 @@ public class IpAddressManagerImpl extends ManagerBase implements IpAddressManage
239207
@Inject
240208
PodVlanMapDao _podVlanMapDao;
241209
@Inject
242-
NetworkOfferingDetailsDao _ntwkOffDetailsDao;
243-
@Inject
244-
AccountGuestVlanMapDao _accountGuestVlanMapDao;
245-
@Inject
246-
DataCenterVnetDao _datacenterVnetDao;
247-
@Inject
248-
NetworkAccountDao _networkAccountDao;
249-
@Inject
250210
protected NicIpAliasDao _nicIpAliasDao;
251211
@Inject
252212
protected IPAddressDao _publicIpAddressDao;
253213
@Inject
254-
NetworkDomainDao _networkDomainDao;
255-
@Inject
256-
VMInstanceDao _vmDao;
257-
@Inject
258214
FirewallManager _firewallMgr;
259215
@Inject
260216
FirewallRulesDao _firewallDao;
@@ -268,36 +224,10 @@ public class IpAddressManagerImpl extends ManagerBase implements IpAddressManage
268224
@Inject
269225
PhysicalNetworkDao _physicalNetworkDao;
270226
@Inject
271-
PhysicalNetworkServiceProviderDao _pNSPDao;
272-
@Inject
273-
PortForwardingRulesDao _portForwardingRulesDao;
274-
@Inject
275-
LoadBalancerDao _lbDao;
276-
@Inject
277-
PhysicalNetworkTrafficTypeDao _pNTrafficTypeDao;
278-
@Inject
279-
AgentManager _agentMgr;
280-
@Inject
281-
HostDao _hostDao;
282-
@Inject
283-
NetworkServiceMapDao _ntwkSrvcDao;
284-
@Inject
285-
StorageNetworkManager _stnwMgr;
286-
@Inject
287227
VpcManager _vpcMgr;
288228
@Inject
289-
PrivateIpDao _privateIpDao;
290-
@Inject
291-
NetworkACLManager _networkACLMgr;
292-
@Inject
293-
UsageEventDao _usageEventDao;
294-
@Inject
295229
NetworkModel _networkModel;
296230
@Inject
297-
NicSecondaryIpDao _nicSecondaryIpDao;
298-
@Inject
299-
UserIpv6AddressDao _ipv6Dao;
300-
@Inject
301231
Ipv6AddressManager _ipv6Mgr;
302232
@Inject
303233
PortableIpDao _portableIpDao;
@@ -570,12 +500,8 @@ boolean checkIfIpAssocRequired(Network network, boolean postApplyRules, List<Pub
570500
}
571501

572502
for (PublicIp ip : publicIps) {
573-
if (ip.isSourceNat()) {
574-
continue;
575-
} else if (ip.isOneToOneNat()) {
576-
continue;
577-
} else {
578-
Long totalCount = null;
503+
if ( ! (ip.isSourceNat() || ip.isOneToOneNat())) {
504+
long totalCount;
579505
Long revokeCount = null;
580506
Long activeCount = null;
581507
Long addCount = null;
@@ -588,13 +514,13 @@ boolean checkIfIpAssocRequired(Network network, boolean postApplyRules, List<Pub
588514
addCount = _firewallDao.countRulesByIpIdAndState(ip.getId(), FirewallRule.State.Add);
589515
}
590516

591-
if (totalCount == null || totalCount.longValue() == 0L) {
517+
if (totalCount == 0L) {
592518
continue;
593519
}
594520

595521
if (postApplyRules) {
596522

597-
if (revokeCount != null && revokeCount.longValue() == totalCount.longValue()) {
523+
if (revokeCount != null && revokeCount.longValue() == totalCount) {
598524
logger.trace("All rules are in Revoke state, have to dis-assiciate IP from the backend");
599525
return true;
600526
}
@@ -607,12 +533,9 @@ boolean checkIfIpAssocRequired(Network network, boolean postApplyRules, List<Pub
607533
// reboot the VR. So ipassoc is needed.
608534
return true;
609535
}
610-
continue;
611-
} else if (addCount != null && addCount.longValue() == totalCount.longValue()) {
536+
} else if (addCount != null && addCount.longValue() == totalCount) {
612537
logger.trace("All rules are in Add state, have to assiciate IP with the backend");
613538
return true;
614-
} else {
615-
continue;
616539
}
617540
}
618541
}
@@ -1102,7 +1025,7 @@ public PublicIp assignSourceNatIpAddressToGuestNetwork(Account owner, Network gu
11021025
IPAddressVO sourceNatIp = getExistingSourceNatInNetwork(owner.getId(), guestNetwork.getId());
11031026

11041027
PublicIp ipToReturn = null;
1105-
if (sourceNatIp != null) {
1028+
if (sourceNatIp != null || isRouted(guestNetwork)) {
11061029
ipToReturn = PublicIp.createFromAddrAndVlan(sourceNatIp, _vlanDao.findById(sourceNatIp.getVlanId()));
11071030
} else {
11081031
ipToReturn = assignDedicateIpAddress(owner, guestNetwork.getId(), null, dcId, true);
@@ -1111,6 +1034,21 @@ public PublicIp assignSourceNatIpAddressToGuestNetwork(Account owner, Network gu
11111034
return ipToReturn;
11121035
}
11131036

1037+
private boolean isRouted(Network guestNetwork) {
1038+
VpcOffering vpcOffer = null;
1039+
NetworkOffering netOffer = _networkOfferingDao.findById(guestNetwork.getNetworkOfferingId());
1040+
if (netOffer == null) {
1041+
throw new CloudRuntimeException("network without offering found???");
1042+
}
1043+
if (netOffer.isForVpc() && guestNetwork.getVpcId() != null) {
1044+
VpcVO vpc = _vpcDao.findById(guestNetwork.getVpcId());
1045+
if (vpc != null) {
1046+
vpcOffer = vpcOfferingDao.findById(vpc.getVpcOfferingId());
1047+
}
1048+
}
1049+
return netOffer.getRoutingMode() != null || (vpcOffer != null && vpcOffer.getRoutingMode() != null);
1050+
}
1051+
11141052
@DB
11151053
@Override
11161054
public PublicIp assignDedicateIpAddress(Account owner, final Long guestNtwkId, final Long vpcId, final long dcId, final boolean isSourceNat)
@@ -1633,7 +1571,7 @@ private static void validateNetworkAndIpOwnership(Account owner, IPAddressVO ipT
16331571
*/
16341572
protected boolean isSourceNatAvailableForNetwork(Account owner, IPAddressVO ipToAssoc, Network network) {
16351573
NetworkOffering offering = _networkOfferingDao.findById(network.getNetworkOfferingId());
1636-
boolean sharedSourceNat = offering.isSharedSourceNat();
1574+
boolean sharedSourceNat = offering.isSharedSourceNat() || offering.getRoutingMode() != null;
16371575
boolean isSourceNat = false;
16381576
if (!sharedSourceNat) {
16391577
if (getExistingSourceNatInNetwork(owner.getId(), network.getId()) == null) {

0 commit comments

Comments
 (0)