Return-Path: X-Original-To: apmail-cloudstack-commits-archive@www.apache.org Delivered-To: apmail-cloudstack-commits-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id E23941060B for ; Mon, 10 Jun 2013 00:53:54 +0000 (UTC) Received: (qmail 56605 invoked by uid 500); 10 Jun 2013 00:53:51 -0000 Delivered-To: apmail-cloudstack-commits-archive@cloudstack.apache.org Received: (qmail 56514 invoked by uid 500); 10 Jun 2013 00:53:51 -0000 Mailing-List: contact commits-help@cloudstack.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@cloudstack.apache.org Delivered-To: mailing list commits@cloudstack.apache.org Received: (qmail 56196 invoked by uid 99); 10 Jun 2013 00:53:50 -0000 Received: from tyr.zones.apache.org (HELO tyr.zones.apache.org) (140.211.11.114) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 10 Jun 2013 00:53:50 +0000 Received: by tyr.zones.apache.org (Postfix, from userid 65534) id 8FE178A208A; Mon, 10 Jun 2013 00:53:50 +0000 (UTC) Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit From: ahuang@apache.org To: commits@cloudstack.apache.org Date: Mon, 10 Jun 2013 00:54:05 -0000 Message-Id: In-Reply-To: References: X-Mailer: ASF-Git Admin Mailer Subject: [16/50] [abbrv] git commit: updated refs/heads/vmsync to aaa16af CLOUDSTACK-2874: fix the upgrade for the deployment with F5/SRX combination prior to 3.0 release Fix does following: - add F5 network service provider into a physical network if there if F5 deployed in the zone - add instance of F5 network service provider - add SRX network service provider into a physical network if there if SRX deployed in the zone - add instance of SRX network service provider - upgrade all the guest networks to network offering '"Isolated with external providers" Project: http://git-wip-us.apache.org/repos/asf/cloudstack/repo Commit: http://git-wip-us.apache.org/repos/asf/cloudstack/commit/c0d89434 Tree: http://git-wip-us.apache.org/repos/asf/cloudstack/tree/c0d89434 Diff: http://git-wip-us.apache.org/repos/asf/cloudstack/diff/c0d89434 Branch: refs/heads/vmsync Commit: c0d894346a57e61626f332a9ef25efa9b5e77646 Parents: d98289b Author: Murali Reddy Authored: Thu Jun 6 17:47:31 2013 +0530 Committer: Murali Reddy Committed: Thu Jun 6 17:49:47 2013 +0530 ---------------------------------------------------------------------- .../com/cloud/upgrade/dao/Upgrade410to420.java | 360 +++++++++++++++++++ 1 file changed, 360 insertions(+) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/cloudstack/blob/c0d89434/engine/schema/src/com/cloud/upgrade/dao/Upgrade410to420.java ---------------------------------------------------------------------- diff --git a/engine/schema/src/com/cloud/upgrade/dao/Upgrade410to420.java b/engine/schema/src/com/cloud/upgrade/dao/Upgrade410to420.java index 955ea56..d8f90ad 100644 --- a/engine/schema/src/com/cloud/upgrade/dao/Upgrade410to420.java +++ b/engine/schema/src/com/cloud/upgrade/dao/Upgrade410to420.java @@ -79,6 +79,7 @@ public class Upgrade410to420 implements DbUpgrade { updateNetworkACLs(conn); addHostDetailsIndex(conn); updateNetworksForPrivateGateways(conn); + correctExternalNetworkDevicesSetup(conn); removeFirewallServiceFromSharedNetworkOfferingWithSGService(conn); fix22xKVMSnapshots(conn); addIndexForAlert(conn); @@ -1224,4 +1225,363 @@ public class Upgrade410to420 implements DbUpgrade { } } } + + // Corrects upgrade for deployment with F5 and SRX devices (pre 3.0) to network offering & + // network service provider paradigm + private void correctExternalNetworkDevicesSetup(Connection conn) { + PreparedStatement zoneSearchStmt = null, pNetworkStmt = null, f5DevicesStmt = null, srxDevicesStmt = null; + ResultSet zoneResults = null, pNetworksResults = null, f5DevicesResult = null, srxDevicesResult = null; + + try { + zoneSearchStmt = conn.prepareStatement("SELECT id, networktype FROM `cloud`.`data_center`"); + zoneResults = zoneSearchStmt.executeQuery(); + while (zoneResults.next()) { + long zoneId = zoneResults.getLong(1); + String networkType = zoneResults.getString(2); + + if (!com.cloud.dc.DataCenter.NetworkType.Advanced.toString().equalsIgnoreCase(networkType)) { + continue; + } + + pNetworkStmt = conn.prepareStatement("SELECT id FROM `cloud`.`physical_network` where data_center_id=?"); + pNetworkStmt.setLong(1, zoneId); + pNetworksResults = pNetworkStmt.executeQuery(); + while (pNetworksResults.next()) { + long physicalNetworkId = pNetworksResults.getLong(1); + PreparedStatement fetchF5NspStmt = conn.prepareStatement("SELECT id from `cloud`.`physical_network_service_providers` where physical_network_id=" + physicalNetworkId + + " and provider_name = 'F5BigIp'"); + ResultSet rsF5NSP = fetchF5NspStmt.executeQuery(); + boolean hasF5Nsp = rsF5NSP.next(); + fetchF5NspStmt.close(); + + // if there is no 'F5BigIP' physical network service provider added into physical network then + // add 'F5BigIP' as network service provider and add the entry in 'external_load_balancer_devices' + if (!hasF5Nsp) { + f5DevicesStmt = conn.prepareStatement("SELECT id FROM host WHERE data_center_id=? AND type = 'ExternalLoadBalancer' AND removed IS NULL"); + f5DevicesStmt.setLong(1, zoneId); + f5DevicesResult = f5DevicesStmt.executeQuery(); + // add F5BigIP provider and provider instance to physical network if there are any external load + // balancers added in the zone + while (f5DevicesResult.next()) { + long f5HostId = f5DevicesResult.getLong(1);; + addF5ServiceProvider(conn, physicalNetworkId, zoneId); + addF5LoadBalancer(conn, f5HostId, physicalNetworkId); + } + } + + PreparedStatement fetchSRXNspStmt = conn.prepareStatement("SELECT id from `cloud`.`physical_network_service_providers` where physical_network_id=" + physicalNetworkId + + " and provider_name = 'JuniperSRX'"); + ResultSet rsSRXNSP = fetchSRXNspStmt.executeQuery(); + boolean hasSrxNsp = rsSRXNSP.next(); + fetchSRXNspStmt.close(); + + // if there is no 'JuniperSRX' physical network service provider added into physical network then + // add 'JuniperSRX' as network service provider and add the entry in 'external_firewall_devices' + if (!hasSrxNsp) { + srxDevicesStmt = conn.prepareStatement("SELECT id FROM host WHERE data_center_id=? AND type = 'ExternalFirewall' AND removed IS NULL"); + srxDevicesStmt.setLong(1, zoneId); + srxDevicesResult = srxDevicesStmt.executeQuery(); + // add JuniperSRX provider and provider instance to physical network if there are any external + // firewall instances added in to the zone + while (srxDevicesResult.next()) { + long srxHostId = srxDevicesResult.getLong(1); + // add SRX provider and provider instance to physical network + addSrxServiceProvider(conn, physicalNetworkId, zoneId); + addSrxFirewall(conn, srxHostId, physicalNetworkId); + } + } + } + } + + // not the network service provider has been provisioned in to physical network, mark all guest network + // to be using network offering 'Isolated with external providers' + fixZoneUsingExternalDevices(conn); + + if (zoneResults != null) { + try { + zoneResults.close(); + } catch (SQLException e) { + } + } + + if (zoneSearchStmt != null) { + try { + zoneSearchStmt.close(); + } catch (SQLException e) { + } + } + } catch (SQLException e) { + throw new CloudRuntimeException("Exception while adding PhysicalNetworks", e); + } finally { + + } + } + + private void addF5LoadBalancer(Connection conn, long hostId, long physicalNetworkId){ + PreparedStatement pstmtUpdate = null; + try{ + s_logger.debug("Adding F5 Big IP load balancer with host id " + hostId + " in to physical network" + physicalNetworkId); + String insertF5 = "INSERT INTO `cloud`.`external_load_balancer_devices` (physical_network_id, host_id, provider_name, " + + "device_name, capacity, is_dedicated, device_state, allocation_state, is_inline, is_managed, uuid) VALUES ( ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)"; + pstmtUpdate = conn.prepareStatement(insertF5); + pstmtUpdate.setLong(1, physicalNetworkId); + pstmtUpdate.setLong(2, hostId); + pstmtUpdate.setString(3, "F5BigIp"); + pstmtUpdate.setString(4, "F5BigIpLoadBalancer"); + pstmtUpdate.setLong(5, 0); + pstmtUpdate.setBoolean(6, false); + pstmtUpdate.setString(7, "Enabled"); + pstmtUpdate.setString(8, "Shared"); + pstmtUpdate.setBoolean(9, false); + pstmtUpdate.setBoolean(10, false); + pstmtUpdate.setString(11, UUID.randomUUID().toString()); + pstmtUpdate.executeUpdate(); + }catch (SQLException e) { + throw new CloudRuntimeException("Exception while adding F5 load balancer device" , e); + } finally { + if (pstmtUpdate != null) { + try { + pstmtUpdate.close(); + } catch (SQLException e) { + } + } + } + } + + private void addSrxFirewall(Connection conn, long hostId, long physicalNetworkId){ + PreparedStatement pstmtUpdate = null; + try{ + s_logger.debug("Adding SRX firewall device with host id " + hostId + " in to physical network" + physicalNetworkId); + String insertSrx = "INSERT INTO `cloud`.`external_firewall_devices` (physical_network_id, host_id, provider_name, " + + "device_name, capacity, is_dedicated, device_state, allocation_state, uuid) VALUES ( ?, ?, ?, ?, ?, ?, ?, ?, ?)"; + pstmtUpdate = conn.prepareStatement(insertSrx); + pstmtUpdate.setLong(1, physicalNetworkId); + pstmtUpdate.setLong(2, hostId); + pstmtUpdate.setString(3, "JuniperSRX"); + pstmtUpdate.setString(4, "JuniperSRXFirewall"); + pstmtUpdate.setLong(5, 0); + pstmtUpdate.setBoolean(6, false); + pstmtUpdate.setString(7, "Enabled"); + pstmtUpdate.setString(8, "Shared"); + pstmtUpdate.setString(9, UUID.randomUUID().toString()); + pstmtUpdate.executeUpdate(); + }catch (SQLException e) { + throw new CloudRuntimeException("Exception while adding SRX firewall device ", e); + } finally { + if (pstmtUpdate != null) { + try { + pstmtUpdate.close(); + } catch (SQLException e) { + } + } + } + } + + private void addF5ServiceProvider(Connection conn, long physicalNetworkId, long zoneId){ + PreparedStatement pstmtUpdate = null; + try{ + // add physical network service provider - F5BigIp + s_logger.debug("Adding PhysicalNetworkServiceProvider F5BigIp" + " in to physical network" + physicalNetworkId); + String insertPNSP = "INSERT INTO `cloud`.`physical_network_service_providers` (`uuid`, `physical_network_id` , `provider_name`, `state` ," + + "`destination_physical_network_id`, `vpn_service_provided`, `dhcp_service_provided`, `dns_service_provided`, `gateway_service_provided`," + + "`firewall_service_provided`, `source_nat_service_provided`, `load_balance_service_provided`, `static_nat_service_provided`," + + "`port_forwarding_service_provided`, `user_data_service_provided`, `security_group_service_provided`) VALUES (?,?,?,?,0,0,0,0,0,0,0,1,0,0,0,0)"; + + pstmtUpdate = conn.prepareStatement(insertPNSP); + pstmtUpdate.setString(1, UUID.randomUUID().toString()); + pstmtUpdate.setLong(2, physicalNetworkId); + pstmtUpdate.setString(3, "F5BigIp"); + pstmtUpdate.setString(4, "Enabled"); + pstmtUpdate.executeUpdate(); + }catch (SQLException e) { + throw new CloudRuntimeException("Exception while adding PhysicalNetworkServiceProvider F5BigIp", e); + } finally { + if (pstmtUpdate != null) { + try { + pstmtUpdate.close(); + } catch (SQLException e) { + } + } + } + } + + private void addSrxServiceProvider(Connection conn, long physicalNetworkId, long zoneId){ + PreparedStatement pstmtUpdate = null; + try{ + // add physical network service provider - JuniperSRX + s_logger.debug("Adding PhysicalNetworkServiceProvider JuniperSRX"); + String insertPNSP = "INSERT INTO `cloud`.`physical_network_service_providers` (`uuid`, `physical_network_id` , `provider_name`, `state` ," + + "`destination_physical_network_id`, `vpn_service_provided`, `dhcp_service_provided`, `dns_service_provided`, `gateway_service_provided`," + + "`firewall_service_provided`, `source_nat_service_provided`, `load_balance_service_provided`, `static_nat_service_provided`," + + "`port_forwarding_service_provided`, `user_data_service_provided`, `security_group_service_provided`) VALUES (?,?,?,?,0,0,0,0,1,1,1,0,1,1,0,0)"; + + pstmtUpdate = conn.prepareStatement(insertPNSP); + pstmtUpdate.setString(1, UUID.randomUUID().toString()); + pstmtUpdate.setLong(2, physicalNetworkId); + pstmtUpdate.setString(3, "JuniperSRX"); + pstmtUpdate.setString(4, "Enabled"); + pstmtUpdate.executeUpdate(); + }catch (SQLException e) { + throw new CloudRuntimeException("Exception while adding PhysicalNetworkServiceProvider JuniperSRX" , e); + } finally { + if (pstmtUpdate != null) { + try { + pstmtUpdate.close(); + } catch (SQLException e) { + } + } + } + } + + // This method does two things + // + // 1) ensure that networks using external load balancer/firewall in deployments prior to release 3.0 + // has entry in network_external_lb_device_map and network_external_firewall_device_map + // + // 2) Some keys of host details for F5 and SRX devices were stored in Camel Case in 2.x releases. From 3.0 + // they are made in lowercase. On upgrade change the host details name to lower case + private void fixZoneUsingExternalDevices(Connection conn) { + //Get zones to upgrade + List zoneIds = new ArrayList(); + PreparedStatement pstmt = null; + PreparedStatement pstmtUpdate = null; + ResultSet rs = null; + long networkOfferingId, networkId; + long f5DeviceId, f5HostId; + long srxDevivceId, srxHostId; + + try { + pstmt = conn.prepareStatement("select id from `cloud`.`data_center` where lb_provider='F5BigIp' or firewall_provider='JuniperSRX' or gateway_provider='JuniperSRX'"); + rs = pstmt.executeQuery(); + while (rs.next()) { + zoneIds.add(rs.getLong(1)); + } + } catch (SQLException e) { + throw new CloudRuntimeException("Unable to create network to LB & firewall device mapping for networks that use them", e); + } + + if (zoneIds.size() == 0) { + return; // no zones using F5 and SRX devices so return + } + + // find the default network offering created for external devices during upgrade from 2.2.14 + try { + pstmt = conn.prepareStatement("select id from `cloud`.`network_offerings` where unique_name='Isolated with external providers' "); + rs = pstmt.executeQuery(); + if (rs.first()) { + networkOfferingId = rs.getLong(1); + } else { + throw new CloudRuntimeException("Cannot upgrade as there is no 'Isolated with external providers' network offering crearted ."); + } + } catch (SQLException e) { + throw new CloudRuntimeException("Unable to create network to LB & firewalla device mapping for networks that use them", e); + } + + for (Long zoneId : zoneIds) { + try { + // find the F5 device id in the zone + pstmt = conn.prepareStatement("SELECT id FROM host WHERE data_center_id=? AND type = 'ExternalLoadBalancer' AND removed IS NULL"); + pstmt.setLong(1, zoneId); + rs = pstmt.executeQuery(); + if (rs.first()) { + f5HostId = rs.getLong(1); + } else { + throw new CloudRuntimeException("Cannot upgrade as there is no F5 load balancer device found in data center " + zoneId); + } + pstmt = conn.prepareStatement("SELECT id FROM external_load_balancer_devices WHERE host_id=?"); + pstmt.setLong(1, f5HostId); + rs = pstmt.executeQuery(); + if (rs.first()) { + f5DeviceId = rs.getLong(1); + } else { + throw new CloudRuntimeException("Cannot upgrade as there is no F5 load balancer device with host ID " + f5HostId + " found in external_load_balancer_device"); + } + + // find the SRX device id in the zone + pstmt = conn.prepareStatement("SELECT id FROM host WHERE data_center_id=? AND type = 'ExternalFirewall' AND removed IS NULL"); + pstmt.setLong(1, zoneId); + rs = pstmt.executeQuery(); + if (rs.first()) { + srxHostId = rs.getLong(1); + } else { + throw new CloudRuntimeException("Cannot upgrade as there is no SRX firewall device found in data center " + zoneId); + } + pstmt = conn.prepareStatement("SELECT id FROM external_firewall_devices WHERE host_id=?"); + pstmt.setLong(1, srxHostId); + rs = pstmt.executeQuery(); + if (rs.first()) { + srxDevivceId = rs.getLong(1); + } else { + throw new CloudRuntimeException("Cannot upgrade as there is no SRX firewall device found with host ID " + srxHostId + " found in external_firewall_devices"); + } + + // check if network any uses F5 or SRX devices in the zone + pstmt = conn.prepareStatement("select id from `cloud`.`networks` where guest_type='Virtual' and data_center_id=? and network_offering_id=? and removed IS NULL"); + pstmt.setLong(1, zoneId); + pstmt.setLong(2, networkOfferingId); + rs = pstmt.executeQuery(); + while (rs.next()) { + // get the network Id + networkId = rs.getLong(1); + + // add mapping for the network in network_external_lb_device_map + String insertLbMapping = "INSERT INTO `cloud`.`network_external_lb_device_map` (uuid, network_id, external_load_balancer_device_id, created) VALUES ( ?, ?, ?, now())"; + pstmtUpdate = conn.prepareStatement(insertLbMapping); + pstmtUpdate.setString(1, UUID.randomUUID().toString()); + pstmtUpdate.setLong(2, networkId); + pstmtUpdate.setLong(3, f5DeviceId); + pstmtUpdate.executeUpdate(); + s_logger.debug("Successfully added entry in network_external_lb_device_map for network " + networkId + " and F5 device ID " + f5DeviceId); + + // add mapping for the network in network_external_firewall_device_map + String insertFwMapping = "INSERT INTO `cloud`.`network_external_firewall_device_map` (uuid, network_id, external_firewall_device_id, created) VALUES ( ?, ?, ?, now())"; + pstmtUpdate = conn.prepareStatement(insertFwMapping); + pstmtUpdate.setString(1, UUID.randomUUID().toString()); + pstmtUpdate.setLong(2, networkId); + pstmtUpdate.setLong(3, srxDevivceId); + pstmtUpdate.executeUpdate(); + s_logger.debug("Successfully added entry in network_external_firewall_device_map for network " + networkId + " and SRX device ID " + srxDevivceId); + } + + // update host details for F5 and SRX devices + s_logger.debug("Updating the host details for F5 and SRX devices"); + pstmt = conn.prepareStatement("SELECT host_id, name FROM `cloud`.`host_details` WHERE host_id=? OR host_id=?"); + pstmt.setLong(1, f5HostId); + pstmt.setLong(2, srxHostId); + rs = pstmt.executeQuery(); + while (rs.next()) { + long hostId = rs.getLong(1); + String camlCaseName = rs.getString(2); + if (!(camlCaseName.equalsIgnoreCase("numRetries") || + camlCaseName.equalsIgnoreCase("publicZone") || + camlCaseName.equalsIgnoreCase("privateZone") || + camlCaseName.equalsIgnoreCase("publicInterface") || + camlCaseName.equalsIgnoreCase("privateInterface") || + camlCaseName.equalsIgnoreCase("usageInterface") )) { + continue; + } + String lowerCaseName = camlCaseName.toLowerCase(); + pstmt = conn.prepareStatement("update `cloud`.`host_details` set name=? where host_id=? AND name=?"); + pstmt.setString(1, lowerCaseName); + pstmt.setLong(2, hostId); + pstmt.setString(3, camlCaseName); + pstmt.executeUpdate(); + } + s_logger.debug("Successfully updated host details for F5 and SRX devices"); + } catch (SQLException e) { + throw new CloudRuntimeException("Unable create a mapping for the networks in network_external_lb_device_map and network_external_firewall_device_map", e); + } finally { + try { + if (rs != null) { + rs.close(); + } + if (pstmt != null) { + pstmt.close(); + } + } catch (SQLException e) { + } + } + s_logger.info("Successfully upgraded network using F5 and SRX devices to have a entry in the network_external_lb_device_map and network_external_firewall_device_map"); + } + } }