cloudstack-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Will Stevens <wstev...@cloudops.com>
Subject Re: [DISCUSS] Palo Alto Integration
Date Mon, 01 Apr 2013 19:03:32 GMT
So I have been stepping through the code and I can confirm that the
'design' method of ExternalGuestNetworkGuru is being hit, but it doesn't do
anything, so it passes off work of creating the network to the 'design'
method of GuestNetworkGuru which assigns 10.1.1.0/24 to the network every
time I create a network.

Something I am finding strange is that 'config.getId()' gives -1, so the
new network that is being created while in the 'design' method of
ExternalGuestNetworkGuru does not hit the only logic in the function:

NetworkVO config = (NetworkVO) super.design(offering, plan, userSpecified,
owner);
if (config == null) {
    return null;
} else if
(_networkModel.networkIsConfiguredForExternalNetworking(plan.getDataCenterId(),
config.getId())) {
    /* In order to revert userSpecified network setup */
    config.setState(State.Allocated);
}

So the config.setState(State.Allocated) is not getting hit.

There does seem to be some logic for updating the cidr in the 'implement'
function of ExternalGuestNetworkGuru, but that is not run until a VM is
added to the network (from what I understand), so that is a bit strange to
me.

Are the non-overlapping cidrs implemented only when a VM is added to the
network and the same placeholder cidr is used until then?

Thanks,

Will


On Mon, Apr 1, 2013 at 11:22 AM, Will Stevens <wstevens@cloudops.com> wrote:

> Thank you for all your help Murali...
>
> So my Provider has been setup with isExternal = true this whole time.
> public static final Provider PaloAlto = new Provider("PaloAlto", true);
>
> If I run a debugger and then create a guest network, I see it enter the
> 'design' function of the ExternalGuestNetworkGuru, but it does not do
> anything in there because the config is not null, but the config.getId() =
> -1, so it just returns the config (Network object) and doesn't really do
> anything.
>
> Apparently the 'implement' method doesn't get called until a VM is
> attempted to be launched on the network.
>
> I must be missing something because, every Isolated guest network I create
> on my provider is defaulting to the cidr of 10.1.1.0/24.  Even if I have
> multiple Isolated networks associated with the same account, they all by
> default have that cidr.
>
> If the default behaviour of the ExternalGuestNetworkGuru is to create
> non-overlapping guest cidrs, why does it always default to the 10.1.1.0/24cidr when I
create a new network?  I can not specify a gateway or netmask
> because it is an external network (as you can see from the included
> screenshot).
> [image: Inline image 1]
>
> What am I missing here?  Why am I unable to create non-overlapping cidrs
> with the ExternalGuestNetworkGuru?
>
> Thanks,
>
> Will
>
>
> On Fri, Mar 29, 2013 at 1:23 AM, Murali Reddy <Murali.Reddy@citrix.com>wrote:
>
>> On 28/03/13 10:59 PM, "Will Stevens" <wstevens@cloudops.com> wrote:
>>
>> >I am trying to implement the non-overlapping cidrs right now and I have
>> >some questions.  Does the ExternalGuestNetworkGuru create networks with
>> >non-overlapping cidrs by default?  Or do I need to override it's 'design'
>> >and 'implement' methods to implement non overlapping cidrs?
>>
>> Will, yes, it does by default. You can just use
>> 'ExternalGuestNetworkGuru'. Just so that you know, there is check
>> 'networkIsConfiguredForExternalNetworking' in ExternalGuestNetworkGuru.
>> Which basically checks if provider is configured as service provider using
>> external physical appliances. So when you declare provider, mark
>> 'isExternal' as true in the provider constructor.
>>
>> >
>> >If I have to write my own methods, I think I understand how to
>> >override ExternalGuestNetworkGuru and then get it to run by adding it to
>> >the components.xml (or nonoss-components.xml) as well as the
>> >componentContext.xml.in.
>> >
>> >If I do not have to actually write the logic for the non-overlapping
>> cidrs
>> >(which i am hoping is the case), and the ExternalGuestNetworkGuru
>> actually
>> >implements that logic, how would I get the ExternalGuestNetworkGuru into
>> >my
>> >flow without actually overriding the class?  I understand that the
>> >components are loaded through the components.xml stuff, but its not clear
>> >how you specify which NetworkGuru should be used in my specific flow.
>> >
>> >I am basically working from this
>> >document<
>> https://cwiki.apache.org/CLOUDSTACK/extending-cloudstack-networki
>> >ng.html>and
>> >the code.  Is there any other resources I should be aware of for
>> >extending the CloudStack networking functionality?
>> >
>> >I have a good start on a Resource, ExternalFirewallElement and an
>> >ExternalFirewallService.  I can currently set the Palo Alto as the
>> >provider
>> >of Firewall, SourceNat, StaticNat and Port Forwarding services.  I can
>> >currently Add, List, Configure and Delete my Palo Alto provider.
>> >
>> >I am getting there, but I still feel like there are gaps in my knowledge
>> >when using the CS networking plugin functionality.
>>
>> Good the hear the progress. Feel free to ask any question.
>>
>> Thanks,
>> Murali
>>
>> >
>> >Thanks,
>> >
>> >Will
>>
>>
>

Mime
  • Unnamed multipart/related (inline, None, 0 bytes)
View raw message