Return-Path: X-Original-To: apmail-cloudstack-dev-archive@www.apache.org Delivered-To: apmail-cloudstack-dev-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id E8647F823 for ; Mon, 1 Apr 2013 19:04:01 +0000 (UTC) Received: (qmail 5645 invoked by uid 500); 1 Apr 2013 19:04:01 -0000 Delivered-To: apmail-cloudstack-dev-archive@cloudstack.apache.org Received: (qmail 5597 invoked by uid 500); 1 Apr 2013 19:04:01 -0000 Mailing-List: contact dev-help@cloudstack.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@cloudstack.apache.org Delivered-To: mailing list dev@cloudstack.apache.org Received: (qmail 5589 invoked by uid 99); 1 Apr 2013 19:04:01 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 01 Apr 2013 19:04:01 +0000 X-ASF-Spam-Status: No, hits=1.5 required=5.0 tests=DC_PNG_UNO_LARGO,HTML_MESSAGE,NORMAL_HTTP_TO_IP,RCVD_IN_DNSWL_LOW,SPF_PASS,URIBL_DBL_REDIR X-Spam-Check-By: apache.org Received-SPF: pass (nike.apache.org: domain of williamstevens@gmail.com designates 209.85.219.53 as permitted sender) Received: from [209.85.219.53] (HELO mail-oa0-f53.google.com) (209.85.219.53) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 01 Apr 2013 19:03:54 +0000 Received: by mail-oa0-f53.google.com with SMTP id m17so2283808oag.12 for ; Mon, 01 Apr 2013 12:03:32 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:x-received:sender:in-reply-to:references:date :x-google-sender-auth:message-id:subject:from:to:content-type; bh=KYwj0zXaFggxC8G14Jfdmk1S18efToRpTUmGreG7L4o=; b=zP9YYf6s4CICUbcLB14BwgeMCP1zMQ33+ZBOR3NEfx07aqVdt3jMnV5PyaoHQsJTuM FfFIrhsCmdxSo87gHYl3Ki0opIilwkjj7vIThK16uASXEVNAHLyAtPPFA9AOiwkhqfIg LVTf8FjzCKbfAWWvIJFcuuHL/JTU0juNRIIttCaFawfk6iLfqOAcX288zHY8oLxMDgAy 0F49Q71ZgE/SIILRLN2z3kWz8Sjo/8yDC+xrv8BgjogeLDmZwaO8rX/X9crvLaDPnQrA 8PGF4/QgOW7lkGyWeoBRUb1jQ3yr8T+TdC58luv8giE/SnRPH9FUgygl2gn8C05Z0G1u 6LPQ== MIME-Version: 1.0 X-Received: by 10.182.161.39 with SMTP id xp7mr4557715obb.71.1364843012587; Mon, 01 Apr 2013 12:03:32 -0700 (PDT) Sender: williamstevens@gmail.com Received: by 10.60.164.38 with HTTP; Mon, 1 Apr 2013 12:03:32 -0700 (PDT) In-Reply-To: References: Date: Mon, 1 Apr 2013 15:03:32 -0400 X-Google-Sender-Auth: 7ka6vJ9vlp0H6KePjGo_FInETq4 Message-ID: Subject: Re: [DISCUSS] Palo Alto Integration From: Will Stevens To: dev@cloudstack.apache.org Content-Type: multipart/related; boundary=f46d04428768f0881704d951462c X-Virus-Checked: Checked by ClamAV on apache.org --f46d04428768f0881704d951462c Content-Type: multipart/alternative; boundary=f46d04428768f0881604d951462b --f46d04428768f0881604d951462b Content-Type: text/plain; charset=ISO-8859-1 So I have been stepping through the code and I can confirm that the 'design' method of ExternalGuestNetworkGuru is being hit, but it doesn't do anything, so it passes off work of creating the network to the 'design' method of GuestNetworkGuru which assigns 10.1.1.0/24 to the network every time I create a network. Something I am finding strange is that 'config.getId()' gives -1, so the new network that is being created while in the 'design' method of ExternalGuestNetworkGuru does not hit the only logic in the function: NetworkVO config = (NetworkVO) super.design(offering, plan, userSpecified, owner); if (config == null) { return null; } else if (_networkModel.networkIsConfiguredForExternalNetworking(plan.getDataCenterId(), config.getId())) { /* In order to revert userSpecified network setup */ config.setState(State.Allocated); } So the config.setState(State.Allocated) is not getting hit. There does seem to be some logic for updating the cidr in the 'implement' function of ExternalGuestNetworkGuru, but that is not run until a VM is added to the network (from what I understand), so that is a bit strange to me. Are the non-overlapping cidrs implemented only when a VM is added to the network and the same placeholder cidr is used until then? Thanks, Will On Mon, Apr 1, 2013 at 11:22 AM, Will Stevens wrote: > Thank you for all your help Murali... > > So my Provider has been setup with isExternal = true this whole time. > public static final Provider PaloAlto = new Provider("PaloAlto", true); > > If I run a debugger and then create a guest network, I see it enter the > 'design' function of the ExternalGuestNetworkGuru, but it does not do > anything in there because the config is not null, but the config.getId() = > -1, so it just returns the config (Network object) and doesn't really do > anything. > > Apparently the 'implement' method doesn't get called until a VM is > attempted to be launched on the network. > > I must be missing something because, every Isolated guest network I create > on my provider is defaulting to the cidr of 10.1.1.0/24. Even if I have > multiple Isolated networks associated with the same account, they all by > default have that cidr. > > If the default behaviour of the ExternalGuestNetworkGuru is to create > non-overlapping guest cidrs, why does it always default to the 10.1.1.0/24cidr when I create a new network? I can not specify a gateway or netmask > because it is an external network (as you can see from the included > screenshot). > [image: Inline image 1] > > What am I missing here? Why am I unable to create non-overlapping cidrs > with the ExternalGuestNetworkGuru? > > Thanks, > > Will > > > On Fri, Mar 29, 2013 at 1:23 AM, Murali Reddy wrote: > >> On 28/03/13 10:59 PM, "Will Stevens" wrote: >> >> >I am trying to implement the non-overlapping cidrs right now and I have >> >some questions. Does the ExternalGuestNetworkGuru create networks with >> >non-overlapping cidrs by default? Or do I need to override it's 'design' >> >and 'implement' methods to implement non overlapping cidrs? >> >> Will, yes, it does by default. You can just use >> 'ExternalGuestNetworkGuru'. Just so that you know, there is check >> 'networkIsConfiguredForExternalNetworking' in ExternalGuestNetworkGuru. >> Which basically checks if provider is configured as service provider using >> external physical appliances. So when you declare provider, mark >> 'isExternal' as true in the provider constructor. >> >> > >> >If I have to write my own methods, I think I understand how to >> >override ExternalGuestNetworkGuru and then get it to run by adding it to >> >the components.xml (or nonoss-components.xml) as well as the >> >componentContext.xml.in. >> > >> >If I do not have to actually write the logic for the non-overlapping >> cidrs >> >(which i am hoping is the case), and the ExternalGuestNetworkGuru >> actually >> >implements that logic, how would I get the ExternalGuestNetworkGuru into >> >my >> >flow without actually overriding the class? I understand that the >> >components are loaded through the components.xml stuff, but its not clear >> >how you specify which NetworkGuru should be used in my specific flow. >> > >> >I am basically working from this >> >document< >> https://cwiki.apache.org/CLOUDSTACK/extending-cloudstack-networki >> >ng.html>and >> >the code. Is there any other resources I should be aware of for >> >extending the CloudStack networking functionality? >> > >> >I have a good start on a Resource, ExternalFirewallElement and an >> >ExternalFirewallService. I can currently set the Palo Alto as the >> >provider >> >of Firewall, SourceNat, StaticNat and Port Forwarding services. I can >> >currently Add, List, Configure and Delete my Palo Alto provider. >> > >> >I am getting there, but I still feel like there are gaps in my knowledge >> >when using the CS networking plugin functionality. >> >> Good the hear the progress. Feel free to ask any question. >> >> Thanks, >> Murali >> >> > >> >Thanks, >> > >> >Will >> >> > --f46d04428768f0881604d951462b Content-Type: text/html; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable
So I have been stepping through the code and I can confirm= that the 'design' method of ExternalGuestNetworkGuru is being hit,= but it doesn't do anything, so it passes off work of creating the netw= ork to the 'design' method of GuestNetworkGuru which assigns 10.1.1.0/24 to the network every time I create= a network. =A0

Something I am finding strange is that 'config.getId()&#= 39; gives -1, so the new network that is being created while in the 'de= sign' method of ExternalGuestNetworkGuru does not hit the only logic in= the function:

NetworkVO co= nfig =3D (NetworkVO) super.design(offering, plan, userSpecified, owner);
if (config =3D=3D null= ) {
=A0 =A0 return null;
} else if (_networkModel.networ= kIsConfiguredForExternalNetworking(plan.getDataCenterId(), config.getId()))= {
=A0 =A0 /* In order to revert us= erSpecified network setup */
=A0 =A0 config.setState(State.Allocated);
}

So the config.setState(State.Allocated) is = not getting hit.

There does seem to be= some logic for updating the cidr in the 'implement' function of Ex= ternalGuestNetworkGuru, but that is not run until a VM is added to the netw= ork (from what I understand), so that is a bit strange to me.

Are the non-overlapping cidrs implemented o= nly when a VM is added to the network and the same placeholder cidr is used= until then? =A0

Thanks,

Will


On Mon, Apr 1, 2013 at 11:22 AM, Will Stevens <wstevens@cloudops.com> wrote:
Thank you for all your help= Murali...

So my Provider has been setup with isExternal= =3D true this whole time.
public static final Provider Pal= oAlto =3D new Provider("PaloAlto", true);

If I run a debugger and then create a guest netwo= rk, I see it enter the 'design' function of the ExternalGuestNetwor= kGuru, but it does not do anything in there because the config is not null,= but the config.getId() =3D -1, so it just returns the config (Network obje= ct) and doesn't really do anything.

Apparently the 'implement' method doesn't g= et called until a VM is attempted to be launched on the network.
=
I must be missing something because, every Isolated guest ne= twork I create on my provider is defaulting to the cidr of 10.1.1.0/24. =A0Even if I have multipl= e Isolated networks associated with the same account, they all by default h= ave that cidr.

If the default behaviour of the ExternalGuestNetworkGur= u is to create non-overlapping guest cidrs, why does it always default to t= he 10.1.1.0/24 cidr wh= en I create a new network? =A0I can not specify a gateway or netmask becaus= e it is an external network (as you can see from the included screenshot).<= /div>
3D"Inline

What am I missing here? = =A0Why am I unable to create non-overlapping cidrs with the ExternalGuestNe= tworkGuru?

Thanks,

Will


On Fri, Mar 29, 2013 at 1:23 AM, Murali Reddy <= Murali.Reddy@citrix.com> wrote:
On 28/03/13 10:59 PM, "Will Steven= s" <wste= vens@cloudops.com> wrote:

>I am trying to implement the non-overlapping cidrs right now and I have=
>some questions. =A0Does the ExternalGuestNetworkGuru create networks wi= th
>non-overlapping cidrs by default? =A0Or do I need to override it's = 'design'
>and 'implement' methods to implement non overlapping cidrs?

Will, yes, it does by default. You can just use
'ExternalGuestNetworkGuru'. Just so that you know, there is check 'networkIsConfiguredForExternalNetworking' in ExternalGuestNetworkG= uru.
Which basically checks if provider is configured as service provider using<= br> external physical appliances. So when you declare provider, mark
'isExternal' as true in the provider constructor.

>
>If I have to write my own methods, I think I understand how to
>override ExternalGuestNetworkGuru and then get it to run by adding it t= o
>the components.xml (or nonoss-components.xml) as well as the
>componentC= ontext.xml.in.
>
>If I do not have to actually write the logic for the non-overlapping ci= drs
>(which i am hoping is the case), and the ExternalGuestNetworkGuru actua= lly
>implements that logic, how would I get the ExternalGuestNetworkGuru int= o
>my
>flow without actually overriding the class? =A0I understand that the >components are loaded through the components.xml stuff, but its not cle= ar
>how you specify which NetworkGuru should be used in my specific flow. >
>I am basically working from this
>document<https://cwiki.apache.org/CLOUDST= ACK/extending-cloudstack-networki
>ng.html>and
>the code. =A0Is there any other resources I should be aware of for=
>extending the CloudStack networking functionality?
>
>I have a good start on a Resource, ExternalFirewallElement and an
>ExternalFirewallService. =A0I can currently set the Palo Alto as the >provider
>of Firewall, SourceNat, StaticNat and Port Forwarding services. =A0I ca= n
>currently Add, List, Configure and Delete my Palo Alto provider.
>
>I am getting there, but I still feel like there are gaps in my knowledg= e
>when using the CS networking plugin functionality.

Good the hear the progress. Feel free to ask any question.

Thanks,
Murali

>
>Thanks,
>
>Will



--f46d04428768f0881604d951462b-- --f46d04428768f0881704d951462c--