incubator-cloudstack-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From mc...@apache.org
Subject [41/43] git commit: default Security rule doesn't apply to system VMs since nic.getIsolationUri is not set
Date Tue, 15 Jan 2013 23:55:10 GMT
default Security rule doesn't apply to system VMs since nic.getIsolationUri is not set

use to.setSecurityGroupEnabled to indicate if securitygroup is enabled on this NIC

CLOUDSTACK-983: default Security rule doesn't apply to system VMs


Project: http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/commit/a6b90276
Tree: http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/tree/a6b90276
Diff: http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/diff/a6b90276

Branch: refs/heads/api_limit
Commit: a6b902763071c70f6e530ea4b3440f5fb030090b
Parents: 101f644
Author: anthony <anthony@cloud.com>
Authored: Tue Jan 15 11:15:42 2013 -0800
Committer: anthony <anthony@cloud.com>
Committed: Tue Jan 15 11:15:42 2013 -0800

----------------------------------------------------------------------
 .../kvm/resource/LibvirtComputingResource.java     |    5 ++---
 .../xen/resource/CitrixResourceBase.java           |    6 ++++--
 .../com/cloud/hypervisor/HypervisorGuruBase.java   |    1 +
 3 files changed, 7 insertions(+), 5 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/a6b90276/plugins/hypervisors/kvm/src/com/cloud/hypervisor/kvm/resource/LibvirtComputingResource.java
----------------------------------------------------------------------
diff --git a/plugins/hypervisors/kvm/src/com/cloud/hypervisor/kvm/resource/LibvirtComputingResource.java
b/plugins/hypervisors/kvm/src/com/cloud/hypervisor/kvm/resource/LibvirtComputingResource.java
index b52e2d8..6b5f6df 100755
--- a/plugins/hypervisors/kvm/src/com/cloud/hypervisor/kvm/resource/LibvirtComputingResource.java
+++ b/plugins/hypervisors/kvm/src/com/cloud/hypervisor/kvm/resource/LibvirtComputingResource.java
@@ -2901,9 +2901,8 @@ public class LibvirtComputingResource extends ServerResourceBase implements
 
             NicTO[] nics = vmSpec.getNics();
             for (NicTO nic : nics) {
-                if (nic.getIsolationUri() != null
-                        && nic.getIsolationUri().getScheme()
-                                .equalsIgnoreCase(IsolationType.Ec2.toString())) {
+                if (nic.isSecurityGroupEnabled() || ( nic.getIsolationUri() != null
+                         && nic.getIsolationUri().getScheme().equalsIgnoreCase(IsolationType.Ec2.toString())))
{
                     if (vmSpec.getType() != VirtualMachine.Type.User) {
                         default_network_rules_for_systemvm(conn, vmName);
                         break;

http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/a6b90276/plugins/hypervisors/xen/src/com/cloud/hypervisor/xen/resource/CitrixResourceBase.java
----------------------------------------------------------------------
diff --git a/plugins/hypervisors/xen/src/com/cloud/hypervisor/xen/resource/CitrixResourceBase.java
b/plugins/hypervisors/xen/src/com/cloud/hypervisor/xen/resource/CitrixResourceBase.java
index 36a12b1..66a5918 100644
--- a/plugins/hypervisors/xen/src/com/cloud/hypervisor/xen/resource/CitrixResourceBase.java
+++ b/plugins/hypervisors/xen/src/com/cloud/hypervisor/xen/resource/CitrixResourceBase.java
@@ -1324,7 +1324,8 @@ public abstract class CitrixResourceBase implements ServerResource,
HypervisorRe
                     NicTO[] nics = vmSpec.getNics();
                     boolean secGrpEnabled = false;
                     for (NicTO nic : nics) {
-                        if (nic.getIsolationUri() != null && nic.getIsolationUri().getScheme().equalsIgnoreCase(IsolationType.Ec2.toString()))
{
+                        if (nic.isSecurityGroupEnabled() || (nic.getIsolationUri() != null
+                                       && nic.getIsolationUri().getScheme().equalsIgnoreCase(IsolationType.Ec2.toString())))
{
                             secGrpEnabled = true;
                             break;
                         }
@@ -1342,7 +1343,8 @@ public abstract class CitrixResourceBase implements ServerResource,
HypervisorRe
                     //For user vm, program the rules for each nic if the isolation uri scheme
is ec2
                     NicTO[] nics = vmSpec.getNics();
                     for (NicTO nic : nics) {
-                        if (nic.getIsolationUri() != null && nic.getIsolationUri().getScheme().equalsIgnoreCase(IsolationType.Ec2.toString()))
{
+                        if ( nic.isSecurityGroupEnabled() || nic.getIsolationUri() != null
+                                   && nic.getIsolationUri().getScheme().equalsIgnoreCase(IsolationType.Ec2.toString()))
{
                             result = callHostPlugin(conn, "vmops", "default_network_rules",
"vmName", vmName, "vmIP", nic.getIp(), "vmMAC", nic.getMac(), "vmID", Long.toString(vmSpec.getId()));
 
                             if (result == null || result.isEmpty() || !Boolean.parseBoolean(result))
{

http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/a6b90276/server/src/com/cloud/hypervisor/HypervisorGuruBase.java
----------------------------------------------------------------------
diff --git a/server/src/com/cloud/hypervisor/HypervisorGuruBase.java b/server/src/com/cloud/hypervisor/HypervisorGuruBase.java
index 242852f..2efe6d3 100644
--- a/server/src/com/cloud/hypervisor/HypervisorGuruBase.java
+++ b/server/src/com/cloud/hypervisor/HypervisorGuruBase.java
@@ -62,6 +62,7 @@ public abstract class HypervisorGuruBase extends AdapterBase implements
Hypervis
         to.setIsolationuri(profile.getIsolationUri());
         to.setNetworkRateMbps(profile.getNetworkRate());
         to.setName(profile.getName());
+        to.setSecurityGroupEnabled(profile.isSecurityGroupEnabled());
         
         // Workaround to make sure the TO has the UUID we need for Niciri integration
         NicVO nicVO = _nicDao.findById(profile.getId());


Mime
View raw message