incubator-cloudstack-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bfede...@apache.org
Subject [3/43] git commit: refs/heads/ui-plugins - CLOUDSTACK-737 support multiple NICs in Security group in java side
Date Fri, 08 Feb 2013 21:10:34 GMT
 CLOUDSTACK-737
         support multiple NICs in Security group in java side


Project: http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/commit/65210f4e
Tree: http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/tree/65210f4e
Diff: http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/diff/65210f4e

Branch: refs/heads/ui-plugins
Commit: 65210f4e7ee62b237ccdd8d853553e7c990f19c8
Parents: d7201df
Author: Anthony Xu <anthony@anthony-dev.(none)>
Authored: Thu Jan 31 15:45:52 2013 -0800
Committer: Anthony Xu <anthony@anthony-dev.(none)>
Committed: Thu Jan 31 15:45:52 2013 -0800

----------------------------------------------------------------------
 .../src/com/cloud/network/NetworkManagerImpl.java  |    2 +-
 server/src/com/cloud/vm/UserVmManagerImpl.java     |   80 ++++-----------
 2 files changed, 21 insertions(+), 61 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/65210f4e/server/src/com/cloud/network/NetworkManagerImpl.java
----------------------------------------------------------------------
diff --git a/server/src/com/cloud/network/NetworkManagerImpl.java b/server/src/com/cloud/network/NetworkManagerImpl.java
index b327391..da0a560 100755
--- a/server/src/com/cloud/network/NetworkManagerImpl.java
+++ b/server/src/com/cloud/network/NetworkManagerImpl.java
@@ -1878,7 +1878,7 @@ public class NetworkManagerImpl implements NetworkManager, Manager,
Listener {
                 if ( _networkModel.areServicesSupportedByNetworkOffering(ntwkOff.getId(),
Service.SourceNat)) {
                     throw new InvalidParameterValueException("Service SourceNat is not allowed
in security group enabled zone");
                 }
-                if ( _networkModel.areServicesSupportedByNetworkOffering(ntwkOff.getId(),
Service.SecurityGroup)) {
+                if ( ! _networkModel.areServicesSupportedByNetworkOffering(ntwkOff.getId(),
Service.SecurityGroup)) {
                     throw new InvalidParameterValueException("network must have SecurityGroup
provider in security group enabled zone");
                 }
             }

http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/65210f4e/server/src/com/cloud/vm/UserVmManagerImpl.java
----------------------------------------------------------------------
diff --git a/server/src/com/cloud/vm/UserVmManagerImpl.java b/server/src/com/cloud/vm/UserVmManagerImpl.java
index 5891056..8ceee38 100644
--- a/server/src/com/cloud/vm/UserVmManagerImpl.java
+++ b/server/src/com/cloud/vm/UserVmManagerImpl.java
@@ -2048,80 +2048,41 @@ public class UserVmManagerImpl implements UserVmManager, UserVmService,
Manager
 
         Account caller = UserContext.current().getCaller();
         List<NetworkVO> networkList = new ArrayList<NetworkVO>();
-        boolean isSecurityGroupEnabledNetworkUsed = false;
         boolean isVmWare = (template.getHypervisorType() == HypervisorType.VMware || (hypervisor
!= null && hypervisor == HypervisorType.VMware));
+        if (isVmWare) {
+            throw new InvalidParameterValueException("Security group feature is not supported
for vmWare hypervisor");
+        }
 
         //Verify that caller can perform actions in behalf of vm owner
         _accountMgr.checkAccess(caller, null, true, owner);
-
-        // If no network is specified, find system security group enabled network
         if (networkIdList == null || networkIdList.isEmpty()) {
-            Network networkWithSecurityGroup = _networkModel.getNetworkWithSecurityGroupEnabled(zone.getId());
-            if (networkWithSecurityGroup == null) {
-                throw new InvalidParameterValueException("No network with security enabled
is found in zone id=" + zone.getId());
-            }
-
-            networkList.add(_networkDao.findById(networkWithSecurityGroup.getId()));
-            isSecurityGroupEnabledNetworkUsed = true;
-
-        } else if (securityGroupIdList != null && !securityGroupIdList.isEmpty())
{
-            if (isVmWare) {
-                throw new InvalidParameterValueException("Security group feature is not supported
for vmWare hypervisor");
-            }
-            // Only one network can be specified, and it should be security group enabled
-            if (networkIdList.size() > 1) {
-                throw new InvalidParameterValueException("Only support one network per VM
if security group enabled");
-            }
-
-            NetworkVO network = _networkDao.findById(networkIdList.get(0).longValue());
-
+            throw new InvalidParameterValueException("need to specify networkIDs");
+        }
+        // Verify that all the networks are Shared/Guest; can't create combination of SG
enabled and disabled networks 
+        for (Long networkId : networkIdList) {
+            NetworkVO network = _networkDao.findById(networkId);
             if (network == null) {
                 throw new InvalidParameterValueException("Unable to find network by id "
+ networkIdList.get(0).longValue());
             }
 
-            if (!_networkModel.isSecurityGroupSupportedInNetwork(network)) {
-                throw new InvalidParameterValueException("Network is not security group enabled:
" + network.getId());
-            }
-
-            networkList.add(network);
-            isSecurityGroupEnabledNetworkUsed = true;
+            boolean isSecurityGroupEnabled = _networkModel.isSecurityGroupSupportedInNetwork(network);
+            if ( ! isSecurityGroupEnabled) {
+                 throw new InvalidParameterValueException("Only support Security Group enabled
networks in Security enabled zone, network " + network.getUuid() + " doesn't support security
group ");
+            }            
 
-        } else {
-            // Verify that all the networks are Shared/Guest; can't create combination of
SG enabled and disabled networks 
-            for (Long networkId : networkIdList) {
-                NetworkVO network = _networkDao.findById(networkId);
-
-                if (network == null) {
-                    throw new InvalidParameterValueException("Unable to find network by id
" + networkIdList.get(0).longValue());
-                }
-
-                boolean isSecurityGroupEnabled = _networkModel.isSecurityGroupSupportedInNetwork(network);
-                if (isSecurityGroupEnabled) {
-                    if (networkIdList.size() > 1) {
-                        throw new InvalidParameterValueException("Can't create a vm with
multiple networks one of" +
-                        		" which is Security Group enabled");
-                    }
-
-                    isSecurityGroupEnabledNetworkUsed = true;
-                }            
-
-                if (!(network.getTrafficType() == TrafficType.Guest && network.getGuestType()
== Network.GuestType.Shared)) {
-                    throw new InvalidParameterValueException("Can specify only Shared Guest
networks when" +
+            if (!(network.getTrafficType() == TrafficType.Guest && network.getGuestType()
== Network.GuestType.Shared)) {
+                 throw new InvalidParameterValueException("Can specify only Shared Guest
networks when" +
                     		" deploy vm in Advance Security Group enabled zone");
-                }
+            }
 
-                // Perform account permission check
-                if (network.getAclType() == ACLType.Account) {
-                    _accountMgr.checkAccess(caller, AccessType.UseNetwork, false, network);
-                }
-                networkList.add(network);
+            // Perform account permission check
+            if (network.getAclType() == ACLType.Account) {
+                _accountMgr.checkAccess(caller, AccessType.UseNetwork, false, network);
             }
+            networkList.add(network);
         }
-
         // if network is security group enabled, and no security group is specified, then
add the default security group automatically
-        if (isSecurityGroupEnabledNetworkUsed && !isVmWare && _networkModel.canAddDefaultSecurityGroup())
{
-            
-          //add the default securityGroup only if no security group is specified
+        if ( _networkModel.canAddDefaultSecurityGroup()) {           
             if(securityGroupIdList == null || securityGroupIdList.isEmpty()){
                 if (securityGroupIdList == null) {
                     securityGroupIdList = new ArrayList<Long>();
@@ -2140,7 +2101,6 @@ public class UserVmManagerImpl implements UserVmManager, UserVmService,
Manager
                 }
             }
         }
-
         return createVirtualMachine(zone, serviceOffering, template, hostName, displayName,
owner, diskOfferingId,
                 diskSize, networkList, securityGroupIdList, group, userData, sshKeyPair,
hypervisor, caller, requestedIps, defaultIp, keyboard);
     }


Mime
View raw message