Merge pull request #5 from shapeblue/pvlansupport-itelligence

Enable PVLAN support on L2 networks

Author: nvazquez

api/src/main/java/com/cloud/network/Network.java

@@ -21,6 +21,8 @@
 import java.util.ArrayList;
 import java.util.List;
 
+import com.cloud.exception.InvalidParameterValueException;
+import org.apache.commons.lang.StringUtils;
 import org.apache.commons.lang.builder.ToStringBuilder;
 import org.apache.commons.lang.builder.ToStringStyle;
 
@@ -44,6 +46,24 @@ enum GuestType {
         Shared, Isolated, L2
     }
 
+    enum PVlanType {
+        Community, Isolated, Promiscuous;
+
+        static PVlanType fromValue(String type) {
+            if (StringUtils.isBlank(type)) {
+                return null;
+            } else if (type.equalsIgnoreCase("promiscuous") || type.equalsIgnoreCase("p")) {
+                return Promiscuous;
+            } else if (type.equalsIgnoreCase("community") || type.equalsIgnoreCase("c")) {
+                return Community;
+            } else if (type.equalsIgnoreCase("isolated") || type.equalsIgnoreCase("i")) {
+                return Isolated;
+            } else {
+                throw new InvalidParameterValueException("Unexpected Private VLAN type: " + type);
+            }
+        }
+    }
+
     String updatingInSequence = "updatingInSequence";
     String hideIpAddressUsage = "hideIpAddressUsage";
 
@@ -416,4 +436,6 @@ public void setIp6Address(String ip6Address) {
     boolean isStrechedL2Network();
 
     String getExternalId();
+
+    PVlanType getPvlanType();
 }

api/src/main/java/com/cloud/network/NetworkProfile.java

@@ -314,4 +314,9 @@ public String getExternalId() {
         return externalId;
     }
 
+    @Override
+    public PVlanType getPvlanType() {
+        return null;
+    }
+
 }

api/src/main/java/com/cloud/offering/NetworkOffering.java

@@ -38,7 +38,7 @@ public enum State {
     }
 
     public enum Detail {
-        InternalLbProvider, PublicLbProvider, servicepackageuuid, servicepackagedescription, PromiscuousMode, MacAddressChanges, ForgedTransmits, RelatedNetworkOffering, domainid, zoneid
+        InternalLbProvider, PublicLbProvider, servicepackageuuid, servicepackagedescription, PromiscuousMode, MacAddressChanges, ForgedTransmits, RelatedNetworkOffering, domainid, zoneid, pvlanType
     }
 
     public final static String SystemPublicNetwork = "System-Public-Network";

api/src/main/java/org/apache/cloudstack/api/ApiConstants.java

@@ -372,6 +372,7 @@ public class ApiConstants {
     public static final String REMOVE_VLAN = "removevlan";
     public static final String VLAN_ID = "vlanid";
     public static final String ISOLATED_PVLAN = "isolatedpvlan";
+    public static final String ISOLATED_PVLAN_TYPE = "isolatedpvlantype";
     public static final String ISOLATION_URI = "isolationuri";
     public static final String VM_AVAILABLE = "vmavailable";
     public static final String VM_LIMIT = "vmlimit";

api/src/main/java/org/apache/cloudstack/api/command/user/network/CreateNetworkCmd.java

@@ -96,6 +96,10 @@ public class CreateNetworkCmd extends BaseCmd {
     @Parameter(name = ApiConstants.ISOLATED_PVLAN, type = CommandType.STRING, description = "the isolated private VLAN for this network")
     private String isolatedPvlan;
 
+    @Parameter(name = ApiConstants.ISOLATED_PVLAN_TYPE, type = CommandType.STRING,
+            description = "the isolated private VLAN type for this network")
+    private String isolatedPvlanType;
+
     @Parameter(name = ApiConstants.NETWORK_DOMAIN, type = CommandType.STRING, description = "network domain")
     private String networkDomain;
 
@@ -216,6 +220,10 @@ public String getExternalId() {
         return externalId;
     }
 
+    public String getIsolatedPvlanType() {
+        return isolatedPvlanType;
+    }
+
     @Override
     public boolean isDisplay() {
         if(displayNetwork == null)

api/src/main/java/org/apache/cloudstack/api/response/NicResponse.java

@@ -118,6 +118,14 @@ public class NicResponse extends BaseResponse {
     @Param(description = "ID of the VLAN/VNI if available", since="4.14.0")
     private Integer vlanId;
 
+    @SerializedName(ApiConstants.ISOLATED_PVLAN)
+    @Param(description = "the isolated private VLAN if available", since="4.14.0")
+    private Integer isolatedPvlanId;
+
+    @SerializedName(ApiConstants.ISOLATED_PVLAN_TYPE)
+    @Param(description = "the isolated private VLAN type if available", since="4.14.0")
+    private String isolatedPvlanType;
+
     @SerializedName(ApiConstants.ADAPTER_TYPE)
     @Param(description = "Type of adapter if available", since="4.14.0")
     private String adapterType;
@@ -325,6 +333,22 @@ public void setVlanId(Integer vlanId) {
         this.vlanId = vlanId;
     }
 
+    public Integer getIsolatedPvlanId() {
+        return isolatedPvlanId;
+    }
+
+    public void setIsolatedPvlanId(Integer isolatedPvlanId) {
+        this.isolatedPvlanId = isolatedPvlanId;
+    }
+
+    public String getIsolatedPvlanType() {
+        return isolatedPvlanType;
+    }
+
+    public void setIsolatedPvlanType(String isolatedPvlanType) {
+        this.isolatedPvlanType = isolatedPvlanType;
+    }
+
     public String getAdapterType() {
         return adapterType;
     }

api/src/main/java/org/apache/cloudstack/vm/UnmanagedInstance.java

@@ -270,6 +270,10 @@ public static class Nic {
 
         private Integer vlan;
 
+        private Integer pvlan;
+
+        private String pvlanType;
+
         private List<String> ipAddress;
 
         private String pciSlot;
@@ -314,6 +318,22 @@ public void setVlan(Integer vlan) {
             this.vlan = vlan;
         }
 
+        public Integer getPvlan() {
+            return pvlan;
+        }
+
+        public void setPvlan(Integer pvlan) {
+            this.pvlan = pvlan;
+        }
+
+        public String getPvlanType() {
+            return pvlanType;
+        }
+
+        public void setPvlanType(String pvlanType) {
+            this.pvlanType = pvlanType;
+        }
+
         public List<String> getIpAddress() {
             return ipAddress;
         }

engine/api/src/main/java/org/apache/cloudstack/engine/orchestration/service/NetworkOrchestrationService.java

@@ -180,7 +180,7 @@ void prepare(VirtualMachineProfile profile, DeployDestination dest, ReservationC
 
     Network createGuestNetwork(long networkOfferingId, String name, String displayText, String gateway, String cidr, String vlanId, boolean bypassVlanOverlapCheck, String networkDomain, Account owner,
                                Long domainId, PhysicalNetwork physicalNetwork, long zoneId, ACLType aclType, Boolean subdomainAccess, Long vpcId, String ip6Gateway, String ip6Cidr,
-                               Boolean displayNetworkEnabled, String isolatedPvlan, String externalId) throws ConcurrentOperationException, InsufficientCapacityException, ResourceAllocationException;
+                               Boolean displayNetworkEnabled, String isolatedPvlan, Network.PVlanType isolatedPvlanType, String externalId) throws ConcurrentOperationException, InsufficientCapacityException, ResourceAllocationException;
 
     UserDataServiceProvider getPasswordResetProvider(Network network);
 

engine/orchestration/src/main/java/com/cloud/vm/VirtualMachineManagerImpl.java

@@ -41,7 +41,11 @@
 
 import com.cloud.agent.api.PrepareForMigrationAnswer;
 import com.cloud.agent.api.to.DpdkTO;
+import com.cloud.network.dao.NetworkDetailVO;
+import com.cloud.network.dao.NetworkDetailsDao;
+import com.cloud.offering.NetworkOffering;
 import org.apache.cloudstack.affinity.dao.AffinityGroupVMMapDao;
+import org.apache.cloudstack.api.ApiConstants;
 import org.apache.cloudstack.api.command.admin.vm.MigrateVMCmd;
 import org.apache.cloudstack.api.command.admin.volume.MigrateVolumeCmdByAdmin;
 import org.apache.cloudstack.api.command.user.volume.MigrateVolumeCmd;
@@ -320,6 +324,8 @@ public class VirtualMachineManagerImpl extends ManagerBase implements VirtualMac
     private AsyncJobManager _jobMgr;
     @Inject
     private StorageManager storageMgr;
+    @Inject
+    private NetworkDetailsDao networkDetailsDao;
 
     VmWorkJobHandlerProxy _jobHandlerProxy = new VmWorkJobHandlerProxy(this);
 
@@ -4001,6 +4007,13 @@ public boolean plugNic(final Network network, final NicTO nic, final VirtualMach
         final VMInstanceVO router = _vmDao.findById(vm.getId());
         if (router.getState() == State.Running) {
             try {
+                NetworkDetailVO pvlanTypeDetail = networkDetailsDao.findDetail(network.getId(), ApiConstants.ISOLATED_PVLAN_TYPE);
+                if (pvlanTypeDetail != null) {
+                    Map<NetworkOffering.Detail, String> nicDetails = nic.getDetails() == null ? new HashMap<>() : nic.getDetails();
+                    s_logger.debug("Found PVLAN type: " + pvlanTypeDetail.getValue() + " on network details, adding it as part of the PlugNicCommand");
+                    nicDetails.putIfAbsent(NetworkOffering.Detail.pvlanType, pvlanTypeDetail.getValue());
+                    nic.setDetails(nicDetails);
+                }
                 final PlugNicCommand plugNicCmd = new PlugNicCommand(nic, vm.getName(), vm.getType(), vm.getDetails());
                 final Commands cmds = new Commands(Command.OnError.Stop);
                 cmds.addCommand("plugnic", plugNicCmd);

engine/orchestration/src/main/java/org/apache/cloudstack/engine/orchestration/NetworkOrchestrator.java

@@ -38,7 +38,10 @@
 import javax.inject.Inject;
 import javax.naming.ConfigurationException;
 
+import com.cloud.network.dao.NetworkDetailVO;
+import com.cloud.network.dao.NetworkDetailsDao;
 import org.apache.cloudstack.acl.ControlledEntity.ACLType;
+import org.apache.cloudstack.api.ApiConstants;
 import org.apache.cloudstack.context.CallContext;
 import org.apache.cloudstack.engine.cloud.entity.api.db.VMNetworkMapVO;
 import org.apache.cloudstack.engine.cloud.entity.api.db.dao.VMNetworkMapDao;
@@ -222,6 +225,8 @@
 import com.cloud.vm.dao.VMInstanceDao;
 import com.google.common.base.Strings;
 
+import static org.apache.commons.lang.StringUtils.isNotBlank;
+
 /**
  * NetworkManagerImpl implements NetworkManager.
  */
@@ -251,6 +256,8 @@ public class NetworkOrchestrator extends ManagerBase implements NetworkOrchestra
     @Inject
     NetworkDao _networksDao;
     @Inject
+    NetworkDetailsDao networkDetailsDao;
+    @Inject
     NicDao _nicDao;
     @Inject
     RulesManager _rulesMgr;
@@ -698,6 +705,11 @@ public void doInTransactionWithoutResult(final TransactionStatus status) {
                                 finalizeServicesAndProvidersForNetwork(offering, plan.getPhysicalNetworkId()));
                         networks.add(networkPersisted);
 
+                        if (network.getPvlanType() != null) {
+                            NetworkDetailVO detailVO = new NetworkDetailVO(networkPersisted.getId(), ApiConstants.ISOLATED_PVLAN_TYPE, network.getPvlanType().toString(), true);
+                            networkDetailsDao.persist(detailVO);
+                        }
+
                         if (predefined instanceof NetworkVO && guru instanceof NetworkGuruAdditionalFunctions){
                             final NetworkGuruAdditionalFunctions functions = (NetworkGuruAdditionalFunctions) guru;
                             functions.finalizeNetworkDesign(networkPersisted.getId(), ((NetworkVO)predefined).getVlanIdAsUUID());
@@ -2159,7 +2171,7 @@ public void expungeNics(final VirtualMachineProfile vm) {
     public Network createGuestNetwork(final long networkOfferingId, final String name, final String displayText, final String gateway, final String cidr, String vlanId,
                                       boolean bypassVlanOverlapCheck, String networkDomain, final Account owner, final Long domainId, final PhysicalNetwork pNtwk,
                                       final long zoneId, final ACLType aclType, Boolean subdomainAccess, final Long vpcId, final String ip6Gateway, final String ip6Cidr,
-                                      final Boolean isDisplayNetworkEnabled, final String isolatedPvlan, String externalId) throws ConcurrentOperationException, InsufficientCapacityException, ResourceAllocationException {
+                                      final Boolean isDisplayNetworkEnabled, final String isolatedPvlan, Network.PVlanType isolatedPvlanType, String externalId) throws ConcurrentOperationException, InsufficientCapacityException, ResourceAllocationException {
 
         final NetworkOfferingVO ntwkOff = _networkOfferingDao.findById(networkOfferingId);
         final DataCenterVO zone = _dcDao.findById(zoneId);
@@ -2271,16 +2283,25 @@ public Network createGuestNetwork(final long networkOfferingId, final String nam
 
         if (vlanSpecified) {
             URI uri = BroadcastDomainType.fromString(vlanId);
+            // Aux: generate secondary URI for secondary VLAN ID (if provided) for performing checks
+            URI secondaryUri = isNotBlank(isolatedPvlan) ? BroadcastDomainType.fromString(isolatedPvlan) : null;
             //don't allow to specify vlan tag used by physical network for dynamic vlan allocation
             if (!(bypassVlanOverlapCheck && ntwkOff.getGuestType() == GuestType.Shared) && _dcDao.findVnet(zoneId, pNtwk.getId(), BroadcastDomainType.getValue(uri)).size() > 0) {
                 throw new InvalidParameterValueException("The VLAN tag " + vlanId + " is already being used for dynamic vlan allocation for the guest network in zone "
                         + zone.getName());
             }
+            if (secondaryUri != null && !(bypassVlanOverlapCheck && ntwkOff.getGuestType() == GuestType.Shared) &&
+                    _dcDao.findVnet(zoneId, pNtwk.getId(), BroadcastDomainType.getValue(secondaryUri)).size() > 0) {
+                throw new InvalidParameterValueException("The VLAN tag " + isolatedPvlan + " is already being used for dynamic vlan allocation for the guest network in zone "
+                        + zone.getName());
+            }
             if (! UuidUtils.validateUUID(vlanId)){
                 // For Isolated and L2 networks, don't allow to create network with vlan that already exists in the zone
-                if (ntwkOff.getGuestType() == GuestType.Isolated || !hasGuestBypassVlanOverlapCheck(bypassVlanOverlapCheck, ntwkOff)) {
+                if (ntwkOff.getGuestType() == GuestType.Isolated || ntwkOff.getGuestType() == GuestType.L2 || !hasGuestBypassVlanOverlapCheck(bypassVlanOverlapCheck, ntwkOff)) {
                     if (_networksDao.listByZoneAndUriAndGuestType(zoneId, uri.toString(), null).size() > 0) {
                         throw new InvalidParameterValueException("Network with vlan " + vlanId + " already exists or overlaps with other network vlans in zone " + zoneId);
+                    } else if (secondaryUri != null && _networksDao.listByZoneAndUriAndGuestType(zoneId, secondaryUri.toString(), null).size() > 0) {
+                        throw new InvalidParameterValueException("Network with vlan " + isolatedPvlan + " already exists or overlaps with other network vlans in zone " + zoneId);
                     } else {
                         final List<DataCenterVnetVO> dcVnets = _datacenterVnetDao.findVnet(zoneId, BroadcastDomainType.getValue(uri));
                         //for the network that is created as part of private gateway,
@@ -2427,8 +2448,15 @@ public Network doInTransaction(final TransactionStatus status) {
                         if (vlanIdFinal.equalsIgnoreCase(Vlan.UNTAGGED)) {
                             throw new InvalidParameterValueException("Cannot support pvlan with untagged primary vlan!");
                         }
-                        userNetwork.setBroadcastUri(NetUtils.generateUriForPvlan(vlanIdFinal, isolatedPvlan));
+                        URI uri = NetUtils.generateUriForPvlan(vlanIdFinal, isolatedPvlan);
+                        if (_networksDao.listByPhysicalNetworkPvlan(physicalNetworkId, uri.toString(), isolatedPvlanType).size() > 0) {
+                            throw new InvalidParameterValueException("Network with primary vlan " + vlanIdFinal +
+                                    " and secondary vlan " + isolatedPvlan + " type " + isolatedPvlanType +
+                                    " already exists or overlaps with other network pvlans in zone " + zoneId);
+                        }
+                        userNetwork.setBroadcastUri(uri);
                         userNetwork.setBroadcastDomainType(BroadcastDomainType.Pvlan);
+                        userNetwork.setPvlanType(isolatedPvlanType);
                     }
                 }