}
Long serviceOfferingId = cmd.getServiceOfferingId();
if (serviceOfferingId != null) {
ServiceOfferingVO offering = _serviceOfferingDao.findById(serviceOfferingId);
if (offering == null) {
throw new InvalidParameterValueException("Cannot find specified service offering: " + serviceOfferingId);
}
if (!VirtualMachine.Type.DomainRouter.toString().equalsIgnoreCase(offering.getSystemVmType())) {
throw new InvalidParameterValueException("The specified service offering " + serviceOfferingId
+ " cannot be used by virtual router!");
}
}
// configure service provider map
Map<Network.Service, Set<Network.Provider>> serviceProviderMap = new HashMap<Network.Service, Set<Network.Provider>>();
Set<Network.Provider> defaultProviders = new HashSet<Network.Provider>();
// populate the services first
for (String serviceName : cmd.getSupportedServices()) {
// validate if the service is supported
Service service = Network.Service.getService(serviceName);
if (service == null || service == Service.Gateway) {
throw new InvalidParameterValueException("Invalid service " + serviceName);
}
if (service == Service.SecurityGroup) {
// allow security group service for Shared networks only
if (guestType != GuestType.Shared) {
throw new InvalidParameterValueException(
"Secrity group service is supported for network offerings with guest ip type "
+ GuestType.Shared);
}
Set<Network.Provider> sgProviders = new HashSet<Network.Provider>();
sgProviders.add(Provider.SecurityGroupProvider);
serviceProviderMap.put(Network.Service.SecurityGroup, sgProviders);
continue;
}
serviceProviderMap.put(service, defaultProviders);
}
// add gateway provider (if sourceNat provider is enabled)
Set<Provider> sourceNatServiceProviders = serviceProviderMap.get(Service.SourceNat);
if (sourceNatServiceProviders != null && !sourceNatServiceProviders.isEmpty()) {
serviceProviderMap.put(Service.Gateway, sourceNatServiceProviders);
}
// populate providers
Map<Provider, Set<Service>> providerCombinationToVerify = new HashMap<Provider, Set<Service>>();
Map<String, List<String>> svcPrv = cmd.getServiceProviders();
Provider firewallProvider = null;
if (svcPrv != null) {
for (String serviceStr : svcPrv.keySet()) {
Network.Service service = Network.Service.getService(serviceStr);
if (serviceProviderMap.containsKey(service)) {
Set<Provider> providers = new HashSet<Provider>();
// Allow to specify more than 1 provider per service only if
// the service is LB
if (!serviceStr.equalsIgnoreCase(Service.Lb.getName()) && svcPrv.get(serviceStr) != null
&& svcPrv.get(serviceStr).size() > 1) {
throw new InvalidParameterValueException("In the current release only one provider can be "
+ "specified for the service if the service is not LB");
}
for (String prvNameStr : svcPrv.get(serviceStr)) {
// check if provider is supported
Network.Provider provider = Network.Provider.getProvider(prvNameStr);
if (provider == null) {
throw new InvalidParameterValueException("Invalid service provider: " + prvNameStr);
}
if (provider == Provider.JuniperSRX || provider == Provider.CiscoVnmc) {
firewallProvider = provider;
}
if (provider == Provider.PaloAlto) {
firewallProvider = Provider.PaloAlto;
}
if ((service == Service.PortForwarding || service == Service.StaticNat)
&& provider == Provider.VirtualRouter) {
firewallProvider = Provider.VirtualRouter;
}
providers.add(provider);
Set<Service> serviceSet = null;
if (providerCombinationToVerify.get(provider) == null) {
serviceSet = new HashSet<Service>();
} else {
serviceSet = providerCombinationToVerify.get(provider);
}
serviceSet.add(service);
providerCombinationToVerify.put(provider, serviceSet);
}
serviceProviderMap.put(service, providers);
} else {
throw new InvalidParameterValueException("Service " + serviceStr
+ " is not enabled for the network " + "offering, can't add a provider to it");
}
}
}
// validate providers combination here
_networkModel.canProviderSupportServices(providerCombinationToVerify);
// validate the LB service capabilities specified in the network
// offering
Map<Capability, String> lbServiceCapabilityMap = cmd.getServiceCapabilities(Service.Lb);
if (!serviceProviderMap.containsKey(Service.Lb) && lbServiceCapabilityMap != null
&& !lbServiceCapabilityMap.isEmpty()) {
throw new InvalidParameterValueException(
"Capabilities for LB service can be specifed only when LB service is enabled for network offering.");
}
validateLoadBalancerServiceCapabilities(lbServiceCapabilityMap);
if (lbServiceCapabilityMap != null && !lbServiceCapabilityMap.isEmpty()) {
maxconn = cmd.getMaxconnections();
if (maxconn == null) {
maxconn=Integer.parseInt(_configDao.getValue(Config.NetworkLBHaproxyMaxConn.key()));
}
}
if(cmd.getKeepAliveEnabled() != null && cmd.getKeepAliveEnabled()) {
enableKeepAlive = true;
}
// validate the Source NAT service capabilities specified in the network
// offering
Map<Capability, String> sourceNatServiceCapabilityMap = cmd.getServiceCapabilities(Service.SourceNat);
if (!serviceProviderMap.containsKey(Service.SourceNat) && sourceNatServiceCapabilityMap != null
&& !sourceNatServiceCapabilityMap.isEmpty()) {
throw new InvalidParameterValueException(
"Capabilities for source NAT service can be specifed only when source NAT service is enabled for network offering.");
}
validateSourceNatServiceCapablities(sourceNatServiceCapabilityMap);
// validate the Static Nat service capabilities specified in the network
// offering
Map<Capability, String> staticNatServiceCapabilityMap = cmd.getServiceCapabilities(Service.StaticNat);
if (!serviceProviderMap.containsKey(Service.StaticNat) && sourceNatServiceCapabilityMap != null
&& !staticNatServiceCapabilityMap.isEmpty()) {
throw new InvalidParameterValueException(
"Capabilities for static NAT service can be specifed only when static NAT service is enabled for network offering.");
}
validateStaticNatServiceCapablities(staticNatServiceCapabilityMap);
Map<Service, Map<Capability, String>> serviceCapabilityMap = new HashMap<Service, Map<Capability, String>>();
serviceCapabilityMap.put(Service.Lb, lbServiceCapabilityMap);
serviceCapabilityMap.put(Service.SourceNat, sourceNatServiceCapabilityMap);
serviceCapabilityMap.put(Service.StaticNat, staticNatServiceCapabilityMap);
// if Firewall service is missing, add Firewall service/provider
// combination
if (firewallProvider != null) {
s_logger.debug("Adding Firewall service with provider " + firewallProvider.getName());
Set<Provider> firewallProviderSet = new HashSet<Provider>();
firewallProviderSet.add(firewallProvider);
serviceProviderMap.put(Service.Firewall, firewallProviderSet);
if (!(firewallProvider.getName().equals(Provider.JuniperSRX.getName()) || firewallProvider.getName().equals(Provider.PaloAlto.getName()) || firewallProvider.getName().equals(Provider.VirtualRouter.getName())) && egressDefaultPolicy == false) {
throw new InvalidParameterValueException("Firewall egress with default policy " + egressDefaultPolicy + " is not supported by the provider "+ firewallProvider.getName());
}
}
Map<NetworkOffering.Detail, String> details = new HashMap<NetworkOffering.Detail, String>();
if (detailsStr != null) {
for (String detailStr : detailsStr.keySet()) {
NetworkOffering.Detail offDetail = null;
for (NetworkOffering.Detail supportedDetail : NetworkOffering.Detail.values()) {
if (detailStr.equalsIgnoreCase(supportedDetail.toString())) {
offDetail = supportedDetail;
break;
}
}
if (offDetail == null) {
throw new InvalidParameterValueException("Unsupported detail " + detailStr);
}
details.put(offDetail, detailsStr.get(detailStr));
}
}
NetworkOffering offering = createNetworkOffering(name, displayText, trafficType, tags, specifyVlan, availability, networkRate,
serviceProviderMap, false, guestType, false, serviceOfferingId, conserveMode, serviceCapabilityMap,
specifyIpRanges, isPersistent, details, egressDefaultPolicy, maxconn, enableKeepAlive);
CallContext.current().setEventDetails(" Id: " + offering.getId() + " Name: " + name);
return offering;
}