public boolean generateFirewallConfiguration(Long ssAHostId) {
if (ssAHostId == null) {
return true;
}
HostVO ssAHost = _hostDao.findById(ssAHostId);
SecondaryStorageVmVO thisSecStorageVm = _secStorageVmDao.findByInstanceName(ssAHost.getName());
if (thisSecStorageVm == null) {
s_logger.warn("secondary storage VM " + ssAHost.getName() + " doesn't exist");
return false;
}
String copyPort = _useSSlCopy ? "443" : Integer.toString(TemplateConstants.DEFAULT_TMPLT_COPY_PORT);
SecStorageFirewallCfgCommand thiscpc = new SecStorageFirewallCfgCommand(true);
thiscpc.addPortConfig(thisSecStorageVm.getPublicIpAddress(), copyPort, true, TemplateConstants.DEFAULT_TMPLT_COPY_INTF);
QueryBuilder<HostVO> sc = QueryBuilder.create(HostVO.class);
sc.and(sc.entity().getType(), Op.EQ, Host.Type.SecondaryStorageVM);
sc.and(sc.entity().getStatus(), Op.IN, Status.Up, Status.Connecting);
List<HostVO> ssvms = sc.list();
for (HostVO ssvm : ssvms) {
if (ssvm.getId() == ssAHostId) {
continue;
}
Answer answer = _agentMgr.easySend(ssvm.getId(), thiscpc);
if (answer != null && answer.getResult()) {
if (s_logger.isDebugEnabled()) {
s_logger.debug("Successfully programmed firewall rules into SSVM " + ssvm.getName());
}
} else {
if (s_logger.isDebugEnabled()) {
s_logger.debug("failed to program firewall rules into secondary storage vm : " + ssvm.getName());
}
return false;
}
}
SecStorageFirewallCfgCommand allSSVMIpList = new SecStorageFirewallCfgCommand(false);
for (HostVO ssvm : ssvms) {
if (ssvm.getId() == ssAHostId) {
continue;
}
allSSVMIpList.addPortConfig(ssvm.getPublicIpAddress(), copyPort, true, TemplateConstants.DEFAULT_TMPLT_COPY_INTF);
}
Answer answer = _agentMgr.easySend(ssAHostId, allSSVMIpList);
if (answer != null && answer.getResult()) {
if (s_logger.isDebugEnabled()) {
s_logger.debug("Successfully programmed firewall rules into " + thisSecStorageVm.getHostName());
}
} else {
if (s_logger.isDebugEnabled()) {
s_logger.debug("failed to program firewall rules into secondary storage vm : " + thisSecStorageVm.getHostName());
}
return false;
}
return true;