Updated Branches: refs/heads/opendaylight b7d7342cd -> 858fb6933
CLOUDSTACK-5687 [Hyper-V] Remote Access VPN fails with Unsupported command while trying to configure VPN users Project: http://git-wip-us.apache.org/repos/asf/cloudstack/repo Commit: http://git-wip-us.apache.org/repos/asf/cloudstack/commit/fe11fa89 Tree: http://git-wip-us.apache.org/repos/asf/cloudstack/tree/fe11fa89 Diff: http://git-wip-us.apache.org/repos/asf/cloudstack/diff/fe11fa89 Branch: refs/heads/opendaylight Commit: fe11fa89eebb9ce6525d9a55817611a2148d00cd Parents: 6ba9754 Author: Rajesh Battala <rajesh.batt...@citrix.com> Authored: Tue Dec 31 12:30:32 2013 +0530 Committer: Rajesh Battala <rajesh.batt...@citrix.com> Committed: Tue Dec 31 12:36:16 2013 +0530 ---------------------------------------------------------------------- .../resource/HypervDirectConnectResource.java | 93 +++++++++++++++++++- 1 file changed, 92 insertions(+), 1 deletion(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/cloudstack/blob/fe11fa89/plugins/hypervisors/hyperv/src/com/cloud/hypervisor/hyperv/resource/HypervDirectConnectResource.java ---------------------------------------------------------------------- diff --git a/plugins/hypervisors/hyperv/src/com/cloud/hypervisor/hyperv/resource/HypervDirectConnectResource.java b/plugins/hypervisors/hyperv/src/com/cloud/hypervisor/hyperv/resource/HypervDirectConnectResource.java index e60ac00..419dc35 100644 --- a/plugins/hypervisors/hyperv/src/com/cloud/hypervisor/hyperv/resource/HypervDirectConnectResource.java +++ b/plugins/hypervisors/hyperv/src/com/cloud/hypervisor/hyperv/resource/HypervDirectConnectResource.java @@ -24,6 +24,7 @@ import java.net.URI; import java.net.URISyntaxException; import java.net.URL; import java.nio.channels.SocketChannel; +import java.rmi.RemoteException; import java.util.HashMap; import java.util.List; import java.util.Map; @@ -77,6 +78,7 @@ import com.cloud.agent.api.routing.IpAssocAnswer; import com.cloud.agent.api.routing.IpAssocCommand; import com.cloud.agent.api.routing.LoadBalancerConfigCommand; import com.cloud.agent.api.routing.NetworkElementCommand; +import com.cloud.agent.api.routing.RemoteAccessVpnCfgCommand; import com.cloud.agent.api.routing.SavePasswordCommand; import com.cloud.agent.api.routing.SetFirewallRulesAnswer; import com.cloud.agent.api.routing.SetFirewallRulesCommand; @@ -91,6 +93,7 @@ import com.cloud.agent.api.routing.SetStaticRouteAnswer; import com.cloud.agent.api.routing.SetStaticRouteCommand; import com.cloud.agent.api.routing.Site2SiteVpnCfgCommand; import com.cloud.agent.api.routing.VmDataCommand; +import com.cloud.agent.api.routing.VpnUsersCfgCommand; import com.cloud.agent.api.to.DhcpTO; import com.cloud.agent.api.to.FirewallRuleTO; import com.cloud.agent.api.to.IpAddressTO; @@ -381,7 +384,11 @@ public class HypervDirectConnectResource extends ServerResourceBase implements S } else if (clazz == Site2SiteVpnCfgCommand.class) { answer = execute((Site2SiteVpnCfgCommand)cmd); } else if (clazz == CheckS2SVpnConnectionsCommand.class) { - answer = execute((CheckS2SVpnConnectionsCommand)cmd); + answer = execute((CheckS2SVpnConnectionsCommand) cmd); + } else if (clazz == RemoteAccessVpnCfgCommand.class) { + answer = execute((RemoteAccessVpnCfgCommand) cmd); + } else if (clazz == VpnUsersCfgCommand.class) { + answer = execute((VpnUsersCfgCommand) cmd); } else if (clazz == SetStaticRouteCommand.class) { answer = execute((SetStaticRouteCommand) cmd); } else if (clazz == SetMonitorServiceCommand.class) { @@ -416,7 +423,91 @@ public class HypervDirectConnectResource extends ServerResourceBase implements S } return answer; } + + protected Answer execute(final RemoteAccessVpnCfgCommand cmd) { + String controlIp = getRouterSshControlIp(cmd); + StringBuffer argsBuf = new StringBuffer(); + if (cmd.isCreate()) { + argsBuf.append(" -r ").append(cmd.getIpRange()).append(" -p ").append(cmd.getPresharedKey()).append(" -s ").append(cmd.getVpnServerIp()).append(" -l ").append(cmd.getLocalIp()) + .append(" -c "); + + } else { + argsBuf.append(" -d ").append(" -s ").append(cmd.getVpnServerIp()); + } + argsBuf.append(" -C ").append(cmd.getLocalCidr()); + argsBuf.append(" -i ").append(cmd.getPublicInterface()); + + try { + + if (s_logger.isDebugEnabled()) { + s_logger.debug("Executing /opt/cloud/bin/vpn_lt2p.sh "); + } + + Pair<Boolean, String> result = SshHelper.sshExecute(controlIp, DEFAULT_DOMR_SSHPORT, "root", getSystemVMKeyFile(), null, "/opt/cloud/bin/vpn_l2tp.sh " + argsBuf.toString()); + + if (!result.first()) { + s_logger.error("RemoteAccessVpnCfg command on domR failed, message: " + result.second()); + + return new Answer(cmd, false, "RemoteAccessVpnCfg command failed due to " + result.second()); + } + + if (s_logger.isInfoEnabled()) { + s_logger.info("RemoteAccessVpnCfg command on domain router " + argsBuf.toString() + " completed"); + } + + } catch (Throwable e) { + if (e instanceof RemoteException) { + s_logger.warn(e.getMessage()); + } + + String msg = "RemoteAccessVpnCfg command failed due to " + e.getMessage(); + s_logger.error(msg, e); + return new Answer(cmd, false, msg); + } + + return new Answer(cmd); + } + + protected Answer execute(final VpnUsersCfgCommand cmd) { + + String controlIp = getRouterSshControlIp(cmd); + for (VpnUsersCfgCommand.UsernamePassword userpwd : cmd.getUserpwds()) { + StringBuffer argsBuf = new StringBuffer(); + if (!userpwd.isAdd()) { + argsBuf.append(" -U ").append(userpwd.getUsername()); + } else { + argsBuf.append(" -u ").append(userpwd.getUsernamePassword()); + } + + try { + + if (s_logger.isDebugEnabled()) { + s_logger.debug("Executing /opt/cloud/bin/vpn_lt2p.sh "); + } + + Pair<Boolean, String> result = SshHelper.sshExecute(controlIp, DEFAULT_DOMR_SSHPORT, "root", getSystemVMKeyFile(), null, "/opt/cloud/bin/vpn_l2tp.sh " + argsBuf.toString()); + + if (!result.first()) { + s_logger.error("VpnUserCfg command on domR failed, message: " + result.second()); + + return new Answer(cmd, false, "VpnUserCfg command failed due to " + result.second()); + } + } catch (Throwable e) { + if (e instanceof RemoteException) { + s_logger.warn(e.getMessage()); + } + + String msg = "VpnUserCfg command failed due to " + e.getMessage(); + s_logger.error(msg, e); + return new Answer(cmd, false, msg); + } + } + + return new Answer(cmd); + } + + private SetStaticRouteAnswer execute(SetStaticRouteCommand cmd) { if (s_logger.isInfoEnabled()) { s_logger.info("Executing resource SetStaticRouteCommand: " + s_gson.toJson(cmd));
