FR571: Specify VR IP in shared networks (#32)

Allows admins to provide VR IP (v4 & v6) when creating shared networks, provided the Network offering provides at least one service that requires a virtual router

Upstream PR apache#4503

Co-authored-by: Pearl Dsilva <pearl.dsilva@shapeblue.com>

Author: Pearl1594

api/src/com/cloud/network/Network.java

@@ -417,4 +417,8 @@ public void setIp6Address(String ip6Address) {
     boolean isStrechedL2Network();
 
     String getExternalId();
+
+    String getRouterIp();
+
+    String getRouterIpv6();
 }

api/src/com/cloud/network/NetworkProfile.java

@@ -314,4 +314,14 @@ public String getExternalId() {
         return externalId;
     }
 
+    @Override
+    public String getRouterIp() {
+        return null;
+    }
+
+    @Override
+    public String getRouterIpv6() {
+        return null;
+    }
+
 }

api/src/org/apache/cloudstack/api/ApiConstants.java

@@ -700,6 +700,8 @@ public class ApiConstants {
     public static final String VIRTUAL_SIZE = "virtualsize";
     public static final String NETSCALER_CONTROLCENTER_ID = "netscalercontrolcenterid";
     public static final String NETSCALER_SERVICEPACKAGE_ID = "netscalerservicepackageid";
+    public static final String ROUTER_IP = "routerip";
+    public static final String ROUTER_IPV6 = "routeripv6";
 
     public static final String ZONE_ID_LIST = "zoneids";
     public static final String DESTINATION_ZONE_ID_LIST = "destzoneids";

api/src/org/apache/cloudstack/api/command/admin/network/CreateNetworkCmdByAdmin.java

@@ -16,6 +16,7 @@
 // under the License.
 package org.apache.cloudstack.api.command.admin.network;
 
+import org.apache.cloudstack.api.ApiArgValidator;
 import org.apache.log4j.Logger;
 
 import org.apache.cloudstack.api.APICommand;
@@ -43,6 +44,12 @@ public class CreateNetworkCmdByAdmin extends CreateNetworkCmd {
     @Parameter(name=ApiConstants.BYPASS_VLAN_OVERLAP_CHECK, type=CommandType.BOOLEAN, description="when true bypasses VLAN id/range overlap check during network creation for shared networks")
     private Boolean bypassVlanOverlapCheck;
 
+    @Parameter(name = ApiConstants.ROUTER_IP, type = CommandType.STRING, description = "IPV4 address to be assigned to a router in a shared network", validations = {ApiArgValidator.NotNullOrEmpty})
+    private String routerIp;
+
+    @Parameter(name = ApiConstants.ROUTER_IPV6, type = CommandType.STRING, description = "IPV6 address to be assigned to a router in a shared network", validations = {ApiArgValidator.NotNullOrEmpty})
+    private String routerIpv6;
+
     /////////////////////////////////////////////////////
     /////////////////// Accessors ///////////////////////
     /////////////////////////////////////////////////////
@@ -58,6 +65,14 @@ public Boolean getBypassVlanOverlapCheck() {
         return false;
     }
 
+    public String getRouterIp() {
+        return routerIp;
+    }
+
+    public String getRouterIpv6() {
+        return routerIpv6;
+    }
+
     /////////////////////////////////////////////////////
     /////////////// API Implementation///////////////////
     /////////////////////////////////////////////////////

engine/api/src/org/apache/cloudstack/engine/orchestration/service/NetworkOrchestrationService.java

@@ -179,7 +179,7 @@ void prepare(VirtualMachineProfile profile, DeployDestination dest, ReservationC
 
     Network createGuestNetwork(long networkOfferingId, String name, String displayText, String gateway, String cidr, String vlanId, boolean bypassVlanOverlapCheck, String networkDomain, Account owner,
                                Long domainId, PhysicalNetwork physicalNetwork, long zoneId, ACLType aclType, Boolean subdomainAccess, Long vpcId, String ip6Gateway, String ip6Cidr,
-                               Boolean displayNetworkEnabled, String isolatedPvlan, String externalId) throws ConcurrentOperationException, InsufficientCapacityException, ResourceAllocationException;
+                               Boolean displayNetworkEnabled, String isolatedPvlan, String externalId, String routerIp, String routerIpv6) throws ConcurrentOperationException, InsufficientCapacityException, ResourceAllocationException;
 
     UserDataServiceProvider getPasswordResetProvider(Network network);
 

engine/orchestration/src/org/apache/cloudstack/engine/orchestration/NetworkOrchestrator.java

@@ -17,6 +17,8 @@
 package org.apache.cloudstack.engine.orchestration;
 
 
+import static org.apache.commons.lang.StringUtils.isNotBlank;
+
 import java.net.URI;
 import java.util.ArrayList;
 import java.util.Arrays;
@@ -39,6 +41,7 @@
 import javax.naming.ConfigurationException;
 
 import org.apache.cloudstack.acl.ControlledEntity.ACLType;
+import org.apache.cloudstack.api.ApiConstants;
 import org.apache.cloudstack.context.CallContext;
 import org.apache.cloudstack.engine.cloud.entity.api.db.VMNetworkMapVO;
 import org.apache.cloudstack.engine.cloud.entity.api.db.dao.VMNetworkMapDao;
@@ -123,6 +126,7 @@
 import com.cloud.network.dao.NetworkAccountDao;
 import com.cloud.network.dao.NetworkAccountVO;
 import com.cloud.network.dao.NetworkDao;
+import com.cloud.network.dao.NetworkDetailsDao;
 import com.cloud.network.dao.NetworkDomainDao;
 import com.cloud.network.dao.NetworkDomainVO;
 import com.cloud.network.dao.NetworkServiceMapDao;
@@ -286,6 +290,8 @@ public class NetworkOrchestrator extends ManagerBase implements NetworkOrchestra
     RemoteAccessVpnDao _remoteAccessVpnDao;
     @Inject
     VpcVirtualNetworkApplianceService _routerService;
+    @Inject
+    NetworkDetailsDao networkDetailsDao;
 
     List<NetworkGuru> networkGurus;
 
@@ -621,6 +627,15 @@ protected NetworkOrchestrator() {
         setStateMachine();
     }
 
+    private void updateRouterIpInNetworkDetails(Long networkId, String routerIp, String routerIpv6) {
+        if (isNotBlank(routerIp)) {
+            networkDetailsDao.addDetail(networkId, ApiConstants.ROUTER_IP, routerIp, true);
+        }
+        if (isNotBlank(routerIpv6)) {
+            networkDetailsDao.addDetail(networkId, ApiConstants.ROUTER_IPV6, routerIpv6, true);
+        }
+    }
+
     @Override
     public List<? extends Network> setupNetwork(final Account owner, final NetworkOffering offering, final DeploymentPlan plan, final String name, final String displayText, final boolean isDefault)
             throws ConcurrentOperationException {
@@ -706,6 +721,8 @@ public void doInTransactionWithoutResult(final TransactionStatus status) {
                         if (domainId != null && aclType == ACLType.Domain) {
                             _networksDao.addDomainToNetwork(id, domainId, subdomainAccess == null ? true : subdomainAccess);
                         }
+
+                        updateRouterIpInNetworkDetails(networkPersisted.getId(), network.getRouterIp(), network.getRouterIpv6());
                     }
                 });
             }
@@ -2084,7 +2101,7 @@ public void expungeNics(final VirtualMachineProfile vm) {
     public Network createGuestNetwork(final long networkOfferingId, final String name, final String displayText, final String gateway, final String cidr, String vlanId,
                                       boolean bypassVlanOverlapCheck, String networkDomain, final Account owner, final Long domainId, final PhysicalNetwork pNtwk,
                                       final long zoneId, final ACLType aclType, Boolean subdomainAccess, final Long vpcId, final String ip6Gateway, final String ip6Cidr,
-                                      final Boolean isDisplayNetworkEnabled, final String isolatedPvlan, String externalId) throws ConcurrentOperationException, InsufficientCapacityException, ResourceAllocationException {
+                                      final Boolean isDisplayNetworkEnabled, final String isolatedPvlan, String externalId, String routerIp, String routerIpv6) throws ConcurrentOperationException, InsufficientCapacityException, ResourceAllocationException {
 
         final NetworkOfferingVO ntwkOff = _networkOfferingDao.findById(networkOfferingId);
         // this method supports only guest network creation
@@ -2339,6 +2356,14 @@ public Network doInTransaction(final TransactionStatus status) {
                     userNetwork.setExternalId(externalId);
                 }
 
+                if (isNotBlank(routerIp)) {
+                    userNetwork.setRouterIp(routerIp);
+                }
+
+                if (isNotBlank(routerIpv6)) {
+                    userNetwork.setRouterIpv6(routerIpv6);
+                }
+
                 if (vlanIdFinal != null) {
                     if (isolatedPvlan == null) {
                         URI uri = null;

engine/schema/src/com/cloud/network/dao/NetworkVO.java

@@ -181,6 +181,12 @@ public class NetworkVO implements Network {
     @Transient
     boolean rollingRestart = false;
 
+    @Transient
+    String routerIp;
+
+    @Transient
+    String routerIpv6;
+
     public NetworkVO() {
         uuid = UUID.randomUUID().toString();
     }
@@ -661,4 +667,20 @@ public boolean isRollingRestart() {
     public void setRollingRestart(boolean rollingRestart) {
         this.rollingRestart = rollingRestart;
     }
+
+    public String getRouterIp() {
+        return routerIp;
+    }
+
+    public void setRouterIp(String routerIp) {
+        this.routerIp = routerIp;
+    }
+
+    public String getRouterIpv6() {
+        return routerIpv6;
+    }
+
+    public void setRouterIpv6(String routerIpv6) {
+        this.routerIpv6 = routerIpv6;
+    }
 }

server/src/com/cloud/network/IpAddressManagerImpl.java

@@ -1681,7 +1681,7 @@ public Ternary<Boolean, List<NetworkOfferingVO>, Network> doInTransaction(Transa
                             s_logger.debug("Creating network for account " + owner + " from the network offering id=" + requiredOfferings.get(0).getId()
                                     + " as a part of createVlanIpRange process");
                             guestNetwork = _networkMgr.createGuestNetwork(requiredOfferings.get(0).getId(), owner.getAccountName() + "-network", owner.getAccountName()
-                                    + "-network", null, null, null, false, null, owner, null, physicalNetwork, zoneId, ACLType.Account, null, null, null, null, true, null, null);
+                                    + "-network", null, null, null, false, null, owner, null, physicalNetwork, zoneId, ACLType.Account, null, null, null, null, true, null, null, null, null);
                             if (guestNetwork == null) {
                                 s_logger.warn("Failed to create default Virtual network for the account " + accountId + "in zone " + zoneId);
                                 throw new CloudRuntimeException("Failed to create a Guest Isolated Networks with SourceNAT "

server/src/com/cloud/network/NetworkServiceImpl.java

@@ -16,6 +16,8 @@
 // under the License.
 package com.cloud.network;
 
+import static org.apache.commons.lang.StringUtils.isNotBlank;
+
 import java.net.Inet6Address;
 import java.net.InetAddress;
 import java.net.URI;
@@ -995,6 +997,46 @@ private void checkSharedNetworkCidrOverlap(Long zoneId, long physicalNetworkId,
         }
     }
 
+    private void validateRouterIps(String routerIp, String routerIpv6, String startIp, String endIp, String gateway,
+                                   String netmask, String startIpv6, String endIpv6, String ip6Cidr) {
+        if (isNotBlank(routerIp)) {
+            if (startIp != null && endIp == null) {
+                endIp = startIp;
+            }
+            if (!NetUtils.isValidIp4(routerIp)) {
+                throw new CloudRuntimeException("Router IPv4 IP provided is of incorrect format");
+            }
+            if (isNotBlank(startIp) && isNotBlank(endIp)) {
+                if (!NetUtils.isIpInRange(routerIp, startIp, endIp)) {
+                    throw new CloudRuntimeException("Router IPv4 IP provided is not within the specified range: " + startIp + " - " + endIp);
+                }
+            } else {
+                String cidr = NetUtils.ipAndNetMaskToCidr(gateway, netmask);
+                if (!NetUtils.isIpWithInCidrRange(routerIp, cidr)) {
+                    throw new CloudRuntimeException("Router IP provided in not within the network range");
+                }
+            }
+        }
+        if (isNotBlank(routerIpv6)) {
+            if (startIpv6 != null && endIpv6 == null) {
+                endIpv6 = startIpv6;
+            }
+            if (!NetUtils.isValidIp6(routerIpv6)) {
+                throw new CloudRuntimeException("Router IPv6 address provided is of incorrect format");
+            }
+            if (isNotBlank(startIpv6) && isNotBlank(endIpv6)) {
+                String ipv6Range = startIpv6 + "-" + endIpv6;
+                if (!NetUtils.isIp6InRange(routerIpv6, ipv6Range)) {
+                    throw new CloudRuntimeException("Router IPv6 address provided is not within the specified range: " + startIpv6 + " - " + endIpv6);
+                }
+            } else {
+                if (!NetUtils.isIp6InNetwork(routerIpv6, ip6Cidr)) {
+                    throw new CloudRuntimeException("Router IPv6 address provided is not with the network range");
+                }
+            }
+        }
+    }
+
     @Override
     @DB
     @ActionEvent(eventType = EventTypes.EVENT_NETWORK_CREATE, eventDescription = "creating network")
@@ -1007,11 +1049,13 @@ public Network createGuestNetwork(CreateNetworkCmd cmd) throws InsufficientCapac
         String networkDomain = cmd.getNetworkDomain();
         String vlanId = null;
         boolean bypassVlanOverlapCheck = false;
+        String routerIp = null;
+        String routerIpv6 = null;
         if (cmd instanceof CreateNetworkCmdByAdmin) {
             vlanId = ((CreateNetworkCmdByAdmin)cmd).getVlan();
-        }
-        if (cmd instanceof CreateNetworkCmdByAdmin) {
             bypassVlanOverlapCheck = ((CreateNetworkCmdByAdmin)cmd).getBypassVlanOverlapCheck();
+            routerIp = ((CreateNetworkCmdByAdmin)cmd).getRouterIp();
+            routerIpv6 = ((CreateNetworkCmdByAdmin)cmd).getRouterIpv6();
         }
 
         String name = cmd.getNetworkName();
@@ -1105,6 +1149,15 @@ public Network createGuestNetwork(CreateNetworkCmd cmd) throws InsufficientCapac
             throw new InvalidParameterValueException("Only Admins can create network with guest type " + GuestType.Shared);
         }
 
+        if (ntwkOff.getGuestType() != GuestType.Shared && (isNotBlank(routerIp) || isNotBlank(routerIpv6))) {
+            throw new InvalidParameterValueException("Router IP can be specified only for Shared networks");
+        }
+
+        if (ntwkOff.getGuestType() == GuestType.Shared && !_networkModel.isProviderForNetworkOffering(Provider.VirtualRouter, networkOfferingId)
+                && (isNotBlank(routerIp) || isNotBlank(routerIpv6))) {
+            throw new InvalidParameterValueException("Virtual Router is not a supported provider for the Shared network, hence router ip should not be provided");
+        }
+
         // Check if the network is domain specific
         if (aclType == ACLType.Domain) {
             // only Admin can create domain with aclType=Domain
@@ -1216,6 +1269,8 @@ public Network createGuestNetwork(CreateNetworkCmd cmd) throws InsufficientCapac
             }
         }
 
+        validateRouterIps(routerIp, routerIpv6, startIP, endIP, gateway, netmask, startIPv6, endIPv6, ip6Cidr);
+
         if (isolatedPvlan != null && (zone.getNetworkType() != NetworkType.Advanced || ntwkOff.getGuestType() != Network.GuestType.Shared)) {
             throw new InvalidParameterValueException("Can only support create Private VLAN network with advance shared network!");
         }
@@ -1293,7 +1348,7 @@ && areServicesSupportedByNetworkOffering(ntwkOff.getId(), Service.SourceNat))) {
 
         Network network = commitNetwork(networkOfferingId, gateway, startIP, endIP, netmask, networkDomain, vlanId, bypassVlanOverlapCheck, name, displayText, caller, physicalNetworkId, zoneId, domainId,
                 isDomainSpecific, subdomainAccess, vpcId, startIPv6, endIPv6, ip6Gateway, ip6Cidr, displayNetwork, aclId, isolatedPvlan, ntwkOff, pNtwk, aclType, owner, cidr,
-                createVlan, externalId);
+                createVlan, externalId, routerIp, routerIpv6);
 
         // if the network offering has persistent set to true, implement the network
         if (ntwkOff.getIsPersistent()) {
@@ -1326,7 +1381,7 @@ private Network commitNetwork(final Long networkOfferingId, final String gateway
                                   final String vlanId, final Boolean bypassVlanOverlapCheck, final String name, final String displayText, final Account caller, final Long physicalNetworkId, final Long zoneId, final Long domainId,
                                   final boolean isDomainSpecific, final Boolean subdomainAccessFinal, final Long vpcId, final String startIPv6, final String endIPv6, final String ip6Gateway,
                                   final String ip6Cidr, final Boolean displayNetwork, final Long aclId, final String isolatedPvlan, final NetworkOfferingVO ntwkOff, final PhysicalNetwork pNtwk,
-                                  final ACLType aclType, final Account ownerFinal, final String cidr, final boolean createVlan, final String externalId) throws InsufficientCapacityException, ResourceAllocationException {
+                                  final ACLType aclType, final Account ownerFinal, final String cidr, final boolean createVlan, final String externalId, String routerIp, String routerIpv6) throws InsufficientCapacityException, ResourceAllocationException {
         try {
             Network network = Transaction.execute(new TransactionCallbackWithException<Network, Exception>() {
                 @Override
@@ -1381,7 +1436,7 @@ public Network doInTransaction(TransactionStatus status) throws InsufficientCapa
                         }
 
                         network = _networkMgr.createGuestNetwork(networkOfferingId, name, displayText, gateway, cidr, vlanId, bypassVlanOverlapCheck, networkDomain, owner, sharedDomainId, pNtwk, zoneId,
-                                aclType, subdomainAccess, vpcId, ip6Gateway, ip6Cidr, displayNetwork, isolatedPvlan, externalId);
+                                aclType, subdomainAccess, vpcId, ip6Gateway, ip6Cidr, displayNetwork, isolatedPvlan, externalId, routerIp, routerIpv6);
                     }
 
                     if (_accountMgr.isRootAdmin(caller.getId()) && createVlan && network != null) {
@@ -4363,7 +4418,7 @@ public Network doInTransaction(TransactionStatus status) throws ResourceAllocati
                     if (privateNetwork == null) {
                         //create Guest network
                         privateNetwork = _networkMgr.createGuestNetwork(ntwkOffFinal.getId(), networkName, displayText, gateway, cidr, uriString, false, null, owner, null, pNtwk,
-                                                                        pNtwk.getDataCenterId(), ACLType.Account, null, vpcId, null, null, true, null, null);
+                                                                        pNtwk.getDataCenterId(), ACLType.Account, null, vpcId, null, null, true, null, null, null , null);
                         if (privateNetwork != null) {
                             s_logger.debug("Successfully created guest network " + privateNetwork);
                         } else {

server/src/com/cloud/network/guru/DirectNetworkGuru.java

@@ -211,6 +211,13 @@ public Network design(NetworkOffering offering, DeploymentPlan plan, Network use
             if (userSpecified.getBroadcastDomainType() != null) {
                 config.setBroadcastDomainType(userSpecified.getBroadcastDomainType());
             }
+
+            if (userSpecified.getRouterIp() != null) {
+                config.setRouterIp(userSpecified.getRouterIp());
+            }
+            if (userSpecified.getRouterIpv6() != null) {
+                config.setRouterIpv6(userSpecified.getRouterIpv6());
+            }
         }
 
         boolean isSecurityGroupEnabled = _networkModel.areServicesSupportedByNetworkOffering(offering.getId(), Service.SecurityGroup);