feat: filter esxi ip by CIDR

yunionio · Oct 12, 2020 · 552ce3b · 552ce3b
1 parent 91c8526
commit 552ce3b
Show file tree

Hide file tree

Showing 6 changed files with 63 additions and 207 deletions.
diff --git a/pkg/compute/models/cloudaccounts_test.go b/pkg/compute/models/cloudaccounts_test.go
diff --git a/pkg/compute/options/options.go b/pkg/compute/options/options.go
@@ -17,6 +17,7 @@ package options
 import (
 	common_options "yunion.io/x/onecloud/pkg/cloudcommon/options"
 	"yunion.io/x/onecloud/pkg/cloudcommon/pending_delete"
+	"yunion.io/x/onecloud/pkg/multicloud/esxi"
 )
 
 type ComputeOptions struct {
@@ -153,6 +154,8 @@ type ComputeOptions struct {
 	EnableAutoMergeSecurityGroup bool `help:"Enable auto merge secgroup when sync security group from cloud, default False" default:"false"`
 
 	DefaultNetworkGatewayAddressEsxi uint32 `help:"Default address for network gateway" default:"1"`
+
+	esxi.VMIPOptions
 }
 
 type SCapabilityOptions struct {

diff --git a/pkg/compute/service/service.go b/pkg/compute/service/service.go
@@ -44,6 +44,7 @@ import (
 	_ "yunion.io/x/onecloud/pkg/compute/tasks"
 	"yunion.io/x/onecloud/pkg/controller/autoscaling"
 	"yunion.io/x/onecloud/pkg/httperrors"
+	"yunion.io/x/onecloud/pkg/multicloud/esxi"
 	_ "yunion.io/x/onecloud/pkg/multicloud/loader"
 )
 
@@ -59,6 +60,11 @@ func StartService() {
 		commonOpts.Port = opts.PortV2
 	}
 
+	err := esxi.InitVMIPV4Filter(opts.ReasonableCIDREsxi)
+	if err != nil {
+		log.Fatalf("unable to initVMIPV4Filter: %v", err)
+	}
+
 	app_common.InitAuth(commonOpts, func() {
 		log.Infof("Auth complete!!")
 	})

diff --git a/pkg/multicloud/esxi/ip.go b/pkg/multicloud/esxi/ip.go
@@ -17,10 +17,47 @@ package esxi
 import (
 	"github.com/vmware/govmomi/vim25/mo"
 
+	"yunion.io/x/log"
 	"yunion.io/x/pkg/errors"
+	"yunion.io/x/pkg/util/netutils"
 	"yunion.io/x/pkg/util/regutils"
 )
 
+type VMIPOptions struct {
+	ReasonableCIDREsxi string `help:"Reasonable CIDR in esxi, such as '10.0.0.0/8'" defautl:""`
+}
+
+type IPV4Range struct {
+	iprange *netutils.IPV4AddrRange
+}
+
+func (i IPV4Range) Contains(ip string) bool {
+	ipaddr, err := netutils.NewIPV4Addr(ip)
+	if err != nil {
+		log.Errorf("unable to parse ip %q: %v", ip, err)
+		return false
+	}
+	if i.iprange == nil {
+		return true
+	}
+	return i.iprange.Contains(ipaddr)
+}
+
+var vmIPV4Filter IPV4Range
+
+func InitVMIPV4Filter(cidr string) error {
+	if len(cidr) == 0 {
+		return nil
+	}
+	prefix, err := netutils.NewIPV4Prefix(cidr)
+	if err != nil {
+		return errors.Wrapf(err, "parse cidr %q", cidr)
+	}
+	irange := prefix.ToIPRange()
+	vmIPV4Filter.iprange = &irange
+	return nil
+}
+
 var HOST_PROPS = []string{"name", "config.network", "vm"}
 
 var VM_PROPS = []string{"name", "guest.net", "config.template", "summary.config.uuid", "summary.runtime.powerState"}

diff --git a/pkg/multicloud/esxi/manager.go b/pkg/multicloud/esxi/manager.go
@@ -680,14 +680,22 @@ func (cli *SESXiClient) vmIPs(host *mo.HostSystem) ([]SSimpleVM, error) {
 		}
 		guestIps := make([]string, 0)
 		for _, net := range vm.Guest.Net {
+			if len(net.Network) == 0 {
+				continue
+			}
 			for _, ip := range net.IpAddress {
-				if regutils.MatchIP4Addr(ip) {
-					ipaddr, _ := netutils.NewIPV4Addr(ip)
-					if netutils.IsLinkLocal(ipaddr) {
-						continue
-					}
-					guestIps = append(guestIps, ip)
+				if !regutils.MatchIP4Addr(ip) {
+					continue
+				}
+				if !vmIPV4Filter.Contains(ip) {
+					continue
+				}
+				ipaddr, _ := netutils.NewIPV4Addr(ip)
+				if netutils.IsLinkLocal(ipaddr) {
+					continue
 				}
+				guestIps = append(guestIps, ip)
+				break
 			}
 		}
 		ret = append(ret, SSimpleVM{vm.Name, guestIps})

diff --git a/pkg/multicloud/esxi/virtualmachine.go b/pkg/multicloud/esxi/virtualmachine.go
@@ -763,6 +763,9 @@ func (self *SVirtualMachine) fetchGuestIps() map[string]string {
 		mac := netutils.FormatMacAddr(net.MacAddress)
 		for _, ip := range net.IpAddress {
 			if regutils.MatchIP4Addr(ip) {
+				if !vmIPV4Filter.Contains(ip) {
+					continue
+				}
 				guestIps[mac] = ip
 				break
 			}