Skip to content

Commit 836a063

Browse files
Alena ProkharchykAlena Prokharchyk
authored andcommitted
bug 13924: default Firewall provider to Juniper when Juniper is a provider for Pf/StaticNat or source nat service
status 13924: resolved fixed reviewed-by: Will Chan
1 parent b683312 commit 836a063

1 file changed

Lines changed: 12 additions & 4 deletions

File tree

server/src/com/cloud/configuration/ConfigurationManagerImpl.java

Lines changed: 12 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -3101,6 +3101,7 @@ public NetworkOffering createNetworkOffering(CreateNetworkOfferingCmd cmd) {
31013101
// populate providers
31023102
Map<Provider, Set<Service>> providerCombinationToVerify = new HashMap<Provider, Set<Service>>();
31033103
Map<String, List<String>> svcPrv = cmd.getServiceProviders();
3104+
boolean isSrx = false;
31043105
if (svcPrv != null) {
31053106
for (String serviceStr : svcPrv.keySet()) {
31063107
Network.Service service = Network.Service.getService(serviceStr);
@@ -3117,11 +3118,10 @@ public NetworkOffering createNetworkOffering(CreateNetworkOfferingCmd cmd) {
31173118
throw new InvalidParameterValueException("Invalid service provider: " + prvNameStr);
31183119
}
31193120

3120-
// Only VirtualRouter can be specified as a firewall provider
3121-
if (service == Service.Firewall && provider != Provider.VirtualRouter) {
3122-
throw new InvalidParameterValueException("Only Virtual router can be specified as a provider for the Firewall service");
3121+
if (provider == Provider.JuniperSRX) {
3122+
isSrx = true;
31233123
}
3124-
3124+
31253125
providers.add(provider);
31263126

31273127
Set<Service> serviceSet = null;
@@ -3169,6 +3169,14 @@ public NetworkOffering createNetworkOffering(CreateNetworkOfferingCmd cmd) {
31693169
serviceCapabilityMap.put(Service.Lb, lbServiceCapabilityMap);
31703170
serviceCapabilityMap.put(Service.SourceNat, sourceNatServiceCapabilityMap);
31713171
serviceCapabilityMap.put(Service.StaticNat, staticNatServiceCapabilityMap);
3172+
3173+
//if Firewall service is missing, and Juniper is a provider for any other service, add Firewall service/provider combination
3174+
if (isSrx) {
3175+
s_logger.debug("Adding Firewall service with provider " + Provider.JuniperSRX.getName());
3176+
Set<Provider> firewallProvider = new HashSet<Provider>();
3177+
firewallProvider.add(Provider.JuniperSRX);
3178+
serviceProviderMap.put(Service.Firewall, firewallProvider);
3179+
}
31723180

31733181
return createNetworkOffering(userId, name, displayText, trafficType, tags, specifyVlan, availability, networkRate, serviceProviderMap, false, guestType,
31743182
false, serviceOfferingId, conserveMode, serviceCapabilityMap, specifyIpRanges);

0 commit comments

Comments
 (0)