mirror of
https://github.com/yunionio/cloudpods.git
synced 2026-05-06 21:52:54 +08:00
385 lines
13 KiB
Go
385 lines
13 KiB
Go
// Copyright 2019 Yunion
|
|
//
|
|
// Licensed under the Apache License, Version 2.0 (the "License");
|
|
// you may not use this file except in compliance with the License.
|
|
// You may obtain a copy of the License at
|
|
//
|
|
// http://www.apache.org/licenses/LICENSE-2.0
|
|
//
|
|
// Unless required by applicable law or agreed to in writing, software
|
|
// distributed under the License is distributed on an "AS IS" BASIS,
|
|
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
// See the License for the specific language governing permissions and
|
|
// limitations under the License.
|
|
|
|
package regiondrivers
|
|
|
|
import (
|
|
"context"
|
|
"fmt"
|
|
"strings"
|
|
"time"
|
|
|
|
"yunion.io/x/cloudmux/pkg/cloudprovider"
|
|
"yunion.io/x/jsonutils"
|
|
"yunion.io/x/log"
|
|
"yunion.io/x/pkg/errors"
|
|
"yunion.io/x/pkg/util/secrules"
|
|
"yunion.io/x/sqlchemy"
|
|
|
|
"yunion.io/x/onecloud/pkg/apis"
|
|
billing_api "yunion.io/x/onecloud/pkg/apis/billing"
|
|
api "yunion.io/x/onecloud/pkg/apis/compute"
|
|
"yunion.io/x/onecloud/pkg/cloudcommon/db"
|
|
"yunion.io/x/onecloud/pkg/cloudcommon/db/taskman"
|
|
"yunion.io/x/onecloud/pkg/cloudcommon/validators"
|
|
"yunion.io/x/onecloud/pkg/compute/models"
|
|
"yunion.io/x/onecloud/pkg/httperrors"
|
|
"yunion.io/x/onecloud/pkg/mcclient"
|
|
)
|
|
|
|
type SGoogleRegionDriver struct {
|
|
SManagedVirtualizationRegionDriver
|
|
}
|
|
|
|
func init() {
|
|
driver := SGoogleRegionDriver{}
|
|
models.RegisterRegionDriver(&driver)
|
|
}
|
|
|
|
func (self *SGoogleRegionDriver) GetProvider() string {
|
|
return api.CLOUD_PROVIDER_GOOGLE
|
|
}
|
|
|
|
func (self *SGoogleRegionDriver) RequestCreateVpc(ctx context.Context, userCred mcclient.TokenCredential, region *models.SCloudregion, vpc *models.SVpc, task taskman.ITask) error {
|
|
taskman.LocalTaskRun(task, func() (jsonutils.JSONObject, error) {
|
|
provider := vpc.GetCloudprovider()
|
|
if provider == nil {
|
|
return nil, fmt.Errorf("failed to found vpc %s(%s) cloudprovider", vpc.Name, vpc.Id)
|
|
}
|
|
providerDriver, err := provider.GetProvider(ctx)
|
|
if err != nil {
|
|
return nil, errors.Wrap(err, "provider.GetProvider")
|
|
}
|
|
iregion, err := providerDriver.GetIRegionById(region.ExternalId)
|
|
if err != nil {
|
|
return nil, errors.Wrap(err, "vpc.GetIRegion")
|
|
}
|
|
gvpc, err := vpc.GetGlobalVpc()
|
|
if err != nil {
|
|
return nil, errors.Wrapf(err, "GetGlobalVpc")
|
|
}
|
|
opts := &cloudprovider.VpcCreateOptions{
|
|
NAME: vpc.Name,
|
|
CIDR: vpc.CidrBlock,
|
|
GlobalVpcExternalId: gvpc.ExternalId,
|
|
Desc: vpc.Description,
|
|
}
|
|
ivpc, err := iregion.CreateIVpc(opts)
|
|
if err != nil {
|
|
return nil, errors.Wrap(err, "iregion.CreateIVpc")
|
|
}
|
|
db.SetExternalId(vpc, userCred, ivpc.GetGlobalId())
|
|
|
|
regions, err := provider.GetRegionByExternalIdPrefix(self.GetProvider())
|
|
if err != nil {
|
|
return nil, errors.Wrap(err, "GetRegionByExternalIdPrefix")
|
|
}
|
|
for _, region := range regions {
|
|
iregion, err := providerDriver.GetIRegionById(region.ExternalId)
|
|
if err != nil {
|
|
return nil, errors.Wrap(err, "providerDrivder.GetIRegionById")
|
|
}
|
|
region.SyncVpcs(ctx, userCred, iregion, provider)
|
|
}
|
|
|
|
err = vpc.SyncWithCloudVpc(ctx, userCred, ivpc, nil)
|
|
if err != nil {
|
|
return nil, errors.Wrap(err, "vpc.SyncWithCloudVpc")
|
|
}
|
|
|
|
err = vpc.SyncRemoteWires(ctx, userCred)
|
|
if err != nil {
|
|
return nil, errors.Wrap(err, "vpc.SyncRemoteWires")
|
|
}
|
|
return nil, nil
|
|
})
|
|
return nil
|
|
}
|
|
|
|
func (self *SGoogleRegionDriver) IsSupportedDBInstance() bool {
|
|
return true
|
|
}
|
|
|
|
func (self *SGoogleRegionDriver) ValidateDBInstanceRecovery(ctx context.Context, userCred mcclient.TokenCredential, instance *models.SDBInstance, backup *models.SDBInstanceBackup, input api.SDBInstanceRecoveryConfigInput) error {
|
|
return nil
|
|
}
|
|
|
|
func (self *SGoogleRegionDriver) ValidateCreateDBInstanceData(ctx context.Context, userCred mcclient.TokenCredential, ownerId mcclient.IIdentityProvider, input api.DBInstanceCreateInput, skus []models.SDBInstanceSku, network *models.SNetwork) (api.DBInstanceCreateInput, error) {
|
|
if input.BillingType == billing_api.BILLING_TYPE_PREPAID {
|
|
return input, httperrors.NewInputParameterError("Google dbinstance not support prepaid billing type")
|
|
}
|
|
|
|
if input.DiskSizeGB < 10 || input.DiskSizeGB > 30720 {
|
|
return input, httperrors.NewInputParameterError("disk size gb must in range 10 ~ 30720 Gb")
|
|
}
|
|
|
|
if input.Engine != api.DBINSTANCE_TYPE_MYSQL && len(input.Password) == 0 {
|
|
return input, httperrors.NewMissingParameterError("password")
|
|
}
|
|
|
|
return input, nil
|
|
}
|
|
|
|
func (self *SGoogleRegionDriver) InitDBInstanceUser(ctx context.Context, instance *models.SDBInstance, task taskman.ITask, desc *cloudprovider.SManagedDBInstanceCreateConfig) error {
|
|
user := "root"
|
|
switch desc.Engine {
|
|
case api.DBINSTANCE_TYPE_POSTGRESQL:
|
|
user = "postgres"
|
|
case api.DBINSTANCE_TYPE_SQLSERVER:
|
|
user = "sqlserver"
|
|
default:
|
|
user = "root"
|
|
}
|
|
|
|
account := models.SDBInstanceAccount{}
|
|
account.DBInstanceId = instance.Id
|
|
account.Name = user
|
|
account.Status = api.DBINSTANCE_USER_AVAILABLE
|
|
account.SetModelManager(models.DBInstanceAccountManager, &account)
|
|
err := models.DBInstanceAccountManager.TableSpec().Insert(ctx, &account)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
return account.SetPassword(desc.Password)
|
|
}
|
|
|
|
func (self *SGoogleRegionDriver) ValidateCreateDBInstanceDatabaseData(ctx context.Context, userCred mcclient.TokenCredential, ownerId mcclient.IIdentityProvider, instance *models.SDBInstance, input api.DBInstanceDatabaseCreateInput) (api.DBInstanceDatabaseCreateInput, error) {
|
|
return input, nil
|
|
}
|
|
|
|
func (self *SGoogleRegionDriver) ValidateCreateDBInstanceBackupData(ctx context.Context, userCred mcclient.TokenCredential, ownerId mcclient.IIdentityProvider, instance *models.SDBInstance, input api.DBInstanceBackupCreateInput) (api.DBInstanceBackupCreateInput, error) {
|
|
return input, nil
|
|
}
|
|
|
|
func (self *SGoogleRegionDriver) ValidateCreateDBInstanceAccountData(ctx context.Context, userCred mcclient.TokenCredential, ownerId mcclient.IIdentityProvider, instance *models.SDBInstance, input api.DBInstanceAccountCreateInput) (api.DBInstanceAccountCreateInput, error) {
|
|
return input, nil
|
|
}
|
|
|
|
func (self *SGoogleRegionDriver) RequestCreateDBInstanceBackup(ctx context.Context, userCred mcclient.TokenCredential, instance *models.SDBInstance, backup *models.SDBInstanceBackup, task taskman.ITask) error {
|
|
taskman.LocalTaskRun(task, func() (jsonutils.JSONObject, error) {
|
|
iRds, err := instance.GetIDBInstance(ctx)
|
|
if err != nil {
|
|
return nil, errors.Wrap(err, "instance.GetIDBInstance")
|
|
}
|
|
|
|
desc := &cloudprovider.SDBInstanceBackupCreateConfig{
|
|
Name: backup.Name,
|
|
Description: backup.Description,
|
|
}
|
|
|
|
_, err = iRds.CreateIBackup(desc)
|
|
if err != nil {
|
|
return nil, errors.Wrap(err, "iRds.CreateBackup")
|
|
}
|
|
|
|
backups, err := iRds.GetIDBInstanceBackups()
|
|
if err != nil {
|
|
return nil, errors.Wrap(err, "iRds.GetIDBInstanceBackups")
|
|
}
|
|
|
|
region, _ := backup.GetRegion()
|
|
|
|
result := models.DBInstanceBackupManager.SyncDBInstanceBackups(ctx, userCred, backup.GetCloudprovider(), instance, region, backups, false)
|
|
log.Infof("SyncDBInstanceBackups for dbinstance %s(%s) result: %s", instance.Name, instance.Id, result.Result())
|
|
instance.SetStatus(ctx, userCred, api.DBINSTANCE_RUNNING, "")
|
|
return nil, nil
|
|
})
|
|
return nil
|
|
}
|
|
|
|
func (self *SGoogleRegionDriver) ValidateCreateVpcData(ctx context.Context, userCred mcclient.TokenCredential, input api.VpcCreateInput) (api.VpcCreateInput, error) {
|
|
var cidrV = validators.NewIPv4PrefixValidator("cidr_block")
|
|
if err := cidrV.Validate(ctx, jsonutils.Marshal(input).(*jsonutils.JSONDict)); err != nil {
|
|
return input, err
|
|
}
|
|
if cidrV.Value.MaskLen < 8 || cidrV.Value.MaskLen > 29 {
|
|
return input, httperrors.NewInputParameterError("%s request the mask range should be between 8 and 29", self.GetProvider())
|
|
}
|
|
if len(input.GlobalvpcId) == 0 {
|
|
_manager, err := validators.ValidateModel(ctx, userCred, models.CloudproviderManager, &input.CloudproviderId)
|
|
if err != nil {
|
|
return input, err
|
|
}
|
|
manager := _manager.(*models.SCloudprovider)
|
|
globalVpcs, err := manager.GetGlobalVpcs()
|
|
if err != nil {
|
|
return input, errors.Wrapf(err, "GetGlobalVpcs")
|
|
}
|
|
if len(globalVpcs) != 1 {
|
|
return input, httperrors.NewMissingParameterError("globalvpc_id")
|
|
}
|
|
input.GlobalvpcId = globalVpcs[0].Id
|
|
}
|
|
_, err := validators.ValidateModel(ctx, userCred, models.GlobalVpcManager, &input.GlobalvpcId)
|
|
if err != nil {
|
|
return input, err
|
|
}
|
|
return input, nil
|
|
}
|
|
|
|
func (self *SGoogleRegionDriver) ValidateCreateSecurityGroupInput(ctx context.Context, userCred mcclient.TokenCredential, input *api.SSecgroupCreateInput) (*api.SSecgroupCreateInput, error) {
|
|
for i := range input.Rules {
|
|
rule := input.Rules[i]
|
|
if rule.Priority == nil {
|
|
return nil, httperrors.NewMissingParameterError("priority")
|
|
}
|
|
if *rule.Priority < 0 || *rule.Priority > 65535 {
|
|
return nil, httperrors.NewInputParameterError("invalid priority %d, range 0-65535", *rule.Priority)
|
|
}
|
|
|
|
if len(rule.Ports) > 0 && strings.Contains(input.Rules[i].Ports, ",") {
|
|
return nil, httperrors.NewInputParameterError("invalid ports %s", input.Rules[i].Ports)
|
|
}
|
|
}
|
|
return input, nil
|
|
}
|
|
|
|
func (self *SGoogleRegionDriver) RequestCreateSecurityGroup(
|
|
ctx context.Context,
|
|
userCred mcclient.TokenCredential,
|
|
secgroup *models.SSecurityGroup,
|
|
rules api.SSecgroupRuleResourceSet,
|
|
) error {
|
|
vpc, err := secgroup.GetGlobalVpc()
|
|
if err != nil {
|
|
return errors.Wrapf(err, "GetVpc")
|
|
}
|
|
|
|
iVpc, err := vpc.GetICloudGlobalVpc(ctx)
|
|
if err != nil {
|
|
return errors.Wrapf(err, "GetICloudGlobalVpc")
|
|
}
|
|
|
|
opts := &cloudprovider.SecurityGroupCreateInput{
|
|
Name: secgroup.Name,
|
|
}
|
|
|
|
opts.Tags, _ = secgroup.GetAllUserMetadata()
|
|
|
|
iGroup, err := iVpc.CreateISecurityGroup(opts)
|
|
if err != nil {
|
|
return errors.Wrapf(err, "CreateISecurityGroup")
|
|
}
|
|
|
|
_, err = db.Update(secgroup, func() error {
|
|
secgroup.ExternalId = iGroup.GetGlobalId()
|
|
secgroup.VpcId = ""
|
|
secgroup.CloudregionId = "-"
|
|
return nil
|
|
})
|
|
if err != nil {
|
|
return errors.Wrapf(err, "SetExternalId")
|
|
}
|
|
|
|
for i := range rules {
|
|
opts := cloudprovider.SecurityGroupRuleCreateOptions{
|
|
Desc: rules[i].Description,
|
|
Direction: secrules.TSecurityRuleDirection(rules[i].Direction),
|
|
Action: secrules.TSecurityRuleAction(rules[i].Action),
|
|
Protocol: rules[i].Protocol,
|
|
CIDR: rules[i].CIDR,
|
|
Ports: rules[i].Ports,
|
|
}
|
|
_, err := iGroup.CreateRule(&opts)
|
|
if err != nil {
|
|
return errors.Wrapf(err, "CreateRule")
|
|
}
|
|
}
|
|
|
|
iRules, err := iGroup.GetRules()
|
|
if err != nil {
|
|
return errors.Wrapf(err, "GetRules")
|
|
}
|
|
|
|
result := secgroup.SyncRules(ctx, userCred, iRules)
|
|
if result.IsError() {
|
|
return result.AllError()
|
|
}
|
|
secgroup.SetStatus(ctx, userCred, api.SECGROUP_STATUS_READY, "")
|
|
return nil
|
|
}
|
|
|
|
func (self *SGoogleRegionDriver) ValidateUpdateSecurityGroupRuleInput(ctx context.Context, userCred mcclient.TokenCredential, input *api.SSecgroupRuleUpdateInput) (*api.SSecgroupRuleUpdateInput, error) {
|
|
if input.Priority != nil && (*input.Priority < 0 || *input.Priority > 65535) {
|
|
return nil, httperrors.NewInputParameterError("invalid priority %d, range 0-65535", *input.Priority)
|
|
}
|
|
|
|
if input.Ports != nil && strings.Contains(*input.Ports, ",") {
|
|
return nil, httperrors.NewInputParameterError("invalid ports %s", *input.Ports)
|
|
}
|
|
|
|
return self.SManagedVirtualizationRegionDriver.ValidateUpdateSecurityGroupRuleInput(ctx, userCred, input)
|
|
}
|
|
|
|
func (self *SGoogleRegionDriver) GetSecurityGroupFilter(vpc *models.SVpc) (func(q *sqlchemy.SQuery) *sqlchemy.SQuery, error) {
|
|
return func(q *sqlchemy.SQuery) *sqlchemy.SQuery {
|
|
return q.Equals("globalvpc_id", vpc.GlobalvpcId)
|
|
}, nil
|
|
}
|
|
|
|
func (self *SGoogleRegionDriver) RequestPrepareSecurityGroups(
|
|
ctx context.Context,
|
|
userCred mcclient.TokenCredential,
|
|
ownerId mcclient.IIdentityProvider,
|
|
secgroups []models.SSecurityGroup,
|
|
vpc *models.SVpc,
|
|
callback func(ids []string) error,
|
|
task taskman.ITask,
|
|
) error {
|
|
// 共享vpc不支持创建安全组
|
|
if strings.HasPrefix(vpc.ExternalId, "projects/") {
|
|
if callback != nil {
|
|
err := callback([]string{})
|
|
if err != nil {
|
|
return errors.Wrapf(err, "callback")
|
|
}
|
|
}
|
|
return task.ScheduleRun(nil)
|
|
}
|
|
return self.SManagedVirtualizationRegionDriver.RequestPrepareSecurityGroups(ctx, userCred, ownerId, secgroups, vpc, callback, task)
|
|
}
|
|
|
|
func (self *SGoogleRegionDriver) CreateDefaultSecurityGroup(
|
|
ctx context.Context,
|
|
userCred mcclient.TokenCredential,
|
|
ownerId mcclient.IIdentityProvider,
|
|
vpc *models.SVpc,
|
|
) (*models.SSecurityGroup, error) {
|
|
newGroup := &models.SSecurityGroup{}
|
|
newGroup.SetModelManager(models.SecurityGroupManager, newGroup)
|
|
newGroup.Name = fmt.Sprintf("default-auto-%d", time.Now().Unix())
|
|
newGroup.Description = "auto generage"
|
|
newGroup.ManagerId = vpc.ManagerId
|
|
newGroup.DomainId = ownerId.GetProjectDomainId()
|
|
newGroup.ProjectSrc = string(apis.OWNER_SOURCE_LOCAL)
|
|
newGroup.GlobalvpcId = vpc.GlobalvpcId
|
|
newGroup.ProjectId = ownerId.GetProjectId()
|
|
err := models.SecurityGroupManager.TableSpec().Insert(ctx, newGroup)
|
|
if err != nil {
|
|
return nil, errors.Wrapf(err, "insert")
|
|
}
|
|
|
|
region, err := vpc.GetRegion()
|
|
if err != nil {
|
|
return nil, errors.Wrapf(err, "GetRegion")
|
|
}
|
|
driver := region.GetDriver()
|
|
err = driver.RequestCreateSecurityGroup(ctx, userCred, newGroup, api.SSecgroupRuleResourceSet{})
|
|
if err != nil {
|
|
return nil, errors.Wrapf(err, "RequestCreateSecurityGroup")
|
|
}
|
|
return newGroup, nil
|
|
}
|