network extension: add service CustomAction

Author: weizhouapache

api/src/main/java/com/cloud/network/Network.java

@@ -116,6 +116,7 @@ class Service {
         public static final Service NetworkACL = new Service("NetworkACL", Capability.SupportedProtocols);
         public static final Service Connectivity = new Service("Connectivity", Capability.DistributedRouter, Capability.RegionLevelVpc, Capability.StretchedL2Subnet,
                 Capability.NoVlan, Capability.PublicAccess);
+        public static final Service CustomAction = new Service("CustomAction");
 
         private final String name;
         private final Capability[] caps;

api/src/main/java/org/apache/cloudstack/extension/ExtensionCustomAction.java

@@ -49,7 +49,8 @@
 public interface ExtensionCustomAction extends InternalIdentity, Identity {
     enum ResourceType {
         VirtualMachine(com.cloud.vm.VirtualMachine.class),
-        Network(com.cloud.network.Network.class);
+        Network(com.cloud.network.Network.class),
+        Vpc(com.cloud.network.vpc.Vpc.class);
 
         private final Class<?> clazz;
 

api/src/main/java/org/apache/cloudstack/extension/NetworkCustomActionProvider.java

@@ -20,13 +20,15 @@
 import java.util.Map;
 
 import com.cloud.network.Network;
+import com.cloud.network.vpc.Vpc;
 
 /**
  * Implemented by network elements that support running custom actions on a
- * managed network (e.g. NetworkExtensionElement).
+ * managed network or VPC (e.g. NetworkExtensionElement).
  *
  * <p>This interface is looked up by {@code ExtensionsManagerImpl} to dispatch
- * {@code runCustomAction} requests whose resource type is {@code Network}.</p>
+ * {@code runCustomAction} requests whose resource type is {@code Network}
+ * or {@code Vpc}.</p>
  */
 public interface NetworkCustomActionProvider {
 
@@ -39,6 +41,15 @@ public interface NetworkCustomActionProvider {
      */
     boolean canHandleCustomAction(Network network);
 
+    /**
+     * Returns {@code true} if this provider can handle custom actions for
+     * the given VPC.
+     *
+     * @param vpc the target VPC
+     * @return {@code true} if this provider can handle the VPC
+     */
+    boolean canHandleVpcCustomAction(Vpc vpc);
+
     /**
      * Runs a named custom action against the external network device that
      * manages the given network.
@@ -49,4 +60,15 @@ public interface NetworkCustomActionProvider {
      * @return output from the action script, or {@code null} on failure
      */
     String runCustomAction(Network network, String actionName, Map<String, Object> parameters);
+
+    /**
+     * Runs a named custom action against the external network device that
+     * manages the given VPC.
+     *
+     * @param vpc        the CloudStack VPC on which to run the action
+     * @param actionName the action name
+     * @param parameters optional parameters supplied by the caller
+     * @return output from the action script, or {@code null} on failure
+     */
+    String runCustomAction(Vpc vpc, String actionName, Map<String, Object> parameters);
 }

engine/schema/src/main/java/com/cloud/network/dao/PhysicalNetworkServiceProviderVO.java

@@ -97,6 +97,9 @@ public class PhysicalNetworkServiceProviderVO implements PhysicalNetworkServiceP
     @Column(name = "networkacl_service_provided")
     boolean networkAclServiceProvided;
 
+    @Column(name = "custom_action_service_provided")
+    boolean customActionServiceProvided;
+
     @Column(name = GenericDao.REMOVED_COLUMN)
     Date removed;
 
@@ -278,6 +281,7 @@ public void setEnabledServices(List<Service> services) {
         this.setUserdataServiceProvided(services.contains(Service.UserData));
         this.setSecuritygroupServiceProvided(services.contains(Service.SecurityGroup));
         this.setNetworkAclServiceProvided(services.contains(Service.NetworkACL));
+        this.setCustomActionServiceProvided(services.contains(Service.CustomAction));
     }
 
     @Override
@@ -316,6 +320,9 @@ public List<Service> getEnabledServices() {
         if (this.isSecuritygroupServiceProvided()) {
             services.add(Service.SecurityGroup);
         }
+        if (this.isCustomActionServiceProvided()) {
+            services.add(Service.CustomAction);
+        }
         return services;
     }
 
@@ -327,4 +334,12 @@ public boolean isNetworkAclServiceProvided() {
     public void setNetworkAclServiceProvided(boolean networkAclServiceProvided) {
         this.networkAclServiceProvided = networkAclServiceProvided;
     }
+
+    public boolean isCustomActionServiceProvided() {
+        return customActionServiceProvided;
+    }
+
+    public void setCustomActionServiceProvided(boolean customActionServiceProvided) {
+        this.customActionServiceProvided = customActionServiceProvided;
+    }
 }

engine/schema/src/main/resources/META-INF/db/schema-42210to42300.sql

@@ -121,3 +121,6 @@ CALL `cloud`.`IDEMPOTENT_ADD_COLUMN`('cloud.nics','enabled', 'TINYINT(1) NOT NUL
 -- Increase length of value of extension details from 255 to 4096 to support longer details value
 CALL `cloud`.`IDEMPOTENT_CHANGE_COLUMN`('cloud.extension_details', 'value', 'value', 'VARCHAR(4096)');
 CALL `cloud`.`IDEMPOTENT_CHANGE_COLUMN`('cloud.extension_resource_map_details', 'value', 'value', 'VARCHAR(4096)');
+
+-- Add CustomAction service support to physical_network_service_providers
+CALL `cloud`.`IDEMPOTENT_ADD_COLUMN`('cloud.physical_network_service_providers', 'custom_action_service_provided', 'tinyint(1) unsigned NOT NULL DEFAULT 0 COMMENT "Is Custom Action service provided"');

framework/extensions/src/main/java/org/apache/cloudstack/framework/extensions/api/ListExtensionsCmd.java

@@ -70,15 +70,15 @@ public class ListExtensionsCmd extends BaseListCmd {
                     + " When no parameters are passed, all the details are returned.")
     private List<String> details;
 
-    @Parameter(name = ApiConstants.TYPE, type = CommandType.STRING, description = "Type of the extension (e.g. Orchestrator, NetworkOrchestrator). Default is Orchestrator if not set")
+    @Parameter(name = ApiConstants.TYPE, type = CommandType.STRING, description = "Type of the extension (e.g. Orchestrator, NetworkOrchestrator)")
     private String type;
 
     @Parameter(name = ApiConstants.RESOURCE_ID, type = CommandType.STRING,
             description = "ID of the resource to list registered extensions for (e.g. cluster UUID, physical network UUID)")
     private String resourceId;
 
     @Parameter(name = ApiConstants.RESOURCE_TYPE, type = CommandType.STRING,
-            description = "Type of the resource (e.g. Cluster, PhysicalNetwork). Default is Cluster if not set")
+            description = "Type of the resource (e.g. Cluster, PhysicalNetwork)")
     private String resourceType;
 
     /////////////////////////////////////////////////////

framework/extensions/src/main/java/org/apache/cloudstack/framework/extensions/manager/ExtensionsManagerImpl.java

@@ -141,6 +141,8 @@
 import com.cloud.network.element.NetworkElement;
 import com.cloud.network.dao.PhysicalNetworkDao;
 import com.cloud.network.dao.PhysicalNetworkVO;
+import com.cloud.network.vpc.Vpc;
+import com.cloud.network.vpc.dao.VpcServiceMapDao;
 import com.cloud.org.Cluster;
 import com.cloud.serializer.GsonHelper;
 import com.cloud.storage.dao.VMTemplateDao;
@@ -242,6 +244,9 @@ public class ExtensionsManagerImpl extends ManagerBase implements ExtensionsMana
     @Inject
     NetworkServiceMapDao networkServiceMapDao;
 
+    @Inject
+    VpcServiceMapDao vpcServiceMapDao;
+
     @Inject
     NetworkModel networkModel;
 
@@ -472,6 +477,19 @@ protected Extension getExtensionFromResource(ExtensionCustomAction.ResourceType
                 return null;
             }
             return extensionDao.findById(maps.get(0).getExtensionId());
+        } else if (resourceType == ExtensionCustomAction.ResourceType.Vpc) {
+            com.cloud.network.vpc.Vpc vpc = (com.cloud.network.vpc.Vpc) object;
+            // Find extension via the VPC's tier networks
+            List<NetworkVO> tierNetworks = networkDao.listByVpc(vpc.getId());
+            if (CollectionUtils.isNotEmpty(tierNetworks)) {
+                for (NetworkVO tierNetwork : tierNetworks) {
+                    Extension ext = getExtensionFromResource(ExtensionCustomAction.ResourceType.Network, tierNetwork.getUuid());
+                    if (ext != null) {
+                        return ext;
+                    }
+                }
+            }
+            return null;
         }
         return null;
     }
@@ -1103,19 +1121,13 @@ public Extension updateRegisteredExtensionWithResource(UpdateRegisteredExtension
 
         if (Boolean.TRUE.equals(cleanupDetails)) {
             extensionResourceMapDetailsDao.removeDetails(targetMapping.getId());
-        } else {
+        } else if (MapUtils.isNotEmpty(details)) {
             List<ExtensionResourceMapDetailsVO> detailsList = buildExtensionResourceDetailsArray(targetMapping.getId(), details);
-            if (CollectionUtils.isNotEmpty(detailsList)) {
-                appendHiddenExtensionResourceDetails(targetMapping.getId(), detailsList);
-            }
+            appendHiddenExtensionResourceDetails(targetMapping.getId(), detailsList);
             detailsList = detailsList.stream()
                     .filter(detail -> detail.getValue() != null)
                     .collect(Collectors.toList());
-            if (CollectionUtils.isNotEmpty(detailsList)) {
-                extensionResourceMapDetailsDao.saveDetails(detailsList);
-            } else {
-                extensionResourceMapDetailsDao.removeDetails(targetMapping.getId());
-            }
+            extensionResourceMapDetailsDao.saveDetails(detailsList);
         }
 
         return extensionDao.findById(extensionId);
@@ -1222,7 +1234,7 @@ protected ExtensionResourceMap registerExtensionWithPhysicalNetwork(PhysicalNetw
                         + "with services {}", extension.getName(), physicalNetwork.getId(), services);
             }
 
-            return extensionMap;
+            return savedExtensionMap;
         });
     }
 
@@ -1335,6 +1347,7 @@ private void applyServicesToNsp(PhysicalNetworkServiceProviderVO nsp, Set<String
         nsp.setVpnServiceProvided(services.contains("Vpn"));
         nsp.setSecuritygroupServiceProvided(services.contains("SecurityGroup"));
         nsp.setNetworkAclServiceProvided(services.contains("NetworkACL"));
+        nsp.setCustomActionServiceProvided(services.contains("CustomAction"));
     }
 
     /** Keys that are always stored with display=false (sensitive). */
@@ -1463,7 +1476,7 @@ protected void unregisterExtensionWithPhysicalNetwork(String resourceId, Long ex
                     if (CollectionUtils.isNotEmpty(networksUsingProvider)) {
                         throw new CloudRuntimeException(String.format(
                                 "Cannot unregister extension '%s' from physical network %s. "
-                                        + "Provider is used by %d existing network(s)",
+                                        + "Provider is used by %d existing network service(s)",
                                 ext.getName(), physNetId, networksUsingProvider.size()));
                     }
                 }
@@ -1953,6 +1966,10 @@ public CustomActionResultResponse runCustomAction(RunCustomActionCmd cmd) {
             // Network custom action: dispatched directly to NetworkCustomActionProvider (no agent)
             Network network = (Network) entity;
             return runNetworkCustomAction(network, customActionVO, extensionVO, actionResourceType, cmdParameters);
+        } else if (entity instanceof Vpc) {
+            // VPC custom action: find a tier network and dispatch to the same NetworkCustomActionProvider
+            Vpc vpc = (Vpc) entity;
+            return runVpcCustomAction(vpc, customActionVO, extensionVO, actionResourceType, cmdParameters);
         }
 
         if (clusterId == null || hostId == null) {
@@ -2061,9 +2078,9 @@ protected CustomActionResultResponse runNetworkCustomAction(Network network,
             parameters = ExtensionCustomAction.Parameter.validateParameterValues(actionParameters, cmdParameters);
         }
 
-        // Find the provider name for this network (try each service until we find one)
+        // Find the provider name for this network (try CustomAction first, then other services)
         String providerName = null;
-        for (Service service : new Service[]{Service.SourceNat, Service.StaticNat,
+        for (Service service : new Service[]{Service.CustomAction, Service.SourceNat, Service.StaticNat,
                 Service.PortForwarding, Service.Firewall, Service.Gateway}) {
             providerName = networkServiceMapDao.getProviderForServiceInNetwork(network.getId(), service);
             if (StringUtils.isNotBlank(providerName)) {
@@ -2115,6 +2132,91 @@ protected CustomActionResultResponse runNetworkCustomAction(Network network,
         return response;
     }
 
+    /**
+     * Executes a custom action for a VPC resource by finding the VPC's
+     * extension provider and dispatching directly to it (no tier network lookup).
+     */
+    protected CustomActionResultResponse runVpcCustomAction(Vpc vpc,
+            ExtensionCustomActionVO customActionVO, ExtensionVO extensionVO,
+            ExtensionCustomAction.ResourceType actionResourceType,
+            Map<String, String> cmdParameters) {
+
+        final String actionName = customActionVO.getName();
+        CustomActionResultResponse response = new CustomActionResultResponse();
+        response.setId(customActionVO.getUuid());
+        response.setName(actionName);
+        response.setObjectName("customactionresult");
+        Map<String, String> result = new HashMap<>();
+        response.setSuccess(false);
+        result.put(ApiConstants.MESSAGE, getActionMessage(false, customActionVO, extensionVO, actionResourceType, vpc));
+
+        // Resolve action parameters
+        List<ExtensionCustomAction.Parameter> actionParameters = null;
+        Pair<Map<String, String>, Map<String, String>> allDetails =
+                extensionCustomActionDetailsDao.listDetailsKeyPairsWithVisibility(customActionVO.getId());
+        if (allDetails.second().containsKey(ApiConstants.PARAMETERS)) {
+            actionParameters = ExtensionCustomAction.Parameter.toListFromJson(
+                    allDetails.second().get(ApiConstants.PARAMETERS));
+        }
+        Map<String, Object> parameters = null;
+        if (CollectionUtils.isNotEmpty(actionParameters)) {
+            parameters = ExtensionCustomAction.Parameter.validateParameterValues(actionParameters, cmdParameters);
+        }
+
+        // Find the provider name for this VPC
+        String providerName = null;
+        for (Service service : new Service[]{Service.CustomAction, Service.SourceNat, Service.StaticNat,
+                Service.PortForwarding, Service.NetworkACL, Service.Gateway}) {
+            providerName = vpcServiceMapDao.getProviderForServiceInVpc(vpc.getId(), service);
+            if (StringUtils.isNotBlank(providerName)) {
+                break;
+            }
+        }
+        if (StringUtils.isBlank(providerName)) {
+            logger.error("No VPC service provider found for VPC {}", vpc.getId());
+            result.put(ApiConstants.DETAILS, "No VPC service provider found for this VPC");
+            response.setResult(result);
+            return response;
+        }
+
+        // Get the network element implementing that provider
+        NetworkElement element = networkModel.getElementImplementingProvider(providerName);
+        if (element == null) {
+            logger.error("No NetworkElement found implementing provider '{}' for VPC {}", providerName, vpc.getId());
+            result.put(ApiConstants.DETAILS, "No network element found for provider: " + providerName);
+            response.setResult(result);
+            return response;
+        }
+
+        // The element must implement NetworkCustomActionProvider
+        if (!(element instanceof NetworkCustomActionProvider)) {
+            logger.error("Network element '{}' for provider '{}' does not support VPC custom actions",
+                    element.getClass().getSimpleName(), providerName);
+            result.put(ApiConstants.DETAILS, "Provider '" + providerName + "' does not support custom actions");
+            response.setResult(result);
+            return response;
+        }
+
+        NetworkCustomActionProvider provider = (NetworkCustomActionProvider) element;
+        try {
+            if (!provider.canHandleVpcCustomAction(vpc)) {
+                throw new CloudRuntimeException("Provider '" + providerName + "' cannot handle custom action for this VPC");
+            }
+            logger.info("Running VPC custom action '{}' on VPC {} via {} (provider: {})",
+                    actionName, vpc.getId(), element.getClass().getSimpleName(), providerName);
+            String output = provider.runCustomAction(vpc, actionName, parameters);
+            boolean success = output != null;
+            response.setSuccess(success);
+            result.put(ApiConstants.MESSAGE, getActionMessage(success, customActionVO, extensionVO, actionResourceType, vpc));
+            result.put(ApiConstants.DETAILS, success ? output : "Action failed — check management server logs for details");
+        } catch (Exception e) {
+            logger.error("VPC custom action '{}' threw exception: {}", actionName, e.getMessage(), e);
+            result.put(ApiConstants.DETAILS, "Action failed: " + e.getMessage());
+        }
+        response.setResult(result);
+        return response;
+    }
+
     @Override
     public ExtensionCustomActionResponse createCustomActionResponse(ExtensionCustomAction customAction) {
         ExtensionCustomActionResponse response = new ExtensionCustomActionResponse(customAction.getUuid(),