New feature: Reserve and release Public IPs (#6046)

* Reserve and release a public IP

* Update #6046: show orange color for Reserved public ip

* Update #6046 reserve IP: fix ui conflicts

* Update #6046: fix resource count

* Update #6046: associate Reserved public IP to network

* Update #6046: fix unit tests

* Update #6046: fix ui bugs

* Update #6046: make api/ui available for domain admin and users

Author: weizhouapache

api/src/main/java/com/cloud/event/EventTypes.java

@@ -133,6 +133,7 @@ public class EventTypes {
     // Network Events
     public static final String EVENT_NET_IP_ASSIGN = "NET.IPASSIGN";
     public static final String EVENT_NET_IP_RELEASE = "NET.IPRELEASE";
+    public static final String EVENT_NET_IP_RESERVE = "NET.IPRESERVE";
     public static final String EVENT_NET_IP_UPDATE = "NET.IPUPDATE";
     public static final String EVENT_PORTABLE_IP_ASSIGN = "PORTABLE.IPASSIGN";
     public static final String EVENT_PORTABLE_IP_RELEASE = "PORTABLE.IPRELEASE";

api/src/main/java/com/cloud/network/IpAddress.java

@@ -41,6 +41,7 @@ enum State {
         Allocating, // The IP Address is being propagated to other network elements and is not ready for use yet.
         Allocated, // The IP address is in used.
         Releasing, // The IP address is being released for other network elements and is not ready for allocation.
+        Reserved,   // The IP address is reserved and is not ready for allocation.
         Free // The IP address is ready to be allocated.
     }
 

api/src/main/java/com/cloud/network/NetworkService.java

@@ -59,6 +59,10 @@ public interface NetworkService {
     IpAddress allocateIP(Account ipOwner, long zoneId, Long networkId, Boolean displayIp, String ipaddress) throws ResourceAllocationException, InsufficientAddressCapacityException,
         ConcurrentOperationException;
 
+    IpAddress reserveIpAddress(Account account, Boolean displayIp, Long ipAddressId) throws ResourceAllocationException;
+
+    boolean releaseReservedIpAddress(long ipAddressId) throws InsufficientAddressCapacityException;
+
     boolean releaseIpAddress(long ipAddressId) throws InsufficientAddressCapacityException;
 
     IpAddress allocatePortableIP(Account ipOwner, int regionId, Long zoneId, Long networkId, Long vpcId) throws ResourceAllocationException,

api/src/main/java/org/apache/cloudstack/api/command/user/address/ReleaseIPAddrCmd.java

@@ -0,0 +1,104 @@
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements.  See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership.  The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License.  You may obtain a copy of the License at
+//
+//   http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied.  See the License for the
+// specific language governing permissions and limitations
+// under the License.
+package org.apache.cloudstack.api.command.user.address;
+
+import org.apache.log4j.Logger;
+
+import org.apache.cloudstack.acl.RoleType;
+import org.apache.cloudstack.api.APICommand;
+import org.apache.cloudstack.api.ApiConstants;
+import org.apache.cloudstack.api.ApiErrorCode;
+import org.apache.cloudstack.api.BaseCmd;
+import org.apache.cloudstack.api.Parameter;
+import org.apache.cloudstack.api.ServerApiException;
+import org.apache.cloudstack.api.response.IPAddressResponse;
+import org.apache.cloudstack.api.response.SuccessResponse;
+import org.apache.cloudstack.context.CallContext;
+
+import com.cloud.exception.InsufficientAddressCapacityException;
+import com.cloud.exception.InvalidParameterValueException;
+import com.cloud.network.IpAddress;
+
+@APICommand(name = "releaseIpAddress",
+        description = "Releases an IP address from the account.",
+        since = "4.17",
+        responseObject = SuccessResponse.class,
+        requestHasSensitiveInfo = false,
+        responseHasSensitiveInfo = false,
+        authorized = {RoleType.Admin, RoleType.ResourceAdmin, RoleType.DomainAdmin, RoleType.User})
+public class ReleaseIPAddrCmd extends BaseCmd {
+    public static final Logger s_logger = Logger.getLogger(ReleaseIPAddrCmd.class.getName());
+
+    private static final String s_name = "releaseipaddressresponse";
+
+    /////////////////////////////////////////////////////
+    //////////////// API parameters /////////////////////
+    /////////////////////////////////////////////////////
+
+    @Parameter(name = ApiConstants.ID, type = CommandType.UUID, entityType = IPAddressResponse.class, required = true, description = "the ID of the public IP address"
+        + " to release")
+    private Long id;
+
+    /////////////////////////////////////////////////////
+    /////////////////// Accessors ///////////////////////
+    /////////////////////////////////////////////////////
+
+    public Long getIpAddressId() {
+        return id;
+    }
+
+    /////////////////////////////////////////////////////
+    /////////////// API Implementation///////////////////
+    /////////////////////////////////////////////////////
+
+    @Override
+    public String getCommandName() {
+        return s_name;
+    }
+
+    @Override
+    public long getEntityOwnerId() {
+        IpAddress ip = getIpAddress(id);
+        if (ip == null) {
+            throw new InvalidParameterValueException("Unable to find IP address by ID=" + id);
+        }
+        return ip.getAccountId();
+    }
+
+    @Override
+    public void execute() throws InsufficientAddressCapacityException {
+        CallContext.current().setEventDetails("IP ID: " + getIpAddressId());
+        boolean result = _networkService.releaseReservedIpAddress(getIpAddressId());
+        if (result) {
+            SuccessResponse response = new SuccessResponse(getCommandName());
+            this.setResponseObject(response);
+        } else {
+            throw new ServerApiException(ApiErrorCode.INTERNAL_ERROR, "Failed to release IP address");
+        }
+    }
+
+    private IpAddress getIpAddress(long id) {
+        IpAddress ip = _entityMgr.findById(IpAddress.class, id);
+
+        if (ip == null) {
+            throw new InvalidParameterValueException("Unable to find IP address by ID=" + id);
+        } else {
+            return ip;
+        }
+    }
+
+}

api/src/main/java/org/apache/cloudstack/api/command/user/address/ReserveIPAddrCmd.java

@@ -0,0 +1,164 @@
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements.  See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership.  The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License.  You may obtain a copy of the License at
+//
+//   http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied.  See the License for the
+// specific language governing permissions and limitations
+// under the License.
+package org.apache.cloudstack.api.command.user.address;
+
+import org.apache.log4j.Logger;
+
+import org.apache.cloudstack.acl.RoleType;
+import org.apache.cloudstack.api.APICommand;
+import org.apache.cloudstack.api.ApiConstants;
+import org.apache.cloudstack.api.ApiErrorCode;
+import org.apache.cloudstack.api.BaseCmd;
+import org.apache.cloudstack.api.Parameter;
+import org.apache.cloudstack.api.ResponseObject.ResponseView;
+import org.apache.cloudstack.api.ServerApiException;
+import org.apache.cloudstack.api.command.user.UserCmd;
+import org.apache.cloudstack.api.response.DomainResponse;
+import org.apache.cloudstack.api.response.IPAddressResponse;
+import org.apache.cloudstack.api.response.ProjectResponse;
+import org.apache.cloudstack.context.CallContext;
+
+import com.cloud.exception.ConcurrentOperationException;
+import com.cloud.exception.InvalidParameterValueException;
+import com.cloud.exception.PermissionDeniedException;
+import com.cloud.exception.ResourceAllocationException;
+import com.cloud.exception.ResourceUnavailableException;
+import com.cloud.network.IpAddress;
+import com.cloud.projects.Project;
+import com.cloud.user.Account;
+
+@APICommand(name = "reserveIpAddress",
+        description = "Reserve a public IP to an account.",
+        since = "4.17",
+        responseObject = IPAddressResponse.class,
+        responseView = ResponseView.Restricted,
+        requestHasSensitiveInfo = false,
+        responseHasSensitiveInfo = false,
+        authorized = {RoleType.Admin, RoleType.ResourceAdmin, RoleType.DomainAdmin, RoleType.User})
+public class ReserveIPAddrCmd extends BaseCmd implements UserCmd {
+    public static final Logger s_logger = Logger.getLogger(ReserveIPAddrCmd.class.getName());
+    private static final String s_name = "reserveipaddressresponse";
+
+    /////////////////////////////////////////////////////
+    //////////////// API parameters /////////////////////
+    /////////////////////////////////////////////////////
+
+    @Parameter(name = ApiConstants.ACCOUNT,
+            type = CommandType.STRING,
+            description = "the account to reserve with this IP address")
+    private String accountName;
+
+    @Parameter(name = ApiConstants.DOMAIN_ID,
+            type = CommandType.UUID,
+            entityType = DomainResponse.class,
+            description = "the ID of the domain to reserve with this IP address")
+    private Long domainId;
+
+    @Parameter(name = ApiConstants.PROJECT_ID,
+            type = CommandType.UUID,
+            entityType = ProjectResponse.class,
+            description = "the ID of the project to reserve with this IP address")
+    private Long projectId;
+
+    @Parameter(name = ApiConstants.FOR_DISPLAY,
+            type = CommandType.BOOLEAN,
+            description = "an optional field, whether to the display the IP to the end user or not",
+            authorized = {RoleType.Admin})
+    private Boolean display;
+
+    @Parameter(name = ApiConstants.ID,
+            type = CommandType.UUID,
+            entityType = IPAddressResponse.class,
+            required = true,
+            description = "the ID of the public IP address to reserve")
+    private Long id;
+
+    /////////////////////////////////////////////////////
+    /////////////////// Accessors ///////////////////////
+    /////////////////////////////////////////////////////
+
+    public String getAccountName() {
+        if (accountName != null) {
+            return accountName;
+        }
+        return CallContext.current().getCallingAccount().getAccountName();
+    }
+
+    public long getDomainId() {
+        if (domainId != null) {
+            return domainId;
+        }
+        return CallContext.current().getCallingAccount().getDomainId();
+    }
+
+    public Long getIpAddressId() {
+        return id;
+    }
+
+    @Override
+    public boolean isDisplay() {
+        if (display == null)
+            return true;
+        else
+            return display;
+    }
+
+    @Override
+    public long getEntityOwnerId() {
+        Account caller = CallContext.current().getCallingAccount();
+        if (accountName != null && domainId != null) {
+            Account account = _accountService.finalizeOwner(caller, accountName, domainId, projectId);
+            return account.getId();
+        } else if (projectId != null) {
+            Project project = _projectService.getProject(projectId);
+            if (project != null) {
+                if (project.getState() == Project.State.Active) {
+                    return project.getProjectAccountId();
+                } else {
+                    throw new PermissionDeniedException("Can't add resources to the project with specified projectId in state=" + project.getState() +
+                            " as it's no longer active");
+                }
+            } else {
+                throw new InvalidParameterValueException("Unable to find project by ID");
+            }
+        }
+
+        return caller.getAccountId();
+    }
+
+    /////////////////////////////////////////////////////
+    /////////////// API Implementation///////////////////
+    /////////////////////////////////////////////////////
+
+    @Override
+    public String getCommandName() {
+        return s_name;
+    }
+
+    @Override
+    public void execute() throws ResourceUnavailableException, ResourceAllocationException, ConcurrentOperationException {
+        IpAddress result = _networkService.reserveIpAddress(_accountService.getAccount(getEntityOwnerId()), isDisplay(), getIpAddressId());
+        if (result != null) {
+            IPAddressResponse ipResponse = _responseGenerator.createIPAddressResponse(getResponseView(), result);
+            ipResponse.setResponseName(getCommandName());
+            setResponseObject(ipResponse);
+        } else {
+            throw new ServerApiException(ApiErrorCode.INTERNAL_ERROR, "Failed to reserve IP address");
+        }
+    }
+
+}

engine/schema/src/main/java/com/cloud/network/dao/IPAddressDao.java

@@ -92,4 +92,6 @@ public interface IPAddressDao extends GenericDao<IPAddressVO, Long> {
     List<IPAddressVO> listByAssociatedVmId(long vmId);
 
     IPAddressVO findByVmIdAndNetworkId(long networkId, long vmId);
+
+    IPAddressVO findByAccountIdAndZoneIdAndStateAndIpAddress(long accountId, long dcId, State state, String ipAddress);
 }

engine/schema/src/main/java/com/cloud/network/dao/IPAddressDaoImpl.java

@@ -62,6 +62,7 @@ public class IPAddressDaoImpl extends GenericDaoBase<IPAddressVO, Long> implemen
     @Inject
     protected VlanDao _vlanDao;
     protected GenericSearchBuilder<IPAddressVO, Long> CountFreePublicIps;
+    protected SearchBuilder<IPAddressVO> PublicIpSearchByAccountAndState;
     @Inject
     ResourceTagDao _tagsDao;
     @Inject
@@ -138,6 +139,7 @@ public void init() {
         AllocatedIpCountForAccount.and("allocated", AllocatedIpCountForAccount.entity().getAllocatedTime(), Op.NNULL);
         AllocatedIpCountForAccount.and().op("network", AllocatedIpCountForAccount.entity().getAssociatedWithNetworkId(), Op.NNULL);
         AllocatedIpCountForAccount.or("vpc", AllocatedIpCountForAccount.entity().getVpcId(), Op.NNULL);
+        AllocatedIpCountForAccount.or("state", AllocatedIpCountForAccount.entity().getState(), Op.EQ);
         AllocatedIpCountForAccount.cp();AllocatedIpCountForAccount.done();
 
         CountFreePublicIps = createSearchBuilder(Long.class);
@@ -152,6 +154,13 @@ public void init() {
         DeleteAllExceptGivenIp = createSearchBuilder();
         DeleteAllExceptGivenIp.and("vlanDbId", DeleteAllExceptGivenIp.entity().getVlanId(), Op.EQ);
         DeleteAllExceptGivenIp.and("ip", DeleteAllExceptGivenIp.entity().getAddress(), Op.NEQ);
+
+        PublicIpSearchByAccountAndState = createSearchBuilder();
+        PublicIpSearchByAccountAndState.and("accountId", PublicIpSearchByAccountAndState.entity().getAllocatedToAccountId(), Op.EQ);
+        PublicIpSearchByAccountAndState.and("dcId", PublicIpSearchByAccountAndState.entity().getDataCenterId(), Op.EQ);
+        PublicIpSearchByAccountAndState.and("state", PublicIpSearchByAccountAndState.entity().getState(), Op.EQ);
+        PublicIpSearchByAccountAndState.and("allocated", PublicIpSearchByAccountAndState.entity().getAllocatedTime(), Op.NNULL);
+        PublicIpSearchByAccountAndState.and("ipAddress", PublicIpSearchByAccountAndState.entity().getAddress(), Op.EQ);
     }
 
     @Override
@@ -368,6 +377,7 @@ public IPAddressVO markAsUnavailable(long ipAddressId) {
     public long countAllocatedIPsForAccount(long accountId) {
         SearchCriteria<Long> sc = AllocatedIpCountForAccount.create();
         sc.setParameters("account", accountId);
+        sc.setParameters("state", State.Reserved);
         return customSearch(sc, null).get(0);
     }
 
@@ -480,4 +490,14 @@ public List<IPAddressVO> listByVlanIdAndState(long vlanId, State state) {
         sc.setParameters("state", state);
         return listBy(sc);
     }
+
+    @Override
+    public IPAddressVO findByAccountIdAndZoneIdAndStateAndIpAddress(long accountId, long dcId, State state, String ipAddress) {
+        SearchCriteria<IPAddressVO> sc = PublicIpSearchByAccountAndState.create();
+        sc.setParameters("accountId", accountId);
+        sc.setParameters("dcId", dcId);
+        sc.setParameters("state", state);
+        sc.setParameters("ipAddress", ipAddress);
+        return findOneBy(sc);
+    }
 }

server/src/main/java/com/cloud/network/IpAddressManagerImpl.java

@@ -1239,6 +1239,13 @@ public IpAddress allocateIp(final Account ipOwner, final boolean isSystem, Accou
                 s_logger.debug("Associate IP address lock acquired");
             }
 
+            if (ipaddress != null) {
+                IPAddressVO ipAddr = _ipAddressDao.findByAccountIdAndZoneIdAndStateAndIpAddress(ipOwner.getId(), zone.getId(), State.Reserved, ipaddress);
+                if (ipAddr != null) {
+                    return PublicIp.createFromAddrAndVlan(ipAddr, _vlanDao.findById(ipAddr.getVlanId()));
+                }
+            }
+
             ip = Transaction.execute(new TransactionCallbackWithException<PublicIp, InsufficientAddressCapacityException>() {
                 @Override
                 public PublicIp doInTransaction(TransactionStatus status) throws InsufficientAddressCapacityException {
@@ -1401,7 +1408,7 @@ public IPAddressVO associateIPToGuestNetwork(long ipId, long networkId, boolean
         }
 
         if (ipToAssoc.getAssociatedWithNetworkId() != null) {
-            s_logger.debug("IP " + ipToAssoc + " is already associated with network id" + networkId);
+            s_logger.debug("IP " + ipToAssoc + " is already associated with network id=" + networkId);
             return ipToAssoc;
         }
 
@@ -1459,6 +1466,7 @@ public IPAddressVO associateIPToGuestNetwork(long ipId, long networkId, boolean
 
         IPAddressVO ip = _ipAddressDao.findById(ipId);
         //update ip address with networkId
+        ip.setState(State.Allocated);
         ip.setAssociatedWithNetworkId(networkId);
         ip.setSourceNat(isSourceNat);
         _ipAddressDao.update(ipId, ip);