// Copyright 2019 Yunion // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // http://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. package regiondrivers import ( "context" "fmt" "strings" "yunion.io/x/cloudmux/pkg/cloudprovider" "yunion.io/x/jsonutils" "yunion.io/x/pkg/errors" "yunion.io/x/pkg/util/billing" "yunion.io/x/pkg/utils" "yunion.io/x/sqlchemy" api "yunion.io/x/onecloud/pkg/apis/compute" "yunion.io/x/onecloud/pkg/cloudcommon/db" "yunion.io/x/onecloud/pkg/cloudcommon/db/taskman" "yunion.io/x/onecloud/pkg/cloudcommon/validators" "yunion.io/x/onecloud/pkg/compute/models" "yunion.io/x/onecloud/pkg/httperrors" "yunion.io/x/onecloud/pkg/mcclient" ) type SHuaWeiRegionDriver struct { SManagedVirtualizationRegionDriver } func init() { driver := SHuaWeiRegionDriver{} models.RegisterRegionDriver(&driver) } func (self *SHuaWeiRegionDriver) GetProvider() string { return api.CLOUD_PROVIDER_HUAWEI } func (self *SHuaWeiRegionDriver) ValidateCreateLoadbalancerData(ctx context.Context, userCred mcclient.TokenCredential, ownerId mcclient.IIdentityProvider, input *api.LoadbalancerCreateInput) (*api.LoadbalancerCreateInput, error) { // 公网ELB需要指定EIP if input.AddressType == api.LB_ADDR_TYPE_INTERNET && len(input.EipId) == 0 { return nil, httperrors.NewMissingParameterError("eip_id") } return self.SManagedVirtualizationRegionDriver.ValidateCreateLoadbalancerData(ctx, userCred, ownerId, input) } func (self *SHuaWeiRegionDriver) ValidateCreateLoadbalancerBackendGroupData(ctx context.Context, userCred mcclient.TokenCredential, lb *models.SLoadbalancer, input *api.LoadbalancerBackendGroupCreateInput) (*api.LoadbalancerBackendGroupCreateInput, error) { return self.SManagedVirtualizationRegionDriver.ValidateCreateLoadbalancerBackendGroupData(ctx, userCred, lb, input) } func (self *SHuaWeiRegionDriver) RequestCreateLoadbalancerBackendGroup(ctx context.Context, userCred mcclient.TokenCredential, lbbg *models.SLoadbalancerBackendGroup, task taskman.ITask) error { return task.ScheduleRun(nil) } func (self *SHuaWeiRegionDriver) ValidateCreateLoadbalancerBackendData(ctx context.Context, userCred mcclient.TokenCredential, lb *models.SLoadbalancer, lbbg *models.SLoadbalancerBackendGroup, input *api.LoadbalancerBackendCreateInput) (*api.LoadbalancerBackendCreateInput, error) { return self.SManagedVirtualizationRegionDriver.ValidateCreateLoadbalancerBackendData(ctx, userCred, lb, lbbg, input) } func (self *SHuaWeiRegionDriver) ValidateCreateLoadbalancerListenerData(ctx context.Context, userCred mcclient.TokenCredential, ownerId mcclient.IIdentityProvider, input *api.LoadbalancerListenerCreateInput, lb *models.SLoadbalancer, lbbg *models.SLoadbalancerBackendGroup) (*api.LoadbalancerListenerCreateInput, error) { if len(lbbg.ExternalId) > 0 { return input, httperrors.NewResourceBusyError("loadbalancer backend group %s has aleady used by other listener", lbbg.Name) } return input, nil } func (self *SHuaWeiRegionDriver) RequestCreateLoadbalancerListener(ctx context.Context, userCred mcclient.TokenCredential, lblis *models.SLoadbalancerListener, task taskman.ITask) error { taskman.LocalTaskRun(task, func() (jsonutils.JSONObject, error) { provider := lblis.GetCloudprovider() if provider == nil { return nil, fmt.Errorf("failed to find provider for lblis %s", lblis.Name) } lbbg, err := lblis.GetLoadbalancerBackendGroup() if err != nil { return nil, errors.Wrapf(err, "GetLoadbalancerBackendGroup") } lb, err := lblis.GetLoadbalancer() if err != nil { return nil, errors.Wrapf(err, "GetLoadbalancer") } iLb, err := lb.GetILoadbalancer(ctx) if err != nil { return nil, errors.Wrapf(err, "GetILoadbalancer") } opts, err := lblis.GetLoadbalancerListenerParams() if err != nil { return nil, errors.Wrapf(err, "GetLoadbalancerListenerParams") } { if lblis.ListenerType == api.LB_LISTENER_TYPE_HTTPS && len(lblis.CertificateId) > 0 { cert, err := lblis.GetCertificate() if err != nil { return nil, errors.Wrapf(err, "GetCertificate") } opts.CertificateId = cert.ExternalId } } if len(lbbg.ExternalId) == 0 { lbbgOpts := &cloudprovider.SLoadbalancerBackendGroup{ Name: lbbg.Name, Scheduler: lblis.Scheduler, Protocol: lblis.ListenerType, } iLbbg, err := iLb.CreateILoadBalancerBackendGroup(lbbgOpts) if err != nil { return nil, errors.Wrapf(err, "CreateILoadBalancerBackendGroup") } err = db.SetExternalId(lbbg, userCred, iLbbg.GetGlobalId()) if err != nil { return nil, errors.Wrapf(err, "db.SetExternalId") } opts.BackendGroupId = iLbbg.GetGlobalId() } iLis, err := iLb.CreateILoadBalancerListener(ctx, opts) if err != nil { return nil, errors.Wrapf(err, "CreateILoadBalancerListener") } err = db.SetExternalId(lbbg, userCred, iLis.GetGlobalId()) if err != nil { return nil, errors.Wrapf(err, "lbbg.SetExternalId") } err = db.SetExternalId(lblis, userCred, iLis.GetGlobalId()) if err != nil { return nil, errors.Wrapf(err, "lblis.SetExternalId") } if lblis.HealthCheck == api.LB_BOOL_ON { err := iLis.SetHealthCheck(ctx, &opts.ListenerHealthCheckOptions) if err != nil { return nil, err } } backends, err := lbbg.GetBackends() if err != nil { return nil, errors.Wrapf(err, "GetBackends") } if len(backends) == 0 { return nil, nil } iLbbg, err := lbbg.GetICloudLoadbalancerBackendGroup(ctx) if err != nil { return nil, errors.Wrapf(err, "GetICloudLoadbalancerBackendGroup") } for i := range backends { opts := &cloudprovider.SLoadbalancerBackend{ Weight: backends[i].Weight, Port: backends[i].Port, ExternalId: backends[i].ExternalId, } _, err := iLbbg.AddBackendServer(opts) if err != nil { return nil, errors.Wrapf(err, "AddBackendServer") } } return nil, nil }) return nil } func (self *SHuaWeiRegionDriver) RequestDeleteLoadbalancerListener(ctx context.Context, userCred mcclient.TokenCredential, lblis *models.SLoadbalancerListener, task taskman.ITask) error { taskman.LocalTaskRun(task, func() (jsonutils.JSONObject, error) { lbbg, err := lblis.GetLoadbalancerBackendGroup() if err != nil { return nil, errors.Wrapf(err, "GetLoadbalancerBackendGroup") } if len(lbbg.ExternalId) > 0 { iLbbg, err := lbbg.GetICloudLoadbalancerBackendGroup(ctx) if err != nil { if errors.Cause(err) == cloudprovider.ErrNotFound { return nil, db.SetExternalId(lbbg, userCred, "") } return nil, errors.Wrapf(err, "GetICloudLoadbalancerBackendGroup") } err = iLbbg.Delete(ctx) if err != nil { return nil, errors.Wrapf(err, "iLbbg.Delete") } return nil, db.SetExternalId(lbbg, userCred, "") } if len(lblis.ExternalId) == 0 { return nil, nil } lb, err := lblis.GetLoadbalancer() if err != nil { return nil, err } iLb, err := lb.GetILoadbalancer(ctx) if err != nil { return nil, errors.Wrapf(err, "GetILoadbalancer") } iListener, err := iLb.GetILoadBalancerListenerById(lblis.ExternalId) if err != nil { if errors.Cause(err) == cloudprovider.ErrNotFound { return nil, nil } return nil, errors.Wrapf(err, "GetILoadBalancerListenerById(%s)", lblis.ExternalId) } return nil, iListener.Delete(ctx) }) return nil } func (self *SHuaWeiRegionDriver) ValidateCreateLoadbalancerListenerRuleData(ctx context.Context, userCred mcclient.TokenCredential, ownerId mcclient.IIdentityProvider, input *api.LoadbalancerListenerRuleCreateInput) (*api.LoadbalancerListenerRuleCreateInput, error) { if input.Domain == "" && input.Path == "" { return input, fmt.Errorf("'domain' or 'path' should not be empty.") } return input, nil } func (self *SHuaWeiRegionDriver) ValidateUpdateLoadbalancerListenerRuleData(ctx context.Context, userCred mcclient.TokenCredential, input *api.LoadbalancerListenerRuleUpdateInput) (*api.LoadbalancerListenerRuleUpdateInput, error) { return input, nil } func (self *SHuaWeiRegionDriver) ValidateUpdateLoadbalancerBackendData(ctx context.Context, userCred mcclient.TokenCredential, lbbg *models.SLoadbalancerBackendGroup, input *api.LoadbalancerBackendUpdateInput) (*api.LoadbalancerBackendUpdateInput, error) { if input.Port != nil { return input, fmt.Errorf("can not update backend port.") } return input, nil } func (self *SHuaWeiRegionDriver) ValidateUpdateLoadbalancerListenerData(ctx context.Context, userCred mcclient.TokenCredential, lblis *models.SLoadbalancerListener, input *api.LoadbalancerListenerUpdateInput) (*api.LoadbalancerListenerUpdateInput, error) { return input, nil } func (self *SHuaWeiRegionDriver) ValidateCreateDBInstanceData(ctx context.Context, userCred mcclient.TokenCredential, ownerId mcclient.IIdentityProvider, input api.DBInstanceCreateInput, skus []models.SDBInstanceSku, network *models.SNetwork) (api.DBInstanceCreateInput, error) { if len(input.MasterInstanceId) > 0 && input.Engine == api.DBINSTANCE_TYPE_SQLSERVER { return input, httperrors.NewInputParameterError("Not support create read-only dbinstance for %s", input.Engine) } if len(input.Name) < 4 || len(input.Name) > 64 { return input, httperrors.NewInputParameterError("Huawei dbinstance name length shoud be 4~64 characters") } if input.DiskSizeGB < 40 || input.DiskSizeGB > 4000 { return input, httperrors.NewInputParameterError("%s require disk size must in 40 ~ 4000 GB", self.GetProvider()) } if input.DiskSizeGB%10 > 0 { return input, httperrors.NewInputParameterError("The disk_size_gb must be an integer multiple of 10") } if len(input.Password) == 0 { // 华为云RDS必须要有密码 resetPassword := true input.ResetPassword = &resetPassword } if len(input.SecgroupIds) == 0 { input.SecgroupIds = []string{api.SECGROUP_DEFAULT_ID} } return input, nil } func (self *SHuaWeiRegionDriver) InitDBInstanceUser(ctx context.Context, instance *models.SDBInstance, task taskman.ITask, desc *cloudprovider.SManagedDBInstanceCreateConfig) error { user := "root" if desc.Engine == api.DBINSTANCE_TYPE_SQLSERVER { user = "rdsuser" } account := models.SDBInstanceAccount{} account.DBInstanceId = instance.Id account.Name = user account.Status = api.DBINSTANCE_USER_AVAILABLE account.SetModelManager(models.DBInstanceAccountManager, &account) err := models.DBInstanceAccountManager.TableSpec().Insert(ctx, &account) if err != nil { return err } return account.SetPassword(desc.Password) } func (self *SHuaWeiRegionDriver) IsSupportedBillingCycle(bc billing.SBillingCycle, resource string) bool { switch resource { case models.DBInstanceManager.KeywordPlural(): years := bc.GetYears() months := bc.GetMonths() if (years >= 1 && years <= 3) || (months >= 1 && months <= 9) { return true } } return false } func (self *SHuaWeiRegionDriver) ValidateCreateDBInstanceAccountData(ctx context.Context, userCred mcclient.TokenCredential, ownerId mcclient.IIdentityProvider, instance *models.SDBInstance, input api.DBInstanceAccountCreateInput) (api.DBInstanceAccountCreateInput, error) { if utils.IsInStringArray(instance.Engine, []string{api.DBINSTANCE_TYPE_POSTGRESQL, api.DBINSTANCE_TYPE_SQLSERVER}) { return input, httperrors.NewInputParameterError("Not support create account for huawei cloud %s instance", instance.Engine) } if len(input.Name) == len(input.Password) { for i := range input.Name { if input.Name[i] != input.Password[len(input.Password)-i-1] { return input, nil } } return input, httperrors.NewInputParameterError("Huawei rds password cannot be in the same reverse order as the account") } return input, nil } func (self *SHuaWeiRegionDriver) ValidateCreateDBInstanceDatabaseData(ctx context.Context, userCred mcclient.TokenCredential, ownerId mcclient.IIdentityProvider, instance *models.SDBInstance, input api.DBInstanceDatabaseCreateInput) (api.DBInstanceDatabaseCreateInput, error) { if utils.IsInStringArray(instance.Engine, []string{api.DBINSTANCE_TYPE_POSTGRESQL, api.DBINSTANCE_TYPE_SQLSERVER}) { return input, httperrors.NewInputParameterError("Not support create database for huawei cloud %s instance", instance.Engine) } return input, nil } func (self *SHuaWeiRegionDriver) ValidateCreateDBInstanceBackupData(ctx context.Context, userCred mcclient.TokenCredential, ownerId mcclient.IIdentityProvider, instance *models.SDBInstance, input api.DBInstanceBackupCreateInput) (api.DBInstanceBackupCreateInput, error) { if len(input.Name) < 4 || len(input.Name) > 64 { return input, httperrors.NewInputParameterError("Huawei DBInstance backup name length shoud be 4~64 characters") } if len(input.Databases) > 0 && instance.Engine != api.DBINSTANCE_TYPE_SQLSERVER { return input, httperrors.NewInputParameterError("Huawei only supports specified databases with %s", api.DBINSTANCE_TYPE_SQLSERVER) } return input, nil } func (self *SHuaWeiRegionDriver) ValidateChangeDBInstanceConfigData(ctx context.Context, userCred mcclient.TokenCredential, instance *models.SDBInstance, input *api.SDBInstanceChangeConfigInput) error { if input.DiskSizeGB != 0 && input.DiskSizeGB < instance.DiskSizeGB { return httperrors.NewUnsupportOperationError("Huawei DBInstance Disk cannot be thrink") } return nil } func (self *SHuaWeiRegionDriver) IsSupportDBInstancePublicConnection() bool { //目前华为云未对外开放打开远程连接的API接口 return false } func (self *SHuaWeiRegionDriver) ValidateResetDBInstancePassword(ctx context.Context, userCred mcclient.TokenCredential, instance *models.SDBInstance, account string) error { return httperrors.NewUnsupportOperationError("Huawei current not support reset dbinstance account password") } func (self *SHuaWeiRegionDriver) IsSupportKeepDBInstanceManualBackup() bool { return true } func (self *SHuaWeiRegionDriver) ValidateDBInstanceAccountPrivilege(ctx context.Context, userCred mcclient.TokenCredential, instance *models.SDBInstance, account string, privilege string) error { if account == "root" { return httperrors.NewInputParameterError("No need to grant or revoke privilege for admin account") } if !utils.IsInStringArray(privilege, []string{api.DATABASE_PRIVILEGE_RW, api.DATABASE_PRIVILEGE_R}) { return httperrors.NewInputParameterError("Unknown privilege %s", privilege) } return nil } // https://support.huaweicloud.com/api-rds/rds_09_0009.html func (self *SHuaWeiRegionDriver) ValidateDBInstanceRecovery(ctx context.Context, userCred mcclient.TokenCredential, instance *models.SDBInstance, backup *models.SDBInstanceBackup, input api.SDBInstanceRecoveryConfigInput) error { if backup.Engine == api.DBINSTANCE_TYPE_POSTGRESQL { return httperrors.NewNotSupportedError("%s not support recovery", backup.Engine) } if backup.DBInstanceId == instance.Id && instance.Engine != api.DBINSTANCE_TYPE_SQLSERVER { return httperrors.NewNotSupportedError("Huawei %s rds not support recovery from it self rds backup", instance.Engine) } if len(input.Databases) > 0 { if instance.Engine != api.DBINSTANCE_TYPE_SQLSERVER { return httperrors.NewInputParameterError("Huawei only %s engine support databases recovery", instance.Engine) } invalidDbs := []string{"rdsadmin", "master", "msdb", "tempdb", "model"} for _, db := range input.Databases { if utils.IsInStringArray(strings.ToLower(db), invalidDbs) { return httperrors.NewInputParameterError("New databases name can not be one of %s", invalidDbs) } } } return nil } func validatorSlaveZones(ctx context.Context, ownerId mcclient.IIdentityProvider, regionId string, data *jsonutils.JSONDict, optional bool) error { s, err := data.GetString("slave_zones") if err != nil { if optional { return nil } return fmt.Errorf("missing parameter slave_zones") } zones := strings.Split(s, ",") ret := []string{} zoneV := validators.NewModelIdOrNameValidator("zone", "zone", ownerId) for i := range zones { _data := jsonutils.NewDict() _data.Set("zone", jsonutils.NewString(zones[i])) if err := zoneV.Validate(ctx, _data); err != nil { return errors.Wrap(err, "validatorSlaveZones") } else { if zoneV.Model.(*models.SZone).GetCloudRegionId() != regionId { return errors.Wrap(fmt.Errorf("zone %s is not in region %s", zoneV.Model.GetName(), regionId), "GetCloudRegionId") } ret = append(ret, zoneV.Model.GetId()) } } //if sku, err := data.GetString("sku"); err != nil || len(sku) == 0 { // return httperrors.NewMissingParameterError("sku") //} else { // chargeType, _ := data.GetString("charge_type") // // _skuModel, err := db.FetchByIdOrName(models.ElasticcacheSkuManager, ownerId, sku) // if err != nil { // return err // } // // skuModel := _skuModel.(*models.SElasticcacheSku) // for _, zoneId := range zones { // if err := ValidateElasticcacheSku(zoneId, chargeType, skuModel, nil); err != nil { // return err // } // } //} data.Set("slave_zones", jsonutils.NewString(strings.Join(ret, ","))) return nil } func (self *SHuaWeiRegionDriver) ValidateCreateElasticcacheData(ctx context.Context, userCred mcclient.TokenCredential, ownerId mcclient.IIdentityProvider, input *api.ElasticcacheCreateInput) (*api.ElasticcacheCreateInput, error) { if !utils.IsInStringArray(input.Engine, []string{"redis", "memcache"}) { return nil, httperrors.NewInputParameterError("invalid engine %s", input.Engine) } if len(input.MaintainStartTime) > 0 && !utils.IsInStringArray(input.MaintainStartTime, []string{"22:00:00", "02:00:00", "06:00:00", "10:00:00", "14:00:00", "18:00:00"}) { return nil, httperrors.NewInputParameterError("invalid maintain_start_time %s", input.MaintainStartTime) } if input.CapacityMb == 0 { return nil, httperrors.NewMissingParameterError("capacity_mb") } return self.SManagedVirtualizationRegionDriver.ValidateCreateElasticcacheData(ctx, userCred, ownerId, input) } func (self *SHuaWeiRegionDriver) ValidateCreateElasticcacheAccountData(ctx context.Context, userCred mcclient.TokenCredential, ownerId mcclient.IIdentityProvider, data *jsonutils.JSONDict) (*jsonutils.JSONDict, error) { return nil, httperrors.NewUnsupportOperationError("%s not support create account", self.GetProvider()) } func (self *SHuaWeiRegionDriver) RequestElasticcacheAccountResetPassword(ctx context.Context, userCred mcclient.TokenCredential, ea *models.SElasticcacheAccount, task taskman.ITask) error { iregion, err := ea.GetIRegion(ctx) if err != nil { return errors.Wrap(err, "huaweiRegionDriver.RequestElasticcacheAccountResetPassword.GetIRegion") } _ec, err := db.FetchById(models.ElasticcacheManager, ea.ElasticcacheId) if err != nil { return errors.Wrap(err, "huaweiRegionDriver.RequestElasticcacheAccountResetPassword.FetchById") } ec := _ec.(*models.SElasticcache) iec, err := iregion.GetIElasticcacheById(ec.GetExternalId()) if errors.Cause(err) == cloudprovider.ErrNotFound { return nil } else if err != nil { return errors.Wrap(err, "huaweiRegionDriver.RequestElasticcacheAccountResetPassword.GetIElasticcacheById") } iea, err := iec.GetICloudElasticcacheAccount(ea.GetExternalId()) if err != nil { return errors.Wrap(err, "huaweiRegionDriver.RequestElasticcacheAccountResetPassword.GetICloudElasticcacheBackup") } data := task.GetParams() if data == nil { return errors.Wrap(fmt.Errorf("data is nil"), "huaweiRegionDriver.RequestElasticcacheAccountResetPassword.GetParams") } input, err := ea.GetUpdateHuaweiElasticcacheAccountParams(*data) if err != nil { return errors.Wrap(err, "huaweiRegionDriver.RequestElasticcacheAccountResetPassword.GetUpdateHuaweiElasticcacheAccountParams") } err = iea.UpdateAccount(input) if err != nil { return errors.Wrap(err, "huaweiRegionDriver.RequestElasticcacheAccountResetPassword.UpdateAccount") } if input.Password != nil { err = ea.SavePassword(*input.Password) if err != nil { return errors.Wrap(err, "huaweiRegionDriver.RequestElasticcacheAccountResetPassword.SavePassword") } } return ea.SetStatus(ctx, userCred, api.ELASTIC_CACHE_ACCOUNT_STATUS_AVAILABLE, "") } func (self *SHuaWeiRegionDriver) RequestUpdateElasticcacheAuthMode(ctx context.Context, userCred mcclient.TokenCredential, ec *models.SElasticcache, task taskman.ITask) error { return errors.Wrap(fmt.Errorf("not support update huawei elastic cache auth_mode"), "HuaWeiRegionDriver.RequestUpdateElasticcacheAuthMode") } func (self *SHuaWeiRegionDriver) AllowCreateElasticcacheBackup(ctx context.Context, userCred mcclient.TokenCredential, ownerId mcclient.IIdentityProvider, elasticcache *models.SElasticcache) error { if elasticcache.LocalCategory == api.ELASTIC_CACHE_ARCH_TYPE_SINGLE { return httperrors.NewBadRequestError("huawei %s mode elastic not support create backup", elasticcache.LocalCategory) } return nil } func (self *SHuaWeiRegionDriver) AllowUpdateElasticcacheAuthMode(ctx context.Context, userCred mcclient.TokenCredential, ownerId mcclient.IIdentityProvider, elasticcache *models.SElasticcache) error { return fmt.Errorf("not support update huawei elastic cache auth_mode") } func (self *SHuaWeiRegionDriver) IsSupportedDBInstance() bool { return true } func (self *SHuaWeiRegionDriver) IsSupportedElasticcache() bool { return true } func (self *SHuaWeiRegionDriver) IsSupportedElasticcacheSecgroup() bool { return false } func (self *SHuaWeiRegionDriver) GetMaxElasticcacheSecurityGroupCount() int { return 0 } func (self *SHuaWeiRegionDriver) GetBackendStatusForAdd() []string { return []string{api.VM_RUNNING, api.VM_READY} } func (self *SHuaWeiRegionDriver) GetRdsSupportSecgroupCount() int { return 1 } func (self *SHuaWeiRegionDriver) IsSupportedElasticcacheAutoRenew() bool { return false } func (self *SHuaWeiRegionDriver) ValidateCreateVpcData(ctx context.Context, userCred mcclient.TokenCredential, input api.VpcCreateInput) (api.VpcCreateInput, error) { var cidrV = validators.NewIPv4PrefixValidator("cidr_block") if err := cidrV.Validate(ctx, jsonutils.Marshal(input).(*jsonutils.JSONDict)); err != nil { return input, err } err := IsInPrivateIpRange(cidrV.Value.ToIPRange()) if err != nil { return input, err } if cidrV.Value.MaskLen > 24 { return input, httperrors.NewInputParameterError("invalid cidr range %s, mask length should less than or equal to 24", cidrV.Value.String()) } return input, nil } func (self *SHuaWeiRegionDriver) OnNatEntryDeleteComplete(ctx context.Context, userCred mcclient.TokenCredential, eip *models.SElasticip) error { return models.StartResourceSyncStatusTask(ctx, userCred, eip, "EipSyncstatusTask", "") } func (self *SHuaWeiRegionDriver) RequestAssociateEipForNAT(ctx context.Context, userCred mcclient.TokenCredential, nat *models.SNatGateway, eip *models.SElasticip, task taskman.ITask) error { _, err := db.Update(eip, func() error { eip.AssociateType = api.EIP_ASSOCIATE_TYPE_NAT_GATEWAY eip.AssociateId = nat.Id return nil }) if err != nil { return errors.Wrapf(err, "db.Update") } return task.ScheduleRun(nil) } func (self *SHuaWeiRegionDriver) ValidateCreateNatGateway(ctx context.Context, userCred mcclient.TokenCredential, input api.NatgatewayCreateInput) (api.NatgatewayCreateInput, error) { if len(input.Eip) > 0 || input.EipBw > 0 { return input, httperrors.NewInputParameterError("Huawei nat not support associate eip") } return input, nil } func (self *SHuaWeiRegionDriver) IsSupportedNatGateway() bool { return true } func (self *SHuaWeiRegionDriver) IsSupportedNas() bool { return true } func (self *SHuaWeiRegionDriver) ValidateCreateSecurityGroupInput(ctx context.Context, userCred mcclient.TokenCredential, input *api.SSecgroupCreateInput) (*api.SSecgroupCreateInput, error) { for i := range input.Rules { rule := input.Rules[i] if input.Rules[i].Priority == nil { return nil, httperrors.NewMissingParameterError("priority") } if *input.Rules[i].Priority < 1 || *input.Rules[i].Priority > 100 { return nil, httperrors.NewInputParameterError("invalid priority %d, range 1-100", *input.Rules[i].Priority) } if len(rule.Ports) > 0 && strings.Contains(input.Rules[i].Ports, ",") { return nil, httperrors.NewInputParameterError("invalid ports %s", input.Rules[i].Ports) } } return input, nil } func (self *SHuaWeiRegionDriver) ValidateUpdateSecurityGroupRuleInput(ctx context.Context, userCred mcclient.TokenCredential, input *api.SSecgroupRuleUpdateInput) (*api.SSecgroupRuleUpdateInput, error) { return nil, httperrors.NewNotSupportedError("not support update security group rule") } func (self *SHuaWeiRegionDriver) GetSecurityGroupFilter(vpc *models.SVpc) (func(q *sqlchemy.SQuery) *sqlchemy.SQuery, error) { return func(q *sqlchemy.SQuery) *sqlchemy.SQuery { return q.Equals("cloudregion_id", vpc.CloudregionId).Equals("manager_id", vpc.ManagerId) }, nil }