Netris VPN: Fix s2s vpn status update and isolated network implementation (#42)

* server: fix NPE when deploy vm on isolated network

* vpn: fix s2s vpn status is not updated

Prior to this fix
```
java.lang.IllegalArgumentException: Class com.cloud.agent.api.CheckS2SVpnConnectionsAnswer declares multiple JSON fields named 'details'; conflict is caused by fields com.cloud.agent.api.CheckS2SVpnConnectionsAnswer#details and com.cloud.agent.api.Answer#details
	at com.cloud.agent.transport.ResponseTest.testCheckS2SVpnConnectionsAnswer(ResponseTest.java:42)
```

* test: fix test_01_vpn_usage as now it is only possible to create VPN on Source NAT if it uses VR

* VR: fix unable to create remote access VPN on regular isolated network

the error is
```
  File "/opt/cloud/bin/configure.py", line 1242, in process
    self.remoteaccessvpn_iptables(self.dbag['public_interface'], public_ip, self.dbag[public_ip])
                                  ~~~~~~~~~^^^^^^^^^^^^^^^^^^^^
KeyError: 'public_interface'
```

Author: weizhouapache

core/src/main/java/com/cloud/agent/api/CheckS2SVpnConnectionsAnswer.java

@@ -25,7 +25,6 @@
 public class CheckS2SVpnConnectionsAnswer extends Answer {
     Map<String, Boolean> ipToConnected;
     Map<String, String> ipToDetail;
-    String details;
 
     protected CheckS2SVpnConnectionsAnswer() {
         ipToConnected = new HashMap<String, Boolean>();

core/src/test/java/com/cloud/agent/transport/ResponseTest.java

@@ -0,0 +1,46 @@
+//
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements.  See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership.  The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License.  You may obtain a copy of the License at
+//
+//   http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied.  See the License for the
+// specific language governing permissions and limitations
+// under the License.
+//
+
+package com.cloud.agent.transport;
+
+import junit.framework.TestCase;
+
+import org.apache.logging.log4j.Logger;
+import org.apache.logging.log4j.LogManager;
+import org.junit.Assert;
+import com.cloud.agent.api.Answer;
+import com.cloud.agent.api.CheckS2SVpnConnectionsAnswer;
+
+import com.cloud.agent.transport.Request.Version;
+
+public class ResponseTest extends TestCase {
+    protected Logger logger = LogManager.getLogger(getClass());
+
+    public void testCheckS2SVpnConnectionsAnswer() {
+        logger.info("Testing CheckS2SVpnConnectionsAnswer");
+        String content = "[{\"com.cloud.agent.api.CheckS2SVpnConnectionsAnswer\":{\"ipToConnected\":{\"10.0.53.13\":true}," +
+                "\"ipToDetail\":{\"10.0.53.13\":\"IPsec SA found;Site-to-site VPN have connected\"}," +
+                "\"details\":\"10.0.53.13:0:IPsec SA found;Site-to-site VPN have connected\\u0026\\n\"," +
+                "\"result\":true,\"contextMap\":{},\"wait\":0,\"bypassHostMaintenance\":false}}]";
+        Response response = new Response(Version.v2, 1L, 2L, 3L, 1L, (short)1, content);
+        Answer answer = response.getAnswer();
+        Assert.assertTrue(answer instanceof CheckS2SVpnConnectionsAnswer);
+    }
+
+}

server/src/main/java/com/cloud/network/router/NetworkHelperImpl.java

@@ -780,7 +780,8 @@ public LinkedHashMap<Network, List<? extends NicProfile>> configureGuestNic(fina
             logger.debug("Adding nic for Virtual Router in Guest network " + guestNetwork);
             String defaultNetworkStartIp = null, defaultNetworkStartIpv6 = null;
             final Nic placeholder = _networkModel.getPlaceholderNicForRouter(guestNetwork, routerDeploymentDefinition.getPodId());
-            if (!routerDeploymentDefinition.isPublicNetwork() || !vpcManager.isSrcNatIpRequiredForVpcVr(routerDeploymentDefinition.getVpc().getVpcOfferingId())) {
+            if (!routerDeploymentDefinition.isPublicNetwork()
+                    || !_networkModel.isAnyServiceSupportedInNetwork(guestNetwork.getId(), Network.Provider.VPCVirtualRouter, Network.Service.SourceNat, Network.Service.Gateway)) {
                 if (guestNetwork.getCidr() != null) {
                     if (placeholder != null && placeholder.getIPv4Address() != null) {
                         logger.debug("Requesting ipv4 address " + placeholder.getIPv4Address() + " stored in placeholder nic for the network "

systemvm/debian/opt/cloud/bin/configure.py

@@ -1239,7 +1239,7 @@ def process(self):
                             break
                 else:
                     self.configure_l2tpIpsec(public_ip, self.dbag[public_ip])
-                    self.remoteaccessvpn_iptables(self.dbag['public_interface'], public_ip, self.dbag[public_ip])
+                    self.remoteaccessvpn_iptables(self.dbag[public_ip]['public_interface'], public_ip, self.dbag[public_ip])
 
                 CsHelper.execute("ipsec update")
                 CsHelper.execute("systemctl start xl2tpd")

test/integration/smoke/test_usage.py

@@ -1732,6 +1732,14 @@ def setUpClass(cls):
             domainid=cls.virtual_machine.domainid,
             services=cls.services["server"]
         )
+        src_nat_list = PublicIPAddress.list(
+            cls.api_client,
+            accountid=cls.virtual_machine.account,
+            zoneid=cls.virtual_machine.zoneid,
+            domainid=cls.virtual_machine.domainid,
+            issourcenat=True
+        )
+        cls.public_ip = src_nat_list[0]
         return
 
     @classmethod
@@ -1770,11 +1778,11 @@ def test_01_vpn_usage(self):
         # 4. Delete this account.
 
         self.debug("Created VPN with public IP: %s" %
-                   self.public_ip.ipaddress.id)
+                   self.public_ip.ipaddress)
         # Assign VPN to Public IP
         vpn = Vpn.create(
             self.apiclient,
-            self.public_ip.ipaddress.id,
+            self.public_ip.id,
             account=self.account.name,
             domainid=self.account.domainid
         )