apache/cloudstack
1
0
Fork 0
mirror of https://github.com/apache/cloudstack.git synced 2025-10-26 08:42:29 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #1917 from Accelerite/RvRipRel

Browse Source 
CLOUDSTACK-9756: Configure to  ignore the ipassoc failure
This commit is contained in:
Rajani Karuturi 2017-04-22 21:09:38 +05:30 committed by GitHub
commit 524fc324bc
6 changed files with 42 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
engine/components-api/src/com/cloud/network/IpAddressManager.java
View File

@ -43,6 +43,9 @@ public interface IpAddressManager {
"If true, when account has dedicated public ip range(s), once the ips dedicated to the account have been consumed ips will be acquired from the system pool", "If true, when account has dedicated public ip range(s), once the ips dedicated to the account have been consumed ips will be acquired from the system pool",
true, ConfigKey.Scope.Account); true, ConfigKey.Scope.Account);
static final ConfigKey<Boolean> RulesContinueOnError = new ConfigKey<Boolean>("Advanced", Boolean.class, "network.rule.delete.ignoreerror", "true",
"When true, ip address delete (ipassoc) failures are ignored", true);
/** /**
* Assigns a new public ip address. * Assigns a new public ip address.
* *

12
server/src/com/cloud/network/IpAddressManagerImpl.java
View File

@ -282,6 +282,8 @@ public class IpAddressManagerImpl extends ManagerBase implements IpAddressManage
SearchBuilder<IPAddressVO> AssignIpAddressSearch; SearchBuilder<IPAddressVO> AssignIpAddressSearch;
SearchBuilder<IPAddressVO> AssignIpAddressFromPodVlanSearch; SearchBuilder<IPAddressVO> AssignIpAddressFromPodVlanSearch;
static Boolean rulesContinueOnErrFlag = true;
@Override @Override
public boolean configure(String name, Map<String, Object> params) { public boolean configure(String name, Map<String, Object> params) {
// populate providers // populate providers
@ -403,7 +405,11 @@ public class IpAddressManagerImpl extends ManagerBase implements IpAddressManage
Network.State.getStateMachine().registerListener(new NetworkStateListener(_configDao)); Network.State.getStateMachine().registerListener(new NetworkStateListener(_configDao));
s_logger.info("Network Manager is configured."); if (RulesContinueOnError.value() != null) {
rulesContinueOnErrFlag = RulesContinueOnError.value();
}
s_logger.info("IPAddress Manager is configured.");
return true; return true;
} }
@ -601,7 +607,7 @@ public class IpAddressManagerImpl extends ManagerBase implements IpAddressManage
if (ip.getAssociatedWithNetworkId() != null) { if (ip.getAssociatedWithNetworkId() != null) {
Network network = _networksDao.findById(ip.getAssociatedWithNetworkId()); Network network = _networksDao.findById(ip.getAssociatedWithNetworkId());
try { try {
if (!applyIpAssociations(network, true)) { if (!applyIpAssociations(network, rulesContinueOnErrFlag)) {
s_logger.warn("Unable to apply ip address associations for " + network); s_logger.warn("Unable to apply ip address associations for " + network);
success = false; success = false;
} }
@ -2029,6 +2035,6 @@ public class IpAddressManagerImpl extends ManagerBase implements IpAddressManage
@Override @Override
public ConfigKey<?>[] getConfigKeys() { public ConfigKey<?>[] getConfigKeys() {
return new ConfigKey<?>[] {UseSystemPublicIps}; return new ConfigKey<?>[] {UseSystemPublicIps, RulesContinueOnError};
} }
} }

12
server/src/com/cloud/network/firewall/FirewallManagerImpl.java
View File

@ -143,12 +143,16 @@ public class FirewallManagerImpl extends ManagerBase implements FirewallService,
IpAddressManager _ipAddrMgr; IpAddressManager _ipAddrMgr;
private boolean _elbEnabled = false; private boolean _elbEnabled = false;
static Boolean rulesContinueOnErrFlag = true;
@Override @Override
public boolean configure(String name, Map<String, Object> params) throws ConfigurationException { public boolean configure(String name, Map<String, Object> params) throws ConfigurationException {
_name = name; _name = name;
String elbEnabledString = _configDao.getValue(Config.ElasticLoadBalancerEnabled.key()); String elbEnabledString = _configDao.getValue(Config.ElasticLoadBalancerEnabled.key());
_elbEnabled = Boolean.parseBoolean(elbEnabledString); _elbEnabled = Boolean.parseBoolean(elbEnabledString);
if (_ipAddrMgr.RulesContinueOnError.value() != null) {
rulesContinueOnErrFlag = _ipAddrMgr.RulesContinueOnError.value();
}
return true; return true;
} }
@ -851,8 +855,12 @@ public class FirewallManagerImpl extends ManagerBase implements FirewallService,
// now send everything to the backend // now send everything to the backend
List<FirewallRuleVO> rulesToApply = _firewallDao.listByIpAndPurpose(ipId, Purpose.Firewall); List<FirewallRuleVO> rulesToApply = _firewallDao.listByIpAndPurpose(ipId, Purpose.Firewall);
applyFirewallRules(rulesToApply, true, caller); //apply rules
if (!applyFirewallRules(rulesToApply, rulesContinueOnErrFlag, caller)) {
if (!rulesContinueOnErrFlag) {
return false;
}
}
// Now we check again in case more rules have been inserted. // Now we check again in case more rules have been inserted.
rules.addAll(_firewallDao.listByIpAndPurposeAndNotRevoked(ipId, Purpose.Firewall)); rules.addAll(_firewallDao.listByIpAndPurposeAndNotRevoked(ipId, Purpose.Firewall));

5
server/src/com/cloud/network/lb/LoadBalancingRulesManagerImpl.java
View File

@ -2001,7 +2001,10 @@ public class LoadBalancingRulesManagerImpl<Type> extends ManagerBase implements
@Override @Override
public boolean removeAllLoadBalanacersForIp(long ipId, Account caller, long callerUserId) { public boolean removeAllLoadBalanacersForIp(long ipId, Account caller, long callerUserId) {
List<FirewallRuleVO> rules = _firewallDao.listByIpAndPurposeAndNotRevoked(ipId, Purpose.LoadBalancing);
//Included revoked rules to remove the rules of ips which are in revoke state
List<FirewallRuleVO> rules = _firewallDao.listByIpAndPurpose(ipId, Purpose.LoadBalancing);
if (rules != null) { if (rules != null) {
s_logger.debug("Found " + rules.size() + " lb rules to cleanup"); s_logger.debug("Found " + rules.size() + " lb rules to cleanup");
for (FirewallRule rule : rules) { for (FirewallRule rule : rules) {

10
server/src/com/cloud/network/router/VirtualNetworkApplianceManagerImpl.java
View File

@ -1845,7 +1845,15 @@ Configurable, StateListener<VirtualMachine.State, VirtualMachine.Event, VirtualM
if (_networkModel.isProviderSupportServiceInNetwork(guestNetworkId, Service.StaticNat, provider)) { if (_networkModel.isProviderSupportServiceInNetwork(guestNetworkId, Service.StaticNat, provider)) {
if (ip.isOneToOneNat()) { if (ip.isOneToOneNat()) {
final StaticNatImpl staticNat = new StaticNatImpl(ip.getAccountId(), ip.getDomainId(), guestNetworkId, ip.getId(), ip.getVmIp(), false);
boolean revoke = false;
if (ip.getState() == IpAddress.State.Releasing ) {
// for ips got struck in releasing state we need to delete the rule not add.
s_logger.debug("Rule revoke set to true for the ip " + ip.getAddress() +" becasue it is in releasing state");
revoke = true;
}
final StaticNatImpl staticNat = new StaticNatImpl(ip.getAccountId(), ip.getDomainId(), guestNetworkId, ip.getId(), ip.getVmIp(), revoke);
staticNats.add(staticNat); staticNats.add(staticNat);
} }
} }

12
server/src/com/cloud/network/rules/RulesManagerImpl.java
View File

@ -701,7 +701,7 @@ public class RulesManagerImpl extends ManagerBase implements RulesManager, Rules
boolean success = false; boolean success = false;
if (apply) { if (apply) {
success = applyPortForwardingRules(rule.getSourceIpAddressId(), true, caller); success = applyPortForwardingRules(rule.getSourceIpAddressId(), _ipAddrMgr.RulesContinueOnError.value(), caller);
} else { } else {
success = true; success = true;
} }
@ -736,7 +736,7 @@ public class RulesManagerImpl extends ManagerBase implements RulesManager, Rules
boolean success = false; boolean success = false;
if (apply) { if (apply) {
success = applyStaticNatRulesForIp(rule.getSourceIpAddressId(), true, caller, true); success = applyStaticNatRulesForIp(rule.getSourceIpAddressId(), _ipAddrMgr.RulesContinueOnError.value(), caller, true);
} else { } else {
success = true; success = true;
} }
@ -769,7 +769,7 @@ public class RulesManagerImpl extends ManagerBase implements RulesManager, Rules
// apply rules for all ip addresses // apply rules for all ip addresses
for (Long ipId : ipsToReprogram) { for (Long ipId : ipsToReprogram) {
s_logger.debug("Applying port forwarding rules for ip address id=" + ipId + " as a part of vm expunge"); s_logger.debug("Applying port forwarding rules for ip address id=" + ipId + " as a part of vm expunge");
if (!applyPortForwardingRules(ipId, true, _accountMgr.getSystemAccount())) { if (!applyPortForwardingRules(ipId, _ipAddrMgr.RulesContinueOnError.value(), _accountMgr.getSystemAccount())) {
s_logger.warn("Failed to apply port forwarding rules for ip id=" + ipId); s_logger.warn("Failed to apply port forwarding rules for ip id=" + ipId);
success = false; success = false;
} }
@ -1098,10 +1098,10 @@ public class RulesManagerImpl extends ManagerBase implements RulesManager, Rules
boolean success = true; boolean success = true;
// revoke all port forwarding rules // revoke all port forwarding rules
success = success && applyPortForwardingRules(ipId, true, caller); success = success && applyPortForwardingRules(ipId, _ipAddrMgr.RulesContinueOnError.value(), caller);
// revoke all all static nat rules // revoke all all static nat rules
success = success && applyStaticNatRulesForIp(ipId, true, caller, true); success = success && applyStaticNatRulesForIp(ipId, _ipAddrMgr.RulesContinueOnError.value(), caller, true);
// revoke static nat for the ip address // revoke static nat for the ip address
success = success && applyStaticNatForIp(ipId, false, caller, true); success = success && applyStaticNatForIp(ipId, false, caller, true);
@ -1144,9 +1144,11 @@ public class RulesManagerImpl extends ManagerBase implements RulesManager, Rules
boolean success = true; boolean success = true;
// revoke all PF rules for the network // revoke all PF rules for the network
success = success && applyPortForwardingRulesForNetwork(networkId, true, caller); success = success && applyPortForwardingRulesForNetwork(networkId, true, caller);
success = success && applyPortForwardingRulesForNetwork(networkId, _ipAddrMgr.RulesContinueOnError.value(), caller);
// revoke all all static nat rules for the network // revoke all all static nat rules for the network
success = success && applyStaticNatRulesForNetwork(networkId, true, caller); success = success && applyStaticNatRulesForNetwork(networkId, true, caller);
success = success && applyStaticNatRulesForNetwork(networkId, _ipAddrMgr.RulesContinueOnError.value(), caller);
// Now we check again in case more rules have been inserted. // Now we check again in case more rules have been inserted.
rules.addAll(_portForwardingDao.listByNetworkAndNotRevoked(networkId)); rules.addAll(_portForwardingDao.listByNetworkAndNotRevoked(networkId));