VR: fix issue between VPC VMs and other Public IPs in the same subnet as additional Public IPs (#8599)

* VR: fix issue between VPC VMs and other Public IPs in the same subnet as additional Public IPs * Update PR8599: move to VpcVirtualNetworkApplianceManagerImpl
2025-11-02 20:02:29 +01:00 · 2024-02-13 06:33:40 +01:00 · 2024-02-13 06:33:40 +01:00 · e47a910019
commit e47a910019
parent 672206c312
3 changed files with 29 additions and 3 deletions
--- a/server/src/main/java/com/cloud/network/router/VpcVirtualNetworkApplianceManagerImpl.java
+++ b/server/src/main/java/com/cloud/network/router/VpcVirtualNetworkApplianceManagerImpl.java
@ -27,6 +27,7 @@ import java.util.Map;
 import javax.inject.Inject;
 import javax.naming.ConfigurationException;

+import org.apache.commons.collections.CollectionUtils;
 import org.apache.log4j.Logger;
 import org.springframework.stereotype.Component;

@ -294,7 +295,23 @@ public class VpcVirtualNetworkApplianceManagerImpl extends VirtualNetworkApplian
            }
        }

-        return super.finalizeVirtualMachineProfile(profile, dest, context);
+        super.finalizeVirtualMachineProfile(profile, dest, context);
+        appendSourceNatIpToBootArgs(profile);
+        return true;
+    }
+
+    private void appendSourceNatIpToBootArgs(final VirtualMachineProfile profile) {
+        final StringBuilder buf = profile.getBootArgsBuilder();
+        final DomainRouterVO router = _routerDao.findById(profile.getVirtualMachine().getId());
+        if (router != null && router.getVpcId() != null) {
+            List<IPAddressVO> vpcIps = _ipAddressDao.listByAssociatedVpc(router.getVpcId(), true);
+            if (CollectionUtils.isNotEmpty(vpcIps)) {
+                buf.append(String.format(" source_nat_ip=%s", vpcIps.get(0).getAddress().toString()));
+                if (s_logger.isDebugEnabled()) {
+                    s_logger.debug("The final Boot Args for " + profile + ": " + buf);
+                }
+            }
+        }
    }

    @Override
--- a/systemvm/debian/opt/cloud/bin/cs/CsAddress.py
+++ b/systemvm/debian/opt/cloud/bin/cs/CsAddress.py
@ -453,8 +453,8 @@ class CsIP:
                ["", "", "-A NETWORK_STATS_%s -o %s ! -i eth0 -p tcp" % (self.dev, self.dev)])
            self.fw.append(
                ["", "", "-A NETWORK_STATS_%s -i %s ! -o eth0 -p tcp" % (self.dev, self.dev)])
-            self.fw.append(["nat", "",
-                            "-A POSTROUTING -o %s -j SNAT --to-source %s" % (self.dev, self.cl.get_eth2_ip())])
+            self.fw.append(
+                ["nat", "", "-A POSTROUTING -o %s -j SNAT --to-source %s" % (self.dev, self.cl.get_eth2_ip())])
            self.fw.append(["mangle", "",
                            "-A PREROUTING -i %s -m state --state NEW " % self.dev +
                            "-j CONNMARK --set-xmark %s/0xffffffff" % self.dnum])
@ -695,6 +695,9 @@ class CsIP:
                    ["filter", 3, "-A FORWARD -s %s ! -d %s -j ACCEPT" % (vpccidr, vpccidr)])
                self.fw.append(
                    ["nat", "", "-A POSTROUTING -j SNAT -o %s --to-source %s" % (self.dev, self.address['public_ip'])])
+            elif cmdline.get_source_nat_ip() and not self.is_private_gateway():
+                self.fw.append(
+                    ["nat", "", "-A POSTROUTING -j SNAT -o %s --to-source %s" % (self.dev, cmdline.get_source_nat_ip())])

    def list(self):
        self.iplist = {}
--- a/systemvm/debian/opt/cloud/bin/cs/CsDatabag.py
+++ b/systemvm/debian/opt/cloud/bin/cs/CsDatabag.py
@ -181,6 +181,12 @@ class CsCmdLine(CsDataBag):
            return False
        return "%s/%s" % (self.idata()[ipkey], self.idata()[prelenkey])

+    def get_source_nat_ip(self):
+        if "source_nat_ip" in self.idata():
+            return self.idata()['source_nat_ip']
+        return False
+
+
 class CsGuestNetwork(CsDataBag):
    """ Get guestnetwork config parameters """