VPC restart cleanup for Public networks with multi-CIDR data#12622
VPC restart cleanup for Public networks with multi-CIDR data#12622jeanvetorello wants to merge 7 commits intoapache:4.22from
Conversation
|
@blueorangutan package |
|
@blueorangutan package |
Codecov Report❌ Patch coverage is
Additional details and impacted files@@ Coverage Diff @@
## 4.22 #12622 +/- ##
=========================================
Coverage 17.60% 17.60%
- Complexity 15676 15677 +1
=========================================
Files 5918 5918
Lines 531667 531669 +2
Branches 65001 65002 +1
=========================================
+ Hits 93617 93624 +7
+ Misses 427491 427486 -5
Partials 10559 10559
Flags with carried forward coverage won't be shown. Click here to find out more. ☔ View full report in Codecov by Sentry. 🚀 New features to boost your workflow:
|
|
@blueorangutan package |
There was a problem hiding this comment.
Pull request overview
Fixes VPC restart failures for multi-CIDR networks by ensuring NetworkVO.equals() does not pass a raw comma-separated CIDR list into NetUtils.isNetworkAWithinNetworkB(), which expects a single CIDR.
Changes:
- Normalize
cidrvalues inNetworkVO.equals()by extracting the first CIDR from comma-separated strings before comparing.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
engine/schema/src/main/java/com/cloud/network/dao/NetworkVO.java
Outdated
Show resolved
Hide resolved
engine/schema/src/main/java/com/cloud/network/dao/NetworkVO.java
Outdated
Show resolved
Hide resolved
|
@blueorangutan package |
|
@DaanHoogland a [SL] Jenkins job has been kicked to build packages. It will be bundled with no SystemVM templates. I'll keep you posted as I make progress. |
|
Packaging result [SF]: ✔️ el8 ✔️ el9 ✔️ el10 ✖️ debian ✔️ suse15. SL-JID 16776 |
|
as we discussed in the comments of #12621, we need to work on another solution can you work on the fix ? cc @jeanvetorello @sureshanaparti |
|
@jeanvetorello can you rebase this PR with 4.22 branch, and address the outstanding comments. |
… in NetworkVO.equals() When a network has multiple CIDRs (e.g. '192.168.2.0/24,160.0.0.0/24'), NetworkVO.equals() passes the raw comma-separated string to NetUtils.isNetworkAWithinNetworkB() which expects a single CIDR, causing 'cidr is not formatted correctly' error during VPC restart with cleanup=true. Extract only the first CIDR value before passing to NetUtils.
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
…works addCidrAndGatewayForIpv4/Ipv6 (introduced by PR apache#11249) was called for all network types without checking if the network is Public. This caused comma-separated CIDRs to be stored on Public networks, which then triggered 'cidr is not formatted correctly' errors during VPC restart. Add TrafficType.Public guard in both the VLAN creation (addCidr) and VLAN deletion (removeCidr) paths in ConfigurationManagerImpl.
jeanvetorello
force-pushed
the
fix/vpc-restart-cidr-minimal
branch
from
5e43fac to
c9e7a8b
Compare
|
@blueorangutan package |
|
@DaanHoogland a [SL] Jenkins job has been kicked to build packages. It will be bundled with KVM, XenServer and VMware SystemVM templates. I'll keep you posted as I make progress. |
|
Packaging result [SF]: ✖️ el8 ✖️ el9 ✖️ debian ✖️ suse15. SL-JID 17078 |
engine/schema/src/main/java/com/cloud/network/dao/NetworkVO.java
Outdated
Show resolved
Hide resolved
jeanvetorello
force-pushed
the
fix/vpc-restart-cidr-minimal
branch
from
a38f18b to
c9e7a8b
Compare
|
@blueorangutan package |
|
@DaanHoogland a [SL] Jenkins job has been kicked to build packages. It will be bundled with KVM, XenServer and VMware SystemVM templates. I'll keep you posted as I make progress. |
|
Packaging result [SF]: ✔️ el8 ✔️ el9 ✔️ el10 ✖️ debian ✔️ suse15. SL-JID 17200 |
DaanHoogland
changed the title
|
Packaging result [SF]: ✖️ el8 ✖️ el9 ✔️ debian ✖️ suse15. SL-JID 17207 |
|
@jeanvetorello can you update the PR title add description ? Can you also add a SQL change to update some fields of Public network to NULL ? https://github.com/apache/cloudstack/blob/4.22/engine/schema/src/main/resources/META-INF/db/schema-42200to42210.sql I think |
jeanvetorello
changed the title
weizhouapache
left a comment
weizhouapache
left a comment
There was a problem hiding this comment.
code lgtm
@jeanvetorello
can you plaese update the description as well ? thanks
|
This pull request has merge conflicts. Dear author, please fix the conflicts and sync your branch with the base branch. |
|
@weizhouapache, @jeanvetorello did update the title. Is this to satisfaction?] |
|
@blueorangutan package |
|
@DaanHoogland a [SL] Jenkins job has been kicked to build packages. It will be bundled with KVM, XenServer and VMware SystemVM templates. I'll keep you posted as I make progress. |
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 2 out of 2 changed files in this pull request and generated 2 comments.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| `cidr` = NULL, | ||
| `ip6_gateway` = NULL, | ||
| `ip6_cidr` = NULL | ||
| WHERE `traffic_type` = 'Public'; |
There was a problem hiding this comment.
This migration nulls cidr/gateway (and broadcast_uri) for all traffic_type='Public' networks. With the current NetworkVO.equals() implementation, two Public networks with cidr == null compare as equal, while NetworkVO.hashCode() is based on id; this violates the equals/hashCode contract and can break HashSet/Map behavior (and may become more likely after this UPDATE makes cidr null everywhere). Consider either (a) updating NetworkVO.equals()/hashCode() to be consistent (and to handle comma-separated CIDRs as described in the PR), or (b) narrowing this UPDATE to only sanitize rows that actually contain legacy comma-separated values so you don’t increase the number of cidr == null Public networks.
| WHERE `traffic_type` = 'Public'; | |
| WHERE `traffic_type` = 'Public` | |
| AND ( | |
| `cidr` LIKE '%,%' | |
| OR `ip6_cidr` LIKE '%,%' | |
| OR `gateway` LIKE '%,%' | |
| OR `ip6_gateway` LIKE '%,%' | |
| ); |
| final NetworkVO networkVO = _networkDao.findById(networkId); | ||
|
|
||
| if (ipv4) { | ||
| removeCidrAndGatewayForIpv4(networkId, deletedVlan); | ||
| } else if (ipv6) { | ||
| removeCidrAndGatewayForIpv6(networkId, deletedVlan); | ||
| if (networkVO != null && networkVO.getTrafficType() != TrafficType.Public) { | ||
| if (ipv4) { | ||
| removeCidrAndGatewayForIpv4(networkId, deletedVlan); |
There was a problem hiding this comment.
networkVO is fetched here to check traffic type, but removeCidrAndGatewayForIpv4/Ipv6 immediately re-fetch the same NetworkVO again. To avoid the extra DB hit (and keep the code easier to follow), consider passing the already-fetched NetworkVO into the remove* helpers or moving the traffic-type guard into those helpers.
|
Packaging result [SF]: ✔️ el8 ✔️ el9 ✔️ el10 ✔️ debian ✔️ suse15. SL-JID 17325 |
|
@blueorangutan test |
|
@DaanHoogland a [SL] Trillian-Jenkins test job (ol8 mgmt + kvm-ol8) has been kicked to run smoke tests |
#12621
Fix VPC restart with multi-CIDR networks: handle comma-separated CIDR in NetworkVO.equals()
When a network has multiple CIDRs (e.g. '192.168.2.0/24,160.0.0.0/24'), NetworkVO.equals() passes the raw comma-separated string to NetUtils.isNetworkAWithinNetworkB() which expects a single CIDR, causing 'cidr is not formatted correctly' error during VPC restart with cleanup=true.
Extract only the first CIDR value before passing to NetUtils.
Description
This PR addresses VPC restart failures during cleanup in environments where Public networks contain legacy aggregated network data (multiple values stored in network-level CIDR and gateway fields).
This PR...
Types of changes
Bug fix (non-breaking change which fixes an issue)
Bug Severity
Screenshots (if appropriate):
How Has This Been Tested?
on different VLANs assigned to the same VPC
How did you try to break this feature and the system with this change?