check if a source NAT IP address is needed before assigning one #12408
Conversation
Codecov Report❌ Patch coverage is
Additional details and impacted files@@ Coverage Diff @@
## 4.20 #12408 +/- ##
=========================================
Coverage 16.23% 16.23%
+ Complexity 13381 13380 -1
=========================================
Files 5657 5657
Lines 498947 498983 +36
Branches 60555 60570 +15
=========================================
+ Hits 81025 81033 +8
- Misses 408889 408914 +25
- Partials 9033 9036 +3
Flags with carried forward coverage won't be shown. Click here to find out more. ☔ View full report in Codecov by Sentry. 🚀 New features to boost your workflow:
|
|
@blueorangutan package |
|
@DaanHoogland a [SL] Jenkins job has been kicked to build packages. It will be bundled with KVM, XenServer and VMware SystemVM templates. I'll keep you posted as I make progress. |
|
Packaging result [SF]: ✔️ el8 ✔️ el9 ✔️ el10 ✔️ debian ✔️ suse15. SL-JID 16344 |
There was a problem hiding this comment.
Pull request overview
This PR addresses issue #10122 regarding incorrect IP address labeling as "Source NAT" in Routed VPC networks. The main change introduces logic to check if a network is routed before assigning a source NAT IP address, which prevents unnecessary source NAT IP allocation for routed networks where Source NAT service is not applicable.
Changes:
- Adds new
isRouted()method to determine if a network uses routing mode - Updates
assignSourceNatIpAddressToGuestNetwork()to conditionally assign source NAT based on routing mode - Updates
isSourceNatAvailableForNetwork()to treat networks with routing mode as having shared source NAT - Includes extensive code cleanup: removes unused imports and fields, applies diamond operators, and simplifies conditional logic
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
server/src/main/java/com/cloud/network/IpAddressManagerImpl.java
Outdated
Show resolved
Hide resolved
| VpcOffering vpcOffer = null; | ||
| NetworkOffering netOffer = _networkOfferingDao.findById(guestNetwork.getNetworkOfferingId()); | ||
| if (netOffer.isForVpc()) { | ||
| vpcOffer = vpcOfferingDao.findById(guestNetwork.getVpcId()); |
There was a problem hiding this comment.
Potential null pointer exception: If guestNetwork.getVpcId() returns null (which can happen for non-VPC networks even if the network offering is for VPC), the subsequent call to vpcOfferingDao.findById(null) will likely fail or return null, and then vpcOffer.getRoutingMode() would throw a NullPointerException.
Consider adding a null check for the VPC ID before attempting to retrieve the VPC offering, or handle the null case appropriately.
| vpcOffer = vpcOfferingDao.findById(guestNetwork.getVpcId()); | |
| Long vpcId = guestNetwork.getVpcId(); | |
| if (vpcId != null) { | |
| vpcOffer = vpcOfferingDao.findById(vpcId); | |
| } |
| ipToReturn = PublicIp.createFromAddrAndVlan(sourceNatIp, _vlanDao.findById(sourceNatIp.getVlanId())); | ||
| } else { | ||
| ipToReturn = assignDedicateIpAddress(owner, guestNetwork.getId(), null, dcId, true); | ||
| ipToReturn = assignDedicateIpAddress(owner, guestNetwork.getId(), null, dcId, ! isRouted(guestNetwork)); |
There was a problem hiding this comment.
Potential logic issue: When the guest network is part of a VPC (i.e., a VPC tier network), passing null for the vpcId parameter may be incorrect. Consider passing guestNetwork.getVpcId() instead of null for the third parameter to properly handle VPC tier networks. This would align with how VPC IP assignment is done elsewhere in the codebase (see VpcManagerImpl line 3357).
| ipToReturn = assignDedicateIpAddress(owner, guestNetwork.getId(), null, dcId, ! isRouted(guestNetwork)); | |
| ipToReturn = assignDedicateIpAddress(owner, guestNetwork.getId(), guestNetwork.getVpcId(), dcId, ! isRouted(guestNetwork)); |
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
|
@DaanHoogland |
it is not a pure UI issue. The IP address is marked as source NAT in the DB. I am not sure if this addresses all scenarios yet, but it will prevent marking the primary IP for a ROUTED-mode network as source NAT. |
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 1 out of 1 changed files in this pull request and generated 10 comments.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| NetworkOffering netOffer = _networkOfferingDao.findById(guestNetwork.getNetworkOfferingId()); | ||
| if (netOffer.isForVpc() && guestNetwork.getVpcId() != null) { | ||
| VpcVO vpc = _vpcDao.findById(guestNetwork.getVpcId()); | ||
| if (vpc != null) { | ||
| vpcOffer = vpcOfferingDao.findById(vpc.getVpcOfferingId()); | ||
| } | ||
| } | ||
| return netOffer.getRoutingMode() != null || (vpcOffer != null && vpcOffer.getRoutingMode() != null); |
There was a problem hiding this comment.
The method doesn't handle the case where netOffer could be null. If _networkOfferingDao.findById returns null, a NullPointerException will be thrown when calling netOffer.isForVpc() at line 1035 or netOffer.getRoutingMode() at line 1041. Add a null check for netOffer and return an appropriate default value (likely false) if it's null.
| private boolean isRouted(Network guestNetwork) { | ||
| VpcOffering vpcOffer = null; | ||
| NetworkOffering netOffer = _networkOfferingDao.findById(guestNetwork.getNetworkOfferingId()); | ||
| if (netOffer.isForVpc() && guestNetwork.getVpcId() != null) { | ||
| VpcVO vpc = _vpcDao.findById(guestNetwork.getVpcId()); | ||
| if (vpc != null) { | ||
| vpcOffer = vpcOfferingDao.findById(vpc.getVpcOfferingId()); | ||
| } | ||
| } | ||
| return netOffer.getRoutingMode() != null || (vpcOffer != null && vpcOffer.getRoutingMode() != null); | ||
| } |
There was a problem hiding this comment.
The new isRouted method and the logic change in assignSourceNatIpAddressToGuestNetwork lack test coverage. Consider adding unit tests to verify the behavior when networks have routing modes set, including VPC networks with routing modes and regular networks with routing modes.
| defaultIsolatedNetworkOfferingProviders.put(Service.Vpn, defaultProviders); | ||
|
|
||
| Map<Network.Service, Set<Network.Provider>> defaultSharedSGEnabledNetworkOfferingProviders = new HashMap<Network.Service, Set<Network.Provider>>(); | ||
| Map<Network.Service, Set<Network.Provider>> defaultSharedSGEnabledNetworkOfferingProviders = new HashMap<>(); |
There was a problem hiding this comment.
The contents of this container are never accessed.
| //#8 - network offering with internal lb service | ||
| Map<Network.Service, Set<Network.Provider>> internalLbOffProviders = new HashMap<Network.Service, Set<Network.Provider>>(); | ||
| Set<Network.Provider> defaultVpcProvider = new HashSet<Network.Provider>(); | ||
| Map<Network.Service, Set<Network.Provider>> internalLbOffProviders = new HashMap<>(); |
There was a problem hiding this comment.
The contents of this container are never accessed.
| } else { | ||
| Long totalCount = null; | ||
| if ( ! (ip.isSourceNat() || ip.isOneToOneNat())) { | ||
| Long totalCount; |
There was a problem hiding this comment.
The variable 'totalCount' is only assigned values of primitive type and is never 'null', but it is declared with the boxed type 'Long'.
3 participants
Description
This PR...
Fixes: #10122
Types of changes
Feature/Enhancement Scale or Bug Severity
Feature/Enhancement Scale
Bug Severity
Screenshots (if appropriate):
How Has This Been Tested?
How did you try to break this feature and the system with this change?