This is an automated email from the ASF dual-hosted git repository.
pearl11594 pushed a commit to branch netris-integration-upstream
in repository https://gitbox.apache.org/repos/asf/cloudstack.git
commit 43dd9ae35316fc8223f9a296a3c270795ddbe43a
Author: Wei Zhou <weiz...@apache.org>
AuthorDate: Fri Dec 27 09:00:14 2024 +0100
Netris VPN: Fix s2s vpn status update and isolated network implementation
(#42)
* server: fix NPE when deploy vm on isolated network
* vpn: fix s2s vpn status is not updated
Prior to this fix
```
java.lang.IllegalArgumentException: Class
com.cloud.agent.api.CheckS2SVpnConnectionsAnswer declares multiple JSON fields
named 'details'; conflict is caused by fields
com.cloud.agent.api.CheckS2SVpnConnectionsAnswer#details and
com.cloud.agent.api.Answer#details
at
com.cloud.agent.transport.ResponseTest.testCheckS2SVpnConnectionsAnswer(ResponseTest.java:42)
```
* test: fix test_01_vpn_usage as now it is only possible to create VPN on
Source NAT if it uses VR
* VR: fix unable to create remote access VPN on regular isolated network
the error is
```
File "/opt/cloud/bin/configure.py", line 1242, in process
self.remoteaccessvpn_iptables(self.dbag['public_interface'], public_ip,
self.dbag[public_ip])
~~~~~~~~~^^^^^^^^^^^^^^^^^^^^
KeyError: 'public_interface'
```
---
.../agent/api/CheckS2SVpnConnectionsAnswer.java | 1 -
.../com/cloud/agent/transport/ResponseTest.java | 46 ++++++++++++++++++++++
.../cloud/network/router/NetworkHelperImpl.java | 3 +-
systemvm/debian/opt/cloud/bin/configure.py | 2 +-
test/integration/smoke/test_usage.py | 12 +++++-
5 files changed, 59 insertions(+), 5 deletions(-)
diff --git
a/core/src/main/java/com/cloud/agent/api/CheckS2SVpnConnectionsAnswer.java
b/core/src/main/java/com/cloud/agent/api/CheckS2SVpnConnectionsAnswer.java
index b299c602dde..351702a048c 100644
--- a/core/src/main/java/com/cloud/agent/api/CheckS2SVpnConnectionsAnswer.java
+++ b/core/src/main/java/com/cloud/agent/api/CheckS2SVpnConnectionsAnswer.java
@@ -25,7 +25,6 @@ import java.util.Map;
public class CheckS2SVpnConnectionsAnswer extends Answer {
Map<String, Boolean> ipToConnected;
Map<String, String> ipToDetail;
- String details;
protected CheckS2SVpnConnectionsAnswer() {
ipToConnected = new HashMap<String, Boolean>();
diff --git a/core/src/test/java/com/cloud/agent/transport/ResponseTest.java
b/core/src/test/java/com/cloud/agent/transport/ResponseTest.java
new file mode 100644
index 00000000000..06869b42eb9
--- /dev/null
+++ b/core/src/test/java/com/cloud/agent/transport/ResponseTest.java
@@ -0,0 +1,46 @@
+//
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements. See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership. The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License. You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied. See the License for the
+// specific language governing permissions and limitations
+// under the License.
+//
+
+package com.cloud.agent.transport;
+
+import junit.framework.TestCase;
+
+import org.apache.logging.log4j.Logger;
+import org.apache.logging.log4j.LogManager;
+import org.junit.Assert;
+import com.cloud.agent.api.Answer;
+import com.cloud.agent.api.CheckS2SVpnConnectionsAnswer;
+
+import com.cloud.agent.transport.Request.Version;
+
+public class ResponseTest extends TestCase {
+ protected Logger logger = LogManager.getLogger(getClass());
+
+ public void testCheckS2SVpnConnectionsAnswer() {
+ logger.info("Testing CheckS2SVpnConnectionsAnswer");
+ String content =
"[{\"com.cloud.agent.api.CheckS2SVpnConnectionsAnswer\":{\"ipToConnected\":{\"10.0.53.13\":true},"
+
+ "\"ipToDetail\":{\"10.0.53.13\":\"IPsec SA found;Site-to-site
VPN have connected\"}," +
+ "\"details\":\"10.0.53.13:0:IPsec SA found;Site-to-site VPN
have connected\\u0026\\n\"," +
+
"\"result\":true,\"contextMap\":{},\"wait\":0,\"bypassHostMaintenance\":false}}]";
+ Response response = new Response(Version.v2, 1L, 2L, 3L, 1L, (short)1,
content);
+ Answer answer = response.getAnswer();
+ Assert.assertTrue(answer instanceof CheckS2SVpnConnectionsAnswer);
+ }
+
+}
diff --git
a/server/src/main/java/com/cloud/network/router/NetworkHelperImpl.java
b/server/src/main/java/com/cloud/network/router/NetworkHelperImpl.java
index 8d665eec96e..407bb065aee 100644
--- a/server/src/main/java/com/cloud/network/router/NetworkHelperImpl.java
+++ b/server/src/main/java/com/cloud/network/router/NetworkHelperImpl.java
@@ -777,7 +777,8 @@ public class NetworkHelperImpl implements NetworkHelper {
logger.debug("Adding nic for Virtual Router in Guest network " +
guestNetwork);
String defaultNetworkStartIp = null, defaultNetworkStartIpv6 =
null;
final Nic placeholder =
_networkModel.getPlaceholderNicForRouter(guestNetwork,
routerDeploymentDefinition.getPodId());
- if (!routerDeploymentDefinition.isPublicNetwork() ||
!vpcManager.isSrcNatIpRequiredForVpcVr(routerDeploymentDefinition.getVpc().getVpcOfferingId()))
{
+ if (!routerDeploymentDefinition.isPublicNetwork()
+ ||
!_networkModel.isAnyServiceSupportedInNetwork(guestNetwork.getId(),
Network.Provider.VPCVirtualRouter, Network.Service.SourceNat,
Network.Service.Gateway)) {
if (guestNetwork.getCidr() != null) {
if (placeholder != null && placeholder.getIPv4Address() !=
null) {
logger.debug("Requesting ipv4 address " +
placeholder.getIPv4Address() + " stored in placeholder nic for the network "
diff --git a/systemvm/debian/opt/cloud/bin/configure.py
b/systemvm/debian/opt/cloud/bin/configure.py
index 7d07cf73f49..db279fe88c6 100755
--- a/systemvm/debian/opt/cloud/bin/configure.py
+++ b/systemvm/debian/opt/cloud/bin/configure.py
@@ -1241,7 +1241,7 @@ class CsRemoteAccessVpn(CsDataBag):
break
else:
self.configure_l2tpIpsec(public_ip, self.dbag[public_ip])
-
self.remoteaccessvpn_iptables(self.dbag['public_interface'], public_ip,
self.dbag[public_ip])
+
self.remoteaccessvpn_iptables(self.dbag[public_ip]['public_interface'],
public_ip, self.dbag[public_ip])
CsHelper.execute("ipsec update")
CsHelper.execute("systemctl start xl2tpd")
diff --git a/test/integration/smoke/test_usage.py
b/test/integration/smoke/test_usage.py
index 1a6ff37cedb..a65e4917a46 100644
--- a/test/integration/smoke/test_usage.py
+++ b/test/integration/smoke/test_usage.py
@@ -1732,6 +1732,14 @@ class TestVpnUsage(cloudstackTestCase):
domainid=cls.virtual_machine.domainid,
services=cls.services["server"]
)
+ src_nat_list = PublicIPAddress.list(
+ cls.api_client,
+ accountid=cls.virtual_machine.account,
+ zoneid=cls.virtual_machine.zoneid,
+ domainid=cls.virtual_machine.domainid,
+ issourcenat=True
+ )
+ cls.public_ip = src_nat_list[0]
return
@classmethod
@@ -1770,11 +1778,11 @@ class TestVpnUsage(cloudstackTestCase):
# 4. Delete this account.
self.debug("Created VPN with public IP: %s" %
- self.public_ip.ipaddress.id)
+ self.public_ip.ipaddress)
# Assign VPN to Public IP
vpn = Vpn.create(
self.apiclient,
- self.public_ip.ipaddress.id,
+ self.public_ip.id,
account=self.account.name,
domainid=self.account.domainid
)
