From 4a3635ee348d245293cdc44219386854e8000dbe Mon Sep 17 00:00:00 2001 From: alena Date: Fri, 12 Aug 2011 16:19:09 -0700 Subject: [PATCH] Remove firewall rule along with pf/staticNat/lb rule if the pf/staticNat/lb failed to create due to network rule conflict --- .../network/lb/LoadBalancingRulesManagerImpl.java | 11 +++++++++-- .../com/cloud/network/rules/RulesManagerImpl.java | 14 +++++++++++++- 2 files changed, 22 insertions(+), 3 deletions(-) diff --git a/server/src/com/cloud/network/lb/LoadBalancingRulesManagerImpl.java b/server/src/com/cloud/network/lb/LoadBalancingRulesManagerImpl.java index 0d84e78f5ca..429988cbd42 100755 --- a/server/src/com/cloud/network/lb/LoadBalancingRulesManagerImpl.java +++ b/server/src/com/cloud/network/lb/LoadBalancingRulesManagerImpl.java @@ -53,8 +53,8 @@ import com.cloud.network.LoadBalancerVMMapVO; import com.cloud.network.LoadBalancerVO; import com.cloud.network.Network.Service; import com.cloud.network.NetworkManager; -import com.cloud.network.dao.FirewallRulesCidrsDao; import com.cloud.network.NetworkVO; +import com.cloud.network.dao.FirewallRulesCidrsDao; import com.cloud.network.dao.FirewallRulesDao; import com.cloud.network.dao.IPAddressDao; import com.cloud.network.dao.LoadBalancerDao; @@ -73,7 +73,6 @@ import com.cloud.user.UserContext; import com.cloud.user.dao.AccountDao; import com.cloud.uservm.UserVm; import com.cloud.utils.Pair; -import com.cloud.utils.component.Adapters; import com.cloud.utils.component.Inject; import com.cloud.utils.component.Manager; import com.cloud.utils.db.DB; @@ -132,6 +131,8 @@ public class LoadBalancingRulesManagerImpl implements LoadBalancingRulesManager, ElasticLoadBalancerManager _elbMgr; @Inject NetworkDao _networkDao; + @Inject + FirewallRulesDao _firewallDao; @Override @@ -453,6 +454,12 @@ public class LoadBalancingRulesManagerImpl implements LoadBalancingRulesManager, throw new CloudRuntimeException("Unable to add rule for ip address id=" + newRule.getSourceIpAddressId(), e); } finally { if (!success) { + + txn.start(); + _firewallDao.remove(_firewallDao.findByRelatedId(newRule.getId()).getId()); + _lbDao.remove(newRule.getId()); + txn.commit(); + _lbDao.remove(newRule.getId()); } } diff --git a/server/src/com/cloud/network/rules/RulesManagerImpl.java b/server/src/com/cloud/network/rules/RulesManagerImpl.java index a1eaa9f632b..57cd1db9f3e 100755 --- a/server/src/com/cloud/network/rules/RulesManagerImpl.java +++ b/server/src/com/cloud/network/rules/RulesManagerImpl.java @@ -221,7 +221,14 @@ public class RulesManagerImpl implements RulesManager, RulesService, Manager { txn.commit(); return newRule; } catch (Exception e) { + + txn.start(); + + _firewallDao.remove(_firewallDao.findByRelatedId(newRule.getId()).getId()); _forwardingDao.remove(newRule.getId()); + + txn.commit(); + if (e instanceof NetworkRuleConflictException) { throw (NetworkRuleConflictException) e; } @@ -280,7 +287,12 @@ public class RulesManagerImpl implements RulesManager, RulesService, Manager { return staticNatRule; } catch (Exception e) { - _forwardingDao.remove(newRule.getId()); + + txn.start(); + _firewallDao.remove(_firewallDao.findByRelatedId(newRule.getId()).getId()); + _forwardingDao.remove(newRule.getId()); + txn.commit(); + if (e instanceof NetworkRuleConflictException) { throw (NetworkRuleConflictException) e; }