From 6fc389a044288e8f12f41a651a711a1ab7113b86 Mon Sep 17 00:00:00 2001
From: Rohit Yadav <rohit.yadav@shapeblue.com>
Date: Wed, 13 Dec 2017 01:28:18 +0530
Subject: [PATCH] CLOUDSTACK-10187: Don't delete vifs for VPCs with source nat

On XenServer, both redundant router's vifs were getting deleted when any
PF rule is removed from any of the acquired public IPs. This fix
ensures that lastIp is set to `false` when processed by hypervisor
resources to avoid removing of VIFs when VPCs have any source nat IP.

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
---
 .../network/router/CommandSetupHelper.java    | 19 ++++++++++++++-----
 test/integration/smoke/test_vpc_redundant.py  |  4 ++--
 2 files changed, 16 insertions(+), 7 deletions(-)

diff --git a/server/src/com/cloud/network/router/CommandSetupHelper.java b/server/src/com/cloud/network/router/CommandSetupHelper.java
index cadaf4fcdf8..c8d85fe2644 100644
--- a/server/src/com/cloud/network/router/CommandSetupHelper.java
+++ b/server/src/com/cloud/network/router/CommandSetupHelper.java
@@ -475,7 +475,7 @@ public class CommandSetupHelper {
 
     public void createAssociateIPCommands(final VirtualRouter router, final List<? extends PublicIpAddress> ips, final Commands cmds, final long vmId) {
         final String ipAssocCommand = "IPAssocCommand";
-        createRedundantAssociateIPCommands(router, ips, cmds, ipAssocCommand, vmId);
+        createRedundantAssociateIPCommands(router, ips, cmds, ipAssocCommand, false);
     }
 
     public void createNetworkACLsCommands(final List<? extends NetworkACLItem> rules, final VirtualRouter router, final Commands cmds, final long guestNetworkId,
@@ -645,7 +645,7 @@ public class CommandSetupHelper {
 
         final String ipAssocCommand = "IPAssocVpcCommand";
         if (router.getIsRedundantRouter()) {
-            createRedundantAssociateIPCommands(router, ips, cmds, ipAssocCommand, 0);
+            createRedundantAssociateIPCommands(router, ips, cmds, ipAssocCommand, true);
             return;
         }
 
@@ -742,7 +742,7 @@ public class CommandSetupHelper {
         }
     }
 
-    public void createRedundantAssociateIPCommands(final VirtualRouter router, final List<? extends PublicIpAddress> ips, final Commands cmds, final String ipAssocCommand, final long vmId) {
+    public void createRedundantAssociateIPCommands(final VirtualRouter router, final List<? extends PublicIpAddress> ips, final Commands cmds, final String ipAssocCommand, final boolean isVPC) {
 
         // Ensure that in multiple vlans case we first send all ip addresses of
         // vlan1, then all ip addresses of vlan2, etc..
@@ -840,7 +840,16 @@ public class CommandSetupHelper {
             }
 
             // for network if the ips does not have any rules, then only last ip
-            List<IPAddressVO> userIps = _ipAddressDao.listByAssociatedNetwork(associatedWithNetworkId, null);
+            final List<IPAddressVO> userIps = _ipAddressDao.listByAssociatedNetwork(associatedWithNetworkId, null);
+            boolean hasSourceNat = false;
+            if (isVPC && userIps.size() > 0 && userIps.get(0) != null) {
+                // All ips should belong to a VPC
+                final Long vpcId = userIps.get(0).getVpcId();
+                final List<IPAddressVO> sourceNatIps = _ipAddressDao.listByAssociatedVpc(vpcId, true);
+                if (sourceNatIps != null && sourceNatIps.size() > 0) {
+                    hasSourceNat = true;
+                }
+            }
 
             int ipsWithrules = 0;
             int ipsStaticNat = 0;
@@ -864,7 +873,7 @@ public class CommandSetupHelper {
             cmd.setAccessDetail(NetworkElementCommand.ZONE_NETWORK_TYPE, dcVo.getNetworkType().toString());
 
             // if there is 1 static nat then it will be checked for remove at the resource
-            if (ipsWithrules == 0 && ipsStaticNat == 0) {
+            if (ipsWithrules == 0 && ipsStaticNat == 0 && !hasSourceNat) {
                 // there is only one ip address for the network.
                 cmd.setAccessDetail(NetworkElementCommand.NETWORK_PUB_LAST_IP, "true");
             } else {
diff --git a/test/integration/smoke/test_vpc_redundant.py b/test/integration/smoke/test_vpc_redundant.py
index f2e75a5d59f..2fde8d99207 100644
--- a/test/integration/smoke/test_vpc_redundant.py
+++ b/test/integration/smoke/test_vpc_redundant.py
@@ -600,7 +600,7 @@ class TestVPCRedundancy(cloudstackTestCase):
 
         gc_wait = Configurations.list(self.apiclient, name="network.gc.wait")
         gc_interval = Configurations.list(self.apiclient, name="network.gc.interval")
-        
+
         self.logger.debug("network.gc.wait is ==> %s" % gc_wait)
         self.logger.debug("network.gc.interval is ==> %s" % gc_interval)
 
@@ -618,7 +618,7 @@ class TestVPCRedundancy(cloudstackTestCase):
 
     @attr(tags=["advanced", "intervlan"], required_hardware="true")
     def test_05_rvpc_multi_tiers(self):
-        """ Create a redundant VPC with 1 Tier, 1 VM, 1 ACL, 1 PF and test Network GC Nics"""
+        """ Create a redundant VPC with multiple tiers"""
         self.logger.debug("Starting test_05_rvpc_multi_tiers")
         self.query_routers()