Merge branch '4.22'

2026-05-01 22:51:01 +05:30 · 2026-05-01 22:51:01 +05:30 · 8906aa1d46
parent c07f1fd5d2 1f5dba9bd2
commit 8906aa1d46
7 changed files with 39 additions and 29 deletions
--- a/engine/schema/src/main/java/com/cloud/vm/dao/VMInstanceDaoImpl.java
+++ b/engine/schema/src/main/java/com/cloud/vm/dao/VMInstanceDaoImpl.java
@ -358,7 +358,8 @@ public class VMInstanceDaoImpl extends GenericDaoBase<VMInstanceVO, Long> implem
                IdsPowerStateSelectSearch.entity().getPowerHostId(),
                IdsPowerStateSelectSearch.entity().getPowerState(),
                IdsPowerStateSelectSearch.entity().getPowerStateUpdateCount(),
-                IdsPowerStateSelectSearch.entity().getPowerStateUpdateTime());
+                IdsPowerStateSelectSearch.entity().getPowerStateUpdateTime(),
+                IdsPowerStateSelectSearch.entity().getState());
        IdsPowerStateSelectSearch.done();

        CountByOfferingId = createSearchBuilder(Integer.class);
@ -1105,10 +1106,14 @@ public class VMInstanceDaoImpl extends GenericDaoBase<VMInstanceVO, Long> implem

    private boolean isPowerStateInSyncWithInstanceState(final VirtualMachine.PowerState powerState, final long powerHostId, final VMInstanceVO instance) {
        State instanceState = instance.getState();
+        if (instanceState == null) {
+            logger.warn("VM {} has null instance state during power state sync check, treating as out of sync", instance);
+            return false;
+        }
        if ((powerState == VirtualMachine.PowerState.PowerOff && instanceState == State.Running)
                || (powerState == VirtualMachine.PowerState.PowerOn && instanceState == State.Stopped)) {
            HostVO instanceHost = hostDao.findById(instance.getHostId());
-            HostVO powerHost = powerHostId == instance.getHostId() ? instanceHost : hostDao.findById(powerHostId);
+            HostVO powerHost = instance.getHostId() != null && powerHostId == instance.getHostId() ? instanceHost : hostDao.findById(powerHostId);
            logger.debug("VM: {} on host: {} and power host : {} is in {} state, but power state is {}",
                    instance, instanceHost, powerHost, instanceState, powerState);
            return false;
--- a/engine/schema/src/main/resources/META-INF/db/schema-42200to42210-cleanup.sql
+++ b/engine/schema/src/main/resources/META-INF/db/schema-42200to42210-cleanup.sql
@ -18,3 +18,9 @@
 --;
 -- Schema upgrade cleanup from 4.22.0.0 to 4.22.1.0
 --;
+
+-- Entries remaining on `cloud`.`resource_reservation` during the upgrade process are stale, so delete them.
+-- This script was added to normalize volume/primary storage reservations that got stuck due to a bug on VM deployment,
+-- but it is more interesting to introduce a smarter logic to clean these stale reservations in the future without the need
+-- for upgrades (for instance, by having a heartbeat_time column for the reservations and automatically cleaning old entries).
+DELETE FROM `cloud`.`resource_reservation`;
--- a/server/src/main/java/com/cloud/resourcelimit/ResourceLimitManagerImpl.java
+++ b/server/src/main/java/com/cloud/resourcelimit/ResourceLimitManagerImpl.java
@ -1042,7 +1042,8 @@ public class ResourceLimitManagerImpl extends ManagerBase implements ResourceLim

        ResourceLimitVO limit = _resourceLimitDao.findByOwnerIdAndTypeAndTag(ownerId, ownerType, resourceType, tag);

-        ActionEventUtils.onActionEvent(caller.getId(), caller.getAccountId(),
+        Long callingUserId = CallContext.current().getCallingUserId();
+        ActionEventUtils.onActionEvent(callingUserId, caller.getAccountId(),
                caller.getDomainId(), EventTypes.EVENT_RESOURCE_LIMIT_UPDATE,
                "Resource limit updated. Resource Type: " + resourceType + ", New Value: " + max,
                ownerResourceId, ownerResourceType.toString());
--- a/server/src/main/java/com/cloud/vm/UserVmManagerImpl.java
+++ b/server/src/main/java/com/cloud/vm/UserVmManagerImpl.java
@ -4349,9 +4349,7 @@ public class UserVmManagerImpl extends ManagerBase implements UserVmManager, Vir
        return resourceLimitService.getResourceLimitStorageTags(diskOfferingVO);
    }

-    private List<CheckedReservation> reserveStorageResourcesForVm(Account owner, Long diskOfferingId, Long diskSize, List<VmDiskInfo> dataDiskInfoList, Long rootDiskOfferingId, ServiceOfferingVO offering, Long rootDiskSize) throws ResourceAllocationException {
-        List <CheckedReservation> checkedReservations = new ArrayList<>();
-
+    private void reserveStorageResourcesForVm(List<Reserver> checkedReservations, Account owner, Long diskOfferingId, Long diskSize, List<VmDiskInfo> dataDiskInfoList, Long rootDiskOfferingId, ServiceOfferingVO offering, Long rootDiskSize) throws ResourceAllocationException {
        List<String> rootResourceLimitStorageTags = getResourceLimitStorageTags(rootDiskOfferingId != null ? rootDiskOfferingId : offering.getDiskOfferingId());
        CheckedReservation rootVolumeReservation = new CheckedReservation(owner, ResourceType.volume, rootResourceLimitStorageTags, 1L, reservationDao, resourceLimitService);
        checkedReservations.add(rootVolumeReservation);
@ -4359,12 +4357,12 @@ public class UserVmManagerImpl extends ManagerBase implements UserVmManager, Vir
        checkedReservations.add(rootPrimaryStorageReservation);

        if (diskOfferingId != null) {
-            List<String> additionalResourceLimitStorageTags = diskOfferingId != null ? getResourceLimitStorageTags(diskOfferingId) : null;
+            List<String> additionalResourceLimitStorageTags = getResourceLimitStorageTags(diskOfferingId);
            DiskOfferingVO diskOffering = _diskOfferingDao.findById(diskOfferingId);
            Long size = verifyAndGetDiskSize(diskOffering, diskSize);
-            CheckedReservation additionalVolumeReservation = diskOfferingId != null ? new CheckedReservation(owner, ResourceType.volume, additionalResourceLimitStorageTags, 1L, reservationDao, resourceLimitService) : null;
+            CheckedReservation additionalVolumeReservation = new CheckedReservation(owner, ResourceType.volume, additionalResourceLimitStorageTags, 1L, reservationDao, resourceLimitService);
            checkedReservations.add(additionalVolumeReservation);
-            CheckedReservation additionalPrimaryStorageReservation = diskOfferingId != null ? new CheckedReservation(owner, ResourceType.primary_storage, additionalResourceLimitStorageTags, size, reservationDao, resourceLimitService) : null;
+            CheckedReservation additionalPrimaryStorageReservation = new CheckedReservation(owner, ResourceType.primary_storage, additionalResourceLimitStorageTags, size, reservationDao, resourceLimitService);
            checkedReservations.add(additionalPrimaryStorageReservation);

        }
@ -4380,7 +4378,6 @@ public class UserVmManagerImpl extends ManagerBase implements UserVmManager, Vir
                checkedReservations.add(additionalPrimaryStorageReservation);
            }
        }
-        return checkedReservations;
    }

    private UserVm getUncheckedUserVmResource(DataCenter zone, String hostName, String displayName, Account owner,
@ -4392,10 +4389,10 @@ public class UserVmManagerImpl extends ManagerBase implements UserVmManager, Vir
        Map<String, String> userVmOVFPropertiesMap, boolean dynamicScalingEnabled, String vmType, VMTemplateVO template,
        HypervisorType hypervisorType, long accountId, ServiceOfferingVO offering, boolean isIso,
        Long rootDiskOfferingId, long volumesSize, Volume volume, Snapshot snapshot) throws ResourceAllocationException {
-        List<CheckedReservation> checkedReservations = new ArrayList<>();
+        List<Reserver> checkedReservations = new ArrayList<>();

        try {
-            checkedReservations = reserveStorageResourcesForVm(owner, diskOfferingId, diskSize, dataDiskInfoList, rootDiskOfferingId, offering, volumesSize);
+            reserveStorageResourcesForVm(checkedReservations, owner, diskOfferingId, diskSize, dataDiskInfoList, rootDiskOfferingId, offering, volumesSize);

            // verify security group ids
            if (securityGroupIdList != null) {
@ -4686,14 +4683,7 @@ public class UserVmManagerImpl extends ManagerBase implements UserVmManager, Vir
            logger.error("error during resource reservation and allocation", e);
            throw new CloudRuntimeException(e);
        } finally {
-            for (CheckedReservation checkedReservation : checkedReservations) {
-                try {
-                    checkedReservation.close();
-                } catch (Exception e) {
-                    logger.error("error during resource reservation and allocation", e);
-                    throw new CloudRuntimeException(e);
-                }
-            }
+            ReservationHelper.closeAll(checkedReservations);
        }
    }

--- a/ui/src/views/network/VpnCustomerGateway.vue
+++ b/ui/src/views/network/VpnCustomerGateway.vue
@ -372,9 +372,13 @@ export default {
        'Group 15': 'modp3072',
        'Group 16': 'modp4096',
        'Group 17': 'modp6144',
-        'Group 18': 'modp8192'
+        'Group 18': 'modp8192',
+        'Group 22': 'modp1024s160',
+        'Group 23': 'modp2048s224',
+        'Group 24': 'modp2048s256',
+        'Group 31': 'curve25519'
      },
-      ikeDhGroupInitialKey: 'Group 5',
+      ikeDhGroupInitialKey: 'Group 31',
      isSubmitted: false,
      ikeversion: 'ike',
      allowedEncryptionAlgos: [],
@ -401,12 +405,12 @@ export default {
        gateway: '',
        cidrlist: '',
        ipsecpsk: '',
-        ikeEncryption: '',
-        ikeHash: '',
-        ikeversion: '',
-        ikeDh: '',
-        espEncryption: '',
-        espHash: '',
+        ikeEncryption: 'aes256',
+        ikeHash: 'sha1',
+        ikeversion: 'ike',
+        ikeDh: 'Group 31(curve 25519)',
+        espEncryption: 'aes256',
+        espHash: 'sha256',
        perfectForwardSecrecy: 'None',
        ikelifetime: '86400',
        esplifetime: '3600',
--- a/utils/src/main/java/com/cloud/utils/net/NetUtils.java
+++ b/utils/src/main/java/com/cloud/utils/net/NetUtils.java
@ -1265,7 +1265,7 @@ public class NetUtils {
            if (group == null && policyType.toLowerCase().matches("ike")) {
                return false; // StrongSwan requires a DH group for the IKE policy
            }
-            if (group != null && !group.matches("modp1024|modp1536|modp2048|modp3072|modp4096|modp6144|modp8192")) {
+            if (group != null && !group.matches("modp1024|modp1536|modp2048|modp3072|modp4096|modp6144|modp8192|modp1024s160|modp2048s224|modp2048s256|curve25519")) {
                return false;
            }
        }
--- a/utils/src/test/java/com/cloud/utils/net/NetUtilsTest.java
+++ b/utils/src/test/java/com/cloud/utils/net/NetUtilsTest.java
@ -131,6 +131,10 @@ public class NetUtilsTest {
        assertTrue(NetUtils.isValidS2SVpnPolicy("ike", "3des-md5;modp1024"));
        assertTrue(NetUtils.isValidS2SVpnPolicy("ike", "3des-sha1;modp3072,aes128-sha1;modp1536"));
        assertTrue(NetUtils.isValidS2SVpnPolicy("ike", "3des-sha256;modp3072,aes128-sha512;modp1536"));
+        assertTrue(NetUtils.isValidS2SVpnPolicy("ike", "aes256-sha256;modp1024s160"));
+        assertTrue(NetUtils.isValidS2SVpnPolicy("ike", "aes256-sha256;modp2048s224"));
+        assertTrue(NetUtils.isValidS2SVpnPolicy("ike", "aes256-sha256;modp2048s256"));
+        assertTrue(NetUtils.isValidS2SVpnPolicy("ike", "aes256-sha256;curve25519"));
        assertFalse(NetUtils.isValidS2SVpnPolicy("ike", "aes128-sha1"));
        assertFalse(NetUtils.isValidS2SVpnPolicy("ike", "3des-sha1"));
        assertFalse(NetUtils.isValidS2SVpnPolicy("ike", "3des-sha1,aes256-sha1"));