CLOUDSTACK-3409: Do not clean up security group rules for Instances in the "paused" state.

When 'security_group.py cleanup_rules' is called by the KVM Agent it will clean up all Instances not in the "running" state according to libvirt. However, when a snapshot is created of a Instance it will go to the "paused" state while the snapshot is created. This leads to Security Rules being removed when a Instance is being snapshotted and the cleanup process is initiated.
2013-07-10 12:50:06 +02:00 · 2013-07-10 12:50:06 +02:00 · 8e4e56f731
parent d65f47c76a
commit 8e4e56f731
1 changed files with 10 additions and 10 deletions
--- a/scripts/vm/network/security_group.py
+++ b/scripts/vm/network/security_group.py
@ -621,18 +621,18 @@ def cleanup_rules():
            if 1 in [ chain.startswith(c) for c in ['r-', 'i-', 's-', 'v-'] ]:
                vm_name = chain
                
-                cmd = "virsh list |grep " + vm_name 
+                cmd = "virsh list |grep " + vm_name + "|awk '{print $3}'"
                try:
-                    result = execute(cmd)
+                    result = execute(cmd).strip()
                except:
                    result = None

                if result == None or len(result) == 0:
-                    logging.debug("chain " + chain + " does not correspond to a vm, cleaning up")
+                    logging.debug("chain " + chain + " does not correspond to a vm, cleaning up iptable rules")
                    cleanup.append(vm_name)
                    continue
-                if result.find("running") == -1:
-                    logging.debug("vm " + vm_name + " is not running, cleaning up")
+                if not (result == "running" or result == "paused"):
+                    logging.debug("vm " + vm_name + " is not running or paused, cleaning up iptable rules")
                    cleanup.append(vm_name)
        
        chainscmd = "ebtables-save |grep :i |awk '{print $1}' |sed -e 's/\-in//g' |sed -e 's/\-out//g' |sed -e 's/^://g'"
@ -641,18 +641,18 @@ def cleanup_rules():
            if 1 in [ chain.startswith(c) for c in ['r-', 'i-', 's-', 'v-'] ]:
                vm_name = chain
    
-                cmd = "virsh list |grep " + vm_name
+                cmd = "virsh list |grep " + vm_name + "|awk '{print $3}'"
                try:
-                    result = execute(cmd)
+                    result = execute(cmd).strip()
                except:
                    result = None

                if result == None or len(result) == 0:
-                    logging.debug("chain " + chain + " does not correspond to a vm, cleaning up")
+                    logging.debug("chain " + chain + " does not correspond to a vm, cleaning up ebtable rules")
                    cleanup.append(vm_name)
                    continue
-                if result.find("running") == -1:
-                    logging.debug("vm " + vm_name + " is not running, cleaning up")
+                if not (result == "running" or result == "paused"):
+                    logging.debug("vm " + vm_name + " is not running or paused, cleaning up ebtable rules")
                    cleanup.append(vm_name)

        for vmname in cleanup: