From aa78c9bfb9c6bbce595fdcd54f2172906b2e8f86 Mon Sep 17 00:00:00 2001 From: Alena Prokharchyk Date: Tue, 22 Nov 2011 16:17:02 -0800 Subject: [PATCH] vm Expunge: check that securityGroup-Vm mappings exists before locking the row in userVm table --- .../com/cloud/network/NetworkManagerImpl.java | 1 - .../security/SecurityGroupManager.java | 2 +- .../security/SecurityGroupManagerImpl.java | 11 +++++----- .../security/dao/SecurityGroupVMMapDao.java | 3 ++- .../dao/SecurityGroupVMMapDaoImpl.java | 21 ++++++++++++++++++- 5 files changed, 29 insertions(+), 9 deletions(-) diff --git a/server/src/com/cloud/network/NetworkManagerImpl.java b/server/src/com/cloud/network/NetworkManagerImpl.java index 807359355e5..9ccbab91dd6 100755 --- a/server/src/com/cloud/network/NetworkManagerImpl.java +++ b/server/src/com/cloud/network/NetworkManagerImpl.java @@ -4907,7 +4907,6 @@ public class NetworkManagerImpl implements NetworkManager, NetworkService, Manag //get provider for the service and check if all of them are supported String provider = _ntwkSrvcDao.getProviderForServiceInNetwork(networkId, service); - if (!isProviderEnabledInPhysicalNetwork(physicalNetworkId, provider)) { s_logger.debug("Provider " + provider + " is not enabled in physical network id=" + physicalNetworkId); return false; diff --git a/server/src/com/cloud/network/security/SecurityGroupManager.java b/server/src/com/cloud/network/security/SecurityGroupManager.java index d0aabc75e87..7b3fb3b3a8a 100644 --- a/server/src/com/cloud/network/security/SecurityGroupManager.java +++ b/server/src/com/cloud/network/security/SecurityGroupManager.java @@ -40,7 +40,7 @@ public interface SecurityGroupManager { public boolean addInstanceToGroups(Long userVmId, List groups); - public void removeInstanceFromGroups(Long userVmId); + public void removeInstanceFromGroups(long userVmId); public void fullSync(long agentId, HashMap> newGroupStates); diff --git a/server/src/com/cloud/network/security/SecurityGroupManagerImpl.java b/server/src/com/cloud/network/security/SecurityGroupManagerImpl.java index 688d09918d5..9c93e4cfb7f 100755 --- a/server/src/com/cloud/network/security/SecurityGroupManagerImpl.java +++ b/server/src/com/cloud/network/security/SecurityGroupManagerImpl.java @@ -64,7 +64,6 @@ import com.cloud.exception.PermissionDeniedException; import com.cloud.exception.ResourceInUseException; import com.cloud.hypervisor.Hypervisor.HypervisorType; import com.cloud.network.Network; -import com.cloud.network.Network.Service; import com.cloud.network.NetworkManager; import com.cloud.network.security.SecurityGroupWork.Step; import com.cloud.network.security.dao.IngressRuleDao; @@ -958,10 +957,11 @@ public class SecurityGroupManagerImpl implements SecurityGroupManager, SecurityG @Override @DB - public void removeInstanceFromGroups(Long userVmId) { - if (!isVmSecurityGroupEnabled(userVmId)) { - return; - } + public void removeInstanceFromGroups(long userVmId) { + if (_securityGroupVMMapDao.countSGForVm(userVmId) < 1) { + s_logger.trace("No security groups found for vm id=" + userVmId + ", returning"); + return; + } final Transaction txn = Transaction.currentTxn(); txn.start(); UserVm userVm = _userVMDao.acquireInLockTable(userVmId); // ensures that duplicate entries are not created in @@ -973,6 +973,7 @@ public class SecurityGroupManagerImpl implements SecurityGroupManager, SecurityG s_logger.info("Disassociated " + n + " network groups " + " from uservm " + userVmId); _userVMDao.releaseFromLockTable(userVmId); txn.commit(); + s_logger.debug("Security group mappings are removed successfully for vm id=" + userVmId); } @DB diff --git a/server/src/com/cloud/network/security/dao/SecurityGroupVMMapDao.java b/server/src/com/cloud/network/security/dao/SecurityGroupVMMapDao.java index 488ff61acb6..db0237a02ba 100644 --- a/server/src/com/cloud/network/security/dao/SecurityGroupVMMapDao.java +++ b/server/src/com/cloud/network/security/dao/SecurityGroupVMMapDao.java @@ -32,5 +32,6 @@ public interface SecurityGroupVMMapDao extends GenericDao listBySecurityGroup(long securityGroupId, State ... vmStates); int deleteVM(long instanceid); List listVmIdsBySecurityGroup(long securityGroupId); - SecurityGroupVMMapVO findByVmIdGroupId(long instanceId, long securityGroupId); + SecurityGroupVMMapVO findByVmIdGroupId(long instanceId, long securityGroupId); + long countSGForVm(long instanceId); } diff --git a/server/src/com/cloud/network/security/dao/SecurityGroupVMMapDaoImpl.java b/server/src/com/cloud/network/security/dao/SecurityGroupVMMapDaoImpl.java index dd8e0c8370a..3a66e4be987 100644 --- a/server/src/com/cloud/network/security/dao/SecurityGroupVMMapDaoImpl.java +++ b/server/src/com/cloud/network/security/dao/SecurityGroupVMMapDaoImpl.java @@ -22,11 +22,17 @@ import java.util.List; import javax.ejb.Local; +import com.cloud.dc.VlanVO; +import com.cloud.dc.Vlan.VlanType; +import com.cloud.network.IPAddressVO; import com.cloud.network.security.SecurityGroupVMMapVO; import com.cloud.utils.db.GenericDaoBase; import com.cloud.utils.db.GenericSearchBuilder; +import com.cloud.utils.db.JoinBuilder; import com.cloud.utils.db.SearchBuilder; import com.cloud.utils.db.SearchCriteria; +import com.cloud.utils.db.SearchCriteria.Func; +import com.cloud.utils.db.SearchCriteria.Op; import com.cloud.vm.VirtualMachine.State; @Local(value={SecurityGroupVMMapDao.class}) @@ -34,6 +40,7 @@ public class SecurityGroupVMMapDaoImpl extends GenericDaoBase ListByIpAndVmId; private SearchBuilder ListByVmId; private SearchBuilder ListByVmIdGroupId; + protected GenericSearchBuilder CountSGForVm; private GenericSearchBuilder ListVmIdBySecurityGroup; @@ -72,7 +79,12 @@ public class SecurityGroupVMMapDaoImpl extends GenericDaoBase sc = CountSGForVm.create(); + sc.setParameters("vmId", instanceId); + return customSearch(sc, null).get(0); + } }