From aca606e51062b4d4a7a7402437852884893c8ade Mon Sep 17 00:00:00 2001
From: Nicolas Vazquez <nicovazquez90@gmail.com>
Date: Thu, 23 May 2024 12:47:45 -0300
Subject: [PATCH] Improve network rules cleanup on failure adding external
 nodes to CKS cluster

---
 .../cluster/actionworkers/KubernetesClusterAddWorker.java | 7 +++++++
 .../cluster/AddNodesToKubernetesClusterCmd.java           | 8 +++-----
 2 files changed, 10 insertions(+), 5 deletions(-)

diff --git a/plugins/integrations/kubernetes-service/src/main/java/com/cloud/kubernetes/cluster/actionworkers/KubernetesClusterAddWorker.java b/plugins/integrations/kubernetes-service/src/main/java/com/cloud/kubernetes/cluster/actionworkers/KubernetesClusterAddWorker.java
index df63c5a1bb0..2d22d295aab 100644
--- a/plugins/integrations/kubernetes-service/src/main/java/com/cloud/kubernetes/cluster/actionworkers/KubernetesClusterAddWorker.java
+++ b/plugins/integrations/kubernetes-service/src/main/java/com/cloud/kubernetes/cluster/actionworkers/KubernetesClusterAddWorker.java
@@ -250,6 +250,10 @@ public class KubernetesClusterAddWorker extends KubernetesClusterActionWorker {
             revertNetworkRules(network, nodeId, sshStartPort);
             return new Pair<>( false, nodeIndex);
         } catch (Exception e) {
+            String errMsg = String.format("Unexpected exception while trying to add the external node %s to the Kubernetes cluster %s: %s",
+                    nodeId, kubernetesCluster.getName(), e.getMessage());
+            LOGGER.error(errMsg, e);
+            revertNetworkRules(network, nodeId, sshStartPort);
             throw new CloudRuntimeException(e);
         }
         return new Pair<>(true, ++nodeIndex);
@@ -305,12 +309,15 @@ public class KubernetesClusterAddWorker extends KubernetesClusterActionWorker {
     }
 
     private void revertNetworkRules(Network network, long vmId, int port) {
+        LOGGER.debug(String.format("Reverting network rules for VM ID %s on network %s", vmId, network.getName()));
         FirewallRuleVO ruleVO = firewallRulesDao.findByNetworkIdAndPorts(network.getId(), port, port);
         if (Objects.isNull(network.getVpcId())) {
+            LOGGER.debug(String.format("Removing firewall rule %s", ruleVO.getId()));
             firewallService.revokeIngressFirewallRule(ruleVO.getId(), true);
         }
         List<PortForwardingRuleVO> pfRules = portForwardingRulesDao.listByVm(vmId);
         for (PortForwardingRuleVO pfRule : pfRules) {
+            LOGGER.debug(String.format("Removing port forwarding rule %s", pfRule.getId()));
             rulesService.revokePortForwardingRule(pfRule.getId(), true);
         }
     }
diff --git a/plugins/integrations/kubernetes-service/src/main/java/org/apache/cloudstack/api/command/user/kubernetes/cluster/AddNodesToKubernetesClusterCmd.java b/plugins/integrations/kubernetes-service/src/main/java/org/apache/cloudstack/api/command/user/kubernetes/cluster/AddNodesToKubernetesClusterCmd.java
index 9dc7ad06957..296bbc82099 100644
--- a/plugins/integrations/kubernetes-service/src/main/java/org/apache/cloudstack/api/command/user/kubernetes/cluster/AddNodesToKubernetesClusterCmd.java
+++ b/plugins/integrations/kubernetes-service/src/main/java/org/apache/cloudstack/api/command/user/kubernetes/cluster/AddNodesToKubernetesClusterCmd.java
@@ -19,7 +19,6 @@ package org.apache.cloudstack.api.command.user.kubernetes.cluster;
 import com.cloud.kubernetes.cluster.KubernetesClusterEventTypes;
 import com.cloud.kubernetes.cluster.KubernetesClusterService;
 
-import com.cloud.utils.exception.CloudRuntimeException;
 import org.apache.cloudstack.acl.RoleType;
 import org.apache.cloudstack.api.APICommand;
 import org.apache.cloudstack.api.ApiCommandResourceType;
@@ -109,14 +108,13 @@ public class AddNodesToKubernetesClusterCmd extends BaseAsyncCmd {
     @Override
     public void execute() {
         try {
-            if (!kubernetesClusterService.addNodesToKubernetesCluster(this)) {
-                throw new ServerApiException(ApiErrorCode.INTERNAL_ERROR, String.format("Failed to add node(s) Kubernetes cluster ID: %d", getClusterId()));
-            }
+            kubernetesClusterService.addNodesToKubernetesCluster(this);
             final KubernetesClusterResponse response = kubernetesClusterService.createKubernetesClusterResponse(getClusterId());
             response.setResponseName(getCommandName());
             setResponseObject(response);
         } catch (Exception e) {
-            throw new CloudRuntimeException(String.format("Failed to add nodes to cluster due to: %s", e.getLocalizedMessage()), e);
+            throw new ServerApiException(ApiErrorCode.INTERNAL_ERROR, String.format("Failed to add nodes to cluster ID %s due to: %s",
+                    getClusterId(), e.getLocalizedMessage()), e);
         }
     }