VPC restart cleanup for Public networks with multi-CIDR data (#12622)

* Fix VPC restart with multi-CIDR networks: handle comma-separated CIDR in NetworkVO.equals() When a network has multiple CIDRs (e.g. '192.168.2.0/24,160.0.0.0/24'), NetworkVO.equals() passes the raw comma-separated string to NetUtils.isNetworkAWithinNetworkB() which expects a single CIDR, causing 'cidr is not formatted correctly' error during VPC restart with cleanup=true. Extract only the first CIDR value before passing to NetUtils. * Fix root cause: skip CIDR/gateway updates for Public traffic type networks addCidrAndGatewayForIpv4/Ipv6 (introduced by PR #11249) was called for all network types without checking if the network is Public. This caused comma-separated CIDRs to be stored on Public networks, which then triggered 'cidr is not formatted correctly' errors during VPC restart. Add TrafficType.Public guard in both the VLAN creation (addCidr) and VLAN deletion (removeCidr) paths in ConfigurationManagerImpl. * Sanitize legacy network-level addressing fields for Public networks --------- Co-authored-by: dahn <daan@onecht.net>
2026-04-13 09:18:29 -03:00 · 2026-04-13 09:18:29 -03:00 · ae455ee193
parent 47c5bb8ee7
commit ae455ee193
2 changed files with 17 additions and 5 deletions
--- a/engine/schema/src/main/resources/META-INF/db/schema-42200to42210.sql
+++ b/engine/schema/src/main/resources/META-INF/db/schema-42200to42210.sql
@ -34,6 +34,15 @@ UPDATE `cloud`.`alert` SET type = 34 WHERE name = 'ALERT.VR.PRIVATE.IFACE.MTU';
 -- Update configuration 'kvm.ssh.to.agent' description and is_dynamic fields
 UPDATE `cloud`.`configuration` SET description = 'True if the management server will restart the agent service via SSH into the KVM hosts after or during maintenance operations', is_dynamic = 1 WHERE name = 'kvm.ssh.to.agent';

+-- Sanitize legacy network-level addressing fields for Public networks
+UPDATE `cloud`.`networks`
+SET `broadcast_uri` = NULL,
+	`gateway` = NULL,
+	`cidr` = NULL,
+	`ip6_gateway` = NULL,
+	`ip6_cidr` = NULL
+WHERE `traffic_type` = 'Public';
+
 UPDATE `cloud`.`vm_template` SET guest_os_id = 99 WHERE name = 'kvm-default-vm-import-dummy-template';

 -- Update existing vm_template records with NULL type to "USER"
--- a/server/src/main/java/com/cloud/configuration/ConfigurationManagerImpl.java
+++ b/server/src/main/java/com/cloud/configuration/ConfigurationManagerImpl.java
@ -5428,7 +5428,7 @@ public class ConfigurationManagerImpl extends ManagerBase implements Configurati
        final VlanVO vlan = commitVlanAndIpRange(zoneId, networkId, physicalNetworkId, podId, startIP, endIP, vlanGateway, vlanNetmask, vlanId, domain, vlanOwner, vlanIp6Gateway, vlanIp6Cidr,
                ipv4, zone, vlanType, ipv6Range, ipRange, forSystemVms, provider);

-        if (vlan != null) {
+        if (vlan != null && network.getTrafficType() != TrafficType.Public) {
            if (ipv4) {
                addCidrAndGatewayForIpv4(networkId, vlanGateway, vlanNetmask);
            } else if (ipv6) {
@ -6507,11 +6507,14 @@ public class ConfigurationManagerImpl extends ManagerBase implements Configurati
            final boolean ipv4 = deletedVlan.getVlanGateway() != null;
            final boolean ipv6 = deletedVlan.getIp6Gateway() != null;
            final long networkId = deletedVlan.getNetworkId();
+            final NetworkVO networkVO = _networkDao.findById(networkId);

-            if (ipv4) {
-                removeCidrAndGatewayForIpv4(networkId, deletedVlan);
-            } else if (ipv6) {
-                removeCidrAndGatewayForIpv6(networkId, deletedVlan);
+            if (networkVO != null && networkVO.getTrafficType() != TrafficType.Public) {
+                if (ipv4) {
+                    removeCidrAndGatewayForIpv4(networkId, deletedVlan);
+                } else if (ipv6) {
+                    removeCidrAndGatewayForIpv6(networkId, deletedVlan);
+                }
            }

            messageBus.publish(_name, MESSAGE_DELETE_VLAN_IP_RANGE_EVENT, PublishScope.LOCAL, deletedVlan);