bug 8937: throw an Exception when fail to reapply Firewall rules as a part of network Implement

status 8937: resolved fixed

server/src/com/cloud/network/NetworkManagerImpl.java

@@ -1099,33 +1099,28 @@ public class NetworkManagerImpl implements NetworkManager, NetworkService, Manag
             network.setMode(result.getMode());
             _networksDao.update(networkId, network);
 
-            boolean success = true;
+            
             for (NetworkElement element : _networkElements) {
                 if (s_logger.isDebugEnabled()) {
                     s_logger.debug("Asking " + element.getName() + " to implmenet " + network);
                 }
                 element.implement(network, offering, dest, context);
-                //reapply all the firewall/staticNat/lb rules
-                s_logger.debug("Applying network rules as a part of network " +  network + " implement...");
-                if (!restartNetwork(networkId, false, context)) {
-                    success = false;
-                    s_logger.warn("Failed to reapply network rules as a part of network " + network + " implement");
-                }
             }
             
-            //only when all the network rules got re-implemented successfully, assume that the network is Impelemented
-            if (success) {
-                network.setState(Network.State.Implemented);
-                _networksDao.update(network.getId(), network);
-                implemented.set(guru, network);
-            } else {
-                s_logger.warn("Failed to implement the network " + network + " as some network rules failed to reapply");
-            }
-  
+            //reapply all the firewall/staticNat/lb rules
+            s_logger.debug("Applying network rules as a part of network " +  network + " implement...");
+            if (!restartNetwork(networkId, false, context.getAccount())) {
+                s_logger.warn("Failed to reapply network rules as a part of network " + network + " implement");
+                throw new ResourceUnavailableException("Unable to apply network rules as a part of network " + network + " implement", DataCenter.class, network.getDataCenterId());
+            } 
+            
+            network.setState(Network.State.Implemented);
+            _networksDao.update(network.getId(), network);
+            implemented.set(guru, network);
             return implemented;
         } finally {
             if (implemented.first() == null) {
-                s_logger.debug("Cleaning up because we're unable to implement network " + network);
+                s_logger.debug("Cleaning up because we're unable to implement the network " + network);
                 network.setState(Network.State.Shutdown);
                 _networksDao.update(networkId, network);
                 
@@ -2111,15 +2106,12 @@ public class NetworkManagerImpl implements NetworkManager, NetworkService, Manag
             throw new InvalidParameterValueException("Network is not in the right state to be restarted. Correct states are: " + Network.State.Implemented + ", " + Network.State.Setup);
         }
         
-        Account owner = _accountMgr.getAccount(network.getAccountId());
-        ReservationContext context = new ReservationContextImpl(null, null, caller, owner);
-        
         _accountMgr.checkAccess(callerAccount, network);
         
         boolean success = true;
 
         //Restart network - network elements restart is required
-        success = restartNetwork(networkId, true, context);
+        success = restartNetwork(networkId, true, callerAccount);
         
         if (success) {
             s_logger.debug("Network id=" + networkId + " is restarted successfully.");
@@ -2150,7 +2142,7 @@ public class NetworkManagerImpl implements NetworkManager, NetworkService, Manag
         }
     }
     
-    private boolean restartNetwork(long networkId, boolean restartElements, ReservationContext context) throws ConcurrentOperationException, ResourceUnavailableException, InsufficientCapacityException {
+    private boolean restartNetwork(long networkId, boolean restartElements, Account caller) throws ConcurrentOperationException, ResourceUnavailableException, InsufficientCapacityException {
         boolean success = true;
         
         NetworkVO network = _networksDao.findById(networkId);
@@ -2161,7 +2153,7 @@ public class NetworkManagerImpl implements NetworkManager, NetworkService, Manag
             s_logger.debug("Restarting network elements for the network " + network);
             for (NetworkElement element : _networkElements) {
                 //stop and start the network element
-                if (!element.restart(network, context)) {
+                if (!element.restart(network, null)) {
                     s_logger.warn("Failed to restart network element(s) as a part of network id" + networkId + " restart");
                     success = false;
                 }   
@@ -2175,13 +2167,13 @@ public class NetworkManagerImpl implements NetworkManager, NetworkService, Manag
         }
         
         //apply port forwarding rules
-        if (!_rulesMgr.applyPortForwardingRulesForNetwork(networkId, false, context.getAccount())) {
+        if (!_rulesMgr.applyPortForwardingRulesForNetwork(networkId, false, caller)) {
             s_logger.warn("Failed to reapply port forwarding rule(s) as a part of network id=" + networkId + " restart");
             success = false;
         }
         
         //apply static nat rules
-        if (!_rulesMgr.applyStaticNatRulesForNetwork(networkId, false, context.getAccount())) {
+        if (!_rulesMgr.applyStaticNatRulesForNetwork(networkId, false, caller)) {
             s_logger.warn("Failed to reapply static nat rule(s) as a part of network id=" + networkId + " restart");
             success = false;
         }

server/src/com/cloud/network/router/VirtualNetworkApplianceManagerImpl.java

@@ -1224,7 +1224,8 @@ public class VirtualNetworkApplianceManagerImpl implements VirtualNetworkApplian
         dhcpCommand.setAccessDetail(NetworkElementCommand.ROUTER_NAME, router.getInstanceName());
         cmds.addCommand("dhcp", dhcpCommand);
 
-        if (password != null) {
+        //password should be set only on default network element
+        if (password != null && network.isDefault()) {
             final String encodedPassword = rot13(password);
             SavePasswordCommand cmd = new SavePasswordCommand(encodedPassword, nic.getIp4Address(), profile.getVirtualMachine().getName());
             cmd.setAccessDetail(NetworkElementCommand.ROUTER_IP, router.getPrivateIpAddress());

server/src/com/cloud/vm/VirtualMachineManagerImpl.java

@@ -1136,18 +1136,8 @@ public class VirtualMachineManagerImpl implements VirtualMachineManager, Listene
             cluster = _configMgr.getCluster(host.getClusterId());
         }
         DeployDestination dest = new DeployDestination(dc, pod, cluster, host);
-        ReservationContext ctx = new ReservationContextImpl(null, null, caller, account);
             
         try {
-            //implement networks if needed - underlying code will check if network needs to be implemented again.
-            List<? extends Nic> nics = _networkMgr.getNics(vm.getId());
-            
-            for (Nic nic : nics) {
-                if (!_networkMgr.startNetwork(nic.getNetworkId(), dest, ctx)) {
-                    s_logger.warn("Failed to start network id=" + nic.getNetworkId() + " as a part of vm " + vm + " reboot");
-                    throw new CloudRuntimeException("Failed to implement network id=" + nic.getNetworkId() + " as a part of vm " + vm + " reboot");
-                }
-            }
             
             Commands cmds = new Commands(OnError.Revert);
             cmds.addCommand(new RebootCommand(vm.getName()));