Skip to content

Commit ba4b8f1

Browse files
author
Alena Prokharchyk
committed
LOUDSTACK-751: changed the way the code retrieves the blacklisted.routes config. Now it always reads it from the DB while before we used to load it only on the management server start, and the update happened only after MS restart
1 parent 2712ddd commit ba4b8f1

File tree

2 files changed

+22
-34
lines changed

2 files changed

+22
-34
lines changed

server/src/com/cloud/configuration/ConfigurationManagerImpl.java

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -590,7 +590,8 @@ private String validateConfigurationValue(String name, String value, String scop
590590
if (route != null) {
591591
String routeToVerify = route.trim();
592592
if (!NetUtils.isValidCIDR(routeToVerify)) {
593-
throw new InvalidParameterValueException("Invalid value for blacklisted route: " + route);
593+
throw new InvalidParameterValueException("Invalid value for blacklisted route: " + route + ". Valid format is list" +
594+
" of cidrs separated by coma. Example: 10.1.1.0/24,192.168.0.0/24");
594595
}
595596
}
596597
}

server/src/com/cloud/network/vpc/VpcManagerImpl.java

Lines changed: 20 additions & 33 deletions
Original file line numberDiff line numberDiff line change
@@ -39,11 +39,9 @@
3939

4040
import com.cloud.configuration.Config;
4141
import com.cloud.configuration.ConfigurationManager;
42-
import com.cloud.configuration.ConfigurationVO;
4342
import com.cloud.configuration.Resource.ResourceType;
4443
import com.cloud.configuration.dao.ConfigurationDao;
4544
import com.cloud.dc.DataCenter;
46-
import com.cloud.dc.DataCenterVO;
4745
import com.cloud.dc.Vlan.VlanType;
4846
import com.cloud.dc.VlanVO;
4947
import com.cloud.dc.dao.DataCenterDao;
@@ -187,9 +185,7 @@ public class VpcManagerImpl extends ManagerBase implements VpcManager, VpcProvis
187185
private List<VpcProvider> vpcElements = null;
188186
private final List<Service> nonSupportedServices = Arrays.asList(Service.SecurityGroup, Service.Firewall);
189187
private final List<Provider> supportedProviders = Arrays.asList(Provider.VPCVirtualRouter, Provider.NiciraNvp);
190-
191-
private Map<Long, Set<String>> zoneBlackListedRoutes;
192-
188+
193189
int _cleanupInterval;
194190
int _maxNetworks;
195191
SearchBuilder<IPAddressVO> IpAddressSearch;
@@ -240,26 +236,6 @@ public boolean configure(String name, Map<String, Object> params) throws Configu
240236
IpAddressSearch.join("virtualNetworkVlanSB", virtualNetworkVlanSB, IpAddressSearch.entity().getVlanId(), virtualNetworkVlanSB.entity().getId(), JoinBuilder.JoinType.INNER);
241237
IpAddressSearch.done();
242238

243-
//populate blacklisted routes
244-
List<DataCenterVO> zones = _dcDao.listAllZones();
245-
zoneBlackListedRoutes = new HashMap<Long, Set<String>>();
246-
for (DataCenterVO zone : zones) {
247-
List<ConfigurationVO> confs = _configServer.getConfigListByScope(Config.ConfigurationParameterScope.zone.toString(), zone.getId());
248-
for (ConfigurationVO conf : confs) {
249-
String routeStr = conf.getValue();
250-
if (conf.getName().equalsIgnoreCase(Config.BlacklistedRoutes.key()) && routeStr != null && !routeStr.isEmpty()) {
251-
String[] routes = routeStr.split(",");
252-
Set<String> cidrs = new HashSet<String>();
253-
for (String route : routes) {
254-
cidrs.add(route);
255-
}
256-
257-
zoneBlackListedRoutes.put(zone.getId(), cidrs);
258-
break;
259-
}
260-
}
261-
}
262-
263239
return true;
264240
}
265241

@@ -1684,14 +1660,8 @@ public StaticRoute createStaticRoute(long gatewayId, String cidr) throws Network
16841660
}
16851661

16861662
//3) Verify against blacklisted routes
1687-
Set<String> cidrBlackList = zoneBlackListedRoutes.get(vpc.getZoneId());
1688-
1689-
if (cidrBlackList != null && !cidrBlackList.isEmpty()) {
1690-
for (String blackListedRoute : cidrBlackList) {
1691-
if (NetUtils.isNetworksOverlap(blackListedRoute, cidr)) {
1692-
throw new InvalidParameterValueException("The static gateway cidr overlaps with one of the blacklisted routes of the VPC zone");
1693-
}
1694-
}
1663+
if (isCidrBlacklisted(cidr, vpc.getZoneId())) {
1664+
throw new InvalidParameterValueException("The static gateway cidr overlaps with one of the blacklisted routes of the zone the VPC belongs to");
16951665
}
16961666

16971667
Transaction txn = Transaction.currentTxn();
@@ -1713,6 +1683,23 @@ public StaticRoute createStaticRoute(long gatewayId, String cidr) throws Network
17131683
return newRoute;
17141684
}
17151685

1686+
protected boolean isCidrBlacklisted(String cidr, long zoneId) {
1687+
String routesStr = _configServer.getConfigValue(Config.BlacklistedRoutes.key(), Config.ConfigurationParameterScope.zone.toString(), zoneId);
1688+
if (routesStr != null && !routesStr.isEmpty()) {
1689+
String[] cidrBlackList = routesStr.split(",");
1690+
1691+
if (cidrBlackList != null && cidrBlackList.length > 0) {
1692+
for (String blackListedRoute : cidrBlackList) {
1693+
if (NetUtils.isNetworksOverlap(blackListedRoute, cidr)) {
1694+
return true;
1695+
}
1696+
}
1697+
}
1698+
}
1699+
1700+
return false;
1701+
}
1702+
17161703
@Override
17171704
public Pair<List<? extends StaticRoute>, Integer> listStaticRoutes(ListStaticRoutesCmd cmd) {
17181705
Long id = cmd.getId();

0 commit comments

Comments
 (0)