(cloudstack) branch 4.22 updated: [4.22] Prevent Load Balancer rule creation when adding a VM from a different network (#12785)

Mon, 16 Mar 2026 01:37:25 -0700 

This is an automated email from the ASF dual-hosted git repository.

dahn pushed a commit to branch 4.22
in repository https://gitbox.apache.org/repos/asf/cloudstack.git


The following commit(s) were added to refs/heads/4.22 by this push:
     new 09ee0927e9b [4.22] Prevent Load Balancer rule creation when adding a 
VM from a different network (#12785)
09ee0927e9b is described below

commit 09ee0927e9bb09353282864742a000d34429e740
Author: Nicolas Vazquez <[email protected]>
AuthorDate: Mon Mar 16 05:36:52 2026 -0300

    [4.22] Prevent Load Balancer rule creation when adding a VM from a 
different network (#12785)
---
 .../cloud/network/lb/LoadBalancingRulesManagerImpl.java    | 14 +++++++++++++-
 1 file changed, 13 insertions(+), 1 deletion(-)

diff --git 
a/server/src/main/java/com/cloud/network/lb/LoadBalancingRulesManagerImpl.java 
b/server/src/main/java/com/cloud/network/lb/LoadBalancingRulesManagerImpl.java
index c6aeeaf2db5..dfc03c0cf13 100644
--- 
a/server/src/main/java/com/cloud/network/lb/LoadBalancingRulesManagerImpl.java
+++ 
b/server/src/main/java/com/cloud/network/lb/LoadBalancingRulesManagerImpl.java
@@ -1738,6 +1738,8 @@ public class LoadBalancingRulesManagerImpl<Type> extends 
ManagerBase implements
             throw new NetworkRuleConflictException("Can't do load balance on 
IP address: " + ipVO.getAddress());
         }
 
+        verifyLoadBalancerRuleNetwork(name, network, ipVO);
+
         String cidrString = generateCidrString(cidrList);
 
         boolean performedIpAssoc = false;
@@ -1790,7 +1792,17 @@ public class LoadBalancingRulesManagerImpl<Type> extends 
ManagerBase implements
 
         return result;
     }
-   /**
+
+    protected void verifyLoadBalancerRuleNetwork(String lbName, Network 
network, IPAddressVO ipVO) {
+        if (ipVO.getAssociatedWithNetworkId() != null && network.getId() != 
ipVO.getAssociatedWithNetworkId()) {
+            String msg = String.format("Cannot create Load Balancer rule %s as 
the IP address %s is not associated " +
+                    "with the network %s (ID=%s)", lbName, ipVO.getAddress(), 
network.getName(), network.getUuid());
+            logger.error(msg);
+            throw new InvalidParameterValueException(msg);
+        }
+    }
+
+    /**
     * Transforms the cidrList from a List of Strings to a String which 
contains all the CIDRs from cidrList separated by whitespaces. This is used to 
facilitate both the persistence
     * in the DB and also later when building the configuration String in the 
getRulesForPool method of the HAProxyConfigurator class.
    */

Reply via email to