Moti Asayag has uploaded a new change for review. Change subject: engine: Prevent management network change ......................................................................
engine: Prevent management network change The patch prevents changing the management network address if the host was added to the system with its IP address as the computer-name for the certification creation. The action is blocked in order to prevent connectivity lose from the engine to the host. The host should be reinstalled if wishes to modify the management network address. Change-Id: If98a5853385ad484dfa6e5392797f96daeaaa381 Bug-Url: https://bugzilla.redhat.com/893411 Signed-off-by: Moti Asayag <[email protected]> --- M backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/network/host/SetupNetworksCommand.java M backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/network/host/SetupNetworksHelper.java M backend/manager/modules/bll/src/test/java/org/ovirt/engine/core/bll/network/host/SetupNetworksHelperTest.java M backend/manager/modules/dal/src/main/java/org/ovirt/engine/core/dal/VdcBllMessages.java M backend/manager/modules/dal/src/main/resources/bundles/AppErrors.properties M frontend/webadmin/modules/frontend/src/main/java/org/ovirt/engine/ui/frontend/AppErrors.java M frontend/webadmin/modules/userportal-gwtp/src/main/resources/org/ovirt/engine/ui/frontend/AppErrors.properties M frontend/webadmin/modules/webadmin/src/main/resources/org/ovirt/engine/ui/frontend/AppErrors.properties 8 files changed, 43 insertions(+), 7 deletions(-) git pull ssh://gerrit.ovirt.org:29418/ovirt-engine refs/changes/09/12909/1 diff --git a/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/network/host/SetupNetworksCommand.java b/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/network/host/SetupNetworksCommand.java index c8097b2..46e0017 100644 --- a/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/network/host/SetupNetworksCommand.java +++ b/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/network/host/SetupNetworksCommand.java @@ -68,7 +68,7 @@ return false; } - helper = new SetupNetworksHelper(getParameters(), vds.getVdsGroupId()); + helper = new SetupNetworksHelper(getParameters(), vds); List<String> validationMesseges = helper.validate(); if (!validationMesseges.isEmpty()) { diff --git a/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/network/host/SetupNetworksHelper.java b/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/network/host/SetupNetworksHelper.java index 7a8309b..58b90ad 100644 --- a/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/network/host/SetupNetworksHelper.java +++ b/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/network/host/SetupNetworksHelper.java @@ -13,10 +13,13 @@ import org.ovirt.engine.core.bll.network.VmInterfaceManager; import org.ovirt.engine.core.common.action.SetupNetworksParameters; import org.ovirt.engine.core.common.businessentities.Entities; +import org.ovirt.engine.core.common.businessentities.VDS; import org.ovirt.engine.core.common.businessentities.network.Network; import org.ovirt.engine.core.common.businessentities.network.NetworkBootProtocol; import org.ovirt.engine.core.common.businessentities.network.VdsNetworkInterface; -import org.ovirt.engine.core.compat.Guid; +import org.ovirt.engine.core.common.config.Config; +import org.ovirt.engine.core.common.config.ConfigValues; +import org.ovirt.engine.core.common.utils.ValidationUtils; import org.ovirt.engine.core.dal.VdcBllMessages; import org.ovirt.engine.core.dal.dbbroker.DbFacade; import org.ovirt.engine.core.utils.NetworkUtils; @@ -24,7 +27,7 @@ public class SetupNetworksHelper { protected static final String VIOLATING_ENTITIES_LIST_FORMAT = "${0}_LIST {1}"; private SetupNetworksParameters params; - private Guid vdsGroupId; + private VDS vds; private Map<VdcBllMessages, List<String>> violations = new HashMap<VdcBllMessages, List<String>>(); private Map<String, VdsNetworkInterface> existingIfaces; private Map<String, Network> existingClusterNetworks; @@ -45,9 +48,9 @@ private Map<String, List<NetworkType>> ifacesWithExclusiveNetwork = new HashMap<String, List<NetworkType>>(); - public SetupNetworksHelper(SetupNetworksParameters parameters, Guid vdsGroupId) { + public SetupNetworksHelper(SetupNetworksParameters parameters, VDS vds) { params = parameters; - this.vdsGroupId = vdsGroupId; + this.vds = vds; } /** @@ -223,7 +226,7 @@ private Map<String, Network> getExistingClusterNetworks() { if (existingClusterNetworks == null) { existingClusterNetworks = Entities.entitiesByName( - getDbFacade().getNetworkDao().getAllForCluster(vdsGroupId)); + getDbFacade().getNetworkDao().getAllForCluster(vds.getVdsGroupId())); } return existingClusterNetworks; @@ -295,6 +298,9 @@ addViolation(VdcBllMessages.NETWORKS_NOT_IN_SYNC, networkName); } } else if (networkWasModified(iface)) { + if (!managementNetworkModifiedCorrectly(iface)) { + addViolation(VdcBllMessages.MANAGEMENT_NETWORK_ADDRESS_CANNOT_BE_CHANGED, networkName); + } modifiedNetworks.add(network); } } else { @@ -310,6 +316,19 @@ } } + private boolean managementNetworkModifiedCorrectly(VdsNetworkInterface iface) { + if (!Config.<String> GetValue(ConfigValues.ManagementNetwork).equals(iface.getNetworkName())) { + return true; + } + + if (iface.getBootProtocol() == NetworkBootProtocol.STATIC_IP + && vds.getHostName().matches(ValidationUtils.IP_PATTERN)) { + return StringUtils.equals(vds.getHostName(), iface.getAddress()); + } + + return true; + } + private NetworkType determineNetworkType(Integer vlanId, boolean vmNetwork) { return vlanId != null ? NetworkType.VLAN : vmNetwork ? NetworkType.VM : NetworkType.NON_VM; } diff --git a/backend/manager/modules/bll/src/test/java/org/ovirt/engine/core/bll/network/host/SetupNetworksHelperTest.java b/backend/manager/modules/bll/src/test/java/org/ovirt/engine/core/bll/network/host/SetupNetworksHelperTest.java index e7344df..1ba2015 100644 --- a/backend/manager/modules/bll/src/test/java/org/ovirt/engine/core/bll/network/host/SetupNetworksHelperTest.java +++ b/backend/manager/modules/bll/src/test/java/org/ovirt/engine/core/bll/network/host/SetupNetworksHelperTest.java @@ -7,6 +7,7 @@ import static org.mockito.Mockito.mock; import static org.mockito.Mockito.spy; import static org.mockito.Mockito.when; +import static org.ovirt.engine.core.utils.MockConfigRule.mockConfig; import java.text.MessageFormat; import java.util.ArrayList; @@ -15,27 +16,34 @@ import java.util.List; import org.apache.commons.lang.StringUtils; +import org.junit.Rule; import org.junit.Test; import org.junit.runner.RunWith; import org.mockito.Mock; import org.mockito.runners.MockitoJUnitRunner; import org.ovirt.engine.core.bll.network.VmInterfaceManager; import org.ovirt.engine.core.common.action.SetupNetworksParameters; +import org.ovirt.engine.core.common.businessentities.VDS; import org.ovirt.engine.core.common.businessentities.network.Network; import org.ovirt.engine.core.common.businessentities.network.NetworkBootProtocol; import org.ovirt.engine.core.common.businessentities.network.VdsNetworkInterface; +import org.ovirt.engine.core.common.config.ConfigValues; import org.ovirt.engine.core.compat.Guid; import org.ovirt.engine.core.dal.VdcBllMessages; import org.ovirt.engine.core.dal.dbbroker.DbFacade; import org.ovirt.engine.core.dao.VdsDAO; import org.ovirt.engine.core.dao.network.InterfaceDao; import org.ovirt.engine.core.dao.network.NetworkDao; +import org.ovirt.engine.core.utils.MockConfigRule; import org.ovirt.engine.core.utils.RandomUtils; @RunWith(MockitoJUnitRunner.class) public class SetupNetworksHelperTest { private static final String BOND_NAME = "bond0"; + + @Rule + public static MockConfigRule mcr = new MockConfigRule(mockConfig(ConfigValues.ManagementNetwork, "manamgement")); @Mock private NetworkDao networkDAO; @@ -1404,7 +1412,9 @@ } private SetupNetworksHelper createHelper(SetupNetworksParameters params) { - SetupNetworksHelper helper = spy(new SetupNetworksHelper(params, Guid.Empty)); + VDS vds = mock(VDS.class); + when(vds.getId()).thenReturn(Guid.Empty); + SetupNetworksHelper helper = spy(new SetupNetworksHelper(params, vds)); when(helper.getVmInterfaceManager()).thenReturn(vmInterfaceManager); DbFacade dbFacade = mock(DbFacade.class); diff --git a/backend/manager/modules/dal/src/main/java/org/ovirt/engine/core/dal/VdcBllMessages.java b/backend/manager/modules/dal/src/main/java/org/ovirt/engine/core/dal/VdcBllMessages.java index e2cf16f..05de711 100644 --- a/backend/manager/modules/dal/src/main/java/org/ovirt/engine/core/dal/VdcBllMessages.java +++ b/backend/manager/modules/dal/src/main/java/org/ovirt/engine/core/dal/VdcBllMessages.java @@ -438,6 +438,7 @@ NETWORK_MTU_DIFFERENCES, NETWORK_MTU_OVERRIDE_NOT_SUPPORTED, ACTION_TYPE_FAILED_MANAGEMENT_NETWORK_REQUIRED, + MANAGEMENT_NETWORK_ADDRESS_CANNOT_BE_CHANGED, ACTION_TYPE_FAILED_STORAGE_DOMAIN_NOT_IN_STORAGE_POOL, ACTION_TYPE_FAILED_STORAGE_POOL_NOT_EXIST, ACTION_TYPE_FAILED_STORAGE_DOMAIN_NOT_EXIST, diff --git a/backend/manager/modules/dal/src/main/resources/bundles/AppErrors.properties b/backend/manager/modules/dal/src/main/resources/bundles/AppErrors.properties index e6b8168..b192dba 100644 --- a/backend/manager/modules/dal/src/main/resources/bundles/AppErrors.properties +++ b/backend/manager/modules/dal/src/main/resources/bundles/AppErrors.properties @@ -458,6 +458,7 @@ NETWORK_MTU_DIFFERENCES=Cannot ${action} ${type}. The following Logical Networks don't have the same MTU value: ${NETWORK_MTU_DIFFERENCES_LIST}. NETWORK_MTU_OVERRIDE_NOT_SUPPORTED=Cannot ${action} ${type}. Overriding MTU is not supported for this Data Center's compatibility version. ACTION_TYPE_FAILED_MANAGEMENT_NETWORK_REQUIRED=Cannot ${action} ${type}. The management network '${NetworkName}' must be required, please change the network to be required and try again. +MANAGEMENT_NETWORK_ADDRESS_CANNOT_BE_CHANGED=Cannot ${action} ${type}. The management network address cannot be modified without reinstalling the host, since this address was used to create the host's certification. CANNOT_PREIEW_CURRENT_IMAGE=The currently used VM Snapshot Image cannot be used in Preview command. CONFIG_UNKNOWN_KEY=Illegal configuration entry.\n\ -Please check configuration entry name. diff --git a/frontend/webadmin/modules/frontend/src/main/java/org/ovirt/engine/ui/frontend/AppErrors.java b/frontend/webadmin/modules/frontend/src/main/java/org/ovirt/engine/ui/frontend/AppErrors.java index aa0c73c..8cda1c0 100644 --- a/frontend/webadmin/modules/frontend/src/main/java/org/ovirt/engine/ui/frontend/AppErrors.java +++ b/frontend/webadmin/modules/frontend/src/main/java/org/ovirt/engine/ui/frontend/AppErrors.java @@ -1234,6 +1234,9 @@ @DefaultStringValue("Cannot ${action} ${type}. The management network '${NetworkName}' must be required, please change the network to be required and try again.") String ACTION_TYPE_FAILED_MANAGEMENT_NETWORK_REQUIRED(); + @DefaultStringValue("Cannot ${action} ${type}. The management network address cannot be modified without reinstalling the host, since this address was used to create the host's certification.") + String MANAGEMENT_NETWORK_ADDRESS_CANNOT_BE_CHANGED(); + @DefaultStringValue("The currently used VM Snapshot Image cannot be used in Preview command.") String CANNOT_PREIEW_CURRENT_IMAGE(); diff --git a/frontend/webadmin/modules/userportal-gwtp/src/main/resources/org/ovirt/engine/ui/frontend/AppErrors.properties b/frontend/webadmin/modules/userportal-gwtp/src/main/resources/org/ovirt/engine/ui/frontend/AppErrors.properties index 139f9db..dfe32dd 100644 --- a/frontend/webadmin/modules/userportal-gwtp/src/main/resources/org/ovirt/engine/ui/frontend/AppErrors.properties +++ b/frontend/webadmin/modules/userportal-gwtp/src/main/resources/org/ovirt/engine/ui/frontend/AppErrors.properties @@ -455,6 +455,7 @@ NETWORK_MTU_DIFFERENCES=Cannot ${action} ${type}. The following Logical Networks don't have the same MTU value: ${NETWORK_MTU_DIFFERENCES_LIST}. NETWORK_MTU_OVERRIDE_NOT_SUPPORTED=Cannot ${action} ${type}. Overriding MTU is not supported for this Data Center's compatibility version. ACTION_TYPE_FAILED_MANAGEMENT_NETWORK_REQUIRED=Cannot ${action} ${type}. The management network '${NetworkName}' must be required, please change the network to be required and try again. +MANAGEMENT_NETWORK_ADDRESS_CANNOT_BE_CHANGED=Cannot ${action} ${type}. The management network address cannot be modified without reinstalling the host, since this address was used to create the host's certification. CANNOT_PREIEW_CURRENT_IMAGE=The currently used VM Snapshot Image cannot be used in Preview command. CONFIG_UNKNOWN_KEY=Illegal configuration entry.\n\ -Please check configuration entry name. diff --git a/frontend/webadmin/modules/webadmin/src/main/resources/org/ovirt/engine/ui/frontend/AppErrors.properties b/frontend/webadmin/modules/webadmin/src/main/resources/org/ovirt/engine/ui/frontend/AppErrors.properties index 7db4f96..9daf34f 100644 --- a/frontend/webadmin/modules/webadmin/src/main/resources/org/ovirt/engine/ui/frontend/AppErrors.properties +++ b/frontend/webadmin/modules/webadmin/src/main/resources/org/ovirt/engine/ui/frontend/AppErrors.properties @@ -452,6 +452,7 @@ NETWORK_MTU_DIFFERENCES=Cannot ${action} ${type}. The following Logical Networks don't have the same MTU value: ${NETWORK_MTU_DIFFERENCES_LIST}. NETWORK_MTU_OVERRIDE_NOT_SUPPORTED=Cannot ${action} ${type}. Overriding MTU is not supported for this Data Center's compatibility version. ACTION_TYPE_FAILED_MANAGEMENT_NETWORK_REQUIRED=Cannot ${action} ${type}. The management network '${NetworkName}' must be required, please change the network to be required and try again. +MANAGEMENT_NETWORK_ADDRESS_CANNOT_BE_CHANGED=Cannot ${action} ${type}. The management network address cannot be modified without reinstalling the host, since this address was used to create the host's certification. CANNOT_PREIEW_CURRENT_IMAGE=The currently used VM Snapshot Image cannot be used in Preview command. CONFIG_UNKNOWN_KEY=Illegal configuration entry.\n\ -Please check configuration entry name. -- To view, visit http://gerrit.ovirt.org/12909 To unsubscribe, visit http://gerrit.ovirt.org/settings Gerrit-MessageType: newchange Gerrit-Change-Id: If98a5853385ad484dfa6e5392797f96daeaaa381 Gerrit-PatchSet: 1 Gerrit-Project: ovirt-engine Gerrit-Branch: master Gerrit-Owner: Moti Asayag <[email protected]> _______________________________________________ Engine-patches mailing list [email protected] http://lists.ovirt.org/mailman/listinfo/engine-patches
