VR: fix issue between VPC VMs and other Public IPs in the same subnet as additional Public IPs (#8599)

* VR: fix issue between VPC VMs and other Public IPs in the same subnet as additional Public IPs

* Update PR8599: move to VpcVirtualNetworkApplianceManagerImpl

Author: weizhouapache

server/src/main/java/com/cloud/network/router/VpcVirtualNetworkApplianceManagerImpl.java

@@ -27,6 +27,7 @@
 import javax.inject.Inject;
 import javax.naming.ConfigurationException;
 
+import org.apache.commons.collections.CollectionUtils;
 import org.apache.log4j.Logger;
 import org.springframework.stereotype.Component;
 
@@ -294,7 +295,23 @@ public boolean finalizeVirtualMachineProfile(final VirtualMachineProfile profile
             }
         }
 
-        return super.finalizeVirtualMachineProfile(profile, dest, context);
+        super.finalizeVirtualMachineProfile(profile, dest, context);
+        appendSourceNatIpToBootArgs(profile);
+        return true;
+    }
+
+    private void appendSourceNatIpToBootArgs(final VirtualMachineProfile profile) {
+        final StringBuilder buf = profile.getBootArgsBuilder();
+        final DomainRouterVO router = _routerDao.findById(profile.getVirtualMachine().getId());
+        if (router != null && router.getVpcId() != null) {
+            List<IPAddressVO> vpcIps = _ipAddressDao.listByAssociatedVpc(router.getVpcId(), true);
+            if (CollectionUtils.isNotEmpty(vpcIps)) {
+                buf.append(String.format(" source_nat_ip=%s", vpcIps.get(0).getAddress().toString()));
+                if (s_logger.isDebugEnabled()) {
+                    s_logger.debug("The final Boot Args for " + profile + ": " + buf);
+                }
+            }
+        }
     }
 
     @Override

systemvm/debian/opt/cloud/bin/cs/CsAddress.py

@@ -453,8 +453,8 @@ def fw_router(self):
                 ["", "", "-A NETWORK_STATS_%s -o %s ! -i eth0 -p tcp" % (self.dev, self.dev)])
             self.fw.append(
                 ["", "", "-A NETWORK_STATS_%s -i %s ! -o eth0 -p tcp" % (self.dev, self.dev)])
-            self.fw.append(["nat", "",
-                            "-A POSTROUTING -o %s -j SNAT --to-source %s" % (self.dev, self.cl.get_eth2_ip())])
+            self.fw.append(
+                ["nat", "", "-A POSTROUTING -o %s -j SNAT --to-source %s" % (self.dev, self.cl.get_eth2_ip())])
             self.fw.append(["mangle", "",
                             "-A PREROUTING -i %s -m state --state NEW " % self.dev +
                             "-j CONNMARK --set-xmark %s/0xffffffff" % self.dnum])
@@ -695,6 +695,9 @@ def post_config_change(self, method):
                     ["filter", 3, "-A FORWARD -s %s ! -d %s -j ACCEPT" % (vpccidr, vpccidr)])
                 self.fw.append(
                     ["nat", "", "-A POSTROUTING -j SNAT -o %s --to-source %s" % (self.dev, self.address['public_ip'])])
+            elif cmdline.get_source_nat_ip() and not self.is_private_gateway():
+                self.fw.append(
+                    ["nat", "", "-A POSTROUTING -j SNAT -o %s --to-source %s" % (self.dev, cmdline.get_source_nat_ip())])
 
     def list(self):
         self.iplist = {}

systemvm/debian/opt/cloud/bin/cs/CsDatabag.py

@@ -181,6 +181,12 @@ def get_dev_ip6prelen(self, devname):
             return False
         return "%s/%s" % (self.idata()[ipkey], self.idata()[prelenkey])
 
+    def get_source_nat_ip(self):
+        if "source_nat_ip" in self.idata():
+            return self.idata()['source_nat_ip']
+        return False
+
+
 class CsGuestNetwork(CsDataBag):
     """ Get guestnetwork config parameters """