Advanced SG: allow create/update physical networks with vlan range

[weizhouapache]

Description

This PR is a followup of #7719

L2 network is supported in advanced zone with security groups since #7719
However, the vlan must be specified for now, as vlan range is not allowed to be specified in guest physical network
This PR allows create/update vlan range of physical networks, so that vlan of L2 networks can be automatically allocated by cloudstack.

This PR also fixes an issue that VM without security groups cannot be deployed on L2 networks.

Types of changes

• Breaking change (fix or feature that would cause existing functionality to change)
• New feature (non-breaking change which adds functionality)
• Bug fix (non-breaking change which fixes an issue)
• Enhancement (improves an existing feature and functionality)
• Cleanup (Code refactoring and cleanup, that may add test cases)
• build/CI

Feature/Enhancement Scale or Bug Severity

Feature/Enhancement Scale

• Major
• Minor

Bug Severity

• BLOCKER
• Critical
• Major
• Minor
• Trivial

Screenshots (if appropriate):

How Has This Been Tested?

How did you try to break this feature and the system with this change?

[weizhouapache]

@blueorangutan package

[blueorangutan]

@weizhouapache a [SL] Jenkins job has been kicked to build packages. It will be bundled with KVM, XenServer and VMware SystemVM templates. I'll keep you posted as I make progress.

[DaanHoogland]

clgtm

[blueorangutan]

😃
✔️
Packaging result: ✔️
Packaging result ✔️

Packaging result [SF]: ✔️ el7 ✔️ el8 ✔️ el9 ✔️ debian ✔️ suse15. SL-JID 7445

Packaging result: ✔️ el7 ✔️ el8 ✔️ debian ✔️ suse15.

[DaanHoogland]

@blueorangutan test

[blueorangutan]

@DaanHoogland a [SL] Trillian-Jenkins test job (centos7 mgmt + kvm-centos7) has been kicked to run smoke tests

[blueorangutan]

[SF] Trillian test result (tid-8039)
Environment: kvm-centos7 (x2), Advanced Networking with Mgmt server 7
Total time taken: 39730 seconds
Marvin logs: https://github.com/blueorangutan/acs-prs/releases/download/trillian/pr8122-t8039-kvm-centos7.zip
Smoke tests completed. 108 look OK, 0 have errors, 0 did not run
Only failed and skipped tests results shown below:

Test	Result	Time (s)	Test File

[DaanHoogland]

@blueorangutan LLtest basicZone

[blueorangutan]

@DaanHoogland a [LL] Trillian-Jenkins test job (centos7 mgmt + kvm-centos7) has been kicked to run smoke tests

[weizhouapache]

@blueorangutan package

[blueorangutan]

@weizhouapache a [SL] Jenkins job has been kicked to build packages. It will be bundled with KVM, XenServer and VMware SystemVM templates. I'll keep you posted as I make progress.

[DaanHoogland]

seems like a new method to be called in two places @weizhouapache ?

[blueorangutan]

[LL]Trillian test result (tid-6869)
Environment: kvm-centos7 (x2), Advanced Networking with Mgmt server 7
Total time taken: 10072 seconds
Marvin logs: https://github.com/blueorangutan/acs-prs/releases/download/trillian/pr8122-t6869-kvm-centos7.zip
Smoke tests completed. 97 look OK, 11 have errors, 0 did not run
Only failed and skipped tests results shown below:

Test	Result	Time (s)	Test File
ContextSuite context=TestIpv6Network>:setup	Error	0.00	test_network_ipv6.py
test_01_create_ipv6_public_ip_range	Error	0.02	test_ipv6_infra.py
test_deploy_more_vms_than_limit_allows	Failure	50.43	test_deploy_vms_in_parallel.py
test_03_restart_network_cleanup	Error	1.10	test_routers.py
test_01_events_resource	Error	1.88	test_events_resource.py
test_CRUD_operations_userdata	Error	2.28	test_register_userdata.py
test_deploy_vm_with_registered_userdata	Error	1.74	test_register_userdata.py
test_deploy_vm_with_registered_userdata_with_override_policy_allow	Error	1.75	test_register_userdata.py
test_deploy_vm_with_registered_userdata_with_override_policy_append	Error	1.72	test_register_userdata.py
test_deploy_vm_with_registered_userdata_with_override_policy_deny	Error	1.71	test_register_userdata.py
test_deploy_vm_with_registered_userdata_with_params	Error	1.71	test_register_userdata.py
test_link_and_unlink_userdata_to_template	Error	1.73	test_register_userdata.py
test_user_userdata_crud	Error	1.72	test_register_userdata.py
ContextSuite context=TestDeployVM>:setup	Error	0.00	test_vm_life_cycle.py
test_01_secure_vm_migration	Error	76.27	test_vm_life_cycle.py
test_02_unsecure_vm_migration	Error	220.88	test_vm_life_cycle.py
test_03_secured_to_nonsecured_vm_migration	Error	175.86	test_vm_life_cycle.py
test_04_nonsecured_to_secured_vm_migration	Error	149.89	test_vm_life_cycle.py
ContextSuite context=TestVMLifeCycle>:setup	Error	164.15	test_vm_life_cycle.py
ContextSuite context=TestCreateVolume>:setup	Error	0.00	test_volumes.py
ContextSuite context=TestVolumes>:setup	Error	0.00	test_volumes.py
ContextSuite context=TestIpv6Vpc>:setup	Error	0.00	test_vpc_ipv6.py
ContextSuite context=TestHostMaintenanceAgents>:setup	Error	0.25	test_host_maintenance.py
test_hostha_enable_ha_when_host_in_maintenance	Error	306.66	test_hostha_kvm.py

[codecov]

Codecov Report

Merging #8122 (c69638d) into 4.18 (e199678) will increase coverage by 0.00%.
Report is 5 commits behind head on 4.18.
The diff coverage is 0.00%.

@@            Coverage Diff            @@
##               4.18    #8122   +/-   ##
=========================================
  Coverage     13.06%   13.06%           
- Complexity     9108     9111    +3     
=========================================
  Files          2720     2720           
  Lines        257531   257588   +57     
  Branches      40150    40156    +6     
=========================================
+ Hits          33655    33663    +8     
- Misses       219648   219695   +47     
- Partials       4228     4230    +2     

Files	Coverage Δ
.../src/main/java/com/cloud/vm/UserVmManagerImpl.java	7.51% <ø> (-0.01%)	⬇️
...ain/java/com/cloud/network/NetworkServiceImpl.java	11.34% <0.00%> (+0.01%)	⬆️

... and 6 files with indirect coverage changes

📣 We’re building smart automated test selection to slash your CI/CD build times. Learn more

[blueorangutan]

[LL] Trillian Build Failed (tid-6875)

[DaanHoogland]

@blueorangutan LLtest securityGroups keepEnv

[blueorangutan]

@DaanHoogland a [LL] Trillian-Jenkins test job (centos7 mgmt + kvm-centos7) has been kicked to run smoke tests

[blueorangutan]

[LL]Trillian test result (tid-6879)
Environment: kvm-centos7 (x2), Advanced Networking with Mgmt server 7
Total time taken: 58015 seconds
Marvin logs: https://github.com/blueorangutan/acs-prs/releases/download/trillian/pr8122-t6879-kvm-centos7.zip
Smoke tests completed. 56 look OK, 53 have errors, 0 did not run
Only failed and skipped tests results shown below:

Test	Result	Time (s)	Test File
ContextSuite context=TestPortablePublicIPAcquire>:setup	Error	0.00	test_portable_publicip.py
test_DeleteDomain	Failure	91.70	test_accounts.py
test_forceDeleteDomain	Failure	91.55	test_accounts.py
test_delete_account	Error	65.88	test_network.py
test_delete_network_while_vm_on_it	Error	5.43	test_network.py
test_delete_network_while_vm_on_it	Error	5.43	test_network.py
test_deploy_vm_l2network	Error	5.36	test_network.py
test_deploy_vm_l2network	Error	5.36	test_network.py
test_l2network_restart	Error	9.46	test_network.py
test_l2network_restart	Error	9.46	test_network.py
ContextSuite context=TestL2Networks>:teardown	Error	10.54	test_network.py
test_01_port_fwd_on_src_nat	Failure	0.01	test_network.py
test_02_port_fwd_on_non_src_nat	Error	0.01	test_network.py
ContextSuite context=TestPublicIP>:setup	Error	3.42	test_network.py
test_reboot_router	Error	156.16	test_network.py
test_releaseIP	Error	36.12	test_network.py
test_network_rules_acquired_public_ip_1_static_nat_rule	Error	0.03	test_network.py
test_network_rules_acquired_public_ip_2_nat_rule	Error	0.02	test_network.py
test_network_rules_acquired_public_ip_3_Load_Balancer_Rule	Error	0.02	test_network.py
test_network_acl	Error	2.19	test_network_acl.py
test_01_internallb_roundrobin_1VPC_3VM_HTTP_port80	Failure	3.43	test_internal_lb.py
test_02_internallb_roundrobin_1RVPC_3VM_HTTP_port80	Failure	3.44	test_internal_lb.py
test_03_vpc_internallb_haproxy_stats_on_all_interfaces	Failure	3.40	test_internal_lb.py
test_04_rvpc_internallb_haproxy_stats_on_all_interfaces	Failure	3.40	test_internal_lb.py
ContextSuite context=TestIpv6Network>:setup	Error	0.00	test_network_ipv6.py
test_01_nic	Error	48.77	test_nic.py
ContextSuite context=TestRouterDHCPHosts>:setup	Error	0.00	test_router_dhcphosts.py
ContextSuite context=TestRouterDHCPOpts>:setup	Error	0.00	test_router_dhcphosts.py
test_01_create_ipv6_public_ip_range	Error	0.02	test_ipv6_infra.py
ContextSuite context=TestRouterDns>:setup	Error	0.00	test_router_dns.py
ContextSuite context=TestRouterDnsService>:setup	Error	0.00	test_router_dnsservice.py
test_01_ping_in_vr_success	Failure	0.01	test_diagnostics.py
test_02_ping_in_vr_failure	Failure	0.01	test_diagnostics.py
test_07_arping_in_vr	Failure	0.02	test_diagnostics.py
test_10_traceroute_in_vr	Failure	0.01	test_diagnostics.py
test_13_retrieve_vr_default_files	Failure	0.01	test_diagnostics.py
test_14_retrieve_vr_one_file	Failure	0.01	test_diagnostics.py
ContextSuite context=TestIsolatedNetworksPasswdServer>:setup	Error	0.00	test_password_server.py
test_01_deploy_vm_from_direct_download_template_nfs_storage	Error	4.25	test_direct_download.py
ContextSuite context=TestDirectDownloadTemplates>:teardown	Error	1.05	test_direct_download.py
test_01_isolated_persistent_network	Error	0.03	test_persistent_network.py
test_01_vpc_privategw_acl	Failure	3.92	test_privategw_acl.py
test_02_vpc_privategw_static_routes	Failure	3.94	test_privategw_acl.py
test_03_vpc_privategw_restart_vpc_cleanup	Failure	3.93	test_privategw_acl.py
test_04_rvpc_privategw_static_routes	Failure	3.89	test_privategw_acl.py
test_01_native_to_native_network_migration	Error	2.88	test_migration.py
test_02_native_to_native_vpc_migration	Error	5.02	test_migration.py
test_04_verify_guest_lspci	Error	810.50	test_deploy_virtio_scsi_vm.py
test_06_verify_guest_lspci_again	Error	810.74	test_deploy_virtio_scsi_vm.py
test_01_create_delete_portforwarding_fornonvpc	Error	1.78	test_portforwardingrules.py
ContextSuite context=TestNetworkPermissions>:setup	Error	0.00	test_network_permissions.py
test_03_create_network_domain_network_offering	Error	5.33	test_domain_network_offerings.py
test_extendPhysicalNetworkVlan	Error	0.02	test_non_contigiousvlan.py
test_03_create_vpc_domain_vpc_offering	Error	6.37	test_domain_vpc_offerings.py
test_01_router_internal_basic	Failure	0.02	test_routers.py
test_02_router_internal_adv	Failure	0.01	test_routers.py
test_03_restart_network_cleanup	Failure	0.01	test_routers.py
test_04_restart_network_wo_cleanup	Failure	1.09	test_routers.py
test_05_router_basic	Failure	0.01	test_routers.py
test_06_router_advanced	Failure	0.01	test_routers.py
test_07_stop_router	Failure	0.01	test_routers.py
test_08_start_router	Failure	0.01	test_routers.py
test_09_reboot_router	Failure	0.01	test_routers.py
test_10_reboot_router_forced	Failure	0.01	test_routers.py
ContextSuite context=TestLoadBalance>:setup	Error	0.00	test_loadbalance.py
ContextSuite context=TestLBRuleUsage>:setup	Error	40.13	test_usage.py
ContextSuite context=TestNatRuleUsage>:setup	Error	79.16	test_usage.py
ContextSuite context=TestPublicIPUsage>:setup	Error	115.13	test_usage.py
ContextSuite context=TestVpnUsage>:setup	Error	245.76	test_usage.py
test_01_events_resource	Error	1.97	test_events_resource.py
ContextSuite context=TestNonStrictAffinityGroups>:setup	Error	0.00	test_nonstrict_affinity_group.py
test_dedicatePublicIpRange	Error	0.01	test_public_ip_range.py
test_dedicate_public_ip_range_for_system_vms	Error	0.01	test_public_ip_range.py
test_dedicate_public_ip_range_for_system_vms_01_ssvm	Error	0.06	test_public_ip_range.py
test_dedicate_public_ip_range_for_system_vms_02_cpvm	Error	0.05	test_public_ip_range.py
test_create_pvlan_network	Error	0.06	test_pvlan.py
test_dedicateGuestVlanRange	Error	0.00	test_guest_vlan_range.py
ContextSuite context=TestDedicateGuestVlanRange>:teardown	Error	0.00	test_guest_vlan_range.py
ContextSuite context=TestHostControlState>:setup	Error	0.00	test_host_control_state.py
test_CRUD_operations_userdata	Error	1.81	test_register_userdata.py
test_deploy_vm_with_registered_userdata	Error	1.79	test_register_userdata.py
test_deploy_vm_with_registered_userdata_with_override_policy_allow	Error	1.79	test_register_userdata.py
test_deploy_vm_with_registered_userdata_with_override_policy_append	Error	1.78	test_register_userdata.py
test_deploy_vm_with_registered_userdata_with_override_policy_deny	Error	1.79	test_register_userdata.py
test_deploy_vm_with_registered_userdata_with_params	Error	1.74	test_register_userdata.py
test_link_and_unlink_userdata_to_template	Error	1.80	test_register_userdata.py
test_user_userdata_crud	Error	1.82	test_register_userdata.py
test_01_create_iso_with_checksum_sha1	Error	66.35	test_iso.py
test_02_create_iso_with_checksum_sha256	Error	66.36	test_iso.py
test_03_create_iso_with_checksum_md5	Error	66.37	test_iso.py
test_04_create_iso_with_no_checksum	Error	66.37	test_iso.py
test_01_create_iso	Failure	1513.45	test_iso.py
ContextSuite context=TestISO>:setup	Error	3025.84	test_iso.py
test_01_invalid_upgrade_kubernetes_cluster	Failure	0.00	test_kubernetes_clusters.py
test_02_upgrade_kubernetes_cluster	Failure	0.00	test_kubernetes_clusters.py
test_03_deploy_and_scale_kubernetes_cluster	Failure	0.00	test_kubernetes_clusters.py
test_04_autoscale_kubernetes_cluster	Failure	0.00	test_kubernetes_clusters.py
test_05_basic_lifecycle_kubernetes_cluster	Failure	0.00	test_kubernetes_clusters.py
test_06_delete_kubernetes_cluster	Failure	0.00	test_kubernetes_clusters.py
test_07_deploy_kubernetes_ha_cluster	Failure	0.00	test_kubernetes_clusters.py
test_08_upgrade_kubernetes_ha_cluster	Failure	0.01	test_kubernetes_clusters.py
test_09_delete_kubernetes_ha_cluster	Failure	0.00	test_kubernetes_clusters.py
test_10_vpc_tier_kubernetes_cluster	Failure	0.00	test_kubernetes_clusters.py
ContextSuite context=TestListIdsParams>:setup	Error	0.00	test_list_ids_parameter.py
ContextSuite context=TestIsolatedNetworks>:setup	Error	0.00	test_routers_network_ops.py
ContextSuite context=TestRedundantIsolateNetworks>:setup	Error	0.00	test_routers_network_ops.py
test_01_add_delete_kubernetes_supported_version	Error	0.04	test_kubernetes_supported_versions.py
test_01_sys_vm_start	Failure	0.09	test_secondary_storage.py
ContextSuite context=TestResetVmOnReboot>:setup	Error	0.00	test_reset_vm_on_reboot.py
ContextSuite context=TestRouterIpTablesPolicies>:setup	Error	0.00	test_routers_iptables_default_policy.py
ContextSuite context=TestVPCIpTablesPolicies>:setup	Error	0.00	test_routers_iptables_default_policy.py
ContextSuite context=TestCpuCapServiceOfferings>:setup	Error	0.00	test_service_offerings.py
ContextSuite context=TestServiceOfferings>:setup	Error	0.19	test_service_offerings.py
ContextSuite context=TestVMWareStoragePolicies>:setup	Error	0.00	test_storage_policy.py
ContextSuite context=TestVmAutoScaling>:setup	Error	0.00	test_vm_autoscaling.py
test_01_deploy_vm_on_specific_host	Error	1.22	test_vm_deployment_planner.py
test_02_deploy_vm_on_specific_cluster	Error	1.21	test_vm_deployment_planner.py
test_03_deploy_vm_on_specific_pod	Error	1.21	test_vm_deployment_planner.py
test_04_deploy_vm_on_host_override_pod_and_cluster	Error	1.23	test_vm_deployment_planner.py
test_05_deploy_vm_on_cluster_override_pod	Error	1.20	test_vm_deployment_planner.py
ContextSuite context=TestDeployVM>:setup	Error	0.00	test_vm_life_cycle.py
ContextSuite context=TestVMLifeCycle>:setup	Error	2.96	test_vm_life_cycle.py
ContextSuite context=TestVmSnapshot>:setup	Error	2.88	test_vm_snapshots.py
ContextSuite context=TestCreateVolume>:setup	Error	0.00	test_volumes.py
ContextSuite context=TestVolumes>:setup	Error	4.10	test_volumes.py
ContextSuite context=TestIpv6Vpc>:setup	Error	0.00	test_vpc_ipv6.py
ContextSuite context=TestVPCRedundancy>:setup	Error	0.00	test_vpc_redundant.py
ContextSuite context=TestVPCNics>:setup	Error	0.00	test_vpc_router_nics.py
ContextSuite context=TestRVPCSite2SiteVpn>:setup	Error	0.00	test_vpc_vpn.py
ContextSuite context=TestVPCSite2SiteVPNMultipleOptions>:setup	Error	0.00	test_vpc_vpn.py
ContextSuite context=TestVpcRemoteAccessVpn>:setup	Error	0.00	test_vpc_vpn.py
ContextSuite context=TestVpcSite2SiteVpn>:setup	Error	0.00	test_vpc_vpn.py
test_disable_oobm_ha_state_ineligible	Error	1511.51	test_hostha_kvm.py

[weizhouapache]

Total time taken: 58015 seconds
Marvin logs: https://github.com/blueorangutan/acs-prs/releases/download/trillian/pr8122-t6879-kvm-centos7.zip
Smoke tests completed. 56 look OK, 53 have errors, 0 did not run
Only failed and skipped tests results shown below:

@DaanHoogland
the test results are (almost) consistent with what I shared with you (54 look OK while 54 have errors).

[DaanHoogland]

Total time taken: 58015 seconds
Marvin logs: https://github.com/blueorangutan/acs-prs/releases/download/trillian/pr8122-t6879-kvm-centos7.zip
Smoke tests completed. 56 look OK, 53 have errors, 0 did not run
Only failed and skipped tests results shown below:

@DaanHoogland the test results are (almost) consistent with what I shared with you (54 look OK while 54 have errors).

yes, even slightly better ;)

[DaanHoogland]

@weizhouapache am I correct in assuming this also needs a UI change? (not necessarily in the scope of this PR)

[weizhouapache]

@weizhouapache am I correct in assuming this also needs a UI change? (not necessarily in the scope of this PR)

@DaanHoogland
actually the action to update vlan range is supported on UI, even for basic zones

and then

we could hide the icon "update network" for basic zones, if needed

[DaanHoogland]

thanks @weizhouapache works in advancedSG as well

[shwstppr]

Code LGTM

[rajujith]

LGTM.
Created advanced zone with SG.
I could add and update VLAN ranges against the physical network with guest traffic type.