Allow updating of Load Balancer source CIDR list

[CodeBleu]

Switching base to main from 4.19 , SEE #10968 for Comment history

Description

This PR will allow the updating of a loadbalancer rules CIDR list via the API.
* Should fix #9313

I have tested this code in 4.19, 4.20, and main branches via simulator and all works

Types of changes

• Breaking change (fix or feature that would cause existing functionality to change)
• New feature (non-breaking change which adds functionality)
• Bug fix (non-breaking change which fixes an issue)
• Enhancement (improves an existing feature and functionality)
• Cleanup (Code refactoring and cleanup, that may add test cases)
• build/CI
• test (unit or integration test code)

Feature/Enhancement Scale or Bug Severity

Feature/Enhancement Scale

• Major
• Minor

Bug Severity

• BLOCKER
• Critical
• Major
• Minor
• Trivial

Screenshots (if appropriate):

Before, the Source CIDR list was blank (Simulator env)

(localcloud) :penguin: > list loadbalancerrules
{
  "count": 1,
  "loadbalancerrule": [
    {
      "account": "admin",
      "algorithm": "roundrobin",
      "cidrlist": "",
      "domain": "ROOT",
      "domainid": "5b6a2947-416b-11f0-9a39-564a8191c23c",
      "domainpath": "/",
      "fordisplay": true,
      "id": "0d8e3cb9-767b-45f3-834d-3f9ce85df901",
      "name": "newlbtest",
      "networkid": "5bb3ecfb-cde3-4821-8822-0c4c8a8e9559",
      "privateport": "3306",
      "protocol": "tcp",
      "publicip": "192.168.2.10",
      "publicipid": "9b2638d7-7330-49c7-9d6e-5b5777f6ca16",
      "publicport": "3306",
      "state": "Add",
      "tags": [],
      "zoneid": "7cb86a09-676e-4f00-ad39-012f0eb2e69d",
      "zonename": "Sandbox-simulator"
    }
  ]
}
(localcloud) :penguin: > update loadbalancerrule id="0d8e3cb9-767b-45f3-834d-3f9ce85df901" cidrlist="1.2.3.4/32"
{
  "loadbalancer": {
    "account": "admin",
    "algorithm": "roundrobin",
    "cidrlist": "1.2.3.4/32",
    "domain": "ROOT",
    "domainid": "5b6a2947-416b-11f0-9a39-564a8191c23c",
    "domainpath": "/",
    "fordisplay": true,
    "id": "0d8e3cb9-767b-45f3-834d-3f9ce85df901",
    "name": "newlbtest",
    "networkid": "5bb3ecfb-cde3-4821-8822-0c4c8a8e9559",
    "privateport": "3306",
    "protocol": "tcp",
    "publicip": "192.168.2.10",
    "publicipid": "9b2638d7-7330-49c7-9d6e-5b5777f6ca16",
    "publicport": "3306",
    "state": "Add",
    "tags": [],
    "zoneid": "7cb86a09-676e-4f00-ad39-012f0eb2e69d",
    "zonename": "Sandbox-simulator"
  }
}
(localcloud) :penguin: > update loadbalancerrule id="0d8e3cb9-767b-45f3-834d-3f9ce85df901" cidrlist=
{
  "loadbalancer": {
    "account": "admin",
    "algorithm": "roundrobin",
    "cidrlist": "",
    "domain": "ROOT",
    "domainid": "5b6a2947-416b-11f0-9a39-564a8191c23c",
    "domainpath": "/",
    "fordisplay": true,
    "id": "0d8e3cb9-767b-45f3-834d-3f9ce85df901",
    "name": "newlbtest",
    "networkid": "5bb3ecfb-cde3-4821-8822-0c4c8a8e9559",
    "privateport": "3306",
    "protocol": "tcp",
    "publicip": "192.168.2.10",
    "publicipid": "9b2638d7-7330-49c7-9d6e-5b5777f6ca16",
    "publicport": "3306",
    "state": "Add",
    "tags": [],
    "zoneid": "7cb86a09-676e-4f00-ad39-012f0eb2e69d",
    "zonename": "Sandbox-simulator"
  }
}

Tested on actual test environment and below is where you can see when it was restricted it didn't connect to mysql, but when opened up and CIDR set to 0.0.0.0/0 it worked. I tested with specific Public IP in CIDR as well (x.x.0.118/32) and this works and you can see in the virtual router for haproxy it set the ACL.

Restricted with wrong IP in source CIDR of LB

⮡ $ mysql -h x.x.x.110 -u root -p
Enter password:
ERROR 2013 (HY000): Lost connection to MySQL server at 'reading initial communication packet', system error: 104

With correct source CIDR or 0.0.0.0/0

$ mysql -h x.x.x.110 -u root -p
Enter password:
Welcome to the MySQL monitor.  Commands end with ; or \g.
Your MySQL connection id is 4730216
Server version: 8.0.33 MySQL Community Server - GPL

Copyright (c) 2000, 2024, Oracle and/or its affiliates.

Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

mysql> quit
Bye

How Has This Been Tested?

How did you try to break this feature and the system with this change?

Ran multiple tests with Cloudmonkey against simulator and actual test environment. See above for testing info

[codecov]

Codecov Report

❌ Patch coverage is 31.25000% with 11 lines in your changes missing coverage. Please review.
✅ Project coverage is 17.35%. Comparing base (3d6ec29) to head (2fabc02).
⚠️ Report is 19 commits behind head on main.

Files with missing lines	Patch %	Lines
...loud/network/lb/LoadBalancingRulesManagerImpl.java	10.00%	5 Missing and 4 partials ⚠️
...d/user/loadbalancer/UpdateLoadBalancerRuleCmd.java	33.33%	2 Missing ⚠️

Additional details and impacted files

@@             Coverage Diff              @@
##               main   #11568      +/-   ##
============================================
- Coverage     17.36%   17.35%   -0.01%     
  Complexity    15237    15237              
============================================
  Files          5888     5888              
  Lines        525741   525756      +15     
  Branches      64164    64168       +4     
============================================
- Hits          91274    91271       -3     
- Misses       424167   424180      +13     
- Partials      10300    10305       +5     

Flag	Coverage Δ
uitests	3.63% <ø> (ø)
unittests	18.39% <31.25%> (-0.01%)	⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[weizhouapache]

code lgtm

[weizhouapache]

@blueorangutan package

[blueorangutan]

@weizhouapache a [SL] Jenkins job has been kicked to build packages. It will be bundled with KVM, XenServer and VMware SystemVM templates. I'll keep you posted as I make progress.

[blueorangutan]

Packaging result [SF]: ✖️ el8 ✖️ el9 ✔️ debian ✖️ suse15. SL-JID 14834

[Pearl1594]

code lgtm.

[Pearl1594]

@blueorangutan package

[blueorangutan]

@Pearl1594 a [SL] Jenkins job has been kicked to build packages. It will be bundled with KVM, XenServer and VMware SystemVM templates. I'll keep you posted as I make progress.

[CodeBleu]

@Pearl1594 @weizhouapache Can I get one of you to manually test this and post results? Once that is complete, I believe I can merge it 😄

[blueorangutan]

Packaging result [SF]: ✔️ el8 ✔️ el9 ✔️ el10 ✔️ debian ✔️ suse15. SL-JID 14835

[weizhouapache]

@blueorangutan test

[blueorangutan]

@weizhouapache a [SL] Trillian-Jenkins test job (ol8 mgmt + kvm-ol8) has been kicked to run smoke tests

[harikrishna-patnala]

code LGTM

[blueorangutan]

[SF] Trillian test result (tid-14205)
Environment: kvm-ol8 (x2), zone: Advanced Networking with Mgmt server ol8
Total time taken: 55428 seconds
Marvin logs: https://github.com/blueorangutan/acs-prs/releases/download/trillian/pr11568-t14205-kvm-ol8.zip
Smoke tests completed. 146 look OK, 0 have errors, 0 did not run
Only failed and skipped tests results shown below:

Test	Result	Time (s)	Test File

[CodeBleu]

@harikrishna-patnala Would you be able to test this and post results? I believe I'm just needed that from someone and then I can merge.

Unless @weizhouapache the following Trillian test counts?

Smoke tests completed. 146 look OK, 0 have errors, 0 did not run

[DaanHoogland]

@harikrishna-patnala Would you be able to test this and post results? I believe I'm just needed that from someone and then I can merge.

Unless @weizhouapache the following Trillian test counts?

Smoke tests completed. 146 look OK, 0 have errors, 0 did not run

@CodeBleu , do you have a friend and/or colleague that can test? We usually trust any viable test report. Shapeblue has some time/people to test but we are usually stuffed with customer work.

Another thing that might help is to write an integration test that shows it works;

1. it eases the work for other to validate
2. it shows it works 🤷

[github-actions]

This pull request has merge conflicts. Dear author, please fix the conflicts and sync your branch with the base branch.