Fixed private gateway can't be deleted

[Spaceman1984]

Description

When the static route service is not available on the VPC and a static route is created, the static route is created in a revoked state.

Currently, the UI doesn't distinguish between active or revoked static routes.

This PR adds the missing state filter to the list routes command and only lists active routes in the UI.
It also ignores revoked routes when the private gateway is being removed but clears out the inactive routes before the gateway is removed.

Fixes #2908

Types of changes

• Breaking change (fix or feature that would cause existing functionality to change)
• New feature (non-breaking change which adds functionality)
• Bug fix (non-breaking change which fixes an issue)
• Enhancement (improves an existing feature and functionality)
• Cleanup (Code refactoring and cleanup, that may add test cases)

Screenshots (if appropriate):

How Has This Been Tested?

This has been tested by creating a VPC with no services, adding a private gateway, adding a static route and deleting the gateway.

[Spaceman1984]

@blueorangutan package

[weizhouapache]

@Spaceman1984
In the case as you said "When the static route service is not available on the VPC when a static route is created, the static route is created in a revoked state", could you add some changes to avoid it ?

[Spaceman1984]

In the case as you said "When the static route service is not available on the VPC when a static route is created, the static route is created in a revoked state", could you add some changes to avoid it ?

@weizhouapache The state of the route is changed to revoked after failing validation. The other option here would be to delete the record at this point, which I think was the intention, but the delete method is also failing validation. I thought to leave things this way, to keep some history until the gateway is removed. I'm happy to force delete the record after failing validation if you believe it's a better way to go?

[DaanHoogland]

@blueorangutan package

[blueorangutan]

@DaanHoogland a Jenkins job has been kicked to build packages. I'll keep you posted as I make progress.

[blueorangutan]

Packaging result: ✔centos7 ✔debian. JID-1145

[weizhouapache]

In the case as you said "When the static route service is not available on the VPC when a static route is created, the static route is created in a revoked state", could you add some changes to avoid it ?

@weizhouapache The state of the route is changed to revoked after failing validation. The other option here would be to delete the record at this point, which I think was the intention, but the delete method is also failing validation. I thought to leave things this way, to keep some history until the gateway is removed. I'm happy to force delete the record after failing validation if you believe it's a better way to go?

@Spaceman1984 I think it would be better to remove the record if there is error/exception in the creation.

[Spaceman1984]

@blueorangutan package

[blueorangutan]

@Spaceman1984 a Jenkins job has been kicked to build packages. I'll keep you posted as I make progress.

[blueorangutan]

Packaging result: ✔centos7 ✔debian. JID-1153

[Spaceman1984]

In the case as you said "When the static route service is not available on the VPC when a static route is created, the static route is created in a revoked state", could you add some changes to avoid it ?

@weizhouapache The state of the route is changed to revoked after failing validation. The other option here would be to delete the record at this point, which I think was the intention, but the delete method is also failing validation. I thought to leave things this way, to keep some history until the gateway is removed. I'm happy to force delete the record after failing validation if you believe it's a better way to go?

@Spaceman1984 I think it would be better to remove the record if there is error/exception in the creation.

Done

[yadvr]

@Spaceman1984 this looks like deletes pg in CloudStack DB, have you verified if this would also cleanup rules on the VR properly?

[Spaceman1984]

@Spaceman1984 this looks like deletes pg in CloudStack DB, have you verified if this would also cleanup rules on the VR properly?

No, I'll check.

[Spaceman1984]

@Spaceman1984 this looks like deletes pg in CloudStack DB, have you verified if this would also cleanup rules on the VR properly?

@rhtyd I have checked iptables on the VR before and after trying to add a static route, there is no difference, also this code removes the static route, not the private gateway. Having broken static routes referencing the gateway prevented it from being deleted.

[yadvr]

@Spaceman1984 private gateway would mean a nic, IP and route on the VR, not iptables rules

[yadvr]

ping @Spaceman1984 no update?

[Spaceman1984]

@blueorangutan test

[blueorangutan]

@Spaceman1984 a Trillian-Jenkins test job (centos7 mgmt + kvm-centos7) has been kicked to run smoke tests

[yadvr]

@Spaceman1984 ping, any update on this?

[Spaceman1984]

@blueorangutan package

[blueorangutan]

@Spaceman1984 a Jenkins job has been kicked to build packages. I'll keep you posted as I make progress.

[blueorangutan]

Packaging result: ✔centos7 ✔debian. JID-1651

[Spaceman1984]

@blueorangutan test

[blueorangutan]

@Spaceman1984 a Trillian-Jenkins test job (centos7 mgmt + kvm-centos7) has been kicked to run smoke tests

[Spaceman1984]

@rhtyd I have tested creating and deleting a private gateway, the nic, ip and route is created and removed.

[DaanHoogland]

@weizhouapache @rhtyd further doubts/questions or are we good to merge?

[borisstoyanov]

@blueorangutan test

[blueorangutan]

@borisstoyanov a Trillian-Jenkins test job (centos7 mgmt + kvm-centos7) has been kicked to run smoke tests

[blueorangutan]

Trillian test result (tid-2281)
Environment: kvm-centos7 (x2), Advanced Networking with Mgmt server 7
Total time taken: 40627 seconds
Marvin logs: https://github.com/blueorangutan/acs-prs/releases/download/trillian/pr4016-t2281-kvm-centos7.zip
Intermittent failure detected: /marvin/tests/smoke/test_privategw_acl.py
Intermittent failure detected: /marvin/tests/smoke/test_routers_network_ops.py
Intermittent failure detected: /marvin/tests/smoke/test_vpc_vpn.py
Smoke tests completed. 76 look OK, 1 have error(s)
Only failed tests results shown below:

Test	Result	Time (s)	Test File
test_02_vpc_privategw_static_routes	Failure	212.97	test_privategw_acl.py
test_03_vpc_privategw_restart_vpc_cleanup	Failure	207.71	test_privategw_acl.py
test_04_rvpc_privategw_static_routes	Failure	316.80	test_privategw_acl.py

[yadvr]

@DaanHoogland @Spaceman1984 - my concern is that whether removing privategateway also remove the nic/configuration from the VPC VR or not? Based on code, I think it will solve the issue or removing it from the DB. @Spaceman1984 did you test the case by adding privategateway with some static routes (also deploy VMs as VR programming is lazy) and check if VPC VR has a new nic and then removing it removes it both from VR and DB?

[Spaceman1984]

@DaanHoogland @Spaceman1984 - my concern is that whether removing privategateway also remove the nic/configuration from the VPC VR or not? Based on code, I think it will solve the issue or removing it from the DB. @Spaceman1984 did you test the case by adding privategateway with some static routes (also deploy VMs as VR programming is lazy) and check if VPC VR has a new nic and then removing it removes it both from VR and DB?

@rhtyd I'll do some more testing

[Spaceman1984]

@DaanHoogland @Spaceman1984 - my concern is that whether removing privategateway also remove the nic/configuration from the VPC VR or not? Based on code, I think it will solve the issue or removing it from the DB. @Spaceman1984 did you test the case by adding privategateway with some static routes (also deploy VMs as VR programming is lazy) and check if VPC VR has a new nic and then removing it removes it both from VR and DB?

@rhtyd I have confirmed that it works as expected.

[yadvr]

@Spaceman1984 can you send the related change to Primate as well cc @davidjumani