NE: add network guest_type to payload

Author: weizhouapache

framework/extensions/src/main/java/org/apache/cloudstack/framework/extensions/network/NetworkExtensionElement.java

@@ -445,7 +445,7 @@ public boolean prepare(Network network, NicProfile nic, VirtualMachineProfile vm
             }
             addExtensionIpToPayload(payload, network);
 
-            logger.debug("Preparing NIC via extension script: network={} nicMac={} nicIp={}", network, nic != null ? nic.getMacAddress() : null, nic != null ? nic.getIPv4Address() : null);
+            logger.debug("Preparing NIC via extension script: network={} nicMac={} nicIp={}", network, nic.getMacAddress(), nic.getIPv4Address());
 
             return executeScript(network, CMD_PREPARE_NIC, payload);
         } catch (Exception e) {
@@ -968,6 +968,9 @@ private void addNetworkToPayload(JsonObject payload, Network network) {
         payload.addProperty("network_id", String.valueOf(network.getId()));
         payload.addProperty("vlan", safeStr(getVlanId(network)));
         payload.addProperty("zone_id", String.valueOf(network.getDataCenterId()));
+        if (network.getGuestType() != null) {
+            payload.addProperty("guest_type", network.getGuestType().toString().toLowerCase());
+        }
         if (StringUtils.isNotBlank(network.getGateway())) {
             payload.addProperty("gateway", safeStr(network.getGateway()));
         }
@@ -1718,16 +1721,7 @@ public boolean applyLBRules(Network network, List<LoadBalancingRule> rules)
             ruleObj.addProperty("protocol", safeStr(rule.getProtocol()));
             ruleObj.addProperty("algorithm", safeStr(rule.getAlgorithm()));
             ruleObj.addProperty("revoke", revoke);
-            JsonArray backendsArray = new JsonArray();
-            if (rule.getDestinations() != null) {
-                for (LoadBalancingRule.LbDestination dest : rule.getDestinations()) {
-                    JsonObject destObj = new JsonObject();
-                    destObj.addProperty("ip", dest.getIpAddress());
-                    destObj.addProperty("port", dest.getDestinationPortStart());
-                    destObj.addProperty("revoked", dest.isRevoked());
-                    backendsArray.add(destObj);
-                }
-            }
+            JsonArray backendsArray = buildLBRuleBackendArray(rule);
             ruleObj.add("backends", backendsArray);
             lbRulesArray.add(ruleObj);
         }
@@ -1743,6 +1737,20 @@ public boolean applyLBRules(Network network, List<LoadBalancingRule> rules)
         return true;
     }
 
+    private static JsonArray buildLBRuleBackendArray(LoadBalancingRule rule) {
+        JsonArray backendsArray = new JsonArray();
+        if (rule.getDestinations() != null) {
+            for (LoadBalancingRule.LbDestination dest : rule.getDestinations()) {
+                JsonObject destObj = new JsonObject();
+                destObj.addProperty("ip", dest.getIpAddress());
+                destObj.addProperty("port", dest.getDestinationPortStart());
+                destObj.addProperty("revoked", dest.isRevoked());
+                backendsArray.add(destObj);
+            }
+        }
+        return backendsArray;
+    }
+
     @Override
     public boolean validateLBRule(Network network, LoadBalancingRule rule) {
         // Delegate validation to the external script; accept by default
@@ -2015,7 +2023,7 @@ private JsonObject buildRestoreNetworkData(Network network, List<NicVO> nics,
                 continue;
             }
 
-            Long instanceId = nic.getInstanceId();
+            long instanceId = nic.getInstanceId();
 
             UserVmVO userVm = userVmDao.findById(instanceId);
             if (userVm == null) {
@@ -2513,15 +2521,7 @@ private JsonArray buildAclRulesArray(List<? extends NetworkACLItem> rules) {
                 .sorted(java.util.Comparator.comparingInt(NetworkACLItem::getNumber))
                 .collect(Collectors.toList());
         for (NetworkACLItem rule : sorted) {
-            JsonObject ruleObj = new JsonObject();
-            ruleObj.addProperty("number", rule.getNumber());
-            ruleObj.addProperty("action", rule.getAction().name().toLowerCase());
-            ruleObj.addProperty("trafficType", rule.getTrafficType().name().toLowerCase());
-            ruleObj.addProperty("protocol", safeStr(rule.getProtocol()));
-            if (rule.getSourcePortStart() != null) ruleObj.addProperty("portStart", rule.getSourcePortStart());
-            if (rule.getSourcePortEnd() != null) ruleObj.addProperty("portEnd", rule.getSourcePortEnd());
-            if (rule.getIcmpType() != null) ruleObj.addProperty("icmpType", rule.getIcmpType());
-            if (rule.getIcmpCode() != null) ruleObj.addProperty("icmpCode", rule.getIcmpCode());
+            JsonObject ruleObj = buildAclRuleObject(rule);
             JsonArray sourceCidrsArray = new JsonArray();
             List<String> sourceCidrs = rule.getSourceCidrList();
             if (CollectionUtils.isNotEmpty(sourceCidrs)) {
@@ -2532,4 +2532,17 @@ private JsonArray buildAclRulesArray(List<? extends NetworkACLItem> rules) {
         }
         return array;
     }
+
+    private JsonObject buildAclRuleObject(NetworkACLItem rule) {
+        JsonObject ruleObj = new JsonObject();
+        ruleObj.addProperty("number", rule.getNumber());
+        ruleObj.addProperty("action", rule.getAction().name().toLowerCase());
+        ruleObj.addProperty("trafficType", rule.getTrafficType().name().toLowerCase());
+        ruleObj.addProperty("protocol", safeStr(rule.getProtocol()));
+        if (rule.getSourcePortStart() != null) ruleObj.addProperty("portStart", rule.getSourcePortStart());
+        if (rule.getSourcePortEnd() != null) ruleObj.addProperty("portEnd", rule.getSourcePortEnd());
+        if (rule.getIcmpType() != null) ruleObj.addProperty("icmpType", rule.getIcmpType());
+        if (rule.getIcmpCode() != null) ruleObj.addProperty("icmpCode", rule.getIcmpCode());
+        return ruleObj;
+    }
 }

framework/extensions/src/main/java/org/apache/cloudstack/framework/extensions/network/README.md

@@ -254,26 +254,52 @@ For all standard network / VPC commands, CloudStack now executes the script as:
 
 The following names appear repeatedly inside the nested `payload` object.
 
+### Network-level fields (added by `addNetworkToPayload`)
+
 | Field | Description |
 |---|---|
 | `network_id` | CloudStack numeric network ID. |
-| `vpc_id` | CloudStack numeric VPC ID. Present for VPC tier networks and VPC-scoped commands. |
 | `vlan` | Guest VLAN tag (for example `100`). Extracted from the broadcast URI. May be empty for flat networks. |
-| `gateway` | Guest network gateway (for example `10.0.0.1`). |
-| `cidr` | Guest network CIDR (for example `10.0.0.0/24`). |
+| `zone_id` | CloudStack zone ID. |
+| `guest_type` | Guest network type: `"isolated"`, `"shared"`, or `"l2"`. Scripts should use this to skip NAT/firewall operations that are not applicable to Shared or L2 networks. |
+| `gateway` | Guest network gateway (for example `10.0.0.1`). Omitted when blank. |
+| `cidr` | Guest network CIDR (for example `10.0.0.0/24`). Omitted when blank. |
+| `vpc_id` | CloudStack numeric VPC ID. Present for VPC tier networks and VPC-scoped commands. |
 | `network_ip6_gateway` | Guest network IPv6 gateway, when the network has IPv6 configured. |
 | `network_ip6_cidr` | Guest network IPv6 CIDR, when the network has IPv6 configured. |
-| `extension_ip` | The IP the extension device uses on the guest side. Equals the gateway when SourceNat/Gateway is provided; otherwise it is a dedicated IP from the guest subnet. |
-| `public_ip` | A public IP address. |
-| `public_cidr` | CIDR of the public IP (for example `203.0.113.5/24`). |
-| `public_vlan` | VLAN tag of the public IP segment. |
-| `public_gateway` | Gateway of the public IP segment. |
-| `private_ip` | A VM's private guest-network IP address. |
+
+### NIC-level fields (added by `addNicToPayload`)
+
+| Field | Description |
+|---|---|
+| `nic_id` | CloudStack numeric NIC ID. |
+| `nic_uuid` | NIC UUID — matches `external_ids:iface-id` written by the KVM agent for OVN port binding. |
+| `mac` | VM NIC MAC address. |
+| `ip` | VM NIC IPv4 address. |
+| `gateway` | VM NIC IPv4 gateway (NIC-level; equals the network gateway for normal guest networks). |
+| `netmask` | VM NIC IPv4 netmask (for example `255.255.255.0`). |
+| `default_nic` | Stringified boolean — `"false"` for secondary NICs. |
+| `device_id` | NIC device index in the VM (slot number). |
 | `nic_ip6_address` | VM NIC IPv6 address, when the NIC has IPv6 configured. |
 | `nic_ip6_gateway` | VM NIC IPv6 gateway, when available. |
 | `nic_ip6_cidr` | VM NIC IPv6 CIDR, when available. |
-| `source_nat` | Stringified boolean (`"true"` / `"false"`) indicating whether the public IP is a source-NAT IP. |
-| `nic_uuid` | NIC UUID when the current API path has a `NicProfile` available. |
+
+### Public-IP fields (added by `addPublicIpToPayload`)
+
+| Field | Description |
+|---|---|
+| `public_ip` | A public IP address. |
+| `public_vlan` | VLAN tag of the public IP segment. |
+| `public_gateway` | Gateway of the public IP segment. |
+| `public_cidr` | CIDR of the public IP (for example `203.0.113.0/24`). |
+| `source_nat` | Stringified boolean (`"true"` / `"false"`) indicating whether the public IP is the source-NAT IP. |
+| `private_ip` | A VM's private guest-network IP address (NAT target). |
+
+### DNS / extension-IP fields
+
+| Field | Description |
+|---|---|
+| `extension_ip` | The IP the extension device uses on the guest side. Equals the gateway when SourceNat/Gateway is provided; otherwise it is a dedicated IP from the guest subnet. |
 | `dns` | Comma-separated DNS server list. |
 | `domain` | Network domain suffix. |
 

test/integration/smoke/test_network_extension_namespace.py

@@ -2193,7 +2193,7 @@ def test_07_vpc_network_acl(self):
         self.cleanup = [o for o in self.cleanup if o != tier2]
 
         vpc.delete(self.apiclient)
-        self.cleanup = [o for o in self.cleanup if o != vpc]
+        self.cleanup = [o for o in self.cleanup if o != vpc and o != acl1 and o != acl2]
 
         self._teardown_extension()
         self.logger.info("test_07 PASSED")