VPC restart cleanup for Public networks with multi-CIDR data (#12622)

* Fix VPC restart with multi-CIDR networks: handle comma-separated CIDR in NetworkVO.equals()

When a network has multiple CIDRs (e.g. '192.168.2.0/24,160.0.0.0/24'),
NetworkVO.equals() passes the raw comma-separated string to
NetUtils.isNetworkAWithinNetworkB() which expects a single CIDR,
causing 'cidr is not formatted correctly' error during VPC restart
with cleanup=true.

Extract only the first CIDR value before passing to NetUtils.

* Fix root cause: skip CIDR/gateway updates for Public traffic type networks

addCidrAndGatewayForIpv4/Ipv6 (introduced by PR #11249) was called for all
network types without checking if the network is Public. This caused
comma-separated CIDRs to be stored on Public networks, which then triggered
'cidr is not formatted correctly' errors during VPC restart.

Add TrafficType.Public guard in both the VLAN creation (addCidr) and
VLAN deletion (removeCidr) paths in ConfigurationManagerImpl.

* Sanitize legacy network-level addressing fields for Public networks

---------

Co-authored-by: dahn <daan@onecht.net>

Author: 2 people

engine/schema/src/main/resources/META-INF/db/schema-42200to42210.sql

@@ -34,6 +34,15 @@ UPDATE `cloud`.`alert` SET type = 34 WHERE name = 'ALERT.VR.PRIVATE.IFACE.MTU';
 -- Update configuration 'kvm.ssh.to.agent' description and is_dynamic fields
 UPDATE `cloud`.`configuration` SET description = 'True if the management server will restart the agent service via SSH into the KVM hosts after or during maintenance operations', is_dynamic = 1 WHERE name = 'kvm.ssh.to.agent';
 
+-- Sanitize legacy network-level addressing fields for Public networks
+UPDATE `cloud`.`networks`
+SET `broadcast_uri` = NULL,
+	`gateway` = NULL,
+	`cidr` = NULL,
+	`ip6_gateway` = NULL,
+	`ip6_cidr` = NULL
+WHERE `traffic_type` = 'Public';
+
 UPDATE `cloud`.`vm_template` SET guest_os_id = 99 WHERE name = 'kvm-default-vm-import-dummy-template';
 
 -- Update existing vm_template records with NULL type to "USER"

server/src/main/java/com/cloud/configuration/ConfigurationManagerImpl.java

@@ -5428,7 +5428,7 @@ public Vlan createVlanAndPublicIpRange(final long zoneId, final long networkId,
         final VlanVO vlan = commitVlanAndIpRange(zoneId, networkId, physicalNetworkId, podId, startIP, endIP, vlanGateway, vlanNetmask, vlanId, domain, vlanOwner, vlanIp6Gateway, vlanIp6Cidr,
                 ipv4, zone, vlanType, ipv6Range, ipRange, forSystemVms, provider);
 
-        if (vlan != null) {
+        if (vlan != null && network.getTrafficType() != TrafficType.Public) {
             if (ipv4) {
                 addCidrAndGatewayForIpv4(networkId, vlanGateway, vlanNetmask);
             } else if (ipv6) {
@@ -6507,11 +6507,14 @@ private boolean deleteAndPublishVlanAndPublicIpRange(final long userId, final lo
             final boolean ipv4 = deletedVlan.getVlanGateway() != null;
             final boolean ipv6 = deletedVlan.getIp6Gateway() != null;
             final long networkId = deletedVlan.getNetworkId();
+            final NetworkVO networkVO = _networkDao.findById(networkId);
 
-            if (ipv4) {
-                removeCidrAndGatewayForIpv4(networkId, deletedVlan);
-            } else if (ipv6) {
-                removeCidrAndGatewayForIpv6(networkId, deletedVlan);
+            if (networkVO != null && networkVO.getTrafficType() != TrafficType.Public) {
+                if (ipv4) {
+                    removeCidrAndGatewayForIpv4(networkId, deletedVlan);
+                } else if (ipv6) {
+                    removeCidrAndGatewayForIpv6(networkId, deletedVlan);
+                }
             }
 
             messageBus.publish(_name, MESSAGE_DELETE_VLAN_IP_RANGE_EVENT, PublishScope.LOCAL, deletedVlan);