apache · sureshanaparti · Jun 1, 2026 · Jun 2, 2026
diff --git a/core/src/main/java/com/cloud/agent/resource/virtualnetwork/VirtualRoutingResource.java b/core/src/main/java/com/cloud/agent/resource/virtualnetwork/VirtualRoutingResource.java
@@ -34,6 +34,9 @@
 
 import javax.naming.ConfigurationException;
 
+import com.cloud.agent.api.routing.LoadBalancerConfigCommand;
+import com.cloud.agent.api.to.LoadBalancerTO;
+import com.cloud.network.rules.LbStickinessMethod;
 import org.apache.cloudstack.agent.routing.ManageServiceCommand;
 import com.cloud.agent.api.routing.UpdateNetworkCommand;
 import com.cloud.agent.api.to.IpAddressTO;
@@ -157,6 +160,7 @@ public Answer executeRequest(final NetworkElementCommand cmd) {
                 return new Answer(cmd);
             }
 
+            checkAndFailForAppCookieStickinessTypeInLoadBalancerConfigCommand(cmd);
             List<ConfigItem> cfg = generateCommandCfg(cmd);
             if (cfg == null) {
                 return Answer.createUnsupportedCommandAnswer(cmd);
@@ -170,7 +174,21 @@ public Answer executeRequest(final NetworkElementCommand cmd) {
             if (!aggregated) {
                 ExecutionResult rc = _vrDeployer.cleanupCommand(cmd);
                 if (!rc.isSuccess()) {
-                    logger.error("Failed to cleanup VR command due to " + rc.getDetails());
+                    logger.error("Failed to cleanup VR command due to {}", rc.getDetails());
+                }
+            }
+        }
+    }
+
+    private void checkAndFailForAppCookieStickinessTypeInLoadBalancerConfigCommand(NetworkElementCommand cmd) {
+        if (!(cmd instanceof LoadBalancerConfigCommand)) {
+            return;
+        }
+        LoadBalancerConfigCommand lbConfigCmd = (LoadBalancerConfigCommand) cmd;
+        for (final LoadBalancerTO lbTO : lbConfigCmd.getLoadBalancers()) {
+            for (final LoadBalancerTO.StickinessPolicyTO stickinessPolicy : lbTO.getStickinessPolicies()) {
+                if (stickinessPolicy != null && LbStickinessMethod.StickinessMethodType.AppCookieBased.getName().equalsIgnoreCase(stickinessPolicy.getMethodName())) {
+                    throw new IllegalArgumentException("App cookie based stickiness type not supported for Virtual Router, as 'appsession' support is not available from HAProxy 1.6)");
                 }
             }
         }
@@ -302,7 +320,7 @@ private ExecutionResult applyConfigToVR(String routerAccessIp, ConfigItem c, Dur
             ScriptConfigItem configItem = (ScriptConfigItem)c;
             return _vrDeployer.executeInVR(routerAccessIp, configItem.getScript(), configItem.getArgs(), timeout);
         }
-        throw new CloudRuntimeException("Unable to apply unknown configitem of type " + c.getClass().getSimpleName());
+        throw new CloudRuntimeException("Unable to apply unknown config item of type " + c.getClass().getSimpleName());
     }
 
     private Answer applyConfig(NetworkElementCommand cmd, List<ConfigItem> cfg) {
@@ -591,7 +609,7 @@ private List<ConfigItem> generateCommandCfg(NetworkElementCommand cmd) {
          * [TODO] Still have to migrate LoadBalancerConfigCommand and BumpUpPriorityCommand
          * [FIXME] Have a look at SetSourceNatConfigItem
          */
-        logger.debug("Transforming " + cmd.getClass().getCanonicalName() + " to ConfigItems");
+        logger.debug("Transforming {} to ConfigItems", cmd.getClass().getCanonicalName());
 
         final AbstractConfigItemFacade configItemFacade = AbstractConfigItemFacade.getInstance(cmd.getClass());
 

diff --git a/.../src/main/java/com/cloud/agent/resource/virtualnetwork/facade/LoadBalancerConfigItem.java b/.../src/main/java/com/cloud/agent/resource/virtualnetwork/facade/LoadBalancerConfigItem.java
@@ -38,8 +38,8 @@ public class LoadBalancerConfigItem extends AbstractConfigItemFacade {
     public List<ConfigItem> generateConfig(final NetworkElementCommand cmd) {
         final LoadBalancerConfigCommand command = (LoadBalancerConfigCommand) cmd;
 
-        final LoadBalancerConfigurator cfgtr = new HAProxyConfigurator();
-        final String[] configuration = cfgtr.generateConfiguration(command);
+        final LoadBalancerConfigurator configurator = new HAProxyConfigurator();
+        final String[] configuration = configurator.generateConfiguration(command);
 
         String routerIp = command.getNic().getIp();
         if (command.getVpcId() == null) {
@@ -49,7 +49,7 @@ public List<ConfigItem> generateConfig(final NetworkElementCommand cmd) {
         final String tmpCfgFilePath = "/etc/haproxy/";
         final String tmpCfgFileName = "haproxy.cfg.new." + String.valueOf(System.currentTimeMillis());
 
-        final String[][] allRules = cfgtr.generateFwRules(command);
+        final String[][] allRules = configurator.generateFwRules(command);
 
         final String[] addRules = allRules[LoadBalancerConfigurator.ADD];
         final String[] removeRules = allRules[LoadBalancerConfigurator.REMOVE];

diff --git a/core/src/main/java/com/cloud/network/HAProxyConfigurator.java b/core/src/main/java/com/cloud/network/HAProxyConfigurator.java
@@ -399,6 +399,8 @@ private String getLbSubRuleForStickiness(final LoadBalancerTO lbTO) {
                 sb.append("\t").append("stick-table type ip size ").append(tablesize).append(" expire ").append(expire);
                 sb.append("\n\t").append("stick on src");
             } else if (StickinessMethodType.AppCookieBased.getName().equalsIgnoreCase(stickinessPolicy.getMethodName())) {
+                // This is not needed for Virtual Router - 'appsession' is not supported since HAProxy 1.6.
+                // In case this is used only for Virtual Router, remove it in the later release.
                 /*
                  * FORMAT : appsession <cookie> len <length> timeout <holdtime>
                  * [request-learn] [prefix] [mode

diff --git a/core/src/test/java/com/cloud/agent/resource/virtualnetwork/VirtualRoutingResourceTest.java b/core/src/test/java/com/cloud/agent/resource/virtualnetwork/VirtualRoutingResourceTest.java
@@ -20,6 +20,7 @@
 package com.cloud.agent.resource.virtualnetwork;
 
 import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertFalse;
 import static org.junit.Assert.assertTrue;
 import static org.junit.Assert.fail;
 
@@ -31,6 +32,9 @@
 
 import javax.naming.ConfigurationException;
 
+import com.cloud.network.lb.LoadBalancingRule;
+import com.cloud.network.rules.LbStickinessMethod;
+import com.cloud.utils.Pair;
 import org.joda.time.Duration;
 import org.junit.Before;
 import org.junit.Ignore;
@@ -805,6 +809,36 @@ protected LoadBalancerConfigCommand generateLoadBalancerConfigCommand2() {
         return cmd;
     }
 
+    @Test
+    public void testLoadBalancerConfigCommandForAppCookie() {
+        _count = 0;
+        _file = "";
+
+        Answer answer = _resource.executeRequest(generateLoadBalancerConfigCommandWithAppCookie());
+        assertFalse(answer.getResult());
+    }
+
+    protected LoadBalancerConfigCommand generateLoadBalancerConfigCommandWithAppCookie() {
+        final List<LoadBalancerTO> lbs = new ArrayList<>();
+        final List<LbDestination> dests = new ArrayList<>();
+        dests.add(new LbDestination(80, 8080, "10.1.10.2", false));
+        dests.add(new LbDestination(80, 8080, "10.1.10.2", true));
+        final List<LoadBalancingRule.LbStickinessPolicy> stickinessPolicies = new ArrayList<>();
+        final List<Pair<String, String>> params = new ArrayList<>();
+        params.add(new Pair<>("cookie", "testcookie"));
+        params.add(new Pair<>("name", "JSESSIONID"));
+        stickinessPolicies.add(new LoadBalancingRule.LbStickinessPolicy(LbStickinessMethod.StickinessMethodType.AppCookieBased.getName(), params));
+        lbs.add(new LoadBalancerTO(UUID.randomUUID().toString(), "64.10.1.10", 80, "tcp", "algo", false, false, false, dests, stickinessPolicies));
+        final LoadBalancerTO[] arrayLbs = new LoadBalancerTO[lbs.size()];
+        lbs.toArray(arrayLbs);
+        final NicTO nic = new NicTO();
+        nic.setIp("10.1.10.2");
+        final LoadBalancerConfigCommand cmd = new LoadBalancerConfigCommand(arrayLbs, "64.10.2.10", "10.1.10.2", "192.168.1.2", nic, Long.valueOf(1), "1000", false);
+        cmd.setAccessDetail(NetworkElementCommand.ROUTER_IP, "10.1.10.2");
+        cmd.setAccessDetail(NetworkElementCommand.ROUTER_NAME, ROUTERNAME);
+        return cmd;
+    }
+
     protected void verifyFile(final LoadBalancerConfigCommand cmd, final String path, final String filename, final String content) {
         _count ++;
         switch (_count) {

diff --git a/...ncer/src/main/java/org/apache/cloudstack/network/element/InternalLoadBalancerElement.java b/...ncer/src/main/java/org/apache/cloudstack/network/element/InternalLoadBalancerElement.java
@@ -404,8 +404,6 @@ protected Map<Ip, List<LoadBalancingRule>> groupBySourceIp(List<LoadBalancingRul
 
     @Override
     public boolean validateLBRule(Network network, LoadBalancingRule rule) {
-        List<LoadBalancingRule> rules = new ArrayList<LoadBalancingRule>();
-        rules.add(rule);
         if (canHandle(network, rule.getScheme())) {
             List<DomainRouterVO> routers = _routerDao.listByNetworkAndRole(network.getId(), Role.INTERNAL_LB_VM);
             if (routers == null || routers.isEmpty()) {

diff --git a/plugins/network-elements/ovs/src/main/java/com/cloud/network/element/OvsElement.java b/plugins/network-elements/ovs/src/main/java/com/cloud/network/element/OvsElement.java
@@ -333,7 +333,7 @@ public static String getHAProxyStickinessCapability() {
                 "This is App session based sticky method. Define session stickiness on an existing application cookie. " +
                 "It can be used only for a specific http traffic");
         method.addParam("cookie-name", false, "This is the name of the cookie used by the application and which LB will " +
-                "have to learn for each new session. Default value: Auto geneared based on ip", false);
+                "have to learn for each new session. Default value: Auto generated based on ip", false);
         method.addParam("length", false, "This is the max number of characters that will be memorized and checked in " +
                 "each cookie value. Default value:52", false);
         method.addParam(

diff --git a/server/src/main/java/com/cloud/network/element/VirtualRouterElement.java b/server/src/main/java/com/cloud/network/element/VirtualRouterElement.java
@@ -474,31 +474,6 @@ public static String getHAProxyStickinessCapability() {
                 + "For the record, sending 10 domains to MSIE 6 or Firefox 2 works as expected.", false);
         methodList.add(method);
 
-        method = new LbStickinessMethod(StickinessMethodType.AppCookieBased,
-                "This is App session based sticky method. Define session stickiness on an existing application cookie. " + "It can be used only for a specific http traffic");
-        method.addParam("cookie-name", false, "This is the name of the cookie used by the application and which LB will "
-                + "have to learn for each new session. Default value: Auto geneared based on ip", false);
-        method.addParam("length", false, "This is the max number of characters that will be memorized and checked in " + "each cookie value. Default value:52", false);
-        method.addParam("holdtime", false, "This is the time after which the cookie will be removed from memory if unused. The value should be in "
-                + "the format Example : 20s or 30m  or 4h or 5d . only seconds(s), minutes(m) hours(h) and days(d) are valid,"
-                + " cannot use th combinations like 20h30m. Default value:3h ", false);
-        method.addParam(
-                "request-learn",
-                false,
-                "If this option is specified, then haproxy will be able to learn the cookie found in the request in case the server does not specify any in response. This is typically what happens with PHPSESSID cookies, or when haproxy's session expires before the application's session and the correct server is selected. It is recommended to specify this option to improve reliability",
-                true);
-        method.addParam(
-                "prefix",
-                false,
-                "When this option is specified, haproxy will match on the cookie prefix (or URL parameter prefix). "
-                        + "The appsession value is the data following this prefix. Example : appsession ASPSESSIONID len 64 timeout 3h prefix  This will match the cookie ASPSESSIONIDXXXX=XXXXX, the appsession value will be XXXX=XXXXX.",
-                        true);
-        method.addParam("mode", false, "This option allows to change the URL parser mode. 2 modes are currently supported : - path-parameters "
-                + ": The parser looks for the appsession in the path parameters part (each parameter is separated by a semi-colon), "
-                + "which is convenient for JSESSIONID for example.This is the default mode if the option is not set. - query-string :"
-                + " In this mode, the parser will look for the appsession in the query string.", false);
-        methodList.add(method);
-
         method = new LbStickinessMethod(StickinessMethodType.SourceBased, "This is source based Stickiness method, " + "it can be used for any type of protocol.");
         method.addParam("tablesize", false, "Size of table to store source ip addresses. example: tablesize=200k or 300m" + " or 400g. Default value:200k", false);
         method.addParam("expire", false, "Entry in source ip table will expire after expire duration. units can be s,m,h,d ."

diff --git a/server/src/main/java/com/cloud/network/lb/LoadBalancingRulesManagerImpl.java b/server/src/main/java/com/cloud/network/lb/LoadBalancingRulesManagerImpl.java
@@ -711,11 +711,11 @@ public boolean validateLbRule(LoadBalancingRule lbRule) {
         Network network = _networkDao.findById(lbRule.getNetworkId());
         Purpose purpose = lbRule.getPurpose();
         if (purpose != Purpose.LoadBalancing) {
-            logger.debug("Unable to validate network rules for purpose: " + purpose.toString());
+            logger.debug("Unable to validate network rules for purpose: {}", purpose.toString());
             return false;
         }
-        for (LoadBalancingServiceProvider ne : _lbProviders) {
-            boolean validated = ne.validateLBRule(network, lbRule);
+        for (LoadBalancingServiceProvider lbProvider : _lbProviders) {
+            boolean validated = lbProvider.validateLBRule(network, lbRule);
             if (!validated)
                 return false;
         }

diff --git a/server/src/main/java/com/cloud/network/router/NetworkHelper.java b/server/src/main/java/com/cloud/network/router/NetworkHelper.java
@@ -44,19 +44,19 @@
 
 public interface NetworkHelper {
 
-    public abstract boolean sendCommandsToRouter(VirtualRouter router,
-            Commands cmds) throws AgentUnavailableException, ResourceUnavailableException;
+    boolean sendCommandsToRouter(VirtualRouter router,
+                                 Commands cmds) throws AgentUnavailableException, ResourceUnavailableException;
 
-    public abstract void handleSingleWorkingRedundantRouter(
+    void handleSingleWorkingRedundantRouter(
             List<? extends VirtualRouter> connectedRouters,
             List<? extends VirtualRouter> disconnectedRouters, String reason)
                     throws ResourceUnavailableException;
 
-    public abstract NicTO getNicTO(VirtualRouter router, Long networkId,
-            String broadcastUri);
+    NicTO getNicTO(VirtualRouter router, Long networkId,
+                   String broadcastUri);
 
-    public abstract VirtualRouter destroyRouter(long routerId, Account caller,
-            Long callerUserId) throws ResourceUnavailableException,
+    VirtualRouter destroyRouter(long routerId, Account caller,
+                                Long callerUserId) throws ResourceUnavailableException,
             ConcurrentOperationException;
 
     /**
@@ -65,35 +65,35 @@ public abstract VirtualRouter destroyRouter(long routerId, Account caller,
      * @param router
      * @return
      */
-    public abstract boolean checkRouterVersion(VirtualRouter router);
-    public abstract boolean checkRouterTemplateVersion(VirtualRouter router);
+    boolean checkRouterVersion(VirtualRouter router);
+    boolean checkRouterTemplateVersion(VirtualRouter router);
 
-    public abstract List<DomainRouterVO> startRouters(
+    List<DomainRouterVO> startRouters(
             RouterDeploymentDefinition routerDeploymentDefinition)
                     throws StorageUnavailableException, InsufficientCapacityException,
                     ConcurrentOperationException, ResourceUnavailableException;
 
-    public abstract DomainRouterVO startVirtualRouter(DomainRouterVO router,
-            User user, Account caller, Map<Param, Object> params)
+    DomainRouterVO startVirtualRouter(DomainRouterVO router,
+                                      User user, Account caller, Map<Param, Object> params)
                     throws StorageUnavailableException, InsufficientCapacityException,
                     ConcurrentOperationException, ResourceUnavailableException;
 
-    public abstract DomainRouterVO deployRouter(
+    DomainRouterVO deployRouter(
             RouterDeploymentDefinition routerDeploymentDefinition, boolean startRouter)
                     throws InsufficientAddressCapacityException,
                     InsufficientServerCapacityException, InsufficientCapacityException,
                     StorageUnavailableException, ResourceUnavailableException;
 
-    public abstract void reallocateRouterNetworks(RouterDeploymentDefinition routerDeploymentDefinition, VirtualRouter router, VMTemplateVO template, HypervisorType hType)
+    void reallocateRouterNetworks(RouterDeploymentDefinition routerDeploymentDefinition, VirtualRouter router, VMTemplateVO template, HypervisorType hType)
             throws ConcurrentOperationException, InsufficientAddressCapacityException, InsufficientCapacityException;
 
-    public abstract LinkedHashMap<Network, List<? extends NicProfile>> configureDefaultNics(RouterDeploymentDefinition routerDeploymentDefinition)
+    LinkedHashMap<Network, List<? extends NicProfile>> configureDefaultNics(RouterDeploymentDefinition routerDeploymentDefinition)
             throws ConcurrentOperationException, InsufficientAddressCapacityException;
 
-    public abstract LinkedHashMap<Network, List<? extends NicProfile>> configureGuestNic(RouterDeploymentDefinition routerDeploymentDefinition)
+    LinkedHashMap<Network, List<? extends NicProfile>> configureGuestNic(RouterDeploymentDefinition routerDeploymentDefinition)
             throws ConcurrentOperationException, InsufficientAddressCapacityException;
 
-    public boolean validateHAProxyLBRule(final LoadBalancingRule rule);
+    boolean validateHAProxyLBRule(final LoadBalancingRule rule);
 
-    public Map<HypervisorType, ConfigKey<String>> getHypervisorRouterTemplateConfigMap();
+    Map<HypervisorType, ConfigKey<String>> getHypervisorRouterTemplateConfigMap();
 }