[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9694?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15767636#comment-15767636
 ] 

Sudhansu Sahu commented on CLOUDSTACK-9694:
-------------------------------------------

Root Cause: Update resource count command recalculates the resource count. 
While computing public IP we are not considering the ips allocated to VPC.

ResourceLimitManagerImpl.java -> calculatePublicIpForAccount() -> 
IPAddressDaoImpl.countAllocatedIPsForAccount()

Currently we have below query builder. Which does not consider vpc_id column.
{noformat}
        AllocatedIpCountForAccount = createSearchBuilder(Long.class);
        AllocatedIpCountForAccount.select(null, Func.COUNT, 
AllocatedIpCountForAccount.entity().getAddress());
        AllocatedIpCountForAccount.and("account", 
AllocatedIpCountForAccount.entity().getAllocatedToAccountId(), Op.EQ);
        AllocatedIpCountForAccount.and("allocated", 
AllocatedIpCountForAccount.entity().getAllocatedTime(), Op.NNULL);
        AllocatedIpCountForAccount.and("network", 
AllocatedIpCountForAccount.entity().getAssociatedWithNetworkId(), Op.NNULL);
        AllocatedIpCountForAccount.done();
{noformat}
it generates below sql query

SELECT COUNT(user_ip_address.public_ip_address) FROM user_ip_address WHERE 
user_ip_address.account_id = 6  AND user_ip_address.allocated IS NOT NULL  AND 
user_ip_address.network_id IS NOT NULL  AND user_ip_address.removed IS NULL

Fix:
Add vpc_id check in query.
{noformat}
        AllocatedIpCountForAccount = createSearchBuilder(Long.class);
        AllocatedIpCountForAccount.select(null, Func.COUNT, 
AllocatedIpCountForAccount.entity().getAddress());
        AllocatedIpCountForAccount.and("account", 
AllocatedIpCountForAccount.entity().getAllocatedToAccountId(), Op.EQ);
        AllocatedIpCountForAccount.and("allocated", 
AllocatedIpCountForAccount.entity().getAllocatedTime(), Op.NNULL);
        AllocatedIpCountForAccount.and().op("network", 
AllocatedIpCountForAccount.entity().getAssociatedWithNetworkId(), Op.NNULL);
        AllocatedIpCountForAccount.or("vpc", 
AllocatedIpCountForAccount.entity().getVpcId(), Op.NNULL);
        AllocatedIpCountForAccount.cp();
        AllocatedIpCountForAccount.done();
{noformat}
SQL:

SELECT COUNT(user_ip_address.public_ip_address) FROM user_ip_address WHERE 
user_ip_address.account_id = 6  AND user_ip_address.allocated IS NOT NULL  AND 
( user_ip_address.network_id IS NOT NULL or user_ip_address.vpc_id IS NOT NULL) 
AND user_ip_address.removed IS NULL



> Unable to limit the Public IPs in VPC
> -------------------------------------
>
>                 Key: CLOUDSTACK-9694
>                 URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9694
>             Project: CloudStack
>          Issue Type: Bug
>      Security Level: Public(Anyone can view this level - this is the 
> default.) 
>          Components: Management Server
>    Affects Versions: 4.9.0
>            Reporter: Sudhansu Sahu
>            Assignee: Sudhansu Sahu
>
> Unable to limit the Public IPs in VPC.
> In VPC network, while acquiring the IP addresses, in the resource_count 
> table, count for the domain is getting increased. However, when the resource 
> count is updated at Domain level, resource count is getting reverted to only 
> non-vpc ip count.
> Steps to Reproduce:
> 1. Create a VPC
> 2. Create a VPC tier.
> 3. Check resource_count table and note the ip address count. (say 1) 
> 4. Keep acquiring the IP addresses, (say 4 IP addresses). Now new ip address 
> count resource_count table is 5.
> 5. update the resource count at domain level.
> 6. the resource_count is updated back 1



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Reply via email to