[ https://issues.apache.org/jira/browse/CLOUDSTACK-9694?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15767636#comment-15767636 ]
Sudhansu Sahu commented on CLOUDSTACK-9694: ------------------------------------------- Root Cause: Update resource count command recalculates the resource count. While computing public IP we are not considering the ips allocated to VPC. ResourceLimitManagerImpl.java -> calculatePublicIpForAccount() -> IPAddressDaoImpl.countAllocatedIPsForAccount() Currently we have below query builder. Which does not consider vpc_id column. {noformat} AllocatedIpCountForAccount = createSearchBuilder(Long.class); AllocatedIpCountForAccount.select(null, Func.COUNT, AllocatedIpCountForAccount.entity().getAddress()); AllocatedIpCountForAccount.and("account", AllocatedIpCountForAccount.entity().getAllocatedToAccountId(), Op.EQ); AllocatedIpCountForAccount.and("allocated", AllocatedIpCountForAccount.entity().getAllocatedTime(), Op.NNULL); AllocatedIpCountForAccount.and("network", AllocatedIpCountForAccount.entity().getAssociatedWithNetworkId(), Op.NNULL); AllocatedIpCountForAccount.done(); {noformat} it generates below sql query SELECT COUNT(user_ip_address.public_ip_address) FROM user_ip_address WHERE user_ip_address.account_id = 6 AND user_ip_address.allocated IS NOT NULL AND user_ip_address.network_id IS NOT NULL AND user_ip_address.removed IS NULL Fix: Add vpc_id check in query. {noformat} AllocatedIpCountForAccount = createSearchBuilder(Long.class); AllocatedIpCountForAccount.select(null, Func.COUNT, AllocatedIpCountForAccount.entity().getAddress()); AllocatedIpCountForAccount.and("account", AllocatedIpCountForAccount.entity().getAllocatedToAccountId(), Op.EQ); AllocatedIpCountForAccount.and("allocated", AllocatedIpCountForAccount.entity().getAllocatedTime(), Op.NNULL); AllocatedIpCountForAccount.and().op("network", AllocatedIpCountForAccount.entity().getAssociatedWithNetworkId(), Op.NNULL); AllocatedIpCountForAccount.or("vpc", AllocatedIpCountForAccount.entity().getVpcId(), Op.NNULL); AllocatedIpCountForAccount.cp(); AllocatedIpCountForAccount.done(); {noformat} SQL: SELECT COUNT(user_ip_address.public_ip_address) FROM user_ip_address WHERE user_ip_address.account_id = 6 AND user_ip_address.allocated IS NOT NULL AND ( user_ip_address.network_id IS NOT NULL or user_ip_address.vpc_id IS NOT NULL) AND user_ip_address.removed IS NULL > Unable to limit the Public IPs in VPC > ------------------------------------- > > Key: CLOUDSTACK-9694 > URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9694 > Project: CloudStack > Issue Type: Bug > Security Level: Public(Anyone can view this level - this is the > default.) > Components: Management Server > Affects Versions: 4.9.0 > Reporter: Sudhansu Sahu > Assignee: Sudhansu Sahu > > Unable to limit the Public IPs in VPC. > In VPC network, while acquiring the IP addresses, in the resource_count > table, count for the domain is getting increased. However, when the resource > count is updated at Domain level, resource count is getting reverted to only > non-vpc ip count. > Steps to Reproduce: > 1. Create a VPC > 2. Create a VPC tier. > 3. Check resource_count table and note the ip address count. (say 1) > 4. Keep acquiring the IP addresses, (say 4 IP addresses). Now new ip address > count resource_count table is 5. > 5. update the resource count at domain level. > 6. the resource_count is updated back 1 -- This message was sent by Atlassian JIRA (v6.3.4#6332)