[ https://issues.apache.org/jira/browse/CLOUDSTACK-9694?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15767809#comment-15767809 ]
ASF GitHub Bot commented on CLOUDSTACK-9694: -------------------------------------------- GitHub user sudhansu7 opened a pull request: https://github.com/apache/cloudstack/pull/1850 CLOUDSTACK-9694: Unable to limit the Public IPs in VPC Unable to limit the Public IPs in VPC. In VPC network, while acquiring the IP addresses, in the resource_count table, count for the domain is getting increased. However, when the resource count is updated at Domain level, resource count is getting reverted to only non-vpc ip count. Steps to Reproduce: 1. Create a VPC 2. Create a VPC tier. 3. Check resource_count table and note the ip address count. (say 1) 4. Keep acquiring the IP addresses, (say 4 IP addresses). Now new ip address count resource_count table is 5. 5. update the resource count at domain level. 6. the resource_count is updated back 1 Root Cause: Update resource count command recalculates the resource count. While computing public IP we are not considering the ips allocated to VPC. ResourceLimitManagerImpl.java -> calculatePublicIpForAccount() -> IPAddressDaoImpl.countAllocatedIPsForAccount() Currently we have below query builder. Which does not consider vpc_id column. ``` AllocatedIpCountForAccount = createSearchBuilder(Long.class); AllocatedIpCountForAccount.select(null, Func.COUNT, AllocatedIpCountForAccount.entity().getAddress()); AllocatedIpCountForAccount.and("account", AllocatedIpCountForAccount.entity().getAllocatedToAccountId(), Op.EQ); AllocatedIpCountForAccount.and("allocated", AllocatedIpCountForAccount.entity().getAllocatedTime(), Op.NNULL); AllocatedIpCountForAccount.and("network", AllocatedIpCountForAccount.entity().getAssociatedWithNetworkId(), Op.NNULL); AllocatedIpCountForAccount.done(); ``` it generates below sql query ``` SELECT COUNT(user_ip_address.public_ip_address) FROM user_ip_address WHERE user_ip_address.account_id = 6 AND user_ip_address.allocated IS NOT NULL AND user_ip_address.network_id IS NOT NULL AND user_ip_address.removed IS NULL ``` Fix: Add vpc_id check in query. ``` AllocatedIpCountForAccount = createSearchBuilder(Long.class); AllocatedIpCountForAccount.select(null, Func.COUNT, AllocatedIpCountForAccount.entity().getAddress()); AllocatedIpCountForAccount.and("account", AllocatedIpCountForAccount.entity().getAllocatedToAccountId(), Op.EQ); AllocatedIpCountForAccount.and("allocated", AllocatedIpCountForAccount.entity().getAllocatedTime(), Op.NNULL); AllocatedIpCountForAccount.and().op("network", AllocatedIpCountForAccount.entity().getAssociatedWithNetworkId(), Op.NNULL); AllocatedIpCountForAccount.or("vpc", AllocatedIpCountForAccount.entity().getVpcId(), Op.NNULL); AllocatedIpCountForAccount.cp(); AllocatedIpCountForAccount.done(); ``` SQL: ``` SELECT COUNT(user_ip_address.public_ip_address) FROM user_ip_address WHERE user_ip_address.account_id = 6 AND user_ip_address.allocated IS NOT NULL AND ( user_ip_address.network_id IS NOT NULL or user_ip_address.vpc_id IS NOT NULL) AND user_ip_address.removed IS NULL ``` You can merge this pull request into a Git repository by running: $ git pull https://github.com/sudhansu7/cloudstack CLOUDSTACK-9694 Alternatively you can review and apply these changes as the patch at: https://github.com/apache/cloudstack/pull/1850.patch To close this pull request, make a commit to your master/trunk branch with (at least) the following in the commit message: This closes #1850 ---- commit 24837f655033583388bb608f63039f8e341c16d3 Author: Sudhansu <sudhansu.s...@accelerite.com> Date: 2016-12-21T18:24:01Z CLOUDSTACK-9694: Unable to limit the Public IPs in VPC Added missing clause to check for vpc_id ---- > Unable to limit the Public IPs in VPC > ------------------------------------- > > Key: CLOUDSTACK-9694 > URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9694 > Project: CloudStack > Issue Type: Bug > Security Level: Public(Anyone can view this level - this is the > default.) > Components: Management Server > Affects Versions: 4.9.0 > Reporter: Sudhansu Sahu > Assignee: Sudhansu Sahu > > Unable to limit the Public IPs in VPC. > In VPC network, while acquiring the IP addresses, in the resource_count > table, count for the domain is getting increased. However, when the resource > count is updated at Domain level, resource count is getting reverted to only > non-vpc ip count. > Steps to Reproduce: > 1. Create a VPC > 2. Create a VPC tier. > 3. Check resource_count table and note the ip address count. (say 1) > 4. Keep acquiring the IP addresses, (say 4 IP addresses). Now new ip address > count resource_count table is 5. > 5. update the resource count at domain level. > 6. the resource_count is updated back 1 -- This message was sent by Atlassian JIRA (v6.3.4#6332)