weizhouapache commented on code in PR #12487:
URL: https://github.com/apache/cloudstack/pull/12487#discussion_r2888811073
##########
server/src/main/java/com/cloud/network/IpAddressManagerImpl.java:
##########
@@ -2647,4 +2659,31 @@ public void updateSourceNatIpAddress(IPAddressVO
requestedIp, List<IPAddressVO>
});
}
+ @Override
+ public Long getPreferredNetworkIdForPublicIpRuleAssignment(IpAddress ip,
Long networkId) {
+ boolean vpcConserveMode = isPublicIpOnVpcConserveMode(ip);
+ return getPreferredNetworkIdForRule(ip, vpcConserveMode, networkId);
+ }
+
+ protected Long getPreferredNetworkIdForRule(IpAddress ip, boolean
vpcConserveModeEnabled, Long networkId) {
+ if (vpcConserveModeEnabled) {
+ // Since VPC Conserve mode allows rules from multiple VPC tiers,
always check the networkId parameter first
+ return networkId != null ? networkId :
ip.getAssociatedWithNetworkId();
Review Comment:
@nvazquez
will the IP be associated to a network in VPC conserve mode ?
in my opinion, it should not, so `ip.getAssociatedWithNetworkId()` will
always be null.
in that case, user may have to specify the `networkId` when create a LB or
PF in VPC conserve mode. I think there is no backward compatibility issue as
VPC conserve mode is a new feature.
cc @harikrishna-patnala
btw, I think when configure Firewall rules on a public IP in VPC conserve
mode, the networkId is not mandatory as IP might not be used by any VM or
network or rules. in this case, we check if Firewall service is supported in
VPC offering.
in non-conserve mode, the `networkId` or `ip.getAssociatedWithNetworkId()`
should not be null, we check if Firewall service is supported in network
offering.
does it make sense ?
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
