Abhinav Roy created CLOUDSTACK-2088:
---------------------------------------
Summary: [Dedicated Resources : Public IP Addresses per
tenant]Guest Network in a project acquires IPs at random even from the IP
ranges which are dedicated to other accounts
Key: CLOUDSTACK-2088
URL: https://issues.apache.org/jira/browse/CLOUDSTACK-2088
Project: CloudStack
Issue Type: Bug
Security Level: Public (Anyone can view this level - this is the default.)
Components: Projects
Affects Versions: 4.2.0
Reporter: Abhinav Roy
Assignee: Likitha Shetty
Fix For: 4.2.0
Steps :
===============================
1. Deploy an advanced networking setup and create an account A1
2. Now login as user of account A1 and create a project P1.
3. Browse in to the project view, create a guest network and acquire IPs
Expected behaviour :
===============================
1. The project should acquire IPs from the system pool unless some IP range is
dedicated specifically to that project account.
Observed behaviour :
===============================
1. The project network acquires IPs at random from any available range, it even
acquires IPs from the ranges which are dedicated to some other account.
Example :
-------------------------------------------------------------
Consider a IP range whose vlan_db_id is 4
mysql> SELECT * FROM cloud.vlan where id=4;
+----+--------------------------------------+----------+--------------+---------------+-----------------------------+----------------+----------------+------------+---------------------+-------------+----------+-----------+
| id | uuid | vlan_id | vlan_gateway |
vlan_netmask | description | vlan_type | data_center_id |
network_id | physical_network_id | ip6_gateway | ip6_cidr | ip6_range |
+----+--------------------------------------+----------+--------------+---------------+-----------------------------+----------------+----------------+------------+---------------------+-------------+----------+-----------+
| 4 | 1edd2349-8183-4ac2-b1a0-47d5a7309070 | untagged | 10.102.192.1 |
255.255.252.0 | 10.102.195.37-10.102.195.40 | VirtualNetwork | 1 |
200 | 200 | NULL | NULL | NULL |
+----+--------------------------------------+----------+--------------+---------------+-----------------------------+----------------+----------------+------------+---------------------+-------------+----------+-----------+
2 rows in set (0.00 sec)
Now look in the account_vlan_map table and see to which account this range is
mapped to
+----+------------+------------+
| id | account_id | vlan_db_id |
+----+------------+------------+
| 27 | 7 | 4 |
+----+------------+------------+
Again when we see in the user_ip_addresses table we find that some other
account (no. 9 the project account) has been allocated the IPs which are
dedicated to account 7
mysql> SELECT * FROM cloud.user_ip_address where account_id=9;
+----+--------------------------------------+------------+-----------+-------------------+----------------+------------+---------------------+------------+----------------+-------+-----------+-------------+-------------------+------------+---------------------+-----------+--------+-----------+
| id | uuid | account_id | domain_id |
public_ip_address | data_center_id | source_nat | allocated |
vlan_db_id | one_to_one_nat | vm_id | state | mac_address |
source_network_id | network_id | physical_network_id | is_system | vpc_id |
dnat_vmip |
+----+--------------------------------------+------------+-----------+-------------------+----------------+------------+---------------------+------------+----------------+-------+-----------+-------------+-------------------+------------+---------------------+-----------+--------+-----------+
| 15 | c34390a3-ce8c-4976-8fe9-c52a56422f24 | 9 | 4 |
10.102.195.34 | 1 | 1 | 2013-04-18 07:33:33 |
3 | 0 | NULL | Allocated | 25 | 200 |
211 | 200 | 0 | NULL | NULL |
| 16 | 1e25de1f-b51b-4a4d-8c93-203a3780a2ac | 9 | 4 |
10.102.195.35 | 1 | 0 | 2013-04-18 07:33:53 |
3 | 0 | NULL | Allocated | 26 | 200 |
211 | 200 | 0 | NULL | NULL |
| 17 | 8babc613-dfaf-4644-93fc-3efe01812e4a | 9 | 4 |
10.102.195.36 | 1 | 0 | 2013-04-18 10:58:11 |
3 | 0 | NULL | Allocated | 27 | 200 |
211 | 200 | 0 | NULL | NULL |
| 18 | 316c39cb-97d6-4c14-b766-9bc97a2c0fef | 9 | 4 |
10.102.195.37 | 1 | 0 | 2013-04-18 11:38:17 |
4 | 0 | NULL | Allocated | 28 | 200 |
211 | 200 | 0 | NULL | NULL |
| 19 | 82d0f50f-070f-4313-877d-21edf7f13c26 | 9 | 4 |
10.102.195.38 | 1 | 0 | 2013-04-18 11:43:59 |
4 | 0 | NULL | Allocated | 29 | 200 |
211 | 200 | 0 | NULL | NULL |
+----+--------------------------------------+------------+-----------+-------------------+----------------+------------+---------------------+------------+----------------+-------+-----------+-------------+-------------------+------------+---------------------+-----------+--------+-----------+
5 rows in set (0.00 sec)
mysql> SELECT * FROM cloud.account where id=9;
+----+------------------------------+--------------------------------------+------+-----------+---------+---------+----------------+----------------+-----------------+
| id | account_name | uuid |
type | domain_id | state | removed | cleanup_needed | network_domain |
default_zone_id |
+----+------------------------------+--------------------------------------+------+-----------+---------+---------+----------------+----------------+-----------------+
| 9 | PrjAcct-dom11-user-project-4 | 62ce573d-1dae-4ae2-a385-86cc2687efea |
5 | 4 | enabled | NULL | 0 | NULL |
NULL |
+----+------------------------------+--------------------------------------+------+-----------+---------+---------+----------------+----------------+-----------------+
1 row in set (0.00 sec)
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
