[jira] [Commented] (CLOUDSTACK-5535) Do not allow addNetwork to create NIC across VPC tiers and Isolated Networks

Wed, 08 Jan 2014 22:05:10 -0800 

    [ 
https://issues.apache.org/jira/browse/CLOUDSTACK-5535?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13866355#comment-13866355
 ] 

Marcus Sorensen commented on CLOUDSTACK-5535:
---------------------------------------------

To add a little background, the whole concept of adding a network to a VM came 
about when I was asked by one of our infrastructure guys "How do I upgrade a 
customer from a shared network to a VPC?". He didn't like the idea that he'd 
have to template the VM and deploy a new one in the VPC. Then we began talking 
about how someone might go about moving a VM from one tier to another and/or 
reconfigure their VPC, and everything ended in "copy your VM to secondary 
storage by templating it, and redeploy it". Seems much easier to just add a nic 
and delete the old. Then we began talking about configurations where someone 
might want to have a VM on two tiers, or one VM take part in two VPCs. Again 
the add/remove NIC solved that problem. 

The account owner presumably owns or has permission to use and configure all 
resources involved as they see fit, so I'm not sure what the downside would be. 
If we remove this, I don't really see much point to the add/remove NIC APIs at 
all. It cuts out most of what you'd do with it, we're left with only the 
ability to connect to disparate isolated or shared networks (but what is a VPC, 
just isolated networks + a router).

> Do not allow addNetwork to create NIC across VPC tiers and Isolated Networks 
> -----------------------------------------------------------------------------
>
>                 Key: CLOUDSTACK-5535
>                 URL: https://issues.apache.org/jira/browse/CLOUDSTACK-5535
>             Project: CloudStack
>          Issue Type: Bug
>      Security Level: Public(Anyone can view this level - this is the 
> default.) 
>          Components: API, Management Server
>    Affects Versions: 4.3.0
>            Reporter: Saksham Srivastava
>            Assignee: Saksham Srivastava
>            Priority: Critical
>             Fix For: 4.3.0
>
>
> addNetworkToVM allows adding any network to VM.
> Ideally a VM running in isolated Guest Network should not be able to add a 
> VPC tier.
> A VM running in VPC tier should not be allowed to add another tier
> A VM running in VPC tier should not be allowed to add another isolated guest 
> network.



--
This message was sent by Atlassian JIRA
(v6.1.5#6160)

Reply via email to