[
https://issues.apache.org/jira/browse/CLOUDSTACK-5535?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13867871#comment-13867871
]
Marcus Sorensen commented on CLOUDSTACK-5535:
---------------------------------------------
Ok. Honestly I'd rather see it work on nothing for VPC if we're going to make
such a change. It seems arbitrary to disallow tier-to-tier or isolated-to-tier
but allow shared-to-tier. A VM being part of a shared network and a VPC has the
same problem Alena took issue with, if I have a public shared network that can
reach the VPC's public side. It would be consistent and less confusing to say
"a vpc vm can only ever be a part of one network", and easy for me to patch out
since it could be implemented simply in the addNic api call:
if (vm.getVpcId() != null) {
return InvalidParameterValueException("VPC Virtualmachines can only have
one nic");
}
I still don't see the need to limit what one can do with a VPC, without this
patch it acts more like real infrastructure, but if we do I'd rather see it
consistent.
> Do not allow addNetwork to create NIC across VPC tiers and Isolated Networks
> -----------------------------------------------------------------------------
>
> Key: CLOUDSTACK-5535
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-5535
> Project: CloudStack
> Issue Type: Bug
> Security Level: Public(Anyone can view this level - this is the
> default.)
> Components: API, Management Server
> Affects Versions: 4.3.0
> Reporter: Saksham Srivastava
> Assignee: Saksham Srivastava
> Priority: Critical
> Fix For: 4.3.0
>
>
> addNetworkToVM allows adding any network to VM.
> Ideally a VM running in isolated Guest Network should not be able to add a
> VPC tier.
> A VM running in VPC tier should not be allowed to add another tier
> A VM running in VPC tier should not be allowed to add another isolated guest
> network.
--
This message was sent by Atlassian JIRA
(v6.1.5#6160)
