Return-Path: X-Original-To: archive-asf-public-internal@cust-asf2.ponee.io Delivered-To: archive-asf-public-internal@cust-asf2.ponee.io Received: from cust-asf.ponee.io (cust-asf.ponee.io [163.172.22.183]) by cust-asf2.ponee.io (Postfix) with ESMTP id 53E31200D2B for ; Thu, 2 Nov 2017 13:43:06 +0100 (CET) Received: by cust-asf.ponee.io (Postfix) id 5280A1609EE; Thu, 2 Nov 2017 12:43:06 +0000 (UTC) Delivered-To: archive-asf-public@cust-asf.ponee.io Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by cust-asf.ponee.io (Postfix) with SMTP id 9B2FE160BE5 for ; Thu, 2 Nov 2017 13:43:05 +0100 (CET) Received: (qmail 92824 invoked by uid 500); 2 Nov 2017 12:43:04 -0000 Mailing-List: contact issues-help@cloudstack.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@cloudstack.apache.org Delivered-To: mailing list issues@cloudstack.apache.org Received: (qmail 92813 invoked by uid 500); 2 Nov 2017 12:43:04 -0000 Delivered-To: apmail-incubator-cloudstack-issues@incubator.apache.org Received: (qmail 92810 invoked by uid 99); 2 Nov 2017 12:43:04 -0000 Received: from pnap-us-west-generic-nat.apache.org (HELO spamd3-us-west.apache.org) (209.188.14.142) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 02 Nov 2017 12:43:04 +0000 Received: from localhost (localhost [127.0.0.1]) by spamd3-us-west.apache.org (ASF Mail Server at spamd3-us-west.apache.org) with ESMTP id D99DF18072D for ; Thu, 2 Nov 2017 12:43:03 +0000 (UTC) X-Virus-Scanned: Debian amavisd-new at spamd3-us-west.apache.org X-Spam-Flag: NO X-Spam-Score: -99.202 X-Spam-Level: X-Spam-Status: No, score=-99.202 tagged_above=-999 required=6.31 tests=[KAM_ASCII_DIVIDERS=0.8, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001, USER_IN_WHITELIST=-100] autolearn=disabled Received: from mx1-lw-us.apache.org ([10.40.0.8]) by localhost (spamd3-us-west.apache.org [10.40.0.10]) (amavisd-new, port 10024) with ESMTP id RVRBnUnNZVyg for ; Thu, 2 Nov 2017 12:43:03 +0000 (UTC) Received: from mailrelay1-us-west.apache.org (mailrelay1-us-west.apache.org [209.188.14.139]) by mx1-lw-us.apache.org (ASF Mail Server at mx1-lw-us.apache.org) with ESMTP id C2F486116A for ; Thu, 2 Nov 2017 12:43:02 +0000 (UTC) Received: from jira-lw-us.apache.org (unknown [207.244.88.139]) by mailrelay1-us-west.apache.org (ASF Mail Server at mailrelay1-us-west.apache.org) with ESMTP id C7FB6E2592 for ; Thu, 2 Nov 2017 12:43:01 +0000 (UTC) Received: from jira-lw-us.apache.org (localhost [127.0.0.1]) by jira-lw-us.apache.org (ASF Mail Server at jira-lw-us.apache.org) with ESMTP id E5C2E24170 for ; Thu, 2 Nov 2017 12:43:00 +0000 (UTC) Date: Thu, 2 Nov 2017 12:43:00 +0000 (UTC) From: "ASF GitHub Bot (JIRA)" To: cloudstack-issues@incubator.apache.org Message-ID: In-Reply-To: References: Subject: [jira] [Commented] (CLOUDSTACK-10109) Enable dedication of public IPs to SSVM and CPVM MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-JIRA-FingerPrint: 30527f35849b9dde25b450d4833f0394 archived-at: Thu, 02 Nov 2017 12:43:06 -0000 [ https://issues.apache.org/jira/browse/CLOUDSTACK-10109?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16235666#comment-16235666 ] ASF GitHub Bot commented on CLOUDSTACK-10109: --------------------------------------------- nitin-maharana commented on a change in pull request #2295: CLOUDSTACK-10109: Enable dedication of public IPs to SSVM and CPVM URL: https://github.com/apache/cloudstack/pull/2295#discussion_r148519700 ########## File path: server/src/com/cloud/network/guru/PublicNetworkGuru.java ########## @@ -115,7 +115,11 @@ protected PublicNetworkGuru() { protected void getIp(NicProfile nic, DataCenter dc, VirtualMachineProfile vm, Network network) throws InsufficientVirtualNetworkCapacityException, InsufficientAddressCapacityException, ConcurrentOperationException { if (nic.getIPv4Address() == null) { - PublicIp ip = _ipAddrMgr.assignPublicIpAddress(dc.getId(), null, vm.getOwner(), VlanType.VirtualNetwork, null, null, false); + boolean forSystemVms = false; + if (vm.getType().equals(VirtualMachine.Type.ConsoleProxy) || vm.getType().equals(VirtualMachine.Type.SecondaryStorageVm)) { + forSystemVms = true; Review comment: @nvazquez, I just went with the flow and found out there already exists a column name ("is_system") in user_ip_address table. Can you please see if you can make use of that instead of creating a new one ("forsystemvms"). ---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: users@infra.apache.org > Enable dedication of public IPs to SSVM and CPVM > ------------------------------------------------ > > Key: CLOUDSTACK-10109 > URL: https://issues.apache.org/jira/browse/CLOUDSTACK-10109 > Project: CloudStack > Issue Type: Improvement > Security Level: Public(Anyone can view this level - this is the default.) > Reporter: Nicolas Vazquez > Assignee: Nicolas Vazquez > Priority: Major > Attachments: public01.png, public02.png, public03.png > > > It is required to dedicate a public IP range for SSVM and CPVM in order to apply firewall rules to control inbound access. -- This message was sent by Atlassian JIRA (v6.4.14#64029)