cloudstack-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Alena Prokharchyk <Alena.Prokharc...@citrix.com>
Subject RE: Adding a public range for an account
Date Wed, 25 Apr 2012 00:04:52 GMT
Follow up on Account specific public ip range. 

1) The feature is broken in 3.0.1. Here is the workaround to switch account specific vlans
to regular vlans - requires DB changes.

* get vlan id - select id from vlan;

* delete the vlan-account ref using the query:

delete from account_vlan_map where vlan_db_id=<vlanId>

* mark all ip addresses as free in user_ip_address table using the query:

update user_ip_address set account_id=null, domain_id=null, source_nat=0, allocated=null,
state='Free', network_id=null where vlan_db_id=<vlanId>;



2) The feature is fixed in 3.0.2 branch (release date is next week). Here is the doc explaining
the feature use cases:

http://wiki.cloudstack.org/display/RelOps/Adding+public+Vlan+per+account


Let me know if you have any problems switching account specific ranges to zone wide in 3.0.1

-Alena.

-----Original Message-----
From: Alena Prokharchyk [mailto:Alena.Prokharchyk@citrix.com] 
Sent: Tuesday, April 24, 2012 11:34 AM
To: 'dan@soleks.com'
Cc: cloudstack-users@incubator.apache.org
Subject: RE: Adding a public range for an account

Dan/all,

I’ve just done code review and some testing for the feature. Looks like it’s broken in
3.0.1.

4) mentioned in your email should display ips as available for rules creation. But due to
the bug in 3.0.1, the ips are being associated with the wrong network (Public network instead
of Guest), therefore you don’t see it under your Guest network tab.

The feature will be fixed in 3.0.2 - planning to be released next week.

-Alena.

From: dan@soleks.com [mailto:dan@soleks.com]
Sent: Tuesday, April 24, 2012 12:06 PM
To: Alena Prokharchyk
Cc: cloudstack-users@incubator.apache.org
Subject: RE: Adding a public range for an account

Alena,

Here is not clear.

Ok, step by step with results i have.

1) Created domain and created domain administrator account.
2) Login as account form step 1), created isolated guest network with NAT service - network
is 10.1.2.0/24
3) Login as cloud admin, created public network and assigned it to account from step 1), public
network is 192.168.233.0/24, gw 192.168.233.254, vlan 101 (default zone wide network is 192.168.232.0/24,
vlan 100)
4) Login as account from step 1), I can't do firewall/PF/LB manipulation at this moment because
i don't have any public IPs yet
5) Requesting public IP for my guest network which is 10.1.2.0/24 and getting IP from 192.168.232.0/24
which zone wide network.

At this point i don't see any options to get IP from 192.168.233.0/24.

> Dan,
>
> First of all, adding public ip range per account will work only for 
> the case when the account owns only one Guest Isolated network. Or if 
> account doesn’t have any, we should automatically create Guest network 
> for him (based on your findings, this part is broken).
> Ip addresses from account specific network are Allocated and 
> associated to the account’s guest network from the moment the range is 
> added, so you can start using them for PF/LB/Static nat rules creation 
> right away.
>
> When you request a new ip, it can be taken from Public (zone wide) ip 
> addresses pool – and only Free ips can be taken for consideration.
>
> We should have done a better job by documenting all these cases, I’ll 
> make sure it’s created today and passed to the community right away.
>
> -Alena.
>
> From: dan@soleks.com<mailto:dan@soleks.com> 
> [mailto:dan@soleks.com]<mailto:[mailto:dan@soleks.com]>
> Sent: Tuesday, April 24, 2012 11:21 AM
> To: Alena Prokharchyk
> Cc: 
> cloudstack-users@incubator.apache.org<mailto:cloudstack-users@incubato
> r.apache.org>
> Subject: RE: Adding a public range for an account
>
> Alena,
> Ok, that is pretty clear and logically, but why when I'm requesting 
> new IP using account with associated network, provided IP is coming 
> from default network, but not from allocated for that account.
>
>> Dan,
>>
>> When public ip address range is created per account, all ip addresses 
>> from this range immediately get allocated to the account . You can't 
>> release single ip from account specific range with 
>> disassociateIpAddress command. The only one way to release account 
>> specific ips - delete the entire range (using deleteVlanIpRange api).
>>
>> I'll make sure we create document for this feature, and I'll pass it 
>> to you/community once it's done.
>>
>> -Alena.
>>
>> -----Original Message-----
>> From: 
>> dan@soleks.com<mailto:dan@soleks.com<mailto:dan@soleks.com%3cmailto:d
>> an@soleks.com>> 
>> [mailto:dan@soleks.com]<mailto:[mailto:dan@soleks.com]><mailto:[mailt
>> o:dan@soleks.com]>
>> Sent: Tuesday, April 24, 2012 10:52 AM
>> To:
>> cloudstack-users@incubator.apache.org<mailto:cloudstack-users@incubat
>> or.apache.org<mailto:cloudstack-users@incubator.apache.org%3cmailto:c
>> loudstack-users@incubator.apache.org>>
>> Subject: Re: Adding a public range for an account
>>
>> Clayton, it's borei, can you please post mine
>>
>> Hi All,
>> I created new public network via infrastructure->zone->physical
>> network->public->IP range menu and assigned it to account in non-root
>> domain. Private network was also created for that account. When i use 
>> that account and trying to request IP, IP was chosen from default 
>> public network, not from created above. Dashboard also shows that all 
>> IPs in that new network occupied. I looked into database and found 
>> that all IPs are in the "Allocated" state and there is no UUID for 
>> them. Can somebody gimme explanation how should it work and what is 
>> correct behaviour.
>>
>>> In CS 3.0.1 with advanced networking.  I was trying to add a new 
>>> public IP range for a specific account.  I went into the physical 
>>> network, added a new range and specified the domain and account that 
>>> it was to belong to.  It was a brand new account so it didn't have 
>>> any existing instances, nor did it have a virtual router.  When 
>>> adding the first instance I got the following error:
>>>
>>> http://paste.cloudstack.org/SSEO/
>>>
>>> Did I do something wrong?  Is there an additional step I should have 
>>> done in order to associate a new IP range with a specific account?
>>>
>>> Thanks,
>>> Clayton
>>>
>>
>>
>> ----------------------------------------------------------------
>> This message was sent using IMP, the Internet Messaging Program.
>>
>
>
> ----------------------------------------------------------------
> This message was sent using IMP, the Internet Messaging Program.
>


----------------------------------------------------------------
This message was sent using IMP, the Internet Messaging Program.
Mime
View raw message