cloudstack: Dedication of public IP ranges broken after upgrade to 4.17.0.1

ISSUE TYPE
  • Bug Report
COMPONENT NAME
API, UI, SSVM, CPVM
CLOUDSTACK VERSION
4.17.0.1
CONFIGURATION

1 Zone, Advanced networking, 3 domains

OS / ENVIRONMENT

All running Ubuntu 20.04.5 Database mysql 8

SUMMARY

Existing configuration (working running CS 4.16.1) System_Root

details

Setting system.vm.public.reservation.mode.strictness = true

After upgrade: While deploying SSVM / CPVM, dedicated IP Ranges for use of system VMs aren’t concidert for deployment. With system.vm.public.reservation.mode.strictness enabled, a deployment of SSVM / CPVM fails “due to Insufficent address capacity”. With system.vm.public.reservation.mode.strictness set to ‘false’ deployment is successfull while using IP ranges not marked as dedicated for system VMs. Newly created IP ranges with dedication for systemVMs aren’t stored or found in db table domain_vlan_map. Also prior used ip ranges dedicated for systemVMs aren’t referenced in domain_vlan_map.

Currently tested with public IP addresses. Not tested with “strictness” for management IP addresses.

STEPS TO REPRODUCE
  • Create IP range for public IPs with dedication for system VMs enabled
  • Change setting system.vm.public.reservation.mode.strictness to true
  • Destroy existing CPVM / SSVM
EXPECTED RESULTS
- Table `domain_vlan_map` shows entry for newly created IP range (stored as new vlan) assigned to domain
- System VMs are successfully deployed using IPs from the dedicated IP range
ACTUAL RESULTS
- Table `domain_vlan_map` shows no entry
- Deployment of systemVMs  fails due to insufficent address capacity
- Changeing setting `system.vm.public.reservation.mode.strictness` to "false"
   --> deployment successfull using IP range of domain not dedicated for systemVMs

About this issue

  • Original URL
  • State: closed
  • Created 2 years ago
  • Comments: 26 (16 by maintainers)

Commits related to this issue

Most upvoted comments

The Query returns all vlans which are exclusiv for the usage of systemvms - numbers '9’we and ‘17’ and are shown in the gui as ‘domain = root’ and ‘account = system’. Like the screenshot in the post above https://github.com/apache/cloudstack/issues/6698#issuecomment-1237019304 These VLANs are not present - neither in ‘account_vlan_map’ nor ‘domain_vlan_map’. And as you wrote above - that is to be expected.

However - as written beforehand (#6698 (comment)) - That’s where i find the concept or nameing a bit confusing. Looking at the sql from my instance there is currently no way that this is going to work as intended and the nameing in the gui itself is to some degree misleading.

thanks @Hudratronium , for all the information.

I can reproduce the issue if (1) use.system.public.ips = true (2) system.vm.public.ip.reservation.mode.strictness = true (3) there is a dedicated IP range for ROOT domain (4) there is a dedicated IP range for SystemVMs

Your comment in https://github.com/apache/cloudstack/issues/6698#issuecomment-1236740037 is correct. We need to add a record in account_vlan_map (for ROOT/system) or change the logic of picking up a public ip address. I will look into it.

+1
weizhouapache on Jan 13, 2023

Thanks @Hudratronium - I will book some time to try replicating it for an upgraded environment

+1
nvazquez on Sep 13, 2022
Read more comments on GitHub
← cloudstack: Custom Constrained Service Offering vs Qemu - CPU topology doesn't match maximum vcpu count
cloudstack: Duplicated guest OSes in ACS 4.18.0.0 →