Global config to disable an account from acquiring public ips and guest vlans from the system if the account

has dedicated resources and the dedicated resources have all been consumed - use.system.public.ips and use.system.guest.vlans Both configs are configurable at the account level too.
2025-11-03 04:12:31 +01:00 · 2013-06-14 14:51:08 +05:30 · 2013-06-14 14:51:08 +05:30 · 770cf02ccf
commit 770cf02ccf
parent 28b598b4ac
9 changed files with 41 additions and 12 deletions
--- a/engine/schema/src/com/cloud/dc/dao/DataCenterDao.java
+++ b/engine/schema/src/com/cloud/dc/dao/DataCenterDao.java
@ -36,7 +36,7 @@ public interface DataCenterDao extends GenericDao<DataCenterVO, Long> {
    Pair<String, Long> allocatePrivateIpAddress(long id, long podId, long instanceId, String reservationId);
    DataCenterIpAddressVO allocatePrivateIpAddress(long id, String reservationId);
    String allocateLinkLocalIpAddress(long id, long podId, long instanceId, String reservationId);
-    String allocateVnet(long dcId, long physicalNetworkId, long accountId, String reservationId);
+    String allocateVnet(long dcId, long physicalNetworkId, long accountId, String reservationId, boolean canUseSystemGuestVlans);
    
    void releaseVnet(String vnet, long dcId, long physicalNetworkId, long accountId, String reservationId);
    void releasePrivateIpAddress(String ipAddress, long dcId, Long instanceId);
--- a/engine/schema/src/com/cloud/dc/dao/DataCenterDaoImpl.java
+++ b/engine/schema/src/com/cloud/dc/dao/DataCenterDaoImpl.java
@ -192,22 +192,27 @@ public class DataCenterDaoImpl extends GenericDaoBase<DataCenterVO, Long> implem
    }

    @Override
-    public String allocateVnet(long dataCenterId, long physicalNetworkId, long accountId, String reservationId) {
+    public String allocateVnet(long dataCenterId, long physicalNetworkId, long accountId, String reservationId,
+            boolean canUseSystemGuestVlans) {
        ArrayList<Long> dedicatedVlanDbIds = new ArrayList<Long>();
+        boolean useDedicatedGuestVlans = false;
        List<AccountGuestVlanMapVO> maps = _accountGuestVlanMapDao.listAccountGuestVlanMapsByAccount(accountId);
        for (AccountGuestVlanMapVO map : maps) {
            dedicatedVlanDbIds.add(map.getId());
        }
        if (dedicatedVlanDbIds != null && !dedicatedVlanDbIds.isEmpty()) {
+            useDedicatedGuestVlans = true;
            DataCenterVnetVO vo = _vnetAllocDao.take(physicalNetworkId, accountId, reservationId, dedicatedVlanDbIds);
            if (vo != null)
                return vo.getVnet();
        }
-        DataCenterVnetVO vo = _vnetAllocDao.take(physicalNetworkId, accountId, reservationId, null);
-        if (vo == null) {
-            return null;
+        if (!useDedicatedGuestVlans || (useDedicatedGuestVlans && canUseSystemGuestVlans)) {
+            DataCenterVnetVO vo = _vnetAllocDao.take(physicalNetworkId, accountId, reservationId, null);
+            if (vo != null) {
+                return vo.getVnet();
+            }
        }
-        return vo.getVnet();
+        return null;
    }

    @Override
--- a/plugins/network-elements/bigswitch-vns/src/com/cloud/network/guru/BigSwitchVnsGuestNetworkGuru.java
+++ b/plugins/network-elements/bigswitch-vns/src/com/cloud/network/guru/BigSwitchVnsGuestNetworkGuru.java
@ -162,7 +162,7 @@ public class BigSwitchVnsGuestNetworkGuru extends GuestNetworkGuru {
        }

        String vnet = _dcDao.allocateVnet(dcId, physicalNetworkId,
-                        network.getAccountId(), context.getReservationId());
+                network.getAccountId(), context.getReservationId(), canUseSystemGuestVlan(network.getAccountId()));
        if (vnet == null) {
            throw new InsufficientVirtualNetworkCapcityException("Unable to allocate vnet as a " +
                        "part of network " + network + " implement ", DataCenter.class, dcId);
--- a/plugins/network-elements/ovs/src/com/cloud/network/guru/OvsGuestNetworkGuru.java
+++ b/plugins/network-elements/ovs/src/com/cloud/network/guru/OvsGuestNetworkGuru.java
@ -94,7 +94,8 @@ public class OvsGuestNetworkGuru extends GuestNetworkGuru {
    protected void allocateVnet(Network network, NetworkVO implemented, long dcId,
            long physicalNetworkId, String reservationId) throws InsufficientVirtualNetworkCapcityException {
        if (network.getBroadcastUri() == null) {
-            String vnet = _dcDao.allocateVnet(dcId, physicalNetworkId, network.getAccountId(), reservationId);
+            String vnet = _dcDao.allocateVnet(dcId, physicalNetworkId, network.getAccountId(), reservationId,
+                    canUseSystemGuestVlan(network.getAccountId()));
            if (vnet == null) {
                throw new InsufficientVirtualNetworkCapcityException("Unable to allocate vnet as a part of network " + network + " implement ", DataCenter.class, dcId);
            }
--- a/server/src/com/cloud/configuration/Config.java
+++ b/server/src/com/cloud/configuration/Config.java
@ -216,7 +216,14 @@ public enum Config {
    AlertPurgeInterval("Advanced", ManagementServer.class, Integer.class, "alert.purge.interval", "86400", "The interval (in seconds) to wait before running the alert purge thread", null),
    AlertPurgeDelay("Advanced", ManagementServer.class, Integer.class, "alert.purge.delay", "0", "Alerts older than specified number days will be purged. Set this value to 0 to never delete alerts", null),
    HostReservationReleasePeriod("Advanced", ManagementServer.class, Integer.class, "host.reservation.release.period", "300000", "The interval in milliseconds between host reservation release checks", null),
-    
+    UseSystemPublicIps("Advanced", ManagementServer.class, Boolean.class, "use.system.public.ips", "true",
+            "If true, when account has dedicated public ip range(s), once the ips dedicated to the account have been" +
+            " consumed ips will be acquired from the system pool",
+            null, ConfigurationParameterScope.account.toString()),
+    UseSystemGuestVlans("Advanced", ManagementServer.class, Boolean.class, "use.system.guest.vlans", "true",
+                "If true, when account has dedicated guest vlan range(s), once the vlans dedicated to the account have been" +
+                " consumed vlans will be allocated from the system pool",
+                null, ConfigurationParameterScope.account.toString()),

    // LB HealthCheck Interval.
    LBHealthCheck("Advanced", ManagementServer.class, String.class, "healthcheck.update.interval", "600",
--- a/server/src/com/cloud/network/NetworkManagerImpl.java
+++ b/server/src/com/cloud/network/NetworkManagerImpl.java
@ -445,7 +445,10 @@ public class NetworkManagerImpl extends ManagerBase implements NetworkManager, L

        // If all the dedicated IPs of the owner are in use fetch an IP from the system pool
        if (addrs.size() == 0 && fetchFromDedicatedRange) {
-            if (nonDedicatedVlanDbIds != null && !nonDedicatedVlanDbIds.isEmpty()) {
+            // Verify if account is allowed to acquire IPs from the system
+            boolean useSystemIps = Boolean.parseBoolean(_configServer.getConfigValue(Config.UseSystemPublicIps.key(),
+                    Config.ConfigurationParameterScope.account.toString(), owner.getId()));
+            if(useSystemIps && nonDedicatedVlanDbIds != null && !nonDedicatedVlanDbIds.isEmpty()) {
                fetchFromDedicatedRange = false;
                sc.setParameters("vlanId", nonDedicatedVlanDbIds.toArray());
                errorMessage.append(", vlanId id=" + nonDedicatedVlanDbIds.toArray());
--- a/server/src/com/cloud/network/guru/ExternalGuestNetworkGuru.java
+++ b/server/src/com/cloud/network/guru/ExternalGuestNetworkGuru.java
@ -130,7 +130,8 @@ public class ExternalGuestNetworkGuru extends GuestNetworkGuru {
        // Get a vlan tag
        int vlanTag;
        if (config.getBroadcastUri() == null) {
-            String vnet = _dcDao.allocateVnet(zone.getId(), config.getPhysicalNetworkId(), config.getAccountId(), context.getReservationId());
+            String vnet = _dcDao.allocateVnet(zone.getId(), config.getPhysicalNetworkId(), config.getAccountId(),
+                    context.getReservationId(), canUseSystemGuestVlan(config.getAccountId()));

            try {
                vlanTag = Integer.parseInt(vnet);
--- a/server/src/com/cloud/network/guru/GuestNetworkGuru.java
+++ b/server/src/com/cloud/network/guru/GuestNetworkGuru.java
@ -26,6 +26,7 @@ import javax.ejb.Local;
 import javax.inject.Inject;

 import com.cloud.event.ActionEventUtils;
+import com.cloud.server.ConfigurationServer;
 import com.cloud.utils.Pair;
 import org.apache.log4j.Logger;

@ -98,6 +99,8 @@ public abstract class GuestNetworkGuru extends AdapterBase implements NetworkGur
    IPAddressDao _ipAddressDao;
    @Inject 
    protected PhysicalNetworkDao _physicalNetworkDao;    
+    @Inject
+    ConfigurationServer _configServer;
    Random _rand = new Random(System.currentTimeMillis());

    private static final TrafficType[] _trafficTypes = {TrafficType.Guest};
@ -155,6 +158,11 @@ public abstract class GuestNetworkGuru extends AdapterBase implements NetworkGur
        return _isolationMethods;
    }

+    public boolean canUseSystemGuestVlan(long accountId) {
+        return Boolean.parseBoolean(_configServer.getConfigValue(Config.UseSystemGuestVlans.key(),
+            Config.ConfigurationParameterScope.account.toString(), accountId));
+    }
+
    protected abstract boolean canHandle(NetworkOffering offering, final NetworkType networkType, PhysicalNetwork physicalNetwork);

    @Override
@ -260,7 +268,8 @@ public abstract class GuestNetworkGuru extends AdapterBase implements NetworkGur
    protected void allocateVnet(Network network, NetworkVO implemented, long dcId,
    		long physicalNetworkId, String reservationId) throws InsufficientVirtualNetworkCapcityException {
        if (network.getBroadcastUri() == null) {
-            String vnet = _dcDao.allocateVnet(dcId, physicalNetworkId, network.getAccountId(), reservationId);
+            String vnet = _dcDao.allocateVnet(dcId, physicalNetworkId, network.getAccountId(), reservationId,
+                    canUseSystemGuestVlan(network.getAccountId()));
            if (vnet == null) {
                throw new InsufficientVirtualNetworkCapcityException("Unable to allocate vnet as a " +
                		"part of network " + network + " implement ", DataCenter.class, dcId);
--- a/setup/db/db/schema-410to420.sql
+++ b/setup/db/db/schema-410to420.sql
@ -1854,3 +1854,6 @@ SET foreign_key_checks = 1;
 UPDATE `cloud`.`snapshot_policy` set uuid=id WHERE uuid is NULL;
 #update shared sg enabled network with not null name in Advance Security Group enabled network
 UPDATE `cloud`.`networks` set name='Shared SG enabled network', display_text='Shared SG enabled network' WHERE name IS null AND traffic_type='Guest' AND data_center_id IN (select id from data_center where networktype='Advanced' and is_security_group_enabled=1) AND acl_type='Domain';
+
+INSERT IGNORE INTO `cloud`.`configuration` VALUES ('Advanced', 'DEFAULT', 'management-server', 'use.system.public.ips', 'true', 'If true, when account has dedicated public ip range(s), once the ips dedicated to the account have been consumed ips will be acquired from the system pool');
+INSERT IGNORE INTO `cloud`.`configuration` VALUES ('Advanced', 'DEFAULT', 'management-server', 'use.system.guest.vlans', 'true', 'If true, when account has dedicated guest vlan range(s), once the vlans dedicated to the account have been consumed vlans will be allocated from the system pool');