You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@cloudstack.apache.org by "Kiran Koneti (JIRA)" <ji...@apache.org> on 2013/06/19 11:00:24 UTC
[jira] [Created] (CLOUDSTACK-3064) Able to create VM from different
account of the same domain without using Affinity group even the Zone is
dedicated to an Account.
Kiran Koneti created CLOUDSTACK-3064:
----------------------------------------
Summary: Able to create VM from different account of the same domain without using Affinity group even the Zone is dedicated to an Account.
Key: CLOUDSTACK-3064
URL: https://issues.apache.org/jira/browse/CLOUDSTACK-3064
Project: CloudStack
Issue Type: Bug
Security Level: Public (Anyone can view this level - this is the default.)
Components: Install and Setup
Affects Versions: 4.2.0
Reporter: Kiran Koneti
Priority: Critical
Fix For: 4.2.0
Below are the Steps followed.
1)Installed the CS and created multiple domains and accounts.
2)Under the Domain Kiran I have two users kiran1(domain Admin) and kiran2(normal user)
3)While creating a Zone in the initial steps dedicated the Zone to kiran1 account.
4)After the zone is created I tried to create aVM from the root domain user admin without using the affinity and with using the affinity group.
5)In both the scenarios the Vm creation failed with the correct error message.
6)Then I logged in using the account kiran2 under the domain Kiran.
7) I was able to create a the VM successfully using the account kiran2.
Expected Result:
The VM creation should be failed as the Zone is dedicated to the Account Kiran.
The db table observations are as below:
The user details of the account kiran2 is as follows
mysql> select * from user where id=4\G;
*************************** 1. row ***************************
id: 4
uuid: d3af9081-bc4a-4da7-9fb1-c7672cf99522
username: kiran2
password: JSdBejexsnWkFaQF82rBk0V65tQ=:jAin6YPIi3UQQfs6+EjtW/y7Hcj6giGCWsG/2Aie5OA=
account_id: 4
firstname: kiran
lastname: 2
email: kirank@gmail.com
state: enabled
api_key: NULL
secret_key: NULL
created: 2013-06-19 11:30:22
removed: NULL
timezone: NULL
registration_token: NULL
is_registered: 0
incorrect_login_attempts: 0
default: 0
1 row in set (0.00 sec)
This Specifies that the account id of kiran2 is 4.
The dedicated resources table is as below:
mysql> select * from dedicated_resources;
+----+--------------------------------------+----------------+--------+------------+---------+-----------+------------+
| id | uuid | data_center_id | pod_id | cluster_id | host_id | domain_id | account_id |
+----+--------------------------------------+----------------+--------+------------+---------+-----------+------------+
| 1 | f0fa47dd-c11f-4d3d-a1a1-ae49c4e849bd | 1 | NULL | NULL | NULL | 2 | 3 |
+----+--------------------------------------+----------------+--------+------------+---------+-----------+------------+
1 row in set (0.00 sec)
We can see the Zone is dedicated to the account 3 which is kiran1.
The VM_instance table is as below:
mysql> select * from vm_instance where id=5\G;
*************************** 1. row ***************************
id: 5
name: kiran21
uuid: 64c67210-10f9-4ee1-b79f-04e3e89c9062
instance_name: i-4-5-VM
state: Running
vm_template_id: 202
guest_os_id: 12
private_mac_address: 02:00:03:20:00:01
private_ip_address: 10.1.1.121
pod_id: 1
data_center_id: 1
host_id: 1
last_host_id: 1
proxy_id: NULL
proxy_assign_time: NULL
vnc_password: VIW4Bj9v/CMIgW9rkduIN0Pgp8Umij0KMZt61u+RjPo=
ha_enabled: 0
limit_cpu_use: 0
update_count: 3
update_time: 2013-06-19 12:32:51
created: 2013-06-19 12:20:49
removed: NULL
type: User
vm_type: User
account_id: 4
domain_id: 2
service_offering_id: 1
reservation_id: 3b3a4444-23d7-4aab-82a5-8311d123098d
hypervisor_type: VMware
disk_offering_id: NULL
cpu: NULL
ram: NULL
owner: 4
speed: 500
host_name: kiran21
display_name: kiran21
desired_state: NULL
display_vm: 1
1 row in set (0.00 sec)
We can See the VM is created using the account_type is 4 which is kiran2.
The affinity group table is as below:
mysql> select * from affinity_group;
+----+------+--------------------+--------------------------------------+-------------+-----------+------------+
| id | name | type | uuid | description | domain_id | account_id |
+----+------+--------------------+--------------------------------------+-------------+-----------+------------+
| 1 | Eff1 | ExplicitDedication | 24af64b3-18ac-46c8-8111-55e26093153a | NULL | 1 | 2 |
+----+------+--------------------+--------------------------------------+-------------+-----------+------------+
1 row in set (0.00 sec)
We can see that there is no affinity group created for the account 4(kiran2) or account3(kiran1)
My setup details:
I have a single Zone-->Pod-->Cluster-->Host setup which is dedicated to the account3(kiran1).
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira