Bug Reference

CLOUDSTACK-704

Branch

master, 4.2.0

Introduction

Purpose

In CloudStack today, there is no way to dedicate a set of Vlans on a per tenant basis. Admins can only define a range of Vlans during Zone creation and extend this range during zone updation.

This feature is to allow admins to dedicate (reserve) Vlans on a per tenant basis.

S.No.

Date

Remarks

1

Jan 24, 2013

First draft of the FS

2

April 15, 2013

Updated the FS to incorporate the changes introduced by feature 'Non contiguous vlan ranges'

Feature Specifications

  • Dedication of guest Vlan range
    • Admim should be allowed dedicate guest vlan ranges to an account
    • While dedicating a guest Vlan range
      • If the range overlaps with any of the existing dedicated range then extend the existing dedicated range
      • Otherwise add it as a new dedicated guest Vlan range
    • If the range doesn’t exist in the system then the request should fail
    • If any of the vlan in the range is in use by a network that belongs to a different account then the request should fail
  • Releasing guest Vlan range
    • Admin should be allowed to release a dedicated guest vlan range that is dedicated to an account back to the system pool
    • If the range is not dedicated to an account then the request should fail
    • Even If one/more of the Vlans belonging to the range is in use by a network the range should be released back to the system pool
      •  The vlans that are in use should continue to be in use by the network
  • List dedicated guest Vlan ranges
    • All vlan ranges that are dedicated should be listed
  • Deletion of guest Vlan range
    • If the range being deleted overlaps with a dedicated range then the request should fail
  • Physical network creation
    • Guest Vlan range that is specified should be dedicated to the system account by default
  • Network implementation
    • If the network belongs to an account that has a dedicated range of Vlans then a Vlan from the account's dedicated range should be allocated to the network
      • If an account uses up all of its dedicated Vlan’s the next network being created for the account should be assigned a Vlan that belongs to the system pool
    • Otherwise, a Vlan should be allocated from the free pool i.e. Vlan range belonging to the zone
  • Network creation
    • If a Vlan id is specified and if this id belongs to a dedicated Vlan range of an account (not the owner of this network) then the creation should fail
    • If a Vlan id is specified and if this id belongs to the system pool but the network owner has a range of dedicated range of vlans then the creation should fail
  • Account deletion
    • Guest vlan ranges dedicated to the account should be released back to the free pool 

Use cases

  • Admins would like to reserve a fixed set of VLANs for a tenant. This is for a MSP type of use case

Architecture and Design description

Web Services APIs

New API’s

ApiName

Request parameters

dedicateGuestVlanRange

  • vlanrange (vlan range that is to be dedicated, type - string 'startvlan-endvlan', required - true)
  • account (account the range will be dedicated to, type - string, required - true)
  • domainid (domain Id of the account the rabge is dedicated to, type - uuid, required - true)
  • physicalNetworkid (Id of the physical network that contains the range, type-uuid, required-true)

listDedicatedGuestVlanRanges

  • id (id of the listed dedicated guest vlan ranges, type - uuid, required - false)

releaseDedicatedGuestVlanRange

  • id (id of the vlan range that is to be released, type - uuid, required - true)

The above API's are available only to the ROOT Admin

UI flow

TBD

  • Under Infrastructure -> Zones -> <zone> -> Physical Network -> Guest -> Details add a row called ‘VLAN Owner’ after VLAN
    • The value of this property is – the value of the response element ‘vlanowner’ when ListPhysicalNetworks API is called
    • Make this row editable during Physical network updation   - With Multiple non-contiguous VLAN this is no longer valid

DB

Add new table called ‘account_vnet_map’  

Parameter name

Description

id

primary key

vnet_range

dedicated guest vlan range

account_id

account the vlan range is dedicated to

Modify table 'op_dc_vnet_alloc' to add a new column

Parameter name

Description

account_vnet_map_id

id, foreign key to table account_vnet_map

Global config

use.system.guest.vlans

A new global config use.system.guest.vlans

  • To allow root admin to disallow any account from acquiring guest VLANs from the system if the account has dedicated guest VLANs and these dedicated guest VLANs have all been consumed. 
  • Will be configurable at the account level too.
  • Default value is true.

Upgrade

In an upgraded setup, all existing Guest Vlan ranges will have the default account owner as system

Open Issues

  • Effects of the new feature 'Multiple non-contiguous VLAN' on this this feature – Updated the FS taking into account the changes introduced by this feature

Usage

No changes

  • No labels