cloudstack icon indicating copy to clipboard operation
cloudstack copied to clipboard
verified publisher icon apache

Race condition in resource count while associating IP address to a network

Open vishesh92 opened this issue 1 year ago • 2 comments

ISSUE TYPE
  • Bug Report
COMPONENT NAME
Resource Limits Manager for public_ip
CLOUDSTACK VERSION
CONFIGURATION
OS / ENVIRONMENT
SUMMARY

Due to certain race conditions between checking and incrementing of resource counts, the check can be bypassed. This leads to cases where account's allocated resources exceeds the accounts limit.

STEPS TO REPRODUCE
  1. Create an account with public ip limit to 2
  2. Create a network and deploy a VM (This will increase the public_ip count by 1 for the account).
  3. Allocate different IPs to the same network in parallel (around 4-5 requests).

This sometimes leads to allocated resources exceeding the account's limit.
EXPECTED RESULTS
Count of allocated resources  should not exceed the account's limit.
ACTUAL RESULTS

Count of allocated resources exceeded the account's limit.

vishesh92 avatar Jul 29 '24 09:07 vishesh92

@vishesh92 is this new behaivure? what version can you (not) see this in?

DaanHoogland avatar Aug 13 '24 13:08 DaanHoogland

@vishesh92 is this new behaivure? what version can you (not) see this in?

I am not sure.

This is happening because of the race conditions while incrementing the public_ip count. We need to create a CheckedReservation before allocation of the public_ip.

vishesh92 avatar Aug 14 '24 09:08 vishesh92

fixed by #9516

DaanHoogland avatar Sep 19 '24 09:09 DaanHoogland