cloudstack icon indicating copy to clipboard operation
cloudstack copied to clipboard

Published 20 hours ago verified publisher icon apache

Provide the option of disabling/Enabling Shared/Isolated/L2 networks,

Open kiranchavala opened this issue 1 year ago • 7 comments

ISSUE TYPE

Enhancement/Improvement Request /Bug

COMPONENT NAME

Component: API/ UI

CLOUDSTACK VERSION

Cloudstack version 4.18,

SUMMARY

Provide the option of disabling/Enabling Shared/Isolated/L2 networks,

Steps to reproduce the issue

  1. Create a Shared network

  2. Click on edit network

displaynetwork

  1. Currently, the only option is to use the updateNetwork api call and update the parameter "displaynetwork" or perform the action from UI

https://cloudstack.apache.org/api/apidocs-4.18/apis/updateNetwork.html

  1. But once the network is displaynetwork is set to true, there is no option to enable it back from UI

Bug part

  1. Also listNetwork api call doesn't list the networks where displaynetwork is set even when the listall parameter is passeed

https://cloudstack.apache.org/api/apidocs-4.18/apis/listNetworks.html

list networks filter=name,displaynetwork, listall=true

Expected behavior

It would be great, if we can add enable/disable network option or provide an option to disable the display network, in the UI

or show some sort of filter column in the Ui for the list network page.

Currently the admin user has update the database or execute the api call to display the network back again

kiranchavala avatar Jan 04 '24 11:01 kiranchavala

@alexandremattioli can you comment @kiranchavala I see some discrepancies in your description, though I think there is some merit to this issue. Can you check and improve it?

DaanHoogland avatar Jan 22 '24 13:01 DaanHoogland

display or not-display, not enable/disable, right ?

weizhouapache avatar Jan 22 '24 13:01 weizhouapache

yes @weizhouapache ,

to allow to undo the on-display flag, we must display it, so an exemption to the non-display directive must be defined to do that. A trivial solution is the non-display networks are visible to admins, but then again they would have to not see them during deploy... I think this is overcomplicated for what we are trying to achieve for the user.

DaanHoogland avatar Jan 23 '24 07:01 DaanHoogland

yes @weizhouapache ,

to allow to undo the on-display flag, we must display it, so an exemption to the non-display directive must be defined to do that. A trivial solution is the non-display networks are visible to admins, but then again they would have to not see them during deploy... I think this is overcomplicated for what we are trying to achieve for the user.

yes we could add a switch button next to the "Projects". this is only for root admins, and applies on other resources (volumes, vm, etc) as well. for the non-display networks, since they are not displayed, they should not be in the list of networks in vm deployment.

weizhouapache avatar Jan 23 '24 07:01 weizhouapache

@kiranchavala I'm struggling to see the use case. Is the idea to disable a network so no new VMs can use it?

alexandremattioli avatar Feb 02 '24 10:02 alexandremattioli

@alexandremattioli @DaanHoogland @weizhouapache

From the Ui point of view

As an admin user from the UI if I can disable "Display network" for a particular network. The admin user must also have the option to enable the "Display network" back.

The bug related to the issue is

Steps to reproduce the bug.

  1. Create a isolated network

cmk > create network name=test networkofferingid=1f106372-654f-40ab-abe4-c0258e1b51f1 zoneid=412fd1ab-8341-4fef-9d94-c178fd816613

  1. Execute list networks

cmk> list networks name=test

The output is displayed correctly

  1. Update the network to disable the "Display network"

cmk >update network displaynetwork=false id=9ba79732-9e85-4f21-8af0-c930cece8010

  1. Execute the list network api call again

cmk > list networks name=test cmk > list networks listall=true

No response

  1. Create a new network say test2

cmk > create network name=test2 networkofferingid=1f106372-654f-40ab-abe4-c0258e1b51f1 zoneid=412fd1ab-8341-4fef-9d94-c178fd816613

  1. Execute the list network api call again name as test

cmk > list networks name=test

The api response displays that of test2 network which is incorrect


{
  "count": 1,
  "network": [
    {
      "account": "admin",
      "acltype": "Account",
      "broadcastdomaintype": "Vlan",
      "canusefordeploy": true,
      "cidr": "10.1.1.0/24",
      "created": "2024-02-09T10:08:33+0000",
      "details": {},
      "displaynetwork": true,
      "displaytext": "kiranisoaltednet2",
      "dns1": "10.0.32.1",
      "dns2": "8.8.8.8",
      "domain": "ROOT",
      "domainid": "6bd03bc7-c649-11ee-a7b4-1e006b0003e2",
      "egressdefaultpolicy": false,
      "gateway": "10.1.1.1",
      "hasannotations": false,
      "id": "abd4fd9c-7e9b-4662-b413-df55d0c76921",
      "ispersistent": false,
      "issystem": false,
      "name": "test2",

kiranchavala avatar Feb 09 '24 10:02 kiranchavala

@kiranchavala and others If I'm understanding it right I guess we are mixing listall functionality with displaynetwork functionality. displaynetwork param description says an optional field, whether to the display the network to the end user or not. It is an admin only parameter to allow making network not viewable to the end user.

Later admin can list such networks using API, passing the same network:

> list networks displaynetwork=false filter=name,displaynetwork,
{
  "count": 1,
  "network": [
    {
      "displaynetwork": false,
      "name": "hidden-nw"
    }
  ]
}

Also, Kiran there is no param name in listNetworks API.

IMO, list* apis should list all resources for root admins irrespective of the value of displaynetwork, displayvm, displayvolume fields but we have prevented that for all types of accounts for a long, https://github.com/apache/cloudstack/commit/bbf5a912c61c42587f4403ea6f64301d421d3204

shwstppr avatar May 09 '24 07:05 shwstppr