openstack team mailing list archive

Thread
Date

Re: Unable to add multiple rules per security group (using euca)

To: David McNally <dave.mcnally@xxxxxx>
From: Vishvananda Ishaya <vishvananda@xxxxxxxxx>
Date: Mon, 7 Nov 2011 07:28:50 -0800
Cc: openstack@xxxxxxxxxxxxxxxxxxx
In-reply-to: <4EB7EB71.30508@hp.com>

This is a bug.  It is residual from previous code where source groups didn't allow specific protocols to be specified.  I think there may be a bug already, but if not, can you please file one?  If you see where it is happening in the code a patch would also be appreciated.

Vish

On Nov 7, 2011, at 6:30 AM, David McNally wrote:

> Hi,
> 
> We've run into an issue where we can add only a single rule per source-group to a security group. e.g:
> 
> euca-authorize --protocol icmp -t -1:-1 --source-group groupB groupA 
> 
> will add a security rule as expected but if we cannot add a second rule to groupA with groupB as the source e.g.:
> 
> euca-authorize --protocol tcp --port-range 22 --source-group groupB groupA 
> ApiError: This rule already exists in group ert2
> 
> I can see where this is happening in the code and I was wondering if this behavior is by design or if it is intended to change in a future release?
> 
> Thanks,
> 
> Dave
> _______________________________________________
> Mailing list: https://launchpad.net/~openstack
> Post to     : openstack@xxxxxxxxxxxxxxxxxxx
> Unsubscribe : https://launchpad.net/~openstack
> More help   : https://help.launchpad.net/ListHelp

Follow ups

Re: Unable to add multiple rules per security group (using euca)
From: David McNally, 2011-11-07

References

Unable to add multiple rules per security group (using euca)
From: David McNally, 2011-11-07