← Back to team overview

yahoo-eng-team team mailing list archive

  1. yahoo-eng-team team
  2. Mailing list archive
  3. Message #00762

[Bug 1105399] Re: get_security_groups() return security group rules

  Thread PreviousDate PreviousThread Next 
** Changed in: quantum
       Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to quantum.
https://bugs.launchpad.net/bugs/1105399

Title:
  get_security_groups() return security group rules

Status in OpenStack Quantum (virtual network service):
  Fix Released

Bug description:
  In nova get_security_groups() returns the security groups and there
  security group rules.  And the way that the nova python client works
  in order to delete a security group rule it works in the following
  way:

  nova secgroup-remove-rule myserver tcp 22 22 192.168.1.1/24

  On the client it first does a get security-groups, and returns the
  client the list of security groups and all of their rules. Then it
  searches through that list for the group that matches
  name='myservers'; next it finds the rule in that group that match,
  "tcp 22 22 192.168.1.1/24" then issues a delete on that id.  In order
  to implement this nova security group quantum proxy when a nova
  security-group-list call is made I need to return all the security
  groups and their rules.

  There are 4) options in which this can be solved (in my opinion):
  1) Make the quantum proxy running on nova-api make multiple request to get the security group rules for each security group. (This can end up being a lot of requets...).
  2) Add another method to quantum i.e: get_security_group_groups_and_rules() -- kinda clunky imo. 
  3) change the nova security group api so that it has a list-security-group-rules in order to delete the rule and update the client. (probably not ideal). 

  4) make quantums get_security_groups() also return the security group
  rules as well. In my opinion this is the approach we should take and
  that's what the patch i uploaded does.

  If anyone feels strongly on this or has other ideas i'm very happy to
  hear them.

To manage notifications about this bug go to:
https://bugs.launchpad.net/quantum/+bug/1105399/+subscriptions
  Thread PreviousDate PreviousThread Next