yahoo-eng-team team mailing list archive

[Aaron Rosen <arosen@xxxxxxxxxx>]

** Changed in: quantum
       Status: New => Invalid

** No longer affects: quantum

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to quantum.
https://bugs.launchpad.net/bugs/1176027

Title:
  Quantum Security Group driver doesn't accept none value for from_port
  & to _port

Status in OpenStack Compute (Nova):
  New

Bug description:
  The following command works with the Nova Network security group
  driver but raise a KeyError with a on systems configured with the
  quantum Security group driver

  curl -i https://compute.systest.xxx.net/v2/10112181934012/os-security-
  group-rules -X POST -H "X-Auth-Project-Id: storm_regression" -H "User-
  Agent: python-novaclient" -H "Content-Type: application/json" -H
  "Accept: application/json" -H "X-Auth-Token: xxxxxxxxxx" -d
  '{"security_group_rule": {"from_port": null, "ip_protocol": null,
  "to_port": null, "parent_group_id": "1bb709c9-b758-48a8-a28f-
  944a71c3a3ae", "cidr": null, "group_id": "1bb709c9-b758-48a8-a28f-
  944a71c3a3ae"}}'

  
  In the Nova Network driver values are just inserted into the database, so "from_port":null works fine.

  In the Quantum driver there is a specific check for a -1 value, which
  results in the key error

  network/securtityy_group/quanum_driver.py:
     
  def _make_quantum_security_group_rules_list(self, rules):

  ...

              if rule['from_port'] != -1:
                  new_rule['port_range_min'] = rule['from_port']
              if rule['to_port'] != -1:
                  new_rule['port_range_max'] = rule['to_port']

  
  For compatibility with Nova-network systems the Quantum driver should also accept none values

To manage notifications about this bug go to:
https://bugs.launchpad.net/nova/+bug/1176027/+subscriptions