yahoo-eng-team team mailing list archive

Thread
Date

[Bug 1252410] Re: SecurityGroup exception when there are no subnets

To: yahoo-eng-team@xxxxxxxxxxxxxxxxxxx
From: Armando Migliaccio <1252410@xxxxxxxxxxxxxxxxxx>
Date: Mon, 18 Nov 2013 19:49:30 -0000
Reply-to: Bug 1252410 <1252410@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

As you said, Nova does not have the ability to disable security groups
for an instance. From the code that raises the fault, it looks like this
is by design. Furthermore I don't think this is a Neutron bug.


** Changed in: neutron
       Status: New => Invalid

** Changed in: nova
       Status: New => Confirmed

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/1252410

Title:
  SecurityGroup exception when there are no subnets

Status in OpenStack Neutron (virtual network service):
  Invalid
Status in OpenStack Compute (Nova):
  Confirmed

Bug description:
  When booting an instance with a network that has no defined subnets
  (i.e. you want the instance to have a network interface but not to
  have the address range managed by neutron), the nova/neutron
  integration code throws a SecurityGroupCannotBeApplied exception. At
  the moment, nova does not have the ability to indicate that no
  SecurityGroup is required (omitting it results in the default group
  being assumed).

  To reproduce:

  1. create a network -- do not create a subnet!
  2. boot a vm a-la "nova boot --image foo --nic net-id=[uuid for aforementioned network] foovm"

  Result: 
  VM fails to boot, enters ERROR state

To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/1252410/+subscriptions