| Thread Previous • Date Previous • Date Next • Thread Next |
The code is checking that the security groups extension is enabled, not
that the port has no security gruoups.
** Changed in: neutron
Status: In Progress => Invalid
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/1259268
Title:
Refresh firewall is called for ports w/o sgs on linuxbridge agent
Status in OpenStack Neutron (virtual network service):
Invalid
Bug description:
The logs on the network node with the linuxbridge agent are full of
these:
INFO neutron.agent.securitygroups_rpc [-] Security group member updated [u'af9b1c3b-0cd5-4f86-96f6-4664c8eeb1df']
INFO neutron.agent.securitygroups_rpc [-] Preparing filters for devices set([u'tapfeae76c3-84'])
INFO neutron.agent.securitygroups_rpc [-] Provider rule updated
INFO neutron.agent.securitygroups_rpc [-] Refresh firewall rules
INFO neutron.agent.securitygroups_rpc [-] No ports here to refresh firewall
The refresh should not be called for ports without security groups, like dhcp and router ports. It would seem that was the intent here:
def port_update(...)
...
if 'security_groups' in port:
self.sg_agent.refresh_firewall()
...
but it checks that the key 'security_groups' exists which is always
true. It should check that this key's value is not an empty list.
To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/1259268/+subscriptions
| Thread Previous • Date Previous • Date Next • Thread Next |
