yahoo-eng-team team mailing list archive

[Mathieu Gagné <1262678@xxxxxxxxxxxxxxxxxx>]

** Also affects: puppet-neutron/havana
   Importance: Undecided
       Status: New

** Changed in: puppet-neutron
    Milestone: 3.0.0 => None

** Changed in: puppet-neutron/havana
    Milestone: None => 3.0.0

** Changed in: puppet-neutron/havana
   Importance: Undecided => High

** Changed in: puppet-neutron/havana
       Status: New => Fix Committed

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/1262678

Title:
  Missing firewall_driver with ml2 breaks neutron securitygroups API

Status in OpenStack Neutron (virtual network service):
  Fix Committed
Status in OpenStack Manuals:
  Fix Released
Status in Puppet module for Neutron:
  Fix Committed
Status in puppet-neutron havana series:
  Fix Committed

Bug description:
  When using nova 'security_group_api=neutron' and neutron
  'core_plugin=neutron.plugins.ml2.plugin.Ml2Plugin' with the 'vlan'
  type_driver/tenant_network_type, no securitygroup/firewall_driver is
  set in /etc/neutron/plugins.ini (which is symlinked to
  /etc/neutron/plugins/ml2/ml2_conf.ini).  This causes the 'neutron
  security-group-list' command to return 404 Not Found.

  Adding these two lines to ml2_conf.ini and restarting neutron-server
  causes the 'neutron security-group-list' command to function properly:

  [securitygroup]
  firewall_driver=neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver

  I have NOT confirmed full functionality (firewall operation) with this
  change -- I've only tested that the API now exists.

  Environment: Using RDO Havana on CentOS 6.5 with very recent patches.
  nova-api and neutron-server on the same machine, deployed entirely via
  puppet.

To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/1262678/+subscriptions