yahoo-eng-team team mailing list archive
-
yahoo-eng-team team
-
Mailing list archive
-
Message #09766
[Bug 1252806] Re: unable to add allow all ingress traffic security group rule
** Changed in: neutron/havana
Status: Fix Committed => Fix Released
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/1252806
Title:
unable to add allow all ingress traffic security group rule
Status in OpenStack Neutron (virtual network service):
Fix Released
Status in neutron havana series:
Fix Released
Bug description:
The following rule is unable to be installed:
$ neutron security-group-rule-create --direction ingress default
409-{u'NeutronError': {u'message': u'Security group rule already exists. Group id is 29dc1837-75d3-457a-8a90-14f4b6ea6db9.', u'type': u'SecurityGroupRuleExists', u'detail': u''}}
The reason for this is when the db query is done it passes this in as a filter:
{'tenant_id': [u'577a2f0c78fb4e36b76902977a5c1708'], 'direction':
[u'ingress'], 'ethertype': ['IPv4'], 'security_group_id':
[u'0fb10163-81b2-4538-bd11-dbbd3878db51']}
and the remote_group_id is wild carded thus it matches this rule:
[ {'direction': u'ingress',
'ethertype': u'IPv4',
'id': u'8d5c3429-f4ef-4258-8140-5ff3247f9dd6',
'port_range_max': None,
'port_range_min': None,
'protocol': None,
'remote_group_id': None,
'remote_ip_prefix': None,
'security_group_id': u'0fb10163-81b2-4538-bd11-dbbd3878db51',
'tenant_id': u'577a2f0c78fb4e36b76902977a5c1708'}]
To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/1252806/+subscriptions