yahoo-eng-team team mailing list archive

Thread
Date

[Bug 1296953] Re: --disable-snat on tenant router raises 404

To: yahoo-eng-team@xxxxxxxxxxxxxxxxxxx
From: Sridhar Gaddam <sridhar.gaddam@xxxxxxxxxxxx>
Date: Fri, 25 Apr 2014 07:52:26 -0000
Reply-to: Bug 1296953 <1296953@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

** Changed in: neutron
       Status: In Progress => Opinion

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/1296953

Title:
  --disable-snat on tenant router raises 404

Status in OpenStack Neutron (virtual network service):
  Opinion

Bug description:
  arosen@arosen-desktop:~/devstack$ neutron router-create aaa
  nCreated a new router:
  +-----------------------+--------------------------------------+
  | Field                 | Value                                |
  +-----------------------+--------------------------------------+
  | admin_state_up        | True                                 |
  | distributed           | False                                |
  | external_gateway_info |                                      |
  | id                    | add4d46b-5036-4a96-af7e-8ceb44f9ab3d |
  | name                  | aaa                                  |
  | routes                |                                      |
  | status                | ACTIVE                               |
  | tenant_id             | 4ec9de7eae7445719e8f67f2f9d78aae     |
  +-----------------------+--------------------------------------+
  arosen@arosen-desktop:~/devstack$ neutron router-gateway-set --disable-snat  aaa public 
  The resource could not be found.

  
  2014-03-24 14:06:12.444 DEBUG neutron.policy [req-19762248-9964-4ad3-9ce9-de68d4cc4e49 demo 4ec9de7eae7445719e8f67f2f9d78aae] Failed policy check for 'update_router' from (pid=7068) enforce /opt/stack/neutron/neutron/policy.py:381
  2014-03-24 14:06:12.444 ERROR neutron.api.v2.resource [req-19762248-9964-4ad3-9ce9-de68d4cc4e49 demo 4ec9de7eae7445719e8f67f2f9d78aae] update failed
  2014-03-24 14:06:12.444 TRACE neutron.api.v2.resource Traceback (most recent call last):
  2014-03-24 14:06:12.444 TRACE neutron.api.v2.resource   File "/opt/stack/neutron/neutron/api/v2/resource.py", line 87, in resource
  2014-03-24 14:06:12.444 TRACE neutron.api.v2.resource     result = method(request=request, **args)
  2014-03-24 14:06:12.444 TRACE neutron.api.v2.resource   File "/opt/stack/neutron/neutron/api/v2/base.py", line 494, in update
  2014-03-24 14:06:12.444 TRACE neutron.api.v2.resource     raise webob.exc.HTTPNotFound(msg)
  2014-03-24 14:06:12.444 TRACE neutron.api.v2.resource HTTPNotFound: The resource could not be found.
  2014-03-24 14:06:12.444 TRACE neutron.api.v2.resource 
  2014-03-24 14:06:12.445 INFO neutron.wsgi [req-19762248-9964-4ad3-9ce9-de68d4cc4e49 demo 4ec9de7eae7445719e8f67f2f9d78aae] 10.24.114.91 - - [24/Mar/2014 14:06:12] "PUT /v2.0/routers/add4d46b-5036-4a96-af7e-8ceb44f9ab3d.json HTTP/1.1" 404 248 0.039626


  In the code we do:

          try:    
              policy.enforce(request.context,                                
                             action,
                             orig_obj)
          except exceptions.PolicyNotAuthorized:
              # To avoid giving away information, pretend that it        
              # doesn't exist                                        
              msg = _('The resource could not be found.')
              raise webob.exc.HTTPNotFound(msg)               
                                            

  it would be nice if we were smarter about this an raise not authorized
  instead of not found.

To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/1296953/+subscriptions

References

[Bug 1296953] [NEW] --disable-snat on tenant router raises 404
From: Aaron Rosen, 2014-03-24