← Back to team overview

yahoo-eng-team team mailing list archive

[Bug 1322173] [NEW] nova boot with explicitly defined security groups doesn't apply proper groups

 

Public bug reported:

Steps to reproduce:

$ nova boot --flavor 2 --image $image_id --nic port-id=$port_id --security-groups onlyssh --poll ihor-test-01 | grep security_groups
| security_groups                      | onlyssh                                                    |

$ nova show ihor-test-01 | grep security_groups
| security_groups                      | default                                                    |

I tried using both name and id of a security group, none of approaches
work.

Expected behavior:

The security group list is persisted and applied.

Actual behavior:

The security group list is neither persisted nor applied.

Environment:

* CentOS 6.5
* OpenStack havana
* /etc/neutron/l3_agent.ini:
[DEFAULT]
interface_driver = neutron.agent.linux.interface.OVSInterfaceDriver
ovs_use_veth = True
use_namespaces = True
handle_internal_only_routers = False
external_network_bridge =
* /etc/neutron/plugins/openvswitch/ovs_neutron_plugin.ini
[ovs]
tenant_network_type = vlan
network_vlan_ranges = physnet1:1000:2000
tunnel_id_ranges =
integration_bridge = br-int
bridge_mappings = physnet1:br-vlan
[agent]
[securitygroup]
firewall_driver = neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver

** Affects: nova
     Importance: Undecided
         Status: New


** Tags: network security

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Compute (nova).
https://bugs.launchpad.net/bugs/1322173

Title:
  nova boot with explicitly defined security groups doesn't apply proper
  groups

Status in OpenStack Compute (Nova):
  New

Bug description:
  Steps to reproduce:

  $ nova boot --flavor 2 --image $image_id --nic port-id=$port_id --security-groups onlyssh --poll ihor-test-01 | grep security_groups
  | security_groups                      | onlyssh                                                    |

  $ nova show ihor-test-01 | grep security_groups
  | security_groups                      | default                                                    |

  I tried using both name and id of a security group, none of approaches
  work.

  Expected behavior:

  The security group list is persisted and applied.

  Actual behavior:

  The security group list is neither persisted nor applied.

  Environment:

  * CentOS 6.5
  * OpenStack havana
  * /etc/neutron/l3_agent.ini:
  [DEFAULT]
  interface_driver = neutron.agent.linux.interface.OVSInterfaceDriver
  ovs_use_veth = True
  use_namespaces = True
  handle_internal_only_routers = False
  external_network_bridge =
  * /etc/neutron/plugins/openvswitch/ovs_neutron_plugin.ini
  [ovs]
  tenant_network_type = vlan
  network_vlan_ranges = physnet1:1000:2000
  tunnel_id_ranges =
  integration_bridge = br-int
  bridge_mappings = physnet1:br-vlan
  [agent]
  [securitygroup]
  firewall_driver = neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver

To manage notifications about this bug go to:
https://bugs.launchpad.net/nova/+bug/1322173/+subscriptions


Follow ups

References