← Back to team overview

yahoo-eng-team team mailing list archive

  1. yahoo-eng-team team
  2. Mailing list archive
  3. Message #20717

[Bug 1311500] Re: Nova 'os-security-group-default-rules' API does not work with neutron

  Thread PreviousDate PreviousThread Next 
** No longer affects: nova

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/1311500

Title:
  Nova 'os-security-group-default-rules' API does not work with neutron

Status in OpenStack Neutron (virtual network service):
  Confirmed

Bug description:
  Nova APIs 'os-security-group-default-rules' does not work if
  'conf->security_group_api' is 'neutron'.

  I wrote the test cases for above Nova APIs
  (https://review.openstack.org/#/c/87924) and it fails in gate neutron
  tests.

  I further investigated this issue and found that in
  'nova/api/openstack/compute/contrib/security_group_default_rules.py',
  'security_group_api' is set according to  'conf->security_group_api'
  (https://github.com/openstack/nova/blob/master/nova/api/openstack/compute/contrib/security_group_default_rules.py#L107).

  If 'conf->security_group_api' is 'nova' then,
  'NativeNovaSecurityGroupAPI(NativeSecurityGroupExceptions,
  compute_api.SecurityGroupAPI)' is being used in this API and no issue
  here. It works fine.

  If 'conf->security_group_api' is 'neutron' then,
  'NativeNeutronSecurityGroupAPI(NativeSecurityGroupExceptions,
  neutron_driver.SecurityGroupAPI)' is being used in this API and
  'neutron_driver.SecurityGroupAPI'
  (https://github.com/openstack/nova/blob/master/nova/network/security_group/neutron_driver.py#L48)
  does not have any of the  function which are being called from this
  API class. So gives AttributeError
  (http://logs.openstack.org/24/87924/2/check/check-tempest-dsvm-
  neutron-full/7951abf/logs/screen-n-api.txt.gz).

  Traceback -
  .
  .
  2014-04-21 00:44:22.430 10186 TRACE nova.api.openstack   File "/opt/stack/new/nova/nova/api/openstack/compute/contrib/security_group_default_rules.py", line 130, in create
  2014-04-21 00:44:22.430 10186 TRACE nova.api.openstack     if self.security_group_api.default_rule_exists(context, values):
  2014-04-21 00:44:22.430 10186 TRACE nova.api.openstack AttributeError: 'NativeNeutronSecurityGroupAPI' object has no attribute 'default_rule_exists'

  I think this API is only for Nova-network as currently there is no
  such feature exist in neutron. So this API should always use the nova
  network security group driver
  (https://github.com/openstack/nova/blob/master/nova/api/openstack/compute/contrib/security_groups.py#L669).

To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/1311500/+subscriptions

References

  Thread PreviousDate PreviousThread Next