← Back to team overview

yahoo-eng-team team mailing list archive

[Bug 1384347] Re: Couldn't run instance with existing port when default security group is absent

 

yes it is, I have found  your said that we can't delete the defualt
group, thus we should change it to "invalid".

** Changed in: nova
       Status: Confirmed => Invalid

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Compute (nova).
https://bugs.launchpad.net/bugs/1384347

Title:
  Couldn't run instance with existing port when default security group
  is absent

Status in OpenStack Compute (Nova):
  Invalid

Bug description:
  If default security group in tenant is deleted (admin has appropriate
  permissions) then launching an instance with Neutron port fails at
  allocate network resources stage:

  ERROR nova.compute.manager [-] Instance failed network setup after 1 attempt(s)
  TRACE nova.compute.manager Traceback (most recent call last):
  TRACE nova.compute.manager   File "/opt/stack/nova/nova/compute/manager.py", line 1528, in _allocate_network_async
  TRACE nova.compute.manager     dhcp_options=dhcp_options)
  TRACE nova.compute.manager   File "/opt/stack/nova/nova/network/neutronv2/api.py", line 294, in allocate_for_instance
  TRACE nova.compute.manager     security_group_id=security_group)
  TRACE nova.compute.manager SecurityGroupNotFound: Security group default not found.

  Steps to reproduce:
  0. Delete the default security group with admin account.
  1. Create custom security group
  2. Create a network and a subnet
  3. Create a port in the subnet with the custom security group
  4. Launch an instance with the port (and don't specify any security group)

  Launch command is accepted successfully, but 'nova show' command
  returns the instance in error state.

To manage notifications about this bug go to:
https://bugs.launchpad.net/nova/+bug/1384347/+subscriptions


References