yahoo-eng-team team mailing list archive

[Jerry Zhao <xyzjerry@xxxxxxxxx>]

wait. sorry, my bad.
as a matter of fact, i was in the demo project view by default when logged in dashboard as admin. then i expanded the drop down list of projects and switch to admin, the security group was listed correctly.

** Changed in: neutron
       Status: New => Invalid

** Changed in: nova
       Status: Incomplete => Invalid

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/1400583

Title:
  default security group in admin tenant doesn't take effect on vm if
  there are default sec-groups in other tenants

Status in OpenStack Neutron (virtual network service):
  Invalid
Status in OpenStack Compute (Nova):
  Invalid

Bug description:
  Steps to produce the bug:
  1. add multiple tenants besides admin.
  2. use neutron security-group-list in the non-admin tenant
  3. add security group rule like enabling icmp to default security group of admin tenant on dashboard.
  4. nova boot a vm in admin tenant.

  5.The vm under admin tenant couldn't receive icmp request so it is not
  pingable.

  6.on dashboard, in the details of that vm, there was no rule enabling
  ICMP.

  7. add icmp rule to other security groups named default in other tenants.
  8. the details of that vm will show there is an ICMP rule and the vm can be ping-ed.

  I figured that since there are other sec-groups named default, which
  are also visible to admin tenant, when nova boot a vm, the default
  sec-group for other tenant might have been applied to the vm launched
  in admin tenant.

To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/1400583/+subscriptions