yahoo-eng-team team mailing list archive

[shihanzhang <shihanzhang@xxxxxxxxxx>]

Public bug reported:

if a security group A has a rule that allow security group B access, the
member of  security group B is empty, then I delete this rule which
allow security group B access, I find that the ipset set in compute node
does not be destroyed.

reproduce steps:
1. create security group A and B
2. create a rule for A that allow security group B access
3. create a VM in create security group A
4. delete this rule which allow security group B access

I find the ipset set in compute node does not be destroyed.

** Affects: neutron
     Importance: Undecided
     Assignee: shihanzhang (shihanzhang)
         Status: New

** Changed in: neutron
     Assignee: (unassigned) => shihanzhang (shihanzhang)

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/1463331

Title:
  ipset set can't be destroyed if  related security group member is
  empty

Status in OpenStack Neutron (virtual network service):
  New

Bug description:
  if a security group A has a rule that allow security group B access,
  the member of  security group B is empty, then I delete this rule
  which  allow security group B access, I find that the ipset set in
  compute node does not be destroyed.

  reproduce steps:
  1. create security group A and B
  2. create a rule for A that allow security group B access
  3. create a VM in create security group A
  4. delete this rule which allow security group B access

  I find the ipset set in compute node does not be destroyed.

To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/1463331/+subscriptions