yahoo-eng-team team mailing list archive
-
yahoo-eng-team team
-
Mailing list archive
-
Message #46077
[Bug 1544028] [NEW] Cannot boot an instance on a Neutron network with network which has port-security disabled
Public bug reported:
Nova raises an error SecurityGroupCannotBeApplied when running the
following steps:
1. neutron net-create MyNet port-security-enabled False
2. neutron subnet-create MyNet
3. neutron port-create MyNet --no-security-groups #
4. nova boot ... --nic port-id=<port-id from step 3> Ins1
Nova compute raises the exception below, however, it is expected that
the instance will boot with no issues.
ERROR nova.compute.manager [req-b25820f4-4210-4c57-acd2-4e3665186d75 admin demo] Instance failed network setup after 1 attempt(s)
ERROR nova.compute.manager Traceback (most recent call last):
ERROR nova.compute.manager File "/opt/stack/nova/nova/compute/manager.py", line 1564, in _allocate_network_async
ERROR nova.compute.manager bind_host_id=bind_host_id)
ERROR nova.compute.manager File "/opt/stack/nova/nova/network/neutronv2/api.py", line 621, in allocate_for_instance
ERROR nova.compute.manager raise exception.SecurityGroupCannotBeApplied()
ERROR nova.compute.manager SecurityGroupCannotBeApplied: Network requires port_security_enabled and subnet associated in order to apply security groups.
ERROR nova.compute.manager
ERROR nova.compute.manager [req-b25820f4-4210-4c57-acd2-4e3665186d75 admin demo] [instance: dd397c99-d77c-4aa4-9305-9cdcfcbdd86d] Instance failed to spawn
ERROR nova.compute.manager [instance: dd397c99-d77c-4aa4-9305-9cdcfcbdd86d] Traceback (most recent call last):
ERROR nova.compute.manager [instance: dd397c99-d77c-4aa4-9305-9cdcfcbdd86d] File "/opt/stack/nova/nova/compute/manager.py", line 2178, in _build_resources
ERROR nova.compute.manager [instance: dd397c99-d77c-4aa4-9305-9cdcfcbdd86d] yield resources
ERROR nova.compute.manager [instance: dd397c99-d77c-4aa4-9305-9cdcfcbdd86d] File "/opt/stack/nova/nova/compute/manager.py", line 2024, in _build_and_run_instance
ERROR nova.compute.manager [instance: dd397c99-d77c-4aa4-9305-9cdcfcbdd86d] block_device_info=block_device_info)
ERROR nova.compute.manager [instance: dd397c99-d77c-4aa4-9305-9cdcfcbdd86d] File "/opt/stack/nova/nova/virt/vmwareapi/driver.py", line 381, in spawn
ERROR nova.compute.manager [instance: dd397c99-d77c-4aa4-9305-9cdcfcbdd86d] admin_password, network_info, block_device_info)
ERROR nova.compute.manager [instance: dd397c99-d77c-4aa4-9305-9cdcfcbdd86d] File "/opt/stack/nova/nova/virt/vmwareapi/vmops.py", line 724, in spawn
ERROR nova.compute.manager [instance: dd397c99-d77c-4aa4-9305-9cdcfcbdd86d] metadata)
ERROR nova.compute.manager [instance: dd397c99-d77c-4aa4-9305-9cdcfcbdd86d] File "/opt/stack/nova/nova/virt/vmwareapi/vmops.py", line 304, in build_virtual_machine
ERROR nova.compute.manager [instance: dd397c99-d77c-4aa4-9305-9cdcfcbdd86d] network_info)
ERROR nova.compute.manager [instance: dd397c99-d77c-4aa4-9305-9cdcfcbdd86d] File "/opt/stack/nova/nova/virt/vmwareapi/vif.py", line 171, in get_vif_info
ERROR nova.compute.manager [instance: dd397c99-d77c-4aa4-9305-9cdcfcbdd86d] for vif in network_info:
ERROR nova.compute.manager [instance: dd397c99-d77c-4aa4-9305-9cdcfcbdd86d] File "/opt/stack/nova/nova/network/model.py", line 519, in __iter__
ERROR nova.compute.manager [instance: dd397c99-d77c-4aa4-9305-9cdcfcbdd86d] return self._sync_wrapper(fn, *args, **kwargs)
ERROR nova.compute.manager [instance: dd397c99-d77c-4aa4-9305-9cdcfcbdd86d] File "/opt/stack/nova/nova/network/model.py", line 510, in _sync_wrapper
ERROR nova.compute.manager [instance: dd397c99-d77c-4aa4-9305-9cdcfcbdd86d] self.wait()
ERROR nova.compute.manager [instance: dd397c99-d77c-4aa4-9305-9cdcfcbdd86d] File "/opt/stack/nova/nova/network/model.py", line 542, in wait
ERROR nova.compute.manager [instance: dd397c99-d77c-4aa4-9305-9cdcfcbdd86d] self[:] = self._gt.wait()
ERROR nova.compute.manager [instance: dd397c99-d77c-4aa4-9305-9cdcfcbdd86d] File "/usr/local/lib/python2.7/dist-packages/eventlet/greenthread.py", line 175, in wait
ERROR nova.compute.manager [instance: dd397c99-d77c-4aa4-9305-9cdcfcbdd86d] return self._exit_event.wait()
ERROR nova.compute.manager [instance: dd397c99-d77c-4aa4-9305-9cdcfcbdd86d] File "/usr/local/lib/python2.7/dist-packages/eventlet/event.py", line 121, in wait
ERROR nova.compute.manager [instance: dd397c99-d77c-4aa4-9305-9cdcfcbdd86d] return hubs.get_hub().switch()
ERROR nova.compute.manager [instance: dd397c99-d77c-4aa4-9305-9cdcfcbdd86d] File "/usr/local/lib/python2.7/dist-packages/eventlet/hubs/hub.py", line 294, in switch
ERROR nova.compute.manager [instance: dd397c99-d77c-4aa4-9305-9cdcfcbdd86d] return self.greenlet.switch()
ERROR nova.compute.manager [instance: dd397c99-d77c-4aa4-9305-9cdcfcbdd86d] File "/usr/local/lib/python2.7/dist-packages/eventlet/greenthread.py", line 214, in main
ERROR nova.compute.manager [instance: dd397c99-d77c-4aa4-9305-9cdcfcbdd86d] result = function(*args, **kwargs)
ERROR nova.compute.manager [instance: dd397c99-d77c-4aa4-9305-9cdcfcbdd86d] File "/opt/stack/nova/nova/utils.py", line 1160, in context_wrapper
ERROR nova.compute.manager [instance: dd397c99-d77c-4aa4-9305-9cdcfcbdd86d] return func(*args, **kwargs)
ERROR nova.compute.manager [instance: dd397c99-d77c-4aa4-9305-9cdcfcbdd86d] File "/opt/stack/nova/nova/compute/manager.py", line 1581, in _allocate_network_async
ERROR nova.compute.manager [instance: dd397c99-d77c-4aa4-9305-9cdcfcbdd86d] six.reraise(*exc_info)
ERROR nova.compute.manager [instance: dd397c99-d77c-4aa4-9305-9cdcfcbdd86d] File "/opt/stack/nova/nova/compute/manager.py", line 1564, in _allocate_network_async
ERROR nova.compute.manager [instance: dd397c99-d77c-4aa4-9305-9cdcfcbdd86d] bind_host_id=bind_host_id)
ERROR nova.compute.manager [instance: dd397c99-d77c-4aa4-9305-9cdcfcbdd86d] File "/opt/stack/nova/nova/network/neutronv2/api.py", line 621, in allocate_for_instance
ERROR nova.compute.manager [instance: dd397c99-d77c-4aa4-9305-9cdcfcbdd86d] raise exception.SecurityGroupCannotBeApplied()
ERROR nova.compute.manager [instance: dd397c99-d77c-4aa4-9305-9cdcfcbdd86d] SecurityGroupCannotBeApplied: Network requires port_security_enabled and subnet associated in order to apply security groups.
ERROR nova.compute.manager [instance: dd397c99-d77c-4aa4-9305-9cdcfcbdd86d]
** Affects: nova
Importance: Undecided
Assignee: Roey Chen (roeyc)
Status: New
** Changed in: nova
Assignee: (unassigned) => Roey Chen (roeyc)
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Compute (nova).
https://bugs.launchpad.net/bugs/1544028
Title:
Cannot boot an instance on a Neutron network with network which has
port-security disabled
Status in OpenStack Compute (nova):
New
Bug description:
Nova raises an error SecurityGroupCannotBeApplied when running the
following steps:
1. neutron net-create MyNet port-security-enabled False
2. neutron subnet-create MyNet
3. neutron port-create MyNet --no-security-groups #
4. nova boot ... --nic port-id=<port-id from step 3> Ins1
Nova compute raises the exception below, however, it is expected that
the instance will boot with no issues.
ERROR nova.compute.manager [req-b25820f4-4210-4c57-acd2-4e3665186d75 admin demo] Instance failed network setup after 1 attempt(s)
ERROR nova.compute.manager Traceback (most recent call last):
ERROR nova.compute.manager File "/opt/stack/nova/nova/compute/manager.py", line 1564, in _allocate_network_async
ERROR nova.compute.manager bind_host_id=bind_host_id)
ERROR nova.compute.manager File "/opt/stack/nova/nova/network/neutronv2/api.py", line 621, in allocate_for_instance
ERROR nova.compute.manager raise exception.SecurityGroupCannotBeApplied()
ERROR nova.compute.manager SecurityGroupCannotBeApplied: Network requires port_security_enabled and subnet associated in order to apply security groups.
ERROR nova.compute.manager
ERROR nova.compute.manager [req-b25820f4-4210-4c57-acd2-4e3665186d75 admin demo] [instance: dd397c99-d77c-4aa4-9305-9cdcfcbdd86d] Instance failed to spawn
ERROR nova.compute.manager [instance: dd397c99-d77c-4aa4-9305-9cdcfcbdd86d] Traceback (most recent call last):
ERROR nova.compute.manager [instance: dd397c99-d77c-4aa4-9305-9cdcfcbdd86d] File "/opt/stack/nova/nova/compute/manager.py", line 2178, in _build_resources
ERROR nova.compute.manager [instance: dd397c99-d77c-4aa4-9305-9cdcfcbdd86d] yield resources
ERROR nova.compute.manager [instance: dd397c99-d77c-4aa4-9305-9cdcfcbdd86d] File "/opt/stack/nova/nova/compute/manager.py", line 2024, in _build_and_run_instance
ERROR nova.compute.manager [instance: dd397c99-d77c-4aa4-9305-9cdcfcbdd86d] block_device_info=block_device_info)
ERROR nova.compute.manager [instance: dd397c99-d77c-4aa4-9305-9cdcfcbdd86d] File "/opt/stack/nova/nova/virt/vmwareapi/driver.py", line 381, in spawn
ERROR nova.compute.manager [instance: dd397c99-d77c-4aa4-9305-9cdcfcbdd86d] admin_password, network_info, block_device_info)
ERROR nova.compute.manager [instance: dd397c99-d77c-4aa4-9305-9cdcfcbdd86d] File "/opt/stack/nova/nova/virt/vmwareapi/vmops.py", line 724, in spawn
ERROR nova.compute.manager [instance: dd397c99-d77c-4aa4-9305-9cdcfcbdd86d] metadata)
ERROR nova.compute.manager [instance: dd397c99-d77c-4aa4-9305-9cdcfcbdd86d] File "/opt/stack/nova/nova/virt/vmwareapi/vmops.py", line 304, in build_virtual_machine
ERROR nova.compute.manager [instance: dd397c99-d77c-4aa4-9305-9cdcfcbdd86d] network_info)
ERROR nova.compute.manager [instance: dd397c99-d77c-4aa4-9305-9cdcfcbdd86d] File "/opt/stack/nova/nova/virt/vmwareapi/vif.py", line 171, in get_vif_info
ERROR nova.compute.manager [instance: dd397c99-d77c-4aa4-9305-9cdcfcbdd86d] for vif in network_info:
ERROR nova.compute.manager [instance: dd397c99-d77c-4aa4-9305-9cdcfcbdd86d] File "/opt/stack/nova/nova/network/model.py", line 519, in __iter__
ERROR nova.compute.manager [instance: dd397c99-d77c-4aa4-9305-9cdcfcbdd86d] return self._sync_wrapper(fn, *args, **kwargs)
ERROR nova.compute.manager [instance: dd397c99-d77c-4aa4-9305-9cdcfcbdd86d] File "/opt/stack/nova/nova/network/model.py", line 510, in _sync_wrapper
ERROR nova.compute.manager [instance: dd397c99-d77c-4aa4-9305-9cdcfcbdd86d] self.wait()
ERROR nova.compute.manager [instance: dd397c99-d77c-4aa4-9305-9cdcfcbdd86d] File "/opt/stack/nova/nova/network/model.py", line 542, in wait
ERROR nova.compute.manager [instance: dd397c99-d77c-4aa4-9305-9cdcfcbdd86d] self[:] = self._gt.wait()
ERROR nova.compute.manager [instance: dd397c99-d77c-4aa4-9305-9cdcfcbdd86d] File "/usr/local/lib/python2.7/dist-packages/eventlet/greenthread.py", line 175, in wait
ERROR nova.compute.manager [instance: dd397c99-d77c-4aa4-9305-9cdcfcbdd86d] return self._exit_event.wait()
ERROR nova.compute.manager [instance: dd397c99-d77c-4aa4-9305-9cdcfcbdd86d] File "/usr/local/lib/python2.7/dist-packages/eventlet/event.py", line 121, in wait
ERROR nova.compute.manager [instance: dd397c99-d77c-4aa4-9305-9cdcfcbdd86d] return hubs.get_hub().switch()
ERROR nova.compute.manager [instance: dd397c99-d77c-4aa4-9305-9cdcfcbdd86d] File "/usr/local/lib/python2.7/dist-packages/eventlet/hubs/hub.py", line 294, in switch
ERROR nova.compute.manager [instance: dd397c99-d77c-4aa4-9305-9cdcfcbdd86d] return self.greenlet.switch()
ERROR nova.compute.manager [instance: dd397c99-d77c-4aa4-9305-9cdcfcbdd86d] File "/usr/local/lib/python2.7/dist-packages/eventlet/greenthread.py", line 214, in main
ERROR nova.compute.manager [instance: dd397c99-d77c-4aa4-9305-9cdcfcbdd86d] result = function(*args, **kwargs)
ERROR nova.compute.manager [instance: dd397c99-d77c-4aa4-9305-9cdcfcbdd86d] File "/opt/stack/nova/nova/utils.py", line 1160, in context_wrapper
ERROR nova.compute.manager [instance: dd397c99-d77c-4aa4-9305-9cdcfcbdd86d] return func(*args, **kwargs)
ERROR nova.compute.manager [instance: dd397c99-d77c-4aa4-9305-9cdcfcbdd86d] File "/opt/stack/nova/nova/compute/manager.py", line 1581, in _allocate_network_async
ERROR nova.compute.manager [instance: dd397c99-d77c-4aa4-9305-9cdcfcbdd86d] six.reraise(*exc_info)
ERROR nova.compute.manager [instance: dd397c99-d77c-4aa4-9305-9cdcfcbdd86d] File "/opt/stack/nova/nova/compute/manager.py", line 1564, in _allocate_network_async
ERROR nova.compute.manager [instance: dd397c99-d77c-4aa4-9305-9cdcfcbdd86d] bind_host_id=bind_host_id)
ERROR nova.compute.manager [instance: dd397c99-d77c-4aa4-9305-9cdcfcbdd86d] File "/opt/stack/nova/nova/network/neutronv2/api.py", line 621, in allocate_for_instance
ERROR nova.compute.manager [instance: dd397c99-d77c-4aa4-9305-9cdcfcbdd86d] raise exception.SecurityGroupCannotBeApplied()
ERROR nova.compute.manager [instance: dd397c99-d77c-4aa4-9305-9cdcfcbdd86d] SecurityGroupCannotBeApplied: Network requires port_security_enabled and subnet associated in order to apply security groups.
ERROR nova.compute.manager [instance: dd397c99-d77c-4aa4-9305-9cdcfcbdd86d]
To manage notifications about this bug go to:
https://bugs.launchpad.net/nova/+bug/1544028/+subscriptions
