yahoo-eng-team team mailing list archive
-
yahoo-eng-team team
-
Mailing list archive
-
Message #49848
[Bug 1566656] Re: neutron purge operation should not delete dhcp port
If you are about to purge a resource, tenants have lost access to the
cloud.
** Changed in: neutron
Status: Confirmed => Won't Fix
** Tags removed: released-neutronclient
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/1566656
Title:
neutron purge operation should not delete dhcp port
Status in neutron:
Won't Fix
Bug description:
Now neutronclient can use purge to delete tenant resources. It will
check whether the resource is used by other tenants. I found the purge
will delete the dhcp port and it just check this resource's tenant_id
is the specified one. This will cause an issue like:
There are 2 tenant A and B , there is an admin user in both of them.
1. In tenant A, I create an network, but no subnet. It won't allocate a dhcp port now.
2. Now I change to tenant B, as user in tenant B is admin role, I will see the network which created by tenant A user. So I create a subnet towards the network, and it will create a dhcp port which owned by tenant A(as dhcp port creation is based on network tenant). Then tenant B user can add interface/ create vm port in this subnet.
3. another tenant C with admin user exec neutron purge tenant A_id, it will check the tenant A's resource in system, it will not delete the network, but delete the dhcp port. And dhcp port will be created later, its owner is still tenant A.
if it can verify the network can not delete, we should not delete
dhcp port, it will cause during the recreate dhcp port, new port
creation can not get the ip addr. And it will be recreated in the
end, this view is meaningless and risky.
To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/1566656/+subscriptions
References
