yahoo-eng-team team mailing list archive
-
yahoo-eng-team team
-
Mailing list archive
-
Message #76588
[Bug 1811390] [NEW] L2/L3 Network components creation with wrong tenant-id should be restricted
Public bug reported:
I am trying to create vlan_transparent enabled network on NSXT + openstack queens setup.
While creating network I am providing wrong tenant id, but instead of failing it is creating that network with
provided tenant id.
nicira@utu1604template:~/devstack$ openstack project list
+----------------------------------+--------------------+
| ID | Name |
+----------------------------------+--------------------+
| 0906736f01d948318ad5c89e45a04076 | admin |
| 19d3974dadb04aeeac363086a7e6b5bf | alt_demo |
| ab633c528a7a40a089c02b27a7495038 | invisible_to_admin |
| dd8213720a5a4e5c85db304e8992d3c1 | service |
| f36b83bc02074eacacef7a15b48690b0 | demo |
+----------------------------------+--------------------+
nicira@utu1604template:~/devstack$ neutron net-create --provider:network_type=vlan --vlan-transparent true --tenant-id 7838ggf2372d2139fgf922ff TestNet
neutron CLI is deprecated and will be removed in the future. Use openstack CLI instead.
Created a new network:
+---------------------------+--------------------------------------+
| Field | Value |
+---------------------------+--------------------------------------+
| admin_state_up | True |
| availability_zone_hints | |
| availability_zones | defaultv3 |
| created_at | 2018-06-12T09:23:09Z |
| description | |
| dns_domain | |
| id | 38c7eb87-6d83-479a-a56e-da7c27d36f15 |
| ipv4_address_scope | |
| ipv6_address_scope | |
| name | TestNet |
| port_security_enabled | True |
| project_id | 7838ggf2372d2139fgf922ff |
| provider:network_type | vlan |
| provider:physical_network | 060d4788-19ae-4ba5-a369-4bb2079f50eb |
| provider:segmentation_id | 0 |
| qos_policy_id | |
| revision_number | 3 |
| router:external | False |
| shared | False |
| status | ACTIVE |
| subnets | |
| tags | |
| tenant_id | 7838ggf2372d2139fgf922ff |
| updated_at | 2018-06-12T09:23:09Z |
| vlan_transparent | True |
+---------------------------+--------------------------------------+
I am facing same issue while creating subnet also.
nicira@utu1604template:~/devstack$ neutron subnet-create --tenant-id 89325t389256932532506329jsfhkjsfgwsjfbwejf --name testSubnet --disable-dhcp dee859b4-fae6-429e-b290-9711ec205da2 20.0.0.0/24
neutron CLI is deprecated and will be removed in the future. Use openstack CLI instead.
Created a new subnet:
+-------------------+--------------------------------------------+
| Field | Value |
+-------------------+--------------------------------------------+
| allocation_pools | {"start": "20.0.0.2", "end": "20.0.0.254"} |
| cidr | 20.0.0.0/24 |
| created_at | 2018-06-12T09:38:41Z |
| description | |
| dns_nameservers | |
| enable_dhcp | False |
| gateway_ip | 20.0.0.1 |
| host_routes | |
| id | 51a77524-1b5a-4ab1-b98b-c170f656d6df |
| ip_version | 4 |
| ipv6_address_mode | |
| ipv6_ra_mode | |
| name | testSubnet |
| network_id | dee859b4-fae6-429e-b290-9711ec205da2 |
| project_id | 89325t389256932532506329jsfhkjsfgwsjfbwejf |
| revision_number | 0 |
| subnetpool_id | |
| tags | |
| tenant_id | 89325t389256932532506329jsfhkjsfgwsjfbwejf |
| updated_at | 2018-06-12T09:38:41Z |
+-------------------+--------------------------------------------+
** Affects: neutron
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/1811390
Title:
L2/L3 Network components creation with wrong tenant-id should be
restricted
Status in neutron:
New
Bug description:
I am trying to create vlan_transparent enabled network on NSXT + openstack queens setup.
While creating network I am providing wrong tenant id, but instead of failing it is creating that network with
provided tenant id.
nicira@utu1604template:~/devstack$ openstack project list
+----------------------------------+--------------------+
| ID | Name |
+----------------------------------+--------------------+
| 0906736f01d948318ad5c89e45a04076 | admin |
| 19d3974dadb04aeeac363086a7e6b5bf | alt_demo |
| ab633c528a7a40a089c02b27a7495038 | invisible_to_admin |
| dd8213720a5a4e5c85db304e8992d3c1 | service |
| f36b83bc02074eacacef7a15b48690b0 | demo |
+----------------------------------+--------------------+
nicira@utu1604template:~/devstack$ neutron net-create --provider:network_type=vlan --vlan-transparent true --tenant-id 7838ggf2372d2139fgf922ff TestNet
neutron CLI is deprecated and will be removed in the future. Use openstack CLI instead.
Created a new network:
+---------------------------+--------------------------------------+
| Field | Value |
+---------------------------+--------------------------------------+
| admin_state_up | True |
| availability_zone_hints | |
| availability_zones | defaultv3 |
| created_at | 2018-06-12T09:23:09Z |
| description | |
| dns_domain | |
| id | 38c7eb87-6d83-479a-a56e-da7c27d36f15 |
| ipv4_address_scope | |
| ipv6_address_scope | |
| name | TestNet |
| port_security_enabled | True |
| project_id | 7838ggf2372d2139fgf922ff |
| provider:network_type | vlan |
| provider:physical_network | 060d4788-19ae-4ba5-a369-4bb2079f50eb |
| provider:segmentation_id | 0 |
| qos_policy_id | |
| revision_number | 3 |
| router:external | False |
| shared | False |
| status | ACTIVE |
| subnets | |
| tags | |
| tenant_id | 7838ggf2372d2139fgf922ff |
| updated_at | 2018-06-12T09:23:09Z |
| vlan_transparent | True |
+---------------------------+--------------------------------------+
I am facing same issue while creating subnet also.
nicira@utu1604template:~/devstack$ neutron subnet-create --tenant-id 89325t389256932532506329jsfhkjsfgwsjfbwejf --name testSubnet --disable-dhcp dee859b4-fae6-429e-b290-9711ec205da2 20.0.0.0/24
neutron CLI is deprecated and will be removed in the future. Use openstack CLI instead.
Created a new subnet:
+-------------------+--------------------------------------------+
| Field | Value |
+-------------------+--------------------------------------------+
| allocation_pools | {"start": "20.0.0.2", "end": "20.0.0.254"} |
| cidr | 20.0.0.0/24 |
| created_at | 2018-06-12T09:38:41Z |
| description | |
| dns_nameservers | |
| enable_dhcp | False |
| gateway_ip | 20.0.0.1 |
| host_routes | |
| id | 51a77524-1b5a-4ab1-b98b-c170f656d6df |
| ip_version | 4 |
| ipv6_address_mode | |
| ipv6_ra_mode | |
| name | testSubnet |
| network_id | dee859b4-fae6-429e-b290-9711ec205da2 |
| project_id | 89325t389256932532506329jsfhkjsfgwsjfbwejf |
| revision_number | 0 |
| subnetpool_id | |
| tags | |
| tenant_id | 89325t389256932532506329jsfhkjsfgwsjfbwejf |
| updated_at | 2018-06-12T09:38:41Z |
+-------------------+--------------------------------------------+
To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/1811390/+subscriptions
Follow ups
