yahoo-eng-team team mailing list archive
-
yahoo-eng-team team
-
Mailing list archive
-
Message #76920
[Bug 1815461] [NEW] create port in shared network from tenant fail because horizon add wrong SecurityGroup
Public bug reported:
[centos-binary-horizon:rocky-latest]
if as tenant creating port in shared network , the ports fail to be
created because horizon take the security group of the source network (
admin in my case , vlan net ... )
neutron api log:
2019-02-11 10:17:28.492 33 DEBUG neutron.api.v2.base [req-14fa3687-65ea-4f0e-880c-6fc5336a93ca 640f75a14d77430a9230d720db90046e 2c7927cda1614d7a924614b0c310ab6f - default default] Request body: {u'port': {u'name': u'd', u'admin_state_up'
: True, u'network_id': u'0c0b01f3-f73f-4b2f-95ee-6c3e8b93ebd9', u'tenant_id': u'2c7927cda1614d7a924614b0c310ab6f', u'binding:vnic_type': u'normal', u'device_owner': u'', u'port_security_enabled': True, u'security_groups': [u'49eed7e4-600b-457b-a367-5d1ec20faad6'], u'device_id': u''}} prepare_request_body /usr/lib/python2.7/site-packages/neutron/api/v2/base.py:716
req:
sg -> 49eed7e4-600b-457b-a367-5d1ec20faad6
tenant -> 2c7927cda1614d7a924614b0c310ab6f
ID Name Project
1deb753d-dbad-4668-8c4e-72096e43673e smoketest 8d54453c9c82423b9f173997be5fcd54
1ee7e92d-7330-4b4d-b2f8-68f7d936418c CloudBand-Security-Group-DU1 750b1cc920354372b2b6149abec1a9f9
3f63ca70-54ab-4723-ae7b-63449ebccb2e default 5811183c896242dbaabd9504b2de14a1
49eed7e4-600b-457b-a367-5d1ec20faad6 default 8d54453c9c82423b9f173997be5fcd54
5acdac84-8ff7-49de-9372-3113a7ee3f2a default 29d066aff3614837892b45e658615d25
739c5f71-dfb2-48cb-9e0a-d364e5d0a2cd default 2c7927cda1614d7a924614b0c310ab6f
74f6eef0-2baa-40c6-b34c-487d2478153c CloudBand-Security-Group-BH1 2c7927cda1614d7a924614b0c310ab6f
e2193e72-c721-4bc6-895a-0828e9596673 default 750b1cc920354372b2b6149abec1a9f9
as you can see above the request combine sg which not belong to existing
tenant .
later on we its fail ...
2019-02-11 10:47:13.918 38 INFO neutron.pecan_wsgi.hooks.translation [req-ac726455-d25c-497b-9d11-388d794760f8 640f75a14d77430a9230d720db90046e 2c7927cda1614d7a924614b0c310ab6f - default default] POST failed (client error): The resource could not be found.
2019-02-11 10:47:13.918 38 DEBUG neutron.pecan_wsgi.hooks.notifier [req-ac726455-d25c-497b-9d11-388d794760f8 640f75a14d77430a9230d720db90046e 2c7927cda1614d7a924614b0c310ab6f - default default] No notification will be sent due to unsuccessful status code: 404 after /usr/lib/python2.7/site-packages/neutron/pecan_wsgi/hooks/notifier.py:79
** Affects: horizon
Importance: Undecided
Status: New
** Description changed:
+ [centos-binary-horizon:rocky-latest]
+
if as tenant creating port in shared network , the ports fail to be
created because horizon take the security group of the source network (
admin in my case , vlan net ... )
neutron api log:
2019-02-11 10:17:28.492 33 DEBUG neutron.api.v2.base [req-14fa3687-65ea-4f0e-880c-6fc5336a93ca 640f75a14d77430a9230d720db90046e 2c7927cda1614d7a924614b0c310ab6f - default default] Request body: {u'port': {u'name': u'd', u'admin_state_up'
: True, u'network_id': u'0c0b01f3-f73f-4b2f-95ee-6c3e8b93ebd9', u'tenant_id': u'2c7927cda1614d7a924614b0c310ab6f', u'binding:vnic_type': u'normal', u'device_owner': u'', u'port_security_enabled': True, u'security_groups': [u'49eed7e4-600b-457b-a367-5d1ec20faad6'], u'device_id': u''}} prepare_request_body /usr/lib/python2.7/site-packages/neutron/api/v2/base.py:716
req:
sg -> 49eed7e4-600b-457b-a367-5d1ec20faad6
tenant -> 2c7927cda1614d7a924614b0c310ab6f
ID Name Project
1deb753d-dbad-4668-8c4e-72096e43673e smoketest 8d54453c9c82423b9f173997be5fcd54
1ee7e92d-7330-4b4d-b2f8-68f7d936418c CloudBand-Security-Group-DU1 750b1cc920354372b2b6149abec1a9f9
3f63ca70-54ab-4723-ae7b-63449ebccb2e default 5811183c896242dbaabd9504b2de14a1
49eed7e4-600b-457b-a367-5d1ec20faad6 default 8d54453c9c82423b9f173997be5fcd54
5acdac84-8ff7-49de-9372-3113a7ee3f2a default 29d066aff3614837892b45e658615d25
739c5f71-dfb2-48cb-9e0a-d364e5d0a2cd default 2c7927cda1614d7a924614b0c310ab6f
74f6eef0-2baa-40c6-b34c-487d2478153c CloudBand-Security-Group-BH1 2c7927cda1614d7a924614b0c310ab6f
e2193e72-c721-4bc6-895a-0828e9596673 default 750b1cc920354372b2b6149abec1a9f9
as you can see above the request combine sg which not belong to existing
tenant .
later on we its fail ...
2019-02-11 10:47:13.918 38 INFO neutron.pecan_wsgi.hooks.translation [req-ac726455-d25c-497b-9d11-388d794760f8 640f75a14d77430a9230d720db90046e 2c7927cda1614d7a924614b0c310ab6f - default default] POST failed (client error): The resource could not be found.
2019-02-11 10:47:13.918 38 DEBUG neutron.pecan_wsgi.hooks.notifier [req-ac726455-d25c-497b-9d11-388d794760f8 640f75a14d77430a9230d720db90046e 2c7927cda1614d7a924614b0c310ab6f - default default] No notification will be sent due to unsuccessful status code: 404 after /usr/lib/python2.7/site-packages/neutron/pecan_wsgi/hooks/notifier.py:79
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Dashboard (Horizon).
https://bugs.launchpad.net/bugs/1815461
Title:
create port in shared network from tenant fail because horizon add
wrong SecurityGroup
Status in OpenStack Dashboard (Horizon):
New
Bug description:
[centos-binary-horizon:rocky-latest]
if as tenant creating port in shared network , the ports fail to be
created because horizon take the security group of the source network
( admin in my case , vlan net ... )
neutron api log:
2019-02-11 10:17:28.492 33 DEBUG neutron.api.v2.base [req-14fa3687-65ea-4f0e-880c-6fc5336a93ca 640f75a14d77430a9230d720db90046e 2c7927cda1614d7a924614b0c310ab6f - default default] Request body: {u'port': {u'name': u'd', u'admin_state_up'
: True, u'network_id': u'0c0b01f3-f73f-4b2f-95ee-6c3e8b93ebd9', u'tenant_id': u'2c7927cda1614d7a924614b0c310ab6f', u'binding:vnic_type': u'normal', u'device_owner': u'', u'port_security_enabled': True, u'security_groups': [u'49eed7e4-600b-457b-a367-5d1ec20faad6'], u'device_id': u''}} prepare_request_body /usr/lib/python2.7/site-packages/neutron/api/v2/base.py:716
req:
sg -> 49eed7e4-600b-457b-a367-5d1ec20faad6
tenant -> 2c7927cda1614d7a924614b0c310ab6f
ID Name Project
1deb753d-dbad-4668-8c4e-72096e43673e smoketest 8d54453c9c82423b9f173997be5fcd54
1ee7e92d-7330-4b4d-b2f8-68f7d936418c CloudBand-Security-Group-DU1 750b1cc920354372b2b6149abec1a9f9
3f63ca70-54ab-4723-ae7b-63449ebccb2e default 5811183c896242dbaabd9504b2de14a1
49eed7e4-600b-457b-a367-5d1ec20faad6 default 8d54453c9c82423b9f173997be5fcd54
5acdac84-8ff7-49de-9372-3113a7ee3f2a default 29d066aff3614837892b45e658615d25
739c5f71-dfb2-48cb-9e0a-d364e5d0a2cd default 2c7927cda1614d7a924614b0c310ab6f
74f6eef0-2baa-40c6-b34c-487d2478153c CloudBand-Security-Group-BH1 2c7927cda1614d7a924614b0c310ab6f
e2193e72-c721-4bc6-895a-0828e9596673 default 750b1cc920354372b2b6149abec1a9f9
as you can see above the request combine sg which not belong to
existing tenant .
later on we its fail ...
2019-02-11 10:47:13.918 38 INFO neutron.pecan_wsgi.hooks.translation [req-ac726455-d25c-497b-9d11-388d794760f8 640f75a14d77430a9230d720db90046e 2c7927cda1614d7a924614b0c310ab6f - default default] POST failed (client error): The resource could not be found.
2019-02-11 10:47:13.918 38 DEBUG neutron.pecan_wsgi.hooks.notifier [req-ac726455-d25c-497b-9d11-388d794760f8 640f75a14d77430a9230d720db90046e 2c7927cda1614d7a924614b0c310ab6f - default default] No notification will be sent due to unsuccessful status code: 404 after /usr/lib/python2.7/site-packages/neutron/pecan_wsgi/hooks/notifier.py:79
To manage notifications about this bug go to:
https://bugs.launchpad.net/horizon/+bug/1815461/+subscriptions
Follow ups
