← Back to team overview

yahoo-eng-team team mailing list archive

  1. yahoo-eng-team team
  2. Mailing list archive
  3. Message #80342

[Bug 1846559] Re: Handling Down Cells in nova - security_groups can be in the response for GET /servers/detail

  Thread PreviousDate PreviousThread Next 
Reviewed:  https://review.opendev.org/686520
Committed: https://git.openstack.org/cgit/openstack/nova/commit/?id=9a5da9252434b65df5757730e5bc24e3a8f0297a
Submitter: Zuul
Branch:    master

commit 9a5da9252434b65df5757730e5bc24e3a8f0297a
Author: Takashi NATSUME <natsume.takashi@xxxxxxxxxxxxx>
Date:   Fri Oct 4 12:44:30 2019 +0900

    api-guide: Fix available info in handling down cells
    
    Add the 'security_groups' parameter as available infomation
    in the "List Servers Detailed" API (GET /servers/detail)
    when there is a down cell.
    
    Change-Id: I9653a46478c80b343a5a5f8d6b1607688538b1d5
    CLoses-Bug: #1846559


** Changed in: nova
       Status: In Progress => Fix Released

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Compute (nova).
https://bugs.launchpad.net/bugs/1846559

Title:
  Handling Down Cells in nova - security_groups can be in the response
  for GET /servers/detail

Status in OpenStack Compute (nova):
  Fix Released

Bug description:
  - [x] This doc is inaccurate in this way:

  This came up during a review to remove nova-net usage from functional
  tests and enhance the neutron fixture used in those tests:

  https://review.opendev.org/#/c/685927/2/nova/tests/functional/test_servers.py@1264

  In summary, GET /servers/detail responses for servers in a down cell
  may include a "security_groups" key because the API proxies that
  information from neutron only using the server id (the neutron
  security group driver finds the ports from that server id and the
  security groups from the ports). None of the security group
  information about a server, when using neutron, is cached with the
  server in the cell database unlike the port information (VIFs i.e.
  instance.info_cache.network_info).

  As a result, the doc is wrong for the keys it says can be returned
  from a GET /servers/detail response in a down cell scenario since it
  doesn't include 'security_groups'. The linked patch above shows that
  with the changed sample:

  https://review.opendev.org/#/c/685927/2/doc/api_samples/servers/v2.69
  /servers-details-resp.json

  Also note that this is not the same for the GET /servers/{server_id}
  (show) case because that returns from the view builder here:

  https://github.com/openstack/nova/blob/867401e575d2b27b9bc63ceda41cd85233545cd5/nova/api/openstack/compute/views/servers.py#L210

  without including any security group information.

  Note that fixing the API to be consistent between show and detail
  would require a microversion and is likely not worth a new
  microversion of that, a user can get security group information from
  the networking API directly with something like this:

    GET /v2.0/ports?device_id=<server_id>&fields=security_groups

  And from the ports response the client can get the security groups by
  id.

  This bug is just to update the down cell API guide docs.

  -----------------------------------
  Release: 19.1.0.dev1588 on 2019-09-24 00:12:44
  SHA: 2b15e162546ff5aa6458b2d1b2422a775e92b785
  Source: https://opendev.org/openstack/nova/src/api-guide/source/down_cells.rst
  URL: https://docs.openstack.org/api-guide/compute/down_cells.html

To manage notifications about this bug go to:
https://bugs.launchpad.net/nova/+bug/1846559/+subscriptions

References

  Thread PreviousDate PreviousThread Next