yahoo-eng-team team mailing list archive
-
yahoo-eng-team team
-
Mailing list archive
-
Message #80960
[Bug 1842909] Re: The vm is not assigned security group when created with port-id option
Agree that this is extremely latent behavior and I'm pretty sure we have
existing/closed/invalidated bugs for orchestrating this type of
behavior. As James noted from the docs, pre-existing ports get the
security groups applied to them in neutron. I'm going to close this as
Won't Fix and a Wishlist bug. If this is something that is really
desired it should be reported as a blueprint/spec in my opinion so there
can be a discussion in gerrit about the merits of this request for
orchestration, and note:
https://docs.openstack.org/nova/latest/contributor/project-scope.html
#no-more-orchestration
There are sometimes exceptions to that policy, like adding the ability
to boot-from-volume and provide a volume type for nova to use when it
creates volumes on the user's behalf, but those are exceptions due to
high demand from multiple users/vendors.
** Changed in: nova
Status: New => Won't Fix
** Changed in: nova
Importance: Undecided => Wishlist
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Compute (nova).
https://bugs.launchpad.net/bugs/1842909
Title:
The vm is not assigned security group when created with port-id option
Status in OpenStack Compute (nova):
Won't Fix
Bug description:
>> I have created a neutron network and a subnet
>> I have created a port on the network
>> I have created a vm with the port id option with --security-group option provided
>>The CLI used.
nova --insecure boot --image cirros --flavor m1.tiny --nic port-id=f6c035a3-fd93-4734-8210-6b64c4d0e66c vm-y --security-group sg1
>>But when i check the port of the vm, the security group sg1 is not
applied.
root@prome-mdt-dhcp412:~# neutron port-show f6c035a3-fd93-4734-8210-6b64c4d0e66c
+--------------------------+------------------------------------------------------------------------------------------------------------------+
| Field | Value |
+--------------------------+------------------------------------------------------------------------------------------------------------------+
| admin_state_up | True |
| allowed_address_pairs | |
| binding:host_id | compute-c99bffcb-c8 |
| binding:profile | {} |
| binding:vif_details | {"ovs_hybrid_plug": false, "nsx-logical-switch-id": "c7474c18-611f-421d-bb3f-176aca21841e", "port_filter": true} |
| binding:vif_type | ovs |
| binding:vnic_type | normal |
| created_at | 2019-09-05T07:22:34Z |
| description | |
| device_id | 3ee5ea9b-a0ea-4e51-a3cb-6c2e54382fee |
| device_owner | compute:nova |
| extra_dhcp_opts | |
| fixed_ips | {"subnet_id": "ed327c19-c928-4de3-adea-6be9c3d9f80e", "ip_address": "13.0.0.16"} |
| id | f6c035a3-fd93-4734-8210-6b64c4d0e66c |
| mac_address | fa:16:3e:c8:d8:f1 |
| name | port-y |
| network_id | 274a0665-08dc-4a27-9be0-636718576757 |
| port_security_enabled | True |
| project_id | 0e551202bb7644c68b89dda3db23d487 |
| provider_security_groups | |
| qos_policy_id | |
| resource_request | |
| revision_number | 7 |
| security_groups | 362cdd36-4b47-4406-bc6a-cda04ffc442f |
| status | ACTIVE |
| tags | |
| tenant_id | 0e551202bb7644c68b89dda3db23d487 |
| updated_at | 2019-09-05T07:23:21Z |
+--------------------------+------------------------------------------------------------------------------------------------------------------+
***the security group sg1's id is: 8904713c-5f4b-
4b53-b8e6-0efe60f385cb
When i used --security-group and port-id , the vm port should
automatically get the SG allotted
To manage notifications about this bug go to:
https://bugs.launchpad.net/nova/+bug/1842909/+subscriptions
References
