yahoo-eng-team team mailing list archive

[OpenStack Infra <1815461@xxxxxxxxxxxxxxxxxx>]

Reviewed:  https://review.opendev.org/714019
Committed: https://git.openstack.org/cgit/openstack/horizon/commit/?id=3c33f46dc8196809d67301f20c8b920cad03b372
Submitter: Zuul
Branch:    master

commit 3c33f46dc8196809d67301f20c8b920cad03b372
Author: shenjiatong <yshxxsjt715@xxxxxxxxx>
Date:   Fri Mar 20 09:15:05 2020 +0800

    Fix tenant_id for a new port.
    
    To successfully create a port in a shared network which belongs
    to a different tenant, the tenant of the new port should be same
    as the tenant of a request user.
    
    Closes-bug: #1815461
    Change-Id: Ia243f213b23f3f34845de5d97e8eaa5aa6979e76


** Changed in: horizon
       Status: In Progress => Fix Released

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Dashboard (Horizon).
https://bugs.launchpad.net/bugs/1815461

Title:
  create port in shared network from tenant fail because horizon add
  wrong SecurityGroup

Status in OpenStack Dashboard (Horizon):
  Fix Released

Bug description:
  [centos-binary-horizon:rocky-latest]

  if as tenant creating port in shared network , the ports fail to be
  created because horizon take the security group of the source network
  ( admin in my case , vlan net ... )

  neutron api log:
  2019-02-11 10:17:28.492 33 DEBUG neutron.api.v2.base [req-14fa3687-65ea-4f0e-880c-6fc5336a93ca 640f75a14d77430a9230d720db90046e 2c7927cda1614d7a924614b0c310ab6f - default default] Request body: {u'port': {u'name': u'd', u'admin_state_up'
  : True, u'network_id': u'0c0b01f3-f73f-4b2f-95ee-6c3e8b93ebd9', u'tenant_id': u'2c7927cda1614d7a924614b0c310ab6f', u'binding:vnic_type': u'normal', u'device_owner': u'', u'port_security_enabled': True, u'security_groups': [u'49eed7e4-600b-457b-a367-5d1ec20faad6'], u'device_id': u''}} prepare_request_body /usr/lib/python2.7/site-packages/neutron/api/v2/base.py:716

  req:
  sg -> 49eed7e4-600b-457b-a367-5d1ec20faad6
  tenant -> 2c7927cda1614d7a924614b0c310ab6f

  ID                                   Name                         Project
  1deb753d-dbad-4668-8c4e-72096e43673e smoketest                    8d54453c9c82423b9f173997be5fcd54
  1ee7e92d-7330-4b4d-b2f8-68f7d936418c CloudBand-Security-Group-DU1 750b1cc920354372b2b6149abec1a9f9
  3f63ca70-54ab-4723-ae7b-63449ebccb2e default                      5811183c896242dbaabd9504b2de14a1
  49eed7e4-600b-457b-a367-5d1ec20faad6 default                      8d54453c9c82423b9f173997be5fcd54
  5acdac84-8ff7-49de-9372-3113a7ee3f2a default                      29d066aff3614837892b45e658615d25
  739c5f71-dfb2-48cb-9e0a-d364e5d0a2cd default                      2c7927cda1614d7a924614b0c310ab6f
  74f6eef0-2baa-40c6-b34c-487d2478153c CloudBand-Security-Group-BH1 2c7927cda1614d7a924614b0c310ab6f
  e2193e72-c721-4bc6-895a-0828e9596673 default                      750b1cc920354372b2b6149abec1a9f9

  as you can see above the request combine sg which not belong to
  existing tenant .

  later on we its fail ...
  2019-02-11 10:47:13.918 38 INFO neutron.pecan_wsgi.hooks.translation [req-ac726455-d25c-497b-9d11-388d794760f8 640f75a14d77430a9230d720db90046e 2c7927cda1614d7a924614b0c310ab6f - default default] POST failed (client error): The resource could not be found.
  2019-02-11 10:47:13.918 38 DEBUG neutron.pecan_wsgi.hooks.notifier [req-ac726455-d25c-497b-9d11-388d794760f8 640f75a14d77430a9230d720db90046e 2c7927cda1614d7a924614b0c310ab6f - default default] No notification will be sent due to unsuccessful status code: 404 after /usr/lib/python2.7/site-packages/neutron/pecan_wsgi/hooks/notifier.py:79

To manage notifications about this bug go to:
https://bugs.launchpad.net/horizon/+bug/1815461/+subscriptions