yahoo-eng-team team mailing list archive
-
yahoo-eng-team team
-
Mailing list archive
-
Message #91622
[Bug 2009053] Re: OVN: default stateless SG blocks metadata traffic
** Changed in: neutron
Status: In Progress => Won't Fix
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/2009053
Title:
OVN: default stateless SG blocks metadata traffic
Status in neutron:
Won't Fix
Bug description:
Bug originally found by Alex Katz and reported in the bugzilla:
https://bugzilla.redhat.com/show_bug.cgi?id=2149713
Description of problem:
When a stateless security group is attached to the instance it fails to fetch metadata info. An explicit rule is required to allow metadata traffic from 169.254.169.254.
Checked with the custom security group (only egress traffic is
allowed) as well as with the default security group (egress and
ingress from the same SG are allowed).
Version-Release number of selected component (if applicable):
RHOS-17.1-RHEL-9-20221115.n.2
Red Hat Enterprise Linux release 9.1 (Plow)
How reproducible:
100%
Steps to Reproduce:
openstack security group create --stateless test_sg
openstack server create --image <IMG> --flavor <FLAV> --network <NET> --security-group test_sg vm_1
Actual results:
checking http://169.254.169.254/2009-04-04/instance-id
failed 1/20: up 21.53. request failed
failed 2/20: up 70.89. request failed
failed 3/20: up 120.12. request failed
failed 4/20: up 169.36. request failed
failed 5/20: up 218.81. request failed
failed 6/20: up 268.17. request failed
Expected results:
Metadata is successfully fetched
To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/2009053/+subscriptions
References