[openstack-dev] [NOVA] security group fails to attach to an instance if port-id is specified during boot.
Christopher Yeoh
cbkyeoh at gmail.com
Fri Sep 26 08:19:29 UTC 2014
On Fri, 26 Sep 2014 11:25:49 +0400
Oleg Bondarev <obondarev at mirantis.com> wrote:
> On Fri, Sep 26, 2014 at 3:30 AM, Day, Phil <philip.day at hp.com> wrote:
>
> > I think the expectation is that if a user is already interaction
> > with Neutron to create ports then they should do the security group
> > assignment in Neutron as well.
> >
>
> Agree. However what do you think a user expects when he/she boots a
> vm (no matter providing port_id or just net_id)
> and specifies security_groups? I think the expectation should be that
> instance will become a member of the specified groups.
> Ignoring security_groups parameter in case port is provided (as it is
> now) seems completely unfair to me.
One option would be to return a 400 if both port id and security_groups
is supplied.
Chris
More information about the OpenStack-dev
mailing list