<div>Hi all!</div><div><br></div><div>I'm having some problems with juju and security groups in openstack. When I try to instantiate about 10 instances, some of them generate an error related to the security groups. The log below is from nova-api.log. I'm using versions from ubuntu 12.04 LTS packages (nova*, keystone etc). </div>
<div><br></div><div>2012-05-10 09:31:04 DEBUG nova.api.ec2.apirequest [req-2c360b59-311d-4792-a730-e14a750220e9 de0bba964c7b4948bef8bb04d7111cae fed67a76052340e6b225879aed674846] <?xml version="1.0" ?><DescribeSecurityGroupsResponse xmlns="<a href="http://ec2.amazonaws.com/doc/2008-12-01/">http://ec2.amazonaws.com/doc/2008-12-01/</a>"><requestId>req-2c360b59-311d-4792-a730-e14a750220e9</requestId><securityGroupInfo><item><ipPermissions><item><toPort>65535</toPort><ipProtocol>tcp</ipProtocol><ipRanges><item><cidrIp><a href="http://0.0.0.0/0">0.0.0.0/0</a></cidrIp></item></ipRanges><groups/><fromPort>1</fromPort></item></ipPermissions><groupName>default</groupName><groupDescription>default</groupDescription><ownerId>fed67a76052340e6b225879aed674846</ownerId></item><item><ipPermissions><item><toPort>22</toPort><ipProtocol>tcp</ipProtocol><ipRanges><item><cidrIp><a href="http://0.0.0.0/0">0.0.0.0/0</a></cidrIp></item></ipRanges><groups/><fromPort>22</fromPort></item><item><toPort>-1</toPort><ipProtocol>icmp</ipProtocol><ipRanges/><groups><item><groupName>juju-sample</groupName><userId>fed67a76052340e6b225879aed674846</userId></item></groups><fromPort>-1</fromPort></item><item><toPort>65535</toPort><ipProtocol>tcp</ipProtocol><ipRanges/><groups><item><groupName>juju-sample</groupName><userId>fed67a76052340e6b225879aed674846</userId></item></groups><fromPort>1</fromPort></item><item><toPort>65535</toPort><ipProtocol>udp</ipProtocol><ipRanges/><groups><item><groupName>juju-sample</groupName><userId>fed67a76052340e6b225879aed674846</userId></item></groups><fromPort>1</fromPort></item></ipPermissions><groupName>juju-sample</groupName><groupDescription>juju group for sample</groupDescription><ownerId>fed67a76052340e6b225879aed674846</ownerId></item><item><ipPermissions/><groupName>juju-sample-0</groupName><groupDescription>juju group for sample machine 0</groupDescription><ownerId>fed67a76052340e6b225879aed674846</ownerId></item><item><ipPermissions/><groupName>juju-sample-1</groupName><groupDescription>juju group for sample machine 1</groupDescription><ownerId>fed67a76052340e6b225879aed674846</ownerId></item><item><ipPermissions/><groupName>juju-sample-10</groupName><groupDescription>juju group for sample machine 10</groupDescription><ownerId>fed67a76052340e6b225879aed674846</ownerId></item><item><ipPermissions/><groupName>juju-sample-11</groupName><groupDescription>juju group for sample machine 11</groupDescription><ownerId>fed67a76052340e6b225879aed674846</ownerId></item><item><ipPermissions/><groupName>juju-sample-2</groupName><groupDescription>juju group for sample machine 2</groupDescription><ownerId>fed67a76052340e6b225879aed674846</ownerId></item><item><ipPermissions/><groupName>juju-sample-3</groupName><groupDescription>juju group for sample machine 3</groupDescription><ownerId>fed67a76052340e6b225879aed674846</ownerId></item><item><ipPermissions/><groupName>juju-sample-4</groupName><groupDescription>juju group for sample machine 4</groupDescription><ownerId>fed67a76052340e6b225879aed674846</ownerId></item><item><ipPermissions/><groupName>juju-sample-5</groupName><groupDescription>juju group for sample machine 5</groupDescription><ownerId>fed67a76052340e6b225879aed674846</ownerId></item><item><ipPermissions/><groupName>juju-sample-6</groupName><groupDescription>juju group for sample machine 6</groupDescription><ownerId>fed67a76052340e6b225879aed674846</ownerId></item><item><ipPermissions/><groupName>juju-sample-7</groupName><groupDescription>juju group for sample machine 7</groupDescription><ownerId>fed67a76052340e6b225879aed674846</ownerId></item><item><ipPermissions/><groupName>juju-sample-8</groupName><groupDescription>juju group for sample machine 8</groupDescription><ownerId>fed67a76052340e6b225879aed674846</ownerId></item><item><ipPermissions/><groupName>juju-sample-9</groupName><groupDescription>juju group for sample machine 9</groupDescription><ownerId>fed67a76052340e6b225879aed674846</ownerId></item></securityGroupInfo></DescribeSecurityGroupsResponse> from (pid=4973) _render_response /usr/lib/python2.7/dist-packages/nova/api/ec2/apirequest.py:105</div>
<div>2012-05-10 09:31:04 INFO nova.api.ec2 [req-2c360b59-311d-4792-a730-e14a750220e9 de0bba964c7b4948bef8bb04d7111cae fed67a76052340e6b225879aed674846] 0.296059s 172.16.0.3 GET /services/Cloud CloudController:DescribeSecurityGroups 200 [Twisted PageGetter] text/plain text/xml</div>
<div>2012-05-10 09:31:04 DEBUG nova.api.ec2 [req-02334bdb-0fd2-4cc1-a4e6-449e61f954b1 de0bba964c7b4948bef8bb04d7111cae fed67a76052340e6b225879aed674846] action: DeleteSecurityGroup from (pid=4973) __call__ /usr/lib/python2.7/dist-packages/nova/api/ec2/__init__.py:435</div>
<div>2012-05-10 09:31:04 DEBUG nova.api.ec2 [req-02334bdb-0fd2-4cc1-a4e6-449e61f954b1 de0bba964c7b4948bef8bb04d7111cae fed67a76052340e6b225879aed674846] arg: GroupName              val: juju-sample-11 from (pid=4973) __call__ /usr/lib/python2.7/dist-packages/nova/api/ec2/__init__.py:437</div>
<div>2012-05-10 09:31:04 ERROR nova.api.ec2 [req-02334bdb-0fd2-4cc1-a4e6-449e61f954b1 de0bba964c7b4948bef8bb04d7111cae fed67a76052340e6b225879aed674846] Unexpected error raised: Group not valid. Reason: In Use</div><div>2012-05-10 09:31:04 TRACE nova.api.ec2 Traceback (most recent call last):</div>
<div>2012-05-10 09:31:04 TRACE nova.api.ec2   File "/usr/lib/python2.7/dist-packages/nova/api/ec2/__init__.py", line 582, in __call__</div><div>2012-05-10 09:31:04 TRACE nova.api.ec2     result = api_request.invoke(context)</div>
<div>2012-05-10 09:31:04 TRACE nova.api.ec2   File "/usr/lib/python2.7/dist-packages/nova/api/ec2/apirequest.py", line 81, in invoke</div><div>2012-05-10 09:31:04 TRACE nova.api.ec2     result = method(context, **args)</div>
<div>2012-05-10 09:31:04 TRACE nova.api.ec2   File "/usr/lib/python2.7/dist-packages/nova/api/ec2/cloud.py", line 827, in delete_security_group</div><div>2012-05-10 09:31:04 TRACE nova.api.ec2     raise exception.InvalidGroup(reason="In Use")</div>
<div>2012-05-10 09:31:04 TRACE nova.api.ec2 InvalidGroup: Group not valid. Reason: In Use</div><div>2012-05-10 09:31:04 TRACE nova.api.ec2</div><div>2012-05-10 09:31:04 ERROR nova.api.ec2 [req-02334bdb-0fd2-4cc1-a4e6-449e61f954b1 de0bba964c7b4948bef8bb04d7111cae fed67a76052340e6b225879aed674846] Environment: {"CONTENT_TYPE": "text/plain", "SCRIPT_NAME": "/services/Cloud", "REQUEST_METHOD": "GET", "HTTP_HOST": "<a href="http://10.129.10.44:8773">10.129.10.44:8773</a>", "PATH_INFO": "", "SERVER_PROTOCOL": "HTTP/1.0", "QUERY_STRING": "AWSAccessKeyId=08d1790ca04646f3b116331a6565d2a7&Action=DeleteSecurityGroup&GroupName=juju-sample-11&Signature=xY3AzcbV2yQ2QY4N8kAhC5mmnA3dzsAp3lfxMfMQmFs%3D&SignatureMethod=HmacSHA256&SignatureVersion=2&Timestamp=2012-05-10T12%3A30%3A53Z&Version=2008-12-01", "HTTP_USER_AGENT": "Twisted PageGetter", "SERVER_NAME": "10.129.10.44", "REMOTE_ADDR": "172.16.0.3", "wsgi.url_scheme": "http", "SERVER_PORT": "8773", "GATEWAY_INTERFACE": "CGI/1.1"}</div>
<div>2012-05-10 09:31:04 ERROR nova.api.ec2 [req-02334bdb-0fd2-4cc1-a4e6-449e61f954b1 de0bba964c7b4948bef8bb04d7111cae fed67a76052340e6b225879aed674846] UnknownError: An unknown error has occurred. Please try your request again.</div>
<div><br></div><div>As we can see it says that a group in invalid because is in use. </div><div><br></div><div>I've cleared the nova database so I didnt have any security group. It is creating the security groups and generating the problem. </div>
<div><br></div><div>When I destroy the environment with juju destroy-environment, some rules remain in nova, as we can see with nova secgroup-list. </div><div><br></div><div>root@44:/var/log/nova# nova secgroup-list</div>
<div>+----------------+----------------------------------+</div><div>|      Name      |           Description            |</div><div>+----------------+----------------------------------+</div><div>| default        | default                          |</div>
<div>| juju-sample    | juju group for sample            |</div><div>| juju-sample-0  | juju group for sample machine 0  |</div><div>| juju-sample-1  | juju group for sample machine 1  |</div><div>| juju-sample-10 | juju group for sample machine 10 |</div>
<div>| juju-sample-11 | juju group for sample machine 11 |</div><div>| juju-sample-2  | juju group for sample machine 2  |</div><div>| juju-sample-3  | juju group for sample machine 3  |</div><div>| juju-sample-4  | juju group for sample machine 4  |</div>
<div>| juju-sample-5  | juju group for sample machine 5  |</div><div>| juju-sample-7  | juju group for sample machine 7  |</div><div>| juju-sample-8  | juju group for sample machine 8  |</div><div>| juju-sample-9  | juju group for sample machine 9  |</div>
<div>+----------------+----------------------------------+</div><div><br></div><div>Even if I clear the database and try again, the problem remains. </div><div><br></div><div>Someone have already faced this? Any help?</div>
<div><br></div>