[openstack-dev] [nova][neutron] When are subnets needed on a network to create ports?

Matt Riedemann mriedem at linux.vnet.ibm.com
Wed Nov 9 02:35:08 UTC 2016

I've been looking at this nova bug:


And the neutronv2 API code in nova and need some help from the neutron 
team on how this should actually work.

The validation code that runs from nova-api when creating a server 
checks the requested/available networks to see if they have subnets and 
if not it's a failure. The original change that added that way back in 
icehouse was because you'd get a security group could not be applied 
failure when trying to create ports on a network with port security 
enabled but that didn't have subnets.

Now the code in nova that creates the port, which happens in 
nova-compute, handles this - it only fails if the network doesn't have 
subnets if the network has port security enabled. If the network doesn't 
have port security enabled, we don't care about subnets before creating 
the port.

However, that icehouse-era validation code that happens in the API side 
before casting to the compute is still there, and that's what the bug is 
saying is a problem.

So that sounds like a legitimate issue, but I wanted to get confirmation 
from the neutron team first before moving forward with a fix.



Matt Riedemann

More information about the OpenStack-dev mailing list