[Openstack-security] [Bug 1322173] Re: nova boot with explicitly defined security groups doesn't apply proper groups
Robert Clark
1322173 at bugs.launchpad.net
Tue May 27 08:57:34 UTC 2014
There should probably be some mechanism for feeding back to the client
when they've made a request that doesn't make sense (like specifying
port-id and a security group rule)
--
You received this bug notification because you are a member of OpenStack
Security Group, which is subscribed to OpenStack.
https://bugs.launchpad.net/bugs/1322173
Title:
nova boot with explicitly defined security groups doesn't apply proper
groups
Status in OpenStack Compute (Nova):
New
Bug description:
Steps to reproduce:
$ nova boot --flavor 2 --image $image_id --nic port-id=$port_id --security-groups onlyssh --poll ihor-test-01 | grep security_groups
| security_groups | onlyssh |
$ nova show ihor-test-01 | grep security_groups
| security_groups | default |
I tried using both name and id of a security group, none of approaches
work.
Expected behavior:
The security group list is persisted and applied.
Actual behavior:
The security group list is neither persisted nor applied.
Environment:
* CentOS 6.5
* OpenStack havana
* /etc/neutron/l3_agent.ini:
[DEFAULT]
interface_driver = neutron.agent.linux.interface.OVSInterfaceDriver
ovs_use_veth = True
use_namespaces = True
handle_internal_only_routers = False
external_network_bridge =
* /etc/neutron/plugins/openvswitch/ovs_neutron_plugin.ini
[ovs]
tenant_network_type = vlan
network_vlan_ranges = physnet1:1000:2000
tunnel_id_ranges =
integration_bridge = br-int
bridge_mappings = physnet1:br-vlan
[agent]
[securitygroup]
firewall_driver = neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver
To manage notifications about this bug go to:
https://bugs.launchpad.net/nova/+bug/1322173/+subscriptions
More information about the Openstack-security
mailing list