[Openstack] Unable to add multiple rules per security group (using euca)

Vishvananda Ishaya vishvananda at gmail.com
Mon Nov 7 15:28:50 UTC 2011


This is a bug.  It is residual from previous code where source groups didn't allow specific protocols to be specified.  I think there may be a bug already, but if not, can you please file one?  If you see where it is happening in the code a patch would also be appreciated.

Vish

On Nov 7, 2011, at 6:30 AM, David McNally wrote:

> Hi,
> 
> We've run into an issue where we can add only a single rule per source-group to a security group. e.g:
> 
> euca-authorize --protocol icmp -t -1:-1 --source-group groupB groupA 
> 
> will add a security rule as expected but if we cannot add a second rule to groupA with groupB as the source e.g.:
> 
> euca-authorize --protocol tcp --port-range 22 --source-group groupB groupA 
> ApiError: This rule already exists in group ert2
> 
> I can see where this is happening in the code and I was wondering if this behavior is by design or if it is intended to change in a future release?
> 
> Thanks,
> 
> Dave
> _______________________________________________
> Mailing list: https://launchpad.net/~openstack
> Post to     : openstack at lists.launchpad.net
> Unsubscribe : https://launchpad.net/~openstack
> More help   : https://help.launchpad.net/ListHelp

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack/attachments/20111107/36fd91d8/attachment.html>


More information about the Openstack mailing list