Public bug reported:
By default, if admin does not enable 'port_security' extension, all
ports are shown that 'port_security_enabled=False'.
However, L2 agent got ports which having 'port_security_enabled=True'
incorrectly because if there is no attribute in port object plugin
return wrong
Public bug reported:
For routed network for ironic, neutron (networking-baremetal) try to add
'host' to segment aggregate.
But the 'host' neutron way trying is 'ironic node uuid' which does not
considered to be 'host' in nova side. As a result, neutron meets
exception when it try to add 'host'
Public bug reported:
For stable/stein
Honestly, I do not sure this is bug or something that I am missing. At
least it lacks of information so I report this.
When segment firstly set for a subnet, Neutron are trying to make 'host
aggregate' in nova, 'resource provider' in placement, and add host
Public bug reported:
For stein/stable, routed network which enable placement client.
I could not find root cause though, but the current situation looks like this.
- neutron_lib.placement.get_inventory() called.
- since IPV4_RESOURCE_CLASS is not created yet, keystoneauth1 emit NotFound
Public bug reported:
For stable/ocata, we got serious scheduler problem makes us to upgrade
to upper release. I could not find any issue report for that so leave it
for whom meet this issue later.
The problem which we encounter is like this
- conductor try to schedule one compute nodes for 2
Public bug reported:
For stable/stein
if there were NoValidHost from scheduler, conductor should create
Instance object in cell0. But I found if there is additional
exception(InstanceExist) in the function, conductor could not catch the
exception which result in instance state stuck in
** Changed in: neutron
Status: In Progress => Opinion
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/1806390
Title:
[RFE] Distributed DHCP agent
Status in neutron:
Opinion
Public bug reported:
Currently, when horizon use direct file upload for glance image upload
and horizon server does not enough disk space for temporary file,
horizon meets 'KeyError' for 'visibility'.
I think root cause of comment 31 in
https://bugzilla.redhat.com/show_bug.cgi?id=1508725 is same
Public bug reported:
Currently, FWaaS v1/v2 insert default rule 'deny all' and admin should
add white list to be allowed.
I think in private cloud, whitelist based filtering which by default
'allow all' and add black list to be filtered, also will be necessary.
For our cases, we have some
Public bug reported:
Version: stable/stein
Log below.
(.stein) root@krane-pgstage-api1:~# neutron-db-manage upgrade 804a3c76314c --sql
Running upgrade for neutron ...
INFO [alembic.runtime.migration] Context impl MySQLImpl.
INFO [alembic.runtime.migration] Generating static SQL
INFO
Public bug reported:
Hi.
I want to discuss further extension about routed network, and wonder how
community think about it.
>From current understanding, routed network is to restrict L2 domain for
specific segment which is usually at the rack level.
I think by expanding the idea that restrict
Public bug reported:
Currently, if user turn off the security_group functionality using
'enable_security_group=False', allow_address_pair also disabled.
At a glance, it seems to be reasonable because allow_address_pair only
deal with ACL which means adding IP table allow rule for specific IP.
Public bug reported:
Although horizon support most of building blocks to extend, we has some
requirements to change core codebase. Major of what we have done for
customized code in horizon is 'disabling' UI components.
For example,
1. Since we do not provide that end-user make network, we
Public bug reported:
If neutron does not support quota_details, currently horizon is broken
emitting KeyError below.
[Mon Aug 05 18:14:59.218082 2019] [wsgi:error] [pid 34:tid 140353969415936]
[remote 172.26.100.219:53513] File
Public bug reported:
Currently, keystone uses event_callbacks only internal module registered
(https://github.com/openstack/keystone/blob/master/keystone/notifications.py#L258)
I think it would be better to add external module's callbacks also for
API using stevedore. It makes 3rd party logic
Public bug reported:
I found 'mapped' plugin for federations has functionality that project
is auto created for the logged user. I think it's quite reasonable to
has similar functionality not only for federations but also for other
identity plugins.
For example, we has custom code in keystone to
Public bug reported:
Currently, to use PCI passthrough functionality admin should specify the
alias of PCI devices and the format is like below
alias = { "vendor_id":"8086", "product_id":"1528", "device_type":"type-
PCI", "name":"nic" }
What I think confusing for this configuration is that
Public bug reported:
Description
===
After resizing from m1.flavor(no ephemeral disk) to d1.flavor(with ephemeral
disk), ephemeral
disk does not mounted on the VM.
After digging the related code, I realize there is no action to re-run
cloudinit's mount module.
By default, cloudinit
Public bug reported:
It's not directly related to Neutron though, Neutron have been used
tagging concept widely so that I think it's good place to start with.
Also, I felt this feature allows rbac_policy functionality to be
achieved in a slightly more generic way.
What I want to achieve is tag
Public bug reported:
Description
===
If Neutron disable security-group extension, Nova security group API could not
handle the 404 exception which Neutron returns emitting 500 error. Security API
in Nova is deprecated though I think it's better to wrap 404 exception instead
of 500
Public bug reported:
Description
===
After evacuation, nova-compute where VMs were evacuated could not restart
emitting InstanceNotFound exception when init_host() called.
Steps to reproduce
==
0) service nova-compute stop at 'compute01'
1) nova evacuate 'compute01'
2)
Public bug reported:
Patch of 'https://review.openstack.org/#/c/263911/' add specifying
region at the horizon login step.
It assume region for other resources is same as login region. But
keystone identity endpoint can be used globally.
For example,
```
(openstack)
** Changed in: keystone
Status: In Progress => Invalid
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Identity (keystone).
https://bugs.launchpad.net/bugs/1809779
Title:
keystone-manage should catch unexpected
Public bug reported:
keystone-manage command of db_sync (and also other commands) currently
does not catch any exception at cmd_class.main().
It makes operator very confusing when db_sync is failed since it does
not emit any message at all. I think at the end of the main() in
Public bug reported:
keystone-manage command of db_sync (and also other commands) currently
does not catch any exception at cmd_class.main().
It makes operator very confusing when db_sync is failed since it does
not emit any message at all. I think at the end of the main() in
Public bug reported:
keystone-manage command of db_sync (and also other commands) currently
does not catch any exception at cmd_class.main().
It makes operator very confusing when db_sync is failed since it does
not emit any message at all. I think at the end of the main() in
Public bug reported:
>From an operator perspective, there are many situations where you need to add
>an ACL for each project. Currently, keystore and openstack policies do not
>seem to have any fine-grained APIs for project-specific privilege control.
For specific, if we want to restrict
Public bug reported:
It was very old issue and ended with invalid feature though, I could not
find ideal solution so that I raise this issue again. I wonder how other
think of it.
It's heavily related to the old issue
(https://bugs.launchpad.net/neutron/+bug/1468236), and I reconstruct the
issue
This issue is fixed by #1580880. Sorry for noise.
** Changed in: neutron
Status: New => Invalid
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/1806311
Title:
[RFE]
Public bug reported:
Recently, we have encountered very high DB CPU load for neutron-server.
This results from our sanity checking operational application. The
application works like this
1. Call neutron API like openstacksdk.network.ports.get(**{'binding:host_id':
'compute001'})
2. Check the
Importance: Undecided
Assignee: Yang Youseok (ileixe)
Status: New
** Description changed:
There were many instance methods unnecessarily maintained in
- linuxbridge_neutron_agent. I found it makes L2 extensions to use those
- functionality(e.g. get_all_devices()), so
Public bug reported:
Currently, l3-agent has tightly coupled with router_info creation logic,
so there is no way to make a big change of default router's behaviors.
Even there are already many diverse routers (dvr, dvrha, dvr_snat...),
every routers depend detailed implementation rather than
Public bug reported:
in keystone/auth/core.py _lookup_project() returns
'exception.Unauthorized' when ProjectNotFound exception occurs.
We first do not understand the cause since it return 401 HTTP error code
and was trying to fix role assignment. IMHO, when token has invalid
project (actually
Public bug reported:
Description
===
Currently, VM provisioning is possible even in a hypervisor where the number of
physical cores does not satisfy the number of vcpus. I found core_filters does
not care physical cores at all.
VM having vcpus which is more than physical cores keep
Public bug reported:
Description
===
mkfs command use direct I/O by default, and use 512 byte for logical block size
for buffer alignment if no options specified.
The problem is that block device having different logical block size
(e.g. NVMe) could not execute mkfs command at all
Public bug reported:
Currently, neutron quota API accept invalid tenant_id value without
validation. Even user can add arbitrary quota entry which is not existed
because by default quota engine create new entry if the queried entry is
not found.
This bug is also found across the other openstack
Public bug reported:
Description
===
If I tried to create VM instance with specified availability-zone option with
invalid forced-host, I succeed to make VM at invalid compute host.
I do not know if this is intentional, but it's different from intuition
since host-aggregate does not
Public bug reported:
After I add service_provider to neutron.conf with multiple
service_provider enabled plugins, 'neutron service-provider-list'
returned duplicated entries.
Here is neutron.conf snippet which makes problem and output of the command.
[DEFAULT]
service_plugins =
38 matches
Mail list logo
