[Yahoo-eng-team] [Bug 1254040] Re: Adding security rules that are identical except for ingress/egress doesn't work properly when using neutron security groups

Wed, 22 Jan 2014 12:45:58 -0800 

** Changed in: horizon
       Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Dashboard (Horizon).
https://bugs.launchpad.net/bugs/1254040

Title:
  Adding security rules that are identical except for ingress/egress
  doesn't work properly when using neutron security groups

Status in OpenStack Dashboard (Horizon):
  Fix Released

Bug description:
  Steps to reproduce:

  1) edit an empty security group
  2) add a rule with the following settings:
     Rule: All TCP
     Direction: Ingress
     (leave all other fields on their default)
  3) add a rule with the following settings:
     Rule: All TCP
     Direction: Egress
     (leave all other fields on their default)
  4) Get an error message.

  The Neutron log shows:
     2013-11-22 14:54:47.129 5127 ERROR neutron.api.v2.resource [-] create 
failed
     2013-11-22 14:54:47.129 5127 TRACE neutron.api.v2.resource Traceback (most 
recent call last):
     2013-11-22 14:54:47.129 5127 TRACE neutron.api.v2.resource   File 
"/usr/lib/python2.7/dist-packages/neutron/api/v2   /resource.py", line 84, in 
resource
     2013-11-22 14:54:47.129 5127 TRACE neutron.api.v2.resource     result = 
method(request=request, **args)
     2013-11-22 14:54:47.129 5127 TRACE neutron.api.v2.resource   File 
"/usr/lib/python2.7/dist-packages/neutron/api/v2/base.py", line 405, in create
     2013-11-22 14:54:47.129 5127 TRACE neutron.api.v2.resource     obj = 
obj_creator(request.context, **kwargs)
     2013-11-22 14:54:47.129 5127 TRACE neutron.api.v2.resource   File 
"/usr/lib/python2.7/dist-packages/neutron/db/securitygroups_rpc_base.py", line 
43, in create_security_group_rule
     2013-11-22 14:54:47.129 5127 TRACE neutron.api.v2.resource     
bulk_rule)[0]
     2013-11-22 14:54:47.129 5127 TRACE neutron.api.v2.resource   File 
"/usr/lib/python2.7/dist-packages/neutron/db/securitygroups_db.py", line 270, 
in create_security_group_rule_bulk_native
     2013-11-22 14:54:47.129 5127 TRACE neutron.api.v2.resource     
self._check_for_duplicate_rules(context, r)
     2013-11-22 14:54:47.129 5127 TRACE neutron.api.v2.resource   File 
"/usr/lib/python2.7/dist-packages/neutron/db/securitygroups_db.py", line 400, 
in _check_for_duplicate_rules
     2013-11-22 14:54:47.129 5127 TRACE neutron.api.v2.resource     raise 
ext_sg.SecurityGroupRuleExists(id=str(rules[0]['id']))
     2013-11-22 14:54:47.129 5127 TRACE neutron.api.v2.resource 
SecurityGroupRuleExists: Security group rule already exists. Group id is 
6b942e69-5aee-484d-8539-096cc26a15d9.

  
  Workaround:
    add the second security rule by selecting "Custom TCP rule" instead of "All 
TCP" and specify the port range 1 to 65535.

  
  Version information: 
  openstack-dashboard=2013.2-1~bpo70+1

To manage notifications about this bug go to:
https://bugs.launchpad.net/horizon/+bug/1254040/+subscriptions

-- 
Mailing list: https://launchpad.net/~yahoo-eng-team
Post to     : [email protected]
Unsubscribe : https://launchpad.net/~yahoo-eng-team
More help   : https://help.launchpad.net/ListHelp

Reply via email to