Neutron like other OpenStack projects does not receive tenant delete
events from Keystone. An outside process must handle the removal of old
tenant resources.
** Changed in: neutron
Status: New => Won't Fix
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/1228151
Title:
Default security group defined by a tenant is not removed
automatically on deleting the tenant
Status in OpenStack Neutron (virtual network service):
Won't Fix
Bug description:
Default security group is defined for each tenant when a tenant is created.
After deleting the tenant the associated default security group is not
cleaned up automatically. Eventually a cluster has scores of security group
entities that have identical names and descriptions, which is "default" (can be
observed by the admin user via quantum security-group-list CLI command) .
1) Create a tenant
$ quantum security-group-list
+--------------------------------------+---------+-------------+
| id | name | description |
+--------------------------------------+---------+-------------+
| 0ad4971b-a232-439e-959a-79cfeb2210cb | default | default |
| 37ecc8c3-85eb-4c16-ad71-689564324ccc | default | default |
| 46dfed8b-610c-49d1-9e27-d55d1d20bd66 | default | default |
+--------------------------------------+---------+-------------+
$ keystone tenant-create --name another_tenant
+-------------+----------------------------------+
| Property | Value |
+-------------+----------------------------------+
| description | |
| enabled | True |
| id | 89d7ed4d02fe44c28d4218f3d258a4b5 |
| name | another_tenant |
+-------------+----------------------------------+
$ keystone tenant-list
+----------------------------------+--------------------+---------+
| id | name | enabled |
+----------------------------------+--------------------+---------+
| d6e5537a5d0245b19d4bc4dc3307e497 | admin | True |
| e5c565d7d1f3405b8cd759ccba03b969 | alt_demo | True |
| 89d7ed4d02fe44c28d4218f3d258a4b5 | another_tenant | True |
| f55d9cbde6194a18a2f1ebbb2afd9457 | demo | True |
| 64d3667ae3454c6bb7f43d8bef1179df | invisible_to_admin | True |
| 12f3482c24a04a2fab177562d85f4a73 | service | True |
+----------------------------------+--------------------+---------+
2) Associate a user with the tenant and authenticate under the tenant
$ keystone user-role-add --user demo --role Member --tenant
89d7ed4d02fe44c28d4218f3d258a4b5
$ nova --os-tenant-name another_tenant --os-username demo --os-password user
list
+----+------+--------+------------+-------------+----------+
| ID | Name | Status | Task State | Power State | Networks |
+----+------+--------+------------+-------------+----------+
+----+------+--------+------------+-------------+----------+
3) Delete the tenant
$ keystone tenant-delete 89d7ed4d02fe44c28d4218f3d258a4b5
$ keystone tenant-list
+----------------------------------+--------------------+---------+
| id | name | enabled |
+----------------------------------+--------------------+---------+
| d6e5537a5d0245b19d4bc4dc3307e497 | admin | True |
| e5c565d7d1f3405b8cd759ccba03b969 | alt_demo | True |
| f55d9cbde6194a18a2f1ebbb2afd9457 | demo | True |
| 64d3667ae3454c6bb7f43d8bef1179df | invisible_to_admin | True |
| 12f3482c24a04a2fab177562d85f4a73 | service | True |
+----------------------------------+--------------------+---------+
4) The tenant defined default security group is not deleted
$ quantum security-group-list
+--------------------------------------+---------+-------------+
| id | name | description |
+--------------------------------------+---------+-------------+
| 0ad4971b-a232-439e-959a-79cfeb2210cb | default | default |
| 37ecc8c3-85eb-4c16-ad71-689564324ccc | default | default |
| 46dfed8b-610c-49d1-9e27-d55d1d20bd66 | default | default |
| c7b5b103-69b3-4753-9370-d607a31474a7 | default | default |
+--------------------------------------+---------+-------------+
To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/1228151/+subscriptions
--
Mailing list: https://launchpad.net/~yahoo-eng-team
Post to : [email protected]
Unsubscribe : https://launchpad.net/~yahoo-eng-team
More help : https://help.launchpad.net/ListHelp
