Unclear if this a nova bug or a neutron bug, but its definitely a bug. ** Changed in: nova Importance: Undecided => Medium
** Tags added: network ** Also affects: neutron Importance: Undecided Status: New -- You received this bug notification because you are a member of Yahoo! Engineering Team, which is subscribed to neutron. https://bugs.launchpad.net/bugs/1400583 Title: default security group in admin tenant doesn't take effect on vm if there are default sec-groups in other tenants Status in OpenStack Neutron (virtual network service): New Status in OpenStack Compute (Nova): New Bug description: Steps to produce the bug: 1. add multiple tenants besides admin. 2. use neutron security-group-list in the non-admin tenant 3. add security group rule like enabling icmp to default security group of admin tenant. 4. nova boot a vm in admin tenant. 5.The vm under admin tenant couldn't receive icmp request so it is not pingable. 6.on dashboard, in the details of that vm, there was no rule enabling ICMP. 7. add icmp rule to other security groups named default in other tenants. 8. the details of that vm will show there is an ICMP rule and the vm can be ping-ed. I figured that since there are other sec-groups named default, which are also visible to admin tenant, when nova boot a vm, the default sec-group for other tenant might have been applied to the vm launched in admin tenant. To manage notifications about this bug go to: https://bugs.launchpad.net/neutron/+bug/1400583/+subscriptions -- Mailing list: https://launchpad.net/~yahoo-eng-team Post to : yahoo-eng-team@lists.launchpad.net Unsubscribe : https://launchpad.net/~yahoo-eng-team More help : https://help.launchpad.net/ListHelp