Unclear if this a nova bug or a neutron bug, but its definitely a bug.
** Changed in: nova
Importance: Undecided => Medium
** Tags added: network
** Also affects: neutron
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/1400583
Title:
default security group in admin tenant doesn't take effect on vm if
there are default sec-groups in other tenants
Status in OpenStack Neutron (virtual network service):
New
Status in OpenStack Compute (Nova):
New
Bug description:
Steps to produce the bug:
1. add multiple tenants besides admin.
2. use neutron security-group-list in the non-admin tenant
3. add security group rule like enabling icmp to default security group of
admin tenant.
4. nova boot a vm in admin tenant.
5.The vm under admin tenant couldn't receive icmp request so it is not
pingable.
6.on dashboard, in the details of that vm, there was no rule enabling
ICMP.
7. add icmp rule to other security groups named default in other tenants.
8. the details of that vm will show there is an ICMP rule and the vm can be
ping-ed.
I figured that since there are other sec-groups named default, which are also
visible to admin tenant, when nova boot a vm, the default sec-group for other
tenant might have been applied to the vm launched in admin tenant.
To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/1400583/+subscriptions
--
Mailing list: https://launchpad.net/~yahoo-eng-team
Post to : yahoo-eng-team@lists.launchpad.net
Unsubscribe : https://launchpad.net/~yahoo-eng-team
More help : https://help.launchpad.net/ListHelp
