Public bug reported:
When port-id is used for the --nic option in "nove boot" command, the
user defined security-group is not applied.
E.g. user defined security-group is my-secgroup. It is specified with
the --security-groups option in "nova boot". However, if port-id is
used for the --nic option, my-secgroup is not applied to the VM.
ubuntu@trusty1:~/devstack$ nova secgroup-list-rules my-secgroup
+-------------+-----------+---------+-----------+--------------+
| IP Protocol | From Port | To Port | IP Range | Source Group |
+-------------+-----------+---------+-----------+--------------+
| icmp | -1 | -1 | 0.0.0.0/0 | |
+-------------+-----------+---------+-----------+--------------+
ubuntu@trusty1:~/devstack$ neutron port-list
+--------------------------------------+------+-------------------+---------------------------------------------------------------------------------+
| id | name | mac_address | fixed_ips
|
+--------------------------------------+------+-------------------+---------------------------------------------------------------------------------+
| 377399f0-0ad9-4e96-9964-61d92356eadb | | fa:16:3e:23:8a:2a |
{"subnet_id": "53268e08-3c2c-4a05-978a-421990525e57", "ip_address": "10.0.0.3"}
|
| dc063749-b0ca-47b5-bfa4-a973347bc5a2 | | fa:16:3e:80:31:31 |
{"subnet_id": "53268e08-3c2c-4a05-978a-421990525e57", "ip_address": "10.0.0.2"}
|
| e9ec22e7-d832-46dc-8a11-a674d4d129fd | | fa:16:3e:8d:ac:b1 |
{"subnet_id": "53268e08-3c2c-4a05-978a-421990525e57", "ip_address": "10.0.0.1"}
|
+--------------------------------------+------+-------------------+---------------------------------------------------------------------------------+
ubuntu@trusty1:~/devstack$ nova boot --image cirros-0.3.2-x86_64-uec --flavor
42 --nic port-id=dc063749-b0ca-47b5-bfa4-a973347bc5a2 --security-groups
my-secgroup vm1
+--------------------------------------+----------------------------------------------------------------+
| Property | Value
|
+--------------------------------------+----------------------------------------------------------------+
| OS-DCF:diskConfig | MANUAL
|
| OS-EXT-AZ:availability_zone | nova
|
| OS-EXT-STS:power_state | 0
|
| OS-EXT-STS:task_state | scheduling
|
| OS-EXT-STS:vm_state | building
|
| OS-SRV-USG:launched_at | -
|
| OS-SRV-USG:terminated_at | -
|
| accessIPv4 |
|
| accessIPv6 |
|
| adminPass | zrgTYi74KhNv
|
| config_drive |
|
| created | 2015-02-24T21:24:19Z
|
| flavor | m1.nano (42)
|
| hostId |
|
| id | e7745c0d-df15-4239-b9ba-4031d385f1ac
|
| image | cirros-0.3.2-x86_64-uec
(2fb4309a-8404-4a00-aeae-430f3578b48a) |
| key_name | -
|
| metadata | {}
|
| name | vm1
|
| os-extended-volumes:volumes_attached | []
|
| progress | 0
|
| security_groups | my-secgroup
|
| status | BUILD
|
| tenant_id | 33d253dbedc242d58890fbb713e7f386
|
| updated | 2015-02-24T21:24:19Z
|
| user_id | 51df3c5e3fff428b9dfabeb2e6fa8545
|
+--------------------------------------+----------------------------------------------------------------+
ubuntu@trusty1:~/devstack$ nova show vm1
+--------------------------------------+----------------------------------------------------------------+
| Property | Value
|
+--------------------------------------+----------------------------------------------------------------+
| OS-DCF:diskConfig | MANUAL
|
| OS-EXT-AZ:availability_zone | nova
|
| OS-EXT-STS:power_state | 1
|
| OS-EXT-STS:task_state | -
|
| OS-EXT-STS:vm_state | active
|
| OS-SRV-USG:launched_at | 2015-02-24T21:24:32.000000
|
| OS-SRV-USG:terminated_at | -
|
| accessIPv4 |
|
| accessIPv6 |
|
| config_drive |
|
| created | 2015-02-24T21:24:19Z
|
| flavor | m1.nano (42)
|
| hostId |
1f88f0ab3336536e79a7e54bb71b28d4cf99f43b1ae434709595050f |
| id | e7745c0d-df15-4239-b9ba-4031d385f1ac
|
| image | cirros-0.3.2-x86_64-uec
(2fb4309a-8404-4a00-aeae-430f3578b48a) |
| key_name | -
|
| metadata | {}
|
| name | vm1
|
| os-extended-volumes:volumes_attached | []
|
| private network | 10.0.0.2
|
| progress | 0
|
| security_groups | default
| <<<<< INCORRECT
| status | ACTIVE
|
| tenant_id | 33d253dbedc242d58890fbb713e7f386
|
| updated | 2015-02-24T21:24:32Z
|
| user_id | 51df3c5e3fff428b9dfabeb2e6fa8545
|
+--------------------------------------+----------------------------------------------------------------+
** Affects: nova
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Compute (nova).
https://bugs.launchpad.net/bugs/1425294
Title:
security-group is not applied correctly when port-id is used for the
--nic option in "nova boot"
Status in OpenStack Compute (Nova):
New
Bug description:
When port-id is used for the --nic option in "nove boot" command, the
user defined security-group is not applied.
E.g. user defined security-group is my-secgroup. It is specified with
the --security-groups option in "nova boot". However, if port-id is
used for the --nic option, my-secgroup is not applied to the VM.
ubuntu@trusty1:~/devstack$ nova secgroup-list-rules my-secgroup
+-------------+-----------+---------+-----------+--------------+
| IP Protocol | From Port | To Port | IP Range | Source Group |
+-------------+-----------+---------+-----------+--------------+
| icmp | -1 | -1 | 0.0.0.0/0 | |
+-------------+-----------+---------+-----------+--------------+
ubuntu@trusty1:~/devstack$ neutron port-list
+--------------------------------------+------+-------------------+---------------------------------------------------------------------------------+
| id | name | mac_address | fixed_ips
|
+--------------------------------------+------+-------------------+---------------------------------------------------------------------------------+
| 377399f0-0ad9-4e96-9964-61d92356eadb | | fa:16:3e:23:8a:2a |
{"subnet_id": "53268e08-3c2c-4a05-978a-421990525e57", "ip_address": "10.0.0.3"}
|
| dc063749-b0ca-47b5-bfa4-a973347bc5a2 | | fa:16:3e:80:31:31 |
{"subnet_id": "53268e08-3c2c-4a05-978a-421990525e57", "ip_address": "10.0.0.2"}
|
| e9ec22e7-d832-46dc-8a11-a674d4d129fd | | fa:16:3e:8d:ac:b1 |
{"subnet_id": "53268e08-3c2c-4a05-978a-421990525e57", "ip_address": "10.0.0.1"}
|
+--------------------------------------+------+-------------------+---------------------------------------------------------------------------------+
ubuntu@trusty1:~/devstack$ nova boot --image cirros-0.3.2-x86_64-uec --flavor
42 --nic port-id=dc063749-b0ca-47b5-bfa4-a973347bc5a2 --security-groups
my-secgroup vm1
+--------------------------------------+----------------------------------------------------------------+
| Property | Value
|
+--------------------------------------+----------------------------------------------------------------+
| OS-DCF:diskConfig | MANUAL
|
| OS-EXT-AZ:availability_zone | nova
|
| OS-EXT-STS:power_state | 0
|
| OS-EXT-STS:task_state | scheduling
|
| OS-EXT-STS:vm_state | building
|
| OS-SRV-USG:launched_at | -
|
| OS-SRV-USG:terminated_at | -
|
| accessIPv4 |
|
| accessIPv6 |
|
| adminPass | zrgTYi74KhNv
|
| config_drive |
|
| created | 2015-02-24T21:24:19Z
|
| flavor | m1.nano (42)
|
| hostId |
|
| id | e7745c0d-df15-4239-b9ba-4031d385f1ac
|
| image | cirros-0.3.2-x86_64-uec
(2fb4309a-8404-4a00-aeae-430f3578b48a) |
| key_name | -
|
| metadata | {}
|
| name | vm1
|
| os-extended-volumes:volumes_attached | []
|
| progress | 0
|
| security_groups | my-secgroup
|
| status | BUILD
|
| tenant_id | 33d253dbedc242d58890fbb713e7f386
|
| updated | 2015-02-24T21:24:19Z
|
| user_id | 51df3c5e3fff428b9dfabeb2e6fa8545
|
+--------------------------------------+----------------------------------------------------------------+
ubuntu@trusty1:~/devstack$ nova show vm1
+--------------------------------------+----------------------------------------------------------------+
| Property | Value
|
+--------------------------------------+----------------------------------------------------------------+
| OS-DCF:diskConfig | MANUAL
|
| OS-EXT-AZ:availability_zone | nova
|
| OS-EXT-STS:power_state | 1
|
| OS-EXT-STS:task_state | -
|
| OS-EXT-STS:vm_state | active
|
| OS-SRV-USG:launched_at | 2015-02-24T21:24:32.000000
|
| OS-SRV-USG:terminated_at | -
|
| accessIPv4 |
|
| accessIPv6 |
|
| config_drive |
|
| created | 2015-02-24T21:24:19Z
|
| flavor | m1.nano (42)
|
| hostId |
1f88f0ab3336536e79a7e54bb71b28d4cf99f43b1ae434709595050f |
| id | e7745c0d-df15-4239-b9ba-4031d385f1ac
|
| image | cirros-0.3.2-x86_64-uec
(2fb4309a-8404-4a00-aeae-430f3578b48a) |
| key_name | -
|
| metadata | {}
|
| name | vm1
|
| os-extended-volumes:volumes_attached | []
|
| private network | 10.0.0.2
|
| progress | 0
|
| security_groups | default
| <<<<< INCORRECT
| status | ACTIVE
|
| tenant_id | 33d253dbedc242d58890fbb713e7f386
|
| updated | 2015-02-24T21:24:32Z
|
| user_id | 51df3c5e3fff428b9dfabeb2e6fa8545
|
+--------------------------------------+----------------------------------------------------------------+
To manage notifications about this bug go to:
https://bugs.launchpad.net/nova/+bug/1425294/+subscriptions
--
Mailing list: https://launchpad.net/~yahoo-eng-team
Post to : [email protected]
Unsubscribe : https://launchpad.net/~yahoo-eng-team
More help : https://help.launchpad.net/ListHelp
