Public bug reported:
Create a network with port-security-enabled=False.
stack@whiskey:~$ neutron net-show n
+---------------------------+--------------------------------------+
| Field | Value |
+---------------------------+--------------------------------------+
| admin_state_up | True |
| availability_zone_hints | |
| availability_zones | nova |
| id | 45a84b0e-6bae-4a05-a0d2-5ec3d43ff5b4 |
| mtu | 1450 |
| name | n |
| port_security_enabled | False |
| provider:network_type | vxlan |
| provider:physical_network | |
| provider:segmentation_id | 1019 |
| router:external | False |
| shared | False |
| status | ACTIVE |
| subnets | 57fb945b-92d2-4cf3-b7a0-dd43e96b88d5 |
| tenant_id | 96df521a0afe46128044cf6ee20e4843 |
+---------------------------+--------------------------------------+
create a subnet under this network
stack@whiskey:~$ neutron subnet-show s
+-------------------+------------------------------------------+
| Field | Value |
+-------------------+------------------------------------------+
| allocation_pools | {"start": "2.2.2.2", "end": "2.2.2.254"} |
| cidr | 2.2.2.0/24 |
| dns_nameservers | |
| enable_dhcp | True |
| gateway_ip | 2.2.2.1 |
| host_routes | |
| id | 57fb945b-92d2-4cf3-b7a0-dd43e96b88d5 |
| ip_version | 4 |
| ipv6_address_mode | |
| ipv6_ra_mode | |
| name | s |
| network_id | 45a84b0e-6bae-4a05-a0d2-5ec3d43ff5b4 |
| subnetpool_id | |
| tenant_id | 96df521a0afe46128044cf6ee20e4843 |
+-------------------+------------------------------------------+
Now, create a port under this subnet:
stack@whiskey:~$ neutron port-show p
+-----------------------+--------------------------------------------------------------------------------+
| Field | Value
|
+-----------------------+--------------------------------------------------------------------------------+
| admin_state_up | True
|
| allowed_address_pairs |
|
| binding:host_id |
|
| binding:profile | {}
|
| binding:vif_details | {}
|
| binding:vif_type | unbound
|
| binding:vnic_type | normal
|
| device_id |
|
| device_owner |
|
| dns_name |
|
| extra_dhcp_opts |
|
| fixed_ips | {"subnet_id": "57fb945b-92d2-4cf3-b7a0-dd43e96b88d5",
"ip_address": "2.2.2.3"} |
| id | 33095bd6-3a5c-4ccd-9e4f-046fb7f9272e
|
| mac_address | fa:16:3e:f0:46:ae
|
| name | p
|
| network_id | 45a84b0e-6bae-4a05-a0d2-5ec3d43ff5b4
|
| port_security_enabled | False
|
| security_groups |
|
| status | DOWN
|
| tenant_id | 96df521a0afe46128044cf6ee20e4843
|
+-----------------------+--------------------------------------------------------------------------------+
As expected the port created has no security groups associated with it.
Now, doing a nova boot on this port, results in the VM getting into
error state. is that the expected behavior?
stack@whiskey:~$ nova boot vm --flavor 1 --image cirros-0.3.4-x86_64-uec --nic
port-id=33095bd6-3a5c-4ccd-9e4f-046fb7f9272e
+--------------------------------------+----------------------------------------------------------------+
| Property | Value
|
+--------------------------------------+----------------------------------------------------------------+
| OS-DCF:diskConfig | MANUAL
|
| OS-EXT-AZ:availability_zone |
|
| OS-EXT-SRV-ATTR:host | -
|
| OS-EXT-SRV-ATTR:hostname | vm
|
| OS-EXT-SRV-ATTR:hypervisor_hostname | -
|
| OS-EXT-SRV-ATTR:instance_name | instance-00000005
|
| OS-EXT-SRV-ATTR:kernel_id | bf0aba00-f8b8-4e18-b1d9-26027a4d9243
|
| OS-EXT-SRV-ATTR:launch_index | 0
|
| OS-EXT-SRV-ATTR:ramdisk_id | 425fc8cb-59cc-4f22-b004-e434fbd48283
|
| OS-EXT-SRV-ATTR:reservation_id | r-g4kmf8y4
|
| OS-EXT-SRV-ATTR:root_device_name | -
|
| OS-EXT-SRV-ATTR:user_data | -
|
| OS-EXT-STS:power_state | 0
|
| OS-EXT-STS:task_state | scheduling
|
| OS-EXT-STS:vm_state | building
|
| OS-SRV-USG:launched_at | -
|
| OS-SRV-USG:terminated_at | -
|
| accessIPv4 |
|
| accessIPv6 |
|
| adminPass | rWeLbfy4aFkH
|
| config_drive |
|
| created | 2016-03-08T20:39:19Z
|
| flavor | m1.tiny (1)
|
| hostId |
|
| id | 01ded4ae-b87c-458a-97b0-c628db3a2b2e
|
| image | cirros-0.3.4-x86_64-uec
(996b8839-9347-4711-93a1-d9a0a84b5e49) |
| key_name | -
|
| locked | False
|
| metadata | {}
|
| name | vm
|
| os-extended-volumes:volumes_attached | []
|
| progress | 0
|
| security_groups | default
|
| status | BUILD
|
| tenant_id | 96df521a0afe46128044cf6ee20e4843
|
| updated | 2016-03-08T20:39:19Z
|
| user_id | acae4fa2499f4841807aa37ee79eef19
|
+--------------------------------------+----------------------------------------------------------------+
stack@whiskey:~$ nova list
+--------------------------------------+------+--------+------------+-------------+----------+
| ID | Name | Status | Task State | Power
State | Networks |
+--------------------------------------+------+--------+------------+-------------+----------+
| 01ded4ae-b87c-458a-97b0-c628db3a2b2e | vm | ERROR | - | NOSTATE
| |
+--------------------------------------+------+--------+------------+-------------+----------+
Logs on n-cpu:
_http_log_response
/usr/local/lib/python2.7/dist-packages/keystoneauth1/session.py:254
2016-03-08 12:39:21.096 18805 ERROR nova.compute.manager
[req-0ffe6000-fd2d-4eb0-99d6-cba841aa1542 admin demo] [instance:
01ded4ae-b87c-458a-97b0-c628db3a2b2e] Instance failed to spawn
2016-03-08 12:39:21.096 18805 ERROR nova.compute.manager [instance:
01ded4ae-b87c-458a-97b0-c628db3a2b2e] Traceback (most recent call last):
2016-03-08 12:39:21.096 18805 ERROR nova.compute.manager [instance:
01ded4ae-b87c-458a-97b0-c628db3a2b2e] File
"/opt/stack/nova/nova/compute/manager.py", line 2188, in _build_resources
2016-03-08 12:39:21.096 18805 ERROR nova.compute.manager [instance:
01ded4ae-b87c-458a-97b0-c628db3a2b2e] yield resources
2016-03-08 12:39:21.096 18805 ERROR nova.compute.manager [instance:
01ded4ae-b87c-458a-97b0-c628db3a2b2e] File
"/opt/stack/nova/nova/compute/manager.py", line 2034, in _build_and_run_instance
2016-03-08 12:39:21.096 18805 ERROR nova.compute.manager [instance:
01ded4ae-b87c-458a-97b0-c628db3a2b2e] block_device_info=block_device_info)
2016-03-08 12:39:21.096 18805 ERROR nova.compute.manager [instance:
01ded4ae-b87c-458a-97b0-c628db3a2b2e] File
"/opt/stack/nova/nova/virt/libvirt/driver.py", line 2726, in spawn
2016-03-08 12:39:21.096 18805 ERROR nova.compute.manager [instance:
01ded4ae-b87c-458a-97b0-c628db3a2b2e] admin_pass=admin_password)
2016-03-08 12:39:21.096 18805 ERROR nova.compute.manager [instance:
01ded4ae-b87c-458a-97b0-c628db3a2b2e] File
"/opt/stack/nova/nova/virt/libvirt/driver.py", line 3219, in _create_image
2016-03-08 12:39:21.096 18805 ERROR nova.compute.manager [instance:
01ded4ae-b87c-458a-97b0-c628db3a2b2e] content=files, extra_md=extra_md,
network_info=network_info)
2016-03-08 12:39:21.096 18805 ERROR nova.compute.manager [instance:
01ded4ae-b87c-458a-97b0-c628db3a2b2e] File
"/opt/stack/nova/nova/api/metadata/base.py", line 160, in __init__
2016-03-08 12:39:21.096 18805 ERROR nova.compute.manager [instance:
01ded4ae-b87c-458a-97b0-c628db3a2b2e] self.network_metadata =
netutils.get_network_metadata(network_info)
2016-03-08 12:39:21.096 18805 ERROR nova.compute.manager [instance:
01ded4ae-b87c-458a-97b0-c628db3a2b2e] File
"/opt/stack/nova/nova/virt/netutils.py", line 194, in get_network_metadata
2016-03-08 12:39:21.096 18805 ERROR nova.compute.manager [instance:
01ded4ae-b87c-458a-97b0-c628db3a2b2e] if not network_info:
2016-03-08 12:39:21.096 18805 ERROR nova.compute.manager [instance:
01ded4ae-b87c-458a-97b0-c628db3a2b2e] File
"/opt/stack/nova/nova/network/model.py", line 523, in __len__
2016-03-08 12:39:21.096 18805 ERROR nova.compute.manager [instance:
01ded4ae-b87c-458a-97b0-c628db3a2b2e] return self._sync_wrapper(fn, *args,
**kwargs)
2016-03-08 12:39:21.096 18805 ERROR nova.compute.manager [instance:
01ded4ae-b87c-458a-97b0-c628db3a2b2e] File
"/opt/stack/nova/nova/network/model.py", line 510, in _sync_wrapper
2016-03-08 12:39:21.096 18805 ERROR nova.compute.manager [instance:
01ded4ae-b87c-458a-97b0-c628db3a2b2e] self.wait()
2016-03-08 12:39:21.096 18805 ERROR nova.compute.manager [instance:
01ded4ae-b87c-458a-97b0-c628db3a2b2e] File
"/opt/stack/nova/nova/network/model.py", line 542, in wait
2016-03-08 12:39:21.096 18805 ERROR nova.compute.manager [instance:
01ded4ae-b87c-458a-97b0-c628db3a2b2e] self[:] = self._gt.wait()
2016-03-08 12:39:21.096 18805 ERROR nova.compute.manager [instance:
01ded4ae-b87c-458a-97b0-c628db3a2b2e] File
"/usr/local/lib/python2.7/dist-packages/eventlet/greenthread.py", line 175, in
wait
2016-03-08 12:39:21.096 18805 ERROR nova.compute.manager [instance:
01ded4ae-b87c-458a-97b0-c628db3a2b2e] return self._exit_event.wait()
2016-03-08 12:39:21.096 18805 ERROR nova.compute.manager [instance:
01ded4ae-b87c-458a-97b0-c628db3a2b2e] File
"/usr/local/lib/python2.7/dist-packages/eventlet/event.py", line 125, in wait
2016-03-08 12:39:21.096 18805 ERROR nova.compute.manager [instance:
01ded4ae-b87c-458a-97b0-c628db3a2b2e] current.throw(*self._exc)
2016-03-08 12:39:21.096 18805 ERROR nova.compute.manager [instance:
01ded4ae-b87c-458a-97b0-c628db3a2b2e] File
"/usr/local/lib/python2.7/dist-packages/eventlet/greenthread.py", line 214, in
main
2016-03-08 12:39:21.096 18805 ERROR nova.compute.manager [instance:
01ded4ae-b87c-458a-97b0-c628db3a2b2e] result = function(*args, **kwargs)
2016-03-08 12:39:21.096 18805 ERROR nova.compute.manager [instance:
01ded4ae-b87c-458a-97b0-c628db3a2b2e] File "/opt/stack/nova/nova/utils.py",
line 1160, in context_wrapper
2016-03-08 12:39:21.096 18805 ERROR nova.compute.manager [instance:
01ded4ae-b87c-458a-97b0-c628db3a2b2e] return func(*args, **kwargs)
2016-03-08 12:39:21.096 18805 ERROR nova.compute.manager [instance:
01ded4ae-b87c-458a-97b0-c628db3a2b2e] File
"/opt/stack/nova/nova/compute/manager.py", line 1581, in _allocate_network_async
2016-03-08 12:39:21.096 18805 ERROR nova.compute.manager [instance:
01ded4ae-b87c-458a-97b0-c628db3a2b2e] six.reraise(*exc_info)
2016-03-08 12:39:21.096 18805 ERROR nova.compute.manager [instance:
01ded4ae-b87c-458a-97b0-c628db3a2b2e] File
"/opt/stack/nova/nova/compute/manager.py", line 1564, in _allocate_network_async
2016-03-08 12:39:21.096 18805 ERROR nova.compute.manager [instance:
01ded4ae-b87c-458a-97b0-c628db3a2b2e] bind_host_id=bind_host_id)
2016-03-08 12:39:21.096 18805 ERROR nova.compute.manager [instance:
01ded4ae-b87c-458a-97b0-c628db3a2b2e] File
"/opt/stack/nova/nova/network/neutronv2/api.py", line 633, in
allocate_for_instance
2016-03-08 12:39:21.096 18805 ERROR nova.compute.manager [instance:
01ded4ae-b87c-458a-97b0-c628db3a2b2e] raise
exception.SecurityGroupCannotBeApplied()
2016-03-08 12:39:21.096 18805 ERROR nova.compute.manager [instance:
01ded4ae-b87c-458a-97b0-c628db3a2b2e] SecurityGroupCannotBeApplied: Network
requires port_security_enabled and subnet associated in order to apply security
groups.
2016-03-08 12:39:21.096 18805 ERROR nova.compute.manager [instance:
01ded4ae-b87c-458a-97b0-c628db3a2b2e]
2016-03-08 12:39:21.097 18805 INFO nova.compute.manager
[req-0ffe6000-fd2d-4eb0-99d6-cba841aa1542 admin demo] [instance:
01ded4ae-b87c-458a-97b0-c628db3a2b2e] Terminating instance
I can however boot a vm on a port where port_security_enabled=False
under a network where the port_security_enabled=true as expected.
I was not expecting that an instance cannot be launched under a network
where the value of port_security_enabled is false. Is that the expected
behavior? If yes what's the reason? We don't need security-groups when
port-security-enabled=false, correct? Why should vm boot be blocked then
on such a network?
** Affects: neutron
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/1554728
Title:
Unable to launch an instance on a network where port-security-
enabled=False
Status in neutron:
New
Bug description:
Create a network with port-security-enabled=False.
stack@whiskey:~$ neutron net-show n
+---------------------------+--------------------------------------+
| Field | Value |
+---------------------------+--------------------------------------+
| admin_state_up | True |
| availability_zone_hints | |
| availability_zones | nova |
| id | 45a84b0e-6bae-4a05-a0d2-5ec3d43ff5b4 |
| mtu | 1450 |
| name | n |
| port_security_enabled | False |
| provider:network_type | vxlan |
| provider:physical_network | |
| provider:segmentation_id | 1019 |
| router:external | False |
| shared | False |
| status | ACTIVE |
| subnets | 57fb945b-92d2-4cf3-b7a0-dd43e96b88d5 |
| tenant_id | 96df521a0afe46128044cf6ee20e4843 |
+---------------------------+--------------------------------------+
create a subnet under this network
stack@whiskey:~$ neutron subnet-show s
+-------------------+------------------------------------------+
| Field | Value |
+-------------------+------------------------------------------+
| allocation_pools | {"start": "2.2.2.2", "end": "2.2.2.254"} |
| cidr | 2.2.2.0/24 |
| dns_nameservers | |
| enable_dhcp | True |
| gateway_ip | 2.2.2.1 |
| host_routes | |
| id | 57fb945b-92d2-4cf3-b7a0-dd43e96b88d5 |
| ip_version | 4 |
| ipv6_address_mode | |
| ipv6_ra_mode | |
| name | s |
| network_id | 45a84b0e-6bae-4a05-a0d2-5ec3d43ff5b4 |
| subnetpool_id | |
| tenant_id | 96df521a0afe46128044cf6ee20e4843 |
+-------------------+------------------------------------------+
Now, create a port under this subnet:
stack@whiskey:~$ neutron port-show p
+-----------------------+--------------------------------------------------------------------------------+
| Field | Value
|
+-----------------------+--------------------------------------------------------------------------------+
| admin_state_up | True
|
| allowed_address_pairs |
|
| binding:host_id |
|
| binding:profile | {}
|
| binding:vif_details | {}
|
| binding:vif_type | unbound
|
| binding:vnic_type | normal
|
| device_id |
|
| device_owner |
|
| dns_name |
|
| extra_dhcp_opts |
|
| fixed_ips | {"subnet_id":
"57fb945b-92d2-4cf3-b7a0-dd43e96b88d5", "ip_address": "2.2.2.3"} |
| id | 33095bd6-3a5c-4ccd-9e4f-046fb7f9272e
|
| mac_address | fa:16:3e:f0:46:ae
|
| name | p
|
| network_id | 45a84b0e-6bae-4a05-a0d2-5ec3d43ff5b4
|
| port_security_enabled | False
|
| security_groups |
|
| status | DOWN
|
| tenant_id | 96df521a0afe46128044cf6ee20e4843
|
+-----------------------+--------------------------------------------------------------------------------+
As expected the port created has no security groups associated with
it.
Now, doing a nova boot on this port, results in the VM getting into
error state. is that the expected behavior?
stack@whiskey:~$ nova boot vm --flavor 1 --image cirros-0.3.4-x86_64-uec
--nic port-id=33095bd6-3a5c-4ccd-9e4f-046fb7f9272e
+--------------------------------------+----------------------------------------------------------------+
| Property | Value
|
+--------------------------------------+----------------------------------------------------------------+
| OS-DCF:diskConfig | MANUAL
|
| OS-EXT-AZ:availability_zone |
|
| OS-EXT-SRV-ATTR:host | -
|
| OS-EXT-SRV-ATTR:hostname | vm
|
| OS-EXT-SRV-ATTR:hypervisor_hostname | -
|
| OS-EXT-SRV-ATTR:instance_name | instance-00000005
|
| OS-EXT-SRV-ATTR:kernel_id | bf0aba00-f8b8-4e18-b1d9-26027a4d9243
|
| OS-EXT-SRV-ATTR:launch_index | 0
|
| OS-EXT-SRV-ATTR:ramdisk_id | 425fc8cb-59cc-4f22-b004-e434fbd48283
|
| OS-EXT-SRV-ATTR:reservation_id | r-g4kmf8y4
|
| OS-EXT-SRV-ATTR:root_device_name | -
|
| OS-EXT-SRV-ATTR:user_data | -
|
| OS-EXT-STS:power_state | 0
|
| OS-EXT-STS:task_state | scheduling
|
| OS-EXT-STS:vm_state | building
|
| OS-SRV-USG:launched_at | -
|
| OS-SRV-USG:terminated_at | -
|
| accessIPv4 |
|
| accessIPv6 |
|
| adminPass | rWeLbfy4aFkH
|
| config_drive |
|
| created | 2016-03-08T20:39:19Z
|
| flavor | m1.tiny (1)
|
| hostId |
|
| id | 01ded4ae-b87c-458a-97b0-c628db3a2b2e
|
| image | cirros-0.3.4-x86_64-uec
(996b8839-9347-4711-93a1-d9a0a84b5e49) |
| key_name | -
|
| locked | False
|
| metadata | {}
|
| name | vm
|
| os-extended-volumes:volumes_attached | []
|
| progress | 0
|
| security_groups | default
|
| status | BUILD
|
| tenant_id | 96df521a0afe46128044cf6ee20e4843
|
| updated | 2016-03-08T20:39:19Z
|
| user_id | acae4fa2499f4841807aa37ee79eef19
|
+--------------------------------------+----------------------------------------------------------------+
stack@whiskey:~$ nova list
+--------------------------------------+------+--------+------------+-------------+----------+
| ID | Name | Status | Task State | Power
State | Networks |
+--------------------------------------+------+--------+------------+-------------+----------+
| 01ded4ae-b87c-458a-97b0-c628db3a2b2e | vm | ERROR | - | NOSTATE
| |
+--------------------------------------+------+--------+------------+-------------+----------+
Logs on n-cpu:
_http_log_response
/usr/local/lib/python2.7/dist-packages/keystoneauth1/session.py:254
2016-03-08 12:39:21.096 18805 ERROR nova.compute.manager
[req-0ffe6000-fd2d-4eb0-99d6-cba841aa1542 admin demo] [instance:
01ded4ae-b87c-458a-97b0-c628db3a2b2e] Instance failed to spawn
2016-03-08 12:39:21.096 18805 ERROR nova.compute.manager [instance:
01ded4ae-b87c-458a-97b0-c628db3a2b2e] Traceback (most recent call last):
2016-03-08 12:39:21.096 18805 ERROR nova.compute.manager [instance:
01ded4ae-b87c-458a-97b0-c628db3a2b2e] File
"/opt/stack/nova/nova/compute/manager.py", line 2188, in _build_resources
2016-03-08 12:39:21.096 18805 ERROR nova.compute.manager [instance:
01ded4ae-b87c-458a-97b0-c628db3a2b2e] yield resources
2016-03-08 12:39:21.096 18805 ERROR nova.compute.manager [instance:
01ded4ae-b87c-458a-97b0-c628db3a2b2e] File
"/opt/stack/nova/nova/compute/manager.py", line 2034, in _build_and_run_instance
2016-03-08 12:39:21.096 18805 ERROR nova.compute.manager [instance:
01ded4ae-b87c-458a-97b0-c628db3a2b2e] block_device_info=block_device_info)
2016-03-08 12:39:21.096 18805 ERROR nova.compute.manager [instance:
01ded4ae-b87c-458a-97b0-c628db3a2b2e] File
"/opt/stack/nova/nova/virt/libvirt/driver.py", line 2726, in spawn
2016-03-08 12:39:21.096 18805 ERROR nova.compute.manager [instance:
01ded4ae-b87c-458a-97b0-c628db3a2b2e] admin_pass=admin_password)
2016-03-08 12:39:21.096 18805 ERROR nova.compute.manager [instance:
01ded4ae-b87c-458a-97b0-c628db3a2b2e] File
"/opt/stack/nova/nova/virt/libvirt/driver.py", line 3219, in _create_image
2016-03-08 12:39:21.096 18805 ERROR nova.compute.manager [instance:
01ded4ae-b87c-458a-97b0-c628db3a2b2e] content=files, extra_md=extra_md,
network_info=network_info)
2016-03-08 12:39:21.096 18805 ERROR nova.compute.manager [instance:
01ded4ae-b87c-458a-97b0-c628db3a2b2e] File
"/opt/stack/nova/nova/api/metadata/base.py", line 160, in __init__
2016-03-08 12:39:21.096 18805 ERROR nova.compute.manager [instance:
01ded4ae-b87c-458a-97b0-c628db3a2b2e] self.network_metadata =
netutils.get_network_metadata(network_info)
2016-03-08 12:39:21.096 18805 ERROR nova.compute.manager [instance:
01ded4ae-b87c-458a-97b0-c628db3a2b2e] File
"/opt/stack/nova/nova/virt/netutils.py", line 194, in get_network_metadata
2016-03-08 12:39:21.096 18805 ERROR nova.compute.manager [instance:
01ded4ae-b87c-458a-97b0-c628db3a2b2e] if not network_info:
2016-03-08 12:39:21.096 18805 ERROR nova.compute.manager [instance:
01ded4ae-b87c-458a-97b0-c628db3a2b2e] File
"/opt/stack/nova/nova/network/model.py", line 523, in __len__
2016-03-08 12:39:21.096 18805 ERROR nova.compute.manager [instance:
01ded4ae-b87c-458a-97b0-c628db3a2b2e] return self._sync_wrapper(fn, *args,
**kwargs)
2016-03-08 12:39:21.096 18805 ERROR nova.compute.manager [instance:
01ded4ae-b87c-458a-97b0-c628db3a2b2e] File
"/opt/stack/nova/nova/network/model.py", line 510, in _sync_wrapper
2016-03-08 12:39:21.096 18805 ERROR nova.compute.manager [instance:
01ded4ae-b87c-458a-97b0-c628db3a2b2e] self.wait()
2016-03-08 12:39:21.096 18805 ERROR nova.compute.manager [instance:
01ded4ae-b87c-458a-97b0-c628db3a2b2e] File
"/opt/stack/nova/nova/network/model.py", line 542, in wait
2016-03-08 12:39:21.096 18805 ERROR nova.compute.manager [instance:
01ded4ae-b87c-458a-97b0-c628db3a2b2e] self[:] = self._gt.wait()
2016-03-08 12:39:21.096 18805 ERROR nova.compute.manager [instance:
01ded4ae-b87c-458a-97b0-c628db3a2b2e] File
"/usr/local/lib/python2.7/dist-packages/eventlet/greenthread.py", line 175, in
wait
2016-03-08 12:39:21.096 18805 ERROR nova.compute.manager [instance:
01ded4ae-b87c-458a-97b0-c628db3a2b2e] return self._exit_event.wait()
2016-03-08 12:39:21.096 18805 ERROR nova.compute.manager [instance:
01ded4ae-b87c-458a-97b0-c628db3a2b2e] File
"/usr/local/lib/python2.7/dist-packages/eventlet/event.py", line 125, in wait
2016-03-08 12:39:21.096 18805 ERROR nova.compute.manager [instance:
01ded4ae-b87c-458a-97b0-c628db3a2b2e] current.throw(*self._exc)
2016-03-08 12:39:21.096 18805 ERROR nova.compute.manager [instance:
01ded4ae-b87c-458a-97b0-c628db3a2b2e] File
"/usr/local/lib/python2.7/dist-packages/eventlet/greenthread.py", line 214, in
main
2016-03-08 12:39:21.096 18805 ERROR nova.compute.manager [instance:
01ded4ae-b87c-458a-97b0-c628db3a2b2e] result = function(*args, **kwargs)
2016-03-08 12:39:21.096 18805 ERROR nova.compute.manager [instance:
01ded4ae-b87c-458a-97b0-c628db3a2b2e] File "/opt/stack/nova/nova/utils.py",
line 1160, in context_wrapper
2016-03-08 12:39:21.096 18805 ERROR nova.compute.manager [instance:
01ded4ae-b87c-458a-97b0-c628db3a2b2e] return func(*args, **kwargs)
2016-03-08 12:39:21.096 18805 ERROR nova.compute.manager [instance:
01ded4ae-b87c-458a-97b0-c628db3a2b2e] File
"/opt/stack/nova/nova/compute/manager.py", line 1581, in _allocate_network_async
2016-03-08 12:39:21.096 18805 ERROR nova.compute.manager [instance:
01ded4ae-b87c-458a-97b0-c628db3a2b2e] six.reraise(*exc_info)
2016-03-08 12:39:21.096 18805 ERROR nova.compute.manager [instance:
01ded4ae-b87c-458a-97b0-c628db3a2b2e] File
"/opt/stack/nova/nova/compute/manager.py", line 1564, in _allocate_network_async
2016-03-08 12:39:21.096 18805 ERROR nova.compute.manager [instance:
01ded4ae-b87c-458a-97b0-c628db3a2b2e] bind_host_id=bind_host_id)
2016-03-08 12:39:21.096 18805 ERROR nova.compute.manager [instance:
01ded4ae-b87c-458a-97b0-c628db3a2b2e] File
"/opt/stack/nova/nova/network/neutronv2/api.py", line 633, in
allocate_for_instance
2016-03-08 12:39:21.096 18805 ERROR nova.compute.manager [instance:
01ded4ae-b87c-458a-97b0-c628db3a2b2e] raise
exception.SecurityGroupCannotBeApplied()
2016-03-08 12:39:21.096 18805 ERROR nova.compute.manager [instance:
01ded4ae-b87c-458a-97b0-c628db3a2b2e] SecurityGroupCannotBeApplied: Network
requires port_security_enabled and subnet associated in order to apply security
groups.
2016-03-08 12:39:21.096 18805 ERROR nova.compute.manager [instance:
01ded4ae-b87c-458a-97b0-c628db3a2b2e]
2016-03-08 12:39:21.097 18805 INFO nova.compute.manager
[req-0ffe6000-fd2d-4eb0-99d6-cba841aa1542 admin demo] [instance:
01ded4ae-b87c-458a-97b0-c628db3a2b2e] Terminating instance
I can however boot a vm on a port where port_security_enabled=False under a
network where the port_security_enabled=true as expected.
I was not expecting that an instance cannot be launched under a
network where the value of port_security_enabled is false. Is that the
expected behavior? If yes what's the reason? We don't need security-
groups when port-security-enabled=false, correct? Why should vm boot
be blocked then on such a network?
To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/1554728/+subscriptions
--
Mailing list: https://launchpad.net/~yahoo-eng-team
Post to : [email protected]
Unsubscribe : https://launchpad.net/~yahoo-eng-team
More help : https://help.launchpad.net/ListHelp
