Public bug reported:
Description of problem:
Even if the quota for SG rules is exhausted, new security groups (with two
default rules by default) can be created successfully.
How to reproduce:
OS_PROJECT_NAME=admin
CREATED=`openstack security group list --project $OS_PROJECT_NAME -f json |
jq -r '.[] | .ID' | xargs -I {} openstack security group rule list {} -f
value | wc -l`
let "CREATED +=1"
SG=`openstack security group list --project $OS_PROJECT_NAME -f json | jq -r
'.[0] | .ID'`
QUOTA=`openstack quota show $OS_PROJECT_NAME -f json | jq -r
'.["secgroup-rules"]'`
for ((i=CREATED; i<=QUOTA; i++)); do
PORT=`printf "%04d" $i`
openstack security group rule create --ingress --protocol tcp --dst-port
5$PORT:5$PORT $SG
done
openstack security group create --project $OS_PROJECT_NAME
sec_group_with_excess_rules
Actual results:
The number of SG rules after the last command exceeds in 2 the maximum quota
assigned for SG rules.
Related bugs: https://bugzilla.redhat.com/show_bug.cgi?id=1787933
** Affects: neutron
Importance: Undecided
Assignee: Rodolfo Alonso (rodolfo-alonso-hernandez)
Status: New
** Changed in: neutron
Assignee: (unassigned) => Rodolfo Alonso (rodolfo-alonso-hernandez)
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/1858680
Title:
Succeed to create new security group, even if security group rule
quota is exceeded
Status in neutron:
New
Bug description:
Description of problem:
Even if the quota for SG rules is exhausted, new security groups (with two
default rules by default) can be created successfully.
How to reproduce:
OS_PROJECT_NAME=admin
CREATED=`openstack security group list --project $OS_PROJECT_NAME -f json |
jq -r '.[] | .ID' | xargs -I {} openstack security group rule list {} -f
value | wc -l`
let "CREATED +=1"
SG=`openstack security group list --project $OS_PROJECT_NAME -f json | jq
-r '.[0] | .ID'`
QUOTA=`openstack quota show $OS_PROJECT_NAME -f json | jq -r
'.["secgroup-rules"]'`
for ((i=CREATED; i<=QUOTA; i++)); do
PORT=`printf "%04d" $i`
openstack security group rule create --ingress --protocol tcp --dst-port
5$PORT:5$PORT $SG
done
openstack security group create --project $OS_PROJECT_NAME
sec_group_with_excess_rules
Actual results:
The number of SG rules after the last command exceeds in 2 the maximum quota
assigned for SG rules.
Related bugs: https://bugzilla.redhat.com/show_bug.cgi?id=1787933
To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/1858680/+subscriptions
--
Mailing list: https://launchpad.net/~yahoo-eng-team
Post to : [email protected]
Unsubscribe : https://launchpad.net/~yahoo-eng-team
More help : https://help.launchpad.net/ListHelp
