[Yahoo-eng-team] [Bug 1562945] [NEW] Change nova's devstack blacklist to use test uuids
Public bug reported: See https://bugs.launchpad.net/nova/+bug/1562323 for the background. A temporary workaround was made for that bug. This bug will be used to implement changing the nova devstack blacklist file to use the test idempotent ids and not the test names. ** Affects: nova Importance: Undecided Assignee: Chuck Carmack (chuckcarmack75) Status: New ** Changed in: nova Assignee: (unassigned) => Chuck Carmack (chuckcarmack75) -- You received this bug notification because you are a member of Yahoo! Engineering Team, which is subscribed to OpenStack Compute (nova). https://bugs.launchpad.net/bugs/1562945 Title: Change nova's devstack blacklist to use test uuids Status in OpenStack Compute (nova): New Bug description: See https://bugs.launchpad.net/nova/+bug/1562323 for the background. A temporary workaround was made for that bug. This bug will be used to implement changing the nova devstack blacklist file to use the test idempotent ids and not the test names. To manage notifications about this bug go to: https://bugs.launchpad.net/nova/+bug/1562945/+subscriptions -- Mailing list: https://launchpad.net/~yahoo-eng-team Post to : yahoo-eng-team@lists.launchpad.net Unsubscribe : https://launchpad.net/~yahoo-eng-team More help : https://help.launchpad.net/ListHelp
[Yahoo-eng-team] [Bug 1540939] Re: Instance delete causing port leak
** Changed in: nova Status: In Progress => Invalid -- You received this bug notification because you are a member of Yahoo! Engineering Team, which is subscribed to OpenStack Compute (nova). https://bugs.launchpad.net/bugs/1540939 Title: Instance delete causing port leak Status in OpenStack Compute (nova): Invalid Bug description: Nova can cause a neutron port leak after deleting an instance. If neutron has the port binding extension installed, then nova uses admin credentials to create the port during instance create: https://github.com/openstack/nova/blob/master/nova/network/neutronv2/api.py#L537 However, during instance delete, nova always uses the user creds: https://github.com/openstack/nova/blob/master/nova/network/neutronv2/api.py#L739 Depending on the neutron policy settings, this can leak ports in neutron. Can someone explain this behavior? We are running on nova kilo. To manage notifications about this bug go to: https://bugs.launchpad.net/nova/+bug/1540939/+subscriptions -- Mailing list: https://launchpad.net/~yahoo-eng-team Post to : yahoo-eng-team@lists.launchpad.net Unsubscribe : https://launchpad.net/~yahoo-eng-team More help : https://help.launchpad.net/ListHelp
[Yahoo-eng-team] [Bug 1540939] Re: Instance delete causing port leak
I think the problem we are having is that we added "VMAdmin" to the delete port rule. We have this: "owner": "tenant_id:%(tenant_id)s", "admin_or_vm_admin_owner": "role:admin or (tenant_id:%(tenant_id)s and role:VMAdmin)", "admin_or_vm_admin_network_owner": "role:admin or (tenant_id:%(network:tenant_id)s and role:VMAdmin)", "vm_admin_owner_or_vm_admin_network_owner": "rule:admin_or_vm_admin_network_owner or rule:admin_or_vm_admin_owner", ... "delete_port": "rule:vm_admin_owner_or_vm_admin_network_owner or rule:context_is_advsvc", So it takes VMAdmin to delete a port, but the user in this case did not have that role when deleting an instance. I'm going to reopen this bug to see if nova can change to use admin to delete the port, if the neutron port binding extension is enabled. ** Changed in: nova Status: Invalid => New ** Changed in: nova Assignee: (unassigned) => Chuck Carmack (chuckcarmack75) -- You received this bug notification because you are a member of Yahoo! Engineering Team, which is subscribed to OpenStack Compute (nova). https://bugs.launchpad.net/bugs/1540939 Title: Instance delete causing port leak Status in OpenStack Compute (nova): New Bug description: Nova can cause a neutron port leak after deleting an instance. If neutron has the port binding extension installed, then nova uses admin credentials to create the port during instance create: https://github.com/openstack/nova/blob/master/nova/network/neutronv2/api.py#L537 However, during instance delete, nova always uses the user creds: https://github.com/openstack/nova/blob/master/nova/network/neutronv2/api.py#L739 Depending on the neutron policy settings, this can leak ports in neutron. Can someone explain this behavior? We are running on nova kilo. To manage notifications about this bug go to: https://bugs.launchpad.net/nova/+bug/1540939/+subscriptions -- Mailing list: https://launchpad.net/~yahoo-eng-team Post to : yahoo-eng-team@lists.launchpad.net Unsubscribe : https://launchpad.net/~yahoo-eng-team More help : https://help.launchpad.net/ListHelp
[Yahoo-eng-team] [Bug 1540939] Re: Instance delete causing port leak
Sean, thanks for the info in the channel. Marking the bug invalid. ** Changed in: nova Status: New => Invalid -- You received this bug notification because you are a member of Yahoo! Engineering Team, which is subscribed to OpenStack Compute (nova). https://bugs.launchpad.net/bugs/1540939 Title: Instance delete causing port leak Status in OpenStack Compute (nova): Invalid Bug description: Nova can cause a neutron port leak after deleting an instance. If neutron has the port binding extension installed, then nova uses admin credentials to create the port during instance create: https://github.com/openstack/nova/blob/master/nova/network/neutronv2/api.py#L537 However, during instance delete, nova always uses the user creds: https://github.com/openstack/nova/blob/master/nova/network/neutronv2/api.py#L739 Depending on the neutron policy settings, this can leak ports in neutron. Can someone explain this behavior? We are running on nova kilo. To manage notifications about this bug go to: https://bugs.launchpad.net/nova/+bug/1540939/+subscriptions -- Mailing list: https://launchpad.net/~yahoo-eng-team Post to : yahoo-eng-team@lists.launchpad.net Unsubscribe : https://launchpad.net/~yahoo-eng-team More help : https://help.launchpad.net/ListHelp
[Yahoo-eng-team] [Bug 1540939] [NEW] Instance delete causing port leak
Public bug reported: Nova can cause a neutron port leak after deleting an instance. If neutron has the port binding extension installed, then nova uses admin credentials to create the port during instance create: https://github.com/openstack/nova/blob/master/nova/network/neutronv2/api.py#L537 However, during instance delete, nova always uses the user creds: https://github.com/openstack/nova/blob/master/nova/network/neutronv2/api.py#L739 Depending on the neutron policy settings, this can leak ports in neutron. Can someone explain this behavior? We are running on nova kilo. ** Affects: nova Importance: Undecided Status: New -- You received this bug notification because you are a member of Yahoo! Engineering Team, which is subscribed to OpenStack Compute (nova). https://bugs.launchpad.net/bugs/1540939 Title: Instance delete causing port leak Status in OpenStack Compute (nova): New Bug description: Nova can cause a neutron port leak after deleting an instance. If neutron has the port binding extension installed, then nova uses admin credentials to create the port during instance create: https://github.com/openstack/nova/blob/master/nova/network/neutronv2/api.py#L537 However, during instance delete, nova always uses the user creds: https://github.com/openstack/nova/blob/master/nova/network/neutronv2/api.py#L739 Depending on the neutron policy settings, this can leak ports in neutron. Can someone explain this behavior? We are running on nova kilo. To manage notifications about this bug go to: https://bugs.launchpad.net/nova/+bug/1540939/+subscriptions -- Mailing list: https://launchpad.net/~yahoo-eng-team Post to : yahoo-eng-team@lists.launchpad.net Unsubscribe : https://launchpad.net/~yahoo-eng-team More help : https://help.launchpad.net/ListHelp
[Yahoo-eng-team] [Bug 1475911] [NEW] nova-idmapshift outputs incorrect usage
Public bug reported: On my devstack, the nova-idmapshift usage outputs this: vagrant@vagrant-ubuntu-trusty-64:~$ nova-idmapshift usage: User Namespace FS Owner Shift [-h] [-u UID] [-g GID] [-n NOBODY] [-i] [-c] [-d] [-v] path User Namespace FS Owner Shift: error: too few arguments The usage should be nova-idmapshift [-h] . and not User Namespace... ** Affects: nova Importance: Undecided Status: New -- You received this bug notification because you are a member of Yahoo! Engineering Team, which is subscribed to OpenStack Compute (nova). https://bugs.launchpad.net/bugs/1475911 Title: nova-idmapshift outputs incorrect usage Status in OpenStack Compute (nova): New Bug description: On my devstack, the nova-idmapshift usage outputs this: vagrant@vagrant-ubuntu-trusty-64:~$ nova-idmapshift usage: User Namespace FS Owner Shift [-h] [-u UID] [-g GID] [-n NOBODY] [-i] [-c] [-d] [-v] path User Namespace FS Owner Shift: error: too few arguments The usage should be nova-idmapshift [-h] . and not User Namespace... To manage notifications about this bug go to: https://bugs.launchpad.net/nova/+bug/1475911/+subscriptions -- Mailing list: https://launchpad.net/~yahoo-eng-team Post to : yahoo-eng-team@lists.launchpad.net Unsubscribe : https://launchpad.net/~yahoo-eng-team More help : https://help.launchpad.net/ListHelp
