Public bug reported: If ml2 have settings
[DEFAULT] extension_drivers = port_security [securitygroup] enable_security_group = False and one is trying to disable port-security on a given port, he/she will fail: neutron port-update fad58638-3568-4bcb-8742-d857d138056d --port- security-enabled=False Port has security group associated. Cannot disable port security or ip address until security group is removed Neutron server returns request_ids: ['req-12cd8a70-88ad-4d2b-bc3c-fcf574b088c4'] At the same time there is no way to use neutron port-update fad58638-3568-4bcb-8742-d857d138056d --no-security-groups : Unrecognized attribute(s) 'security_groups' Neutron server returns request_ids: ['req-1d2227c6-40a0-41e9-92a3-410168462635' This cause drastic inconvenience for administrators who run openstack with disabled security groups: to disable port security one ought to disable security group on the same port, and forced to to enable security group on server just to disable security group on the port. Version: 8.3 (mitaka). ** Affects: neutron Importance: Undecided Status: New ** Description changed: - If ml2 have settings [DEFAULT] extension_drivers = port_security [securitygroup] enable_security_group = False - and one is trying to disable port-security on a given port, it will + and one is trying to disable port-security on a given port, he/she will fail: neutron port-update fad58638-3568-4bcb-8742-d857d138056d --port- security-enabled=False Port has security group associated. Cannot disable port security or ip address until security group is removed Neutron server returns request_ids: ['req-12cd8a70-88ad-4d2b-bc3c-fcf574b088c4'] - At the same time there is no way to use + At the same time there is no way to use neutron port-update fad58638-3568-4bcb-8742-d857d138056d --no-security-groups : Unrecognized attribute(s) 'security_groups' Neutron server returns request_ids: ['req-1d2227c6-40a0-41e9-92a3-410168462635' This cause drastic inconvenience for administrators who run openstack with disabled security groups: to disable port security one ought to disable security group on the same port, and forced to to enable security group on server just to disable security group on the port. Version: 8.3 (mitaka). -- You received this bug notification because you are a member of Yahoo! Engineering Team, which is subscribed to neutron. https://bugs.launchpad.net/bugs/1658682 Title: port-security can't be disabled if security groups are not enabled Status in neutron: New Bug description: If ml2 have settings [DEFAULT] extension_drivers = port_security [securitygroup] enable_security_group = False and one is trying to disable port-security on a given port, he/she will fail: neutron port-update fad58638-3568-4bcb-8742-d857d138056d --port- security-enabled=False Port has security group associated. Cannot disable port security or ip address until security group is removed Neutron server returns request_ids: ['req-12cd8a70-88ad-4d2b-bc3c-fcf574b088c4'] At the same time there is no way to use neutron port-update fad58638-3568-4bcb-8742-d857d138056d --no-security-groups : Unrecognized attribute(s) 'security_groups' Neutron server returns request_ids: ['req-1d2227c6-40a0-41e9-92a3-410168462635' This cause drastic inconvenience for administrators who run openstack with disabled security groups: to disable port security one ought to disable security group on the same port, and forced to to enable security group on server just to disable security group on the port. Version: 8.3 (mitaka). To manage notifications about this bug go to: https://bugs.launchpad.net/neutron/+bug/1658682/+subscriptions -- Mailing list: https://launchpad.net/~yahoo-eng-team Post to : yahoo-eng-team@lists.launchpad.net Unsubscribe : https://launchpad.net/~yahoo-eng-team More help : https://help.launchpad.net/ListHelp