Public bug reported:
[centos-binary-horizon:rocky-latest]
if as tenant creating port in shared network , the ports fail to be
created because horizon take the security group of the source network (
admin in my case , vlan net ... )
neutron api log:
2019-02-11 10:17:28.492 33 DEBUG neutron.api.v2.base
[req-14fa3687-65ea-4f0e-880c-6fc5336a93ca 640f75a14d77430a9230d720db90046e
2c7927cda1614d7a924614b0c310ab6f - default default] Request body: {u'port':
{u'name': u'd', u'admin_state_up'
: True, u'network_id': u'0c0b01f3-f73f-4b2f-95ee-6c3e8b93ebd9', u'tenant_id':
u'2c7927cda1614d7a924614b0c310ab6f', u'binding:vnic_type': u'normal',
u'device_owner': u'', u'port_security_enabled': True, u'security_groups':
[u'49eed7e4-600b-457b-a367-5d1ec20faad6'], u'device_id': u''}}
prepare_request_body /usr/lib/python2.7/site-packages/neutron/api/v2/base.py:716
req:
sg -> 49eed7e4-600b-457b-a367-5d1ec20faad6
tenant -> 2c7927cda1614d7a924614b0c310ab6f
ID Name Project
1deb753d-dbad-4668-8c4e-72096e43673e smoketest
8d54453c9c82423b9f173997be5fcd54
1ee7e92d-7330-4b4d-b2f8-68f7d936418c CloudBand-Security-Group-DU1
750b1cc920354372b2b6149abec1a9f9
3f63ca70-54ab-4723-ae7b-63449ebccb2e default
5811183c896242dbaabd9504b2de14a1
49eed7e4-600b-457b-a367-5d1ec20faad6 default
8d54453c9c82423b9f173997be5fcd54
5acdac84-8ff7-49de-9372-3113a7ee3f2a default
29d066aff3614837892b45e658615d25
739c5f71-dfb2-48cb-9e0a-d364e5d0a2cd default
2c7927cda1614d7a924614b0c310ab6f
74f6eef0-2baa-40c6-b34c-487d2478153c CloudBand-Security-Group-BH1
2c7927cda1614d7a924614b0c310ab6f
e2193e72-c721-4bc6-895a-0828e9596673 default
750b1cc920354372b2b6149abec1a9f9
as you can see above the request combine sg which not belong to existing
tenant .
later on we its fail ...
2019-02-11 10:47:13.918 38 INFO neutron.pecan_wsgi.hooks.translation
[req-ac726455-d25c-497b-9d11-388d794760f8 640f75a14d77430a9230d720db90046e
2c7927cda1614d7a924614b0c310ab6f - default default] POST failed (client error):
The resource could not be found.
2019-02-11 10:47:13.918 38 DEBUG neutron.pecan_wsgi.hooks.notifier
[req-ac726455-d25c-497b-9d11-388d794760f8 640f75a14d77430a9230d720db90046e
2c7927cda1614d7a924614b0c310ab6f - default default] No notification will be
sent due to unsuccessful status code: 404 after
/usr/lib/python2.7/site-packages/neutron/pecan_wsgi/hooks/notifier.py:79
** Affects: horizon
Importance: Undecided
Status: New
** Description changed:
+ [centos-binary-horizon:rocky-latest]
+
if as tenant creating port in shared network , the ports fail to be
created because horizon take the security group of the source network (
admin in my case , vlan net ... )
neutron api log:
2019-02-11 10:17:28.492 33 DEBUG neutron.api.v2.base
[req-14fa3687-65ea-4f0e-880c-6fc5336a93ca 640f75a14d77430a9230d720db90046e
2c7927cda1614d7a924614b0c310ab6f - default default] Request body: {u'port':
{u'name': u'd', u'admin_state_up'
: True, u'network_id': u'0c0b01f3-f73f-4b2f-95ee-6c3e8b93ebd9', u'tenant_id':
u'2c7927cda1614d7a924614b0c310ab6f', u'binding:vnic_type': u'normal',
u'device_owner': u'', u'port_security_enabled': True, u'security_groups':
[u'49eed7e4-600b-457b-a367-5d1ec20faad6'], u'device_id': u''}}
prepare_request_body /usr/lib/python2.7/site-packages/neutron/api/v2/base.py:716
req:
sg -> 49eed7e4-600b-457b-a367-5d1ec20faad6
tenant -> 2c7927cda1614d7a924614b0c310ab6f
ID Name Project
1deb753d-dbad-4668-8c4e-72096e43673e smoketest
8d54453c9c82423b9f173997be5fcd54
1ee7e92d-7330-4b4d-b2f8-68f7d936418c CloudBand-Security-Group-DU1
750b1cc920354372b2b6149abec1a9f9
3f63ca70-54ab-4723-ae7b-63449ebccb2e default
5811183c896242dbaabd9504b2de14a1
49eed7e4-600b-457b-a367-5d1ec20faad6 default
8d54453c9c82423b9f173997be5fcd54
5acdac84-8ff7-49de-9372-3113a7ee3f2a default
29d066aff3614837892b45e658615d25
739c5f71-dfb2-48cb-9e0a-d364e5d0a2cd default
2c7927cda1614d7a924614b0c310ab6f
74f6eef0-2baa-40c6-b34c-487d2478153c CloudBand-Security-Group-BH1
2c7927cda1614d7a924614b0c310ab6f
e2193e72-c721-4bc6-895a-0828e9596673 default
750b1cc920354372b2b6149abec1a9f9
as you can see above the request combine sg which not belong to existing
tenant .
later on we its fail ...
2019-02-11 10:47:13.918 38 INFO neutron.pecan_wsgi.hooks.translation
[req-ac726455-d25c-497b-9d11-388d794760f8 640f75a14d77430a9230d720db90046e
2c7927cda1614d7a924614b0c310ab6f - default default] POST failed (client error):
The resource could not be found.
2019-02-11 10:47:13.918 38 DEBUG neutron.pecan_wsgi.hooks.notifier
[req-ac726455-d25c-497b-9d11-388d794760f8 640f75a14d77430a9230d720db90046e
2c7927cda1614d7a924614b0c310ab6f - default default] No notification will be
sent due to unsuccessful status code: 404 after
/usr/lib/python2.7/site-packages/neutron/pecan_wsgi/hooks/notifier.py:79
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Dashboard (Horizon).
https://bugs.launchpad.net/bugs/1815461
Title:
create port in shared network from tenant fail because horizon add
wrong SecurityGroup
Status in OpenStack Dashboard (Horizon):
New
Bug description:
[centos-binary-horizon:rocky-latest]
if as tenant creating port in shared network , the ports fail to be
created because horizon take the security group of the source network
( admin in my case , vlan net ... )
neutron api log:
2019-02-11 10:17:28.492 33 DEBUG neutron.api.v2.base
[req-14fa3687-65ea-4f0e-880c-6fc5336a93ca 640f75a14d77430a9230d720db90046e
2c7927cda1614d7a924614b0c310ab6f - default default] Request body: {u'port':
{u'name': u'd', u'admin_state_up'
: True, u'network_id': u'0c0b01f3-f73f-4b2f-95ee-6c3e8b93ebd9', u'tenant_id':
u'2c7927cda1614d7a924614b0c310ab6f', u'binding:vnic_type': u'normal',
u'device_owner': u'', u'port_security_enabled': True, u'security_groups':
[u'49eed7e4-600b-457b-a367-5d1ec20faad6'], u'device_id': u''}}
prepare_request_body /usr/lib/python2.7/site-packages/neutron/api/v2/base.py:716
req:
sg -> 49eed7e4-600b-457b-a367-5d1ec20faad6
tenant -> 2c7927cda1614d7a924614b0c310ab6f
ID Name Project
1deb753d-dbad-4668-8c4e-72096e43673e smoketest
8d54453c9c82423b9f173997be5fcd54
1ee7e92d-7330-4b4d-b2f8-68f7d936418c CloudBand-Security-Group-DU1
750b1cc920354372b2b6149abec1a9f9
3f63ca70-54ab-4723-ae7b-63449ebccb2e default
5811183c896242dbaabd9504b2de14a1
49eed7e4-600b-457b-a367-5d1ec20faad6 default
8d54453c9c82423b9f173997be5fcd54
5acdac84-8ff7-49de-9372-3113a7ee3f2a default
29d066aff3614837892b45e658615d25
739c5f71-dfb2-48cb-9e0a-d364e5d0a2cd default
2c7927cda1614d7a924614b0c310ab6f
74f6eef0-2baa-40c6-b34c-487d2478153c CloudBand-Security-Group-BH1
2c7927cda1614d7a924614b0c310ab6f
e2193e72-c721-4bc6-895a-0828e9596673 default
750b1cc920354372b2b6149abec1a9f9
as you can see above the request combine sg which not belong to
existing tenant .
later on we its fail ...
2019-02-11 10:47:13.918 38 INFO neutron.pecan_wsgi.hooks.translation
[req-ac726455-d25c-497b-9d11-388d794760f8 640f75a14d77430a9230d720db90046e
2c7927cda1614d7a924614b0c310ab6f - default default] POST failed (client error):
The resource could not be found.
2019-02-11 10:47:13.918 38 DEBUG neutron.pecan_wsgi.hooks.notifier
[req-ac726455-d25c-497b-9d11-388d794760f8 640f75a14d77430a9230d720db90046e
2c7927cda1614d7a924614b0c310ab6f - default default] No notification will be
sent due to unsuccessful status code: 404 after
/usr/lib/python2.7/site-packages/neutron/pecan_wsgi/hooks/notifier.py:79
To manage notifications about this bug go to:
https://bugs.launchpad.net/horizon/+bug/1815461/+subscriptions
--
Mailing list: https://launchpad.net/~yahoo-eng-team
Post to : yahoo-eng-team@lists.launchpad.net
Unsubscribe : https://launchpad.net/~yahoo-eng-team
More help : https://help.launchpad.net/ListHelp
