Public bug reported: [centos-binary-horizon:rocky-latest]
if as tenant creating port in shared network , the ports fail to be created because horizon take the security group of the source network ( admin in my case , vlan net ... ) neutron api log: 2019-02-11 10:17:28.492 33 DEBUG neutron.api.v2.base [req-14fa3687-65ea-4f0e-880c-6fc5336a93ca 640f75a14d77430a9230d720db90046e 2c7927cda1614d7a924614b0c310ab6f - default default] Request body: {u'port': {u'name': u'd', u'admin_state_up' : True, u'network_id': u'0c0b01f3-f73f-4b2f-95ee-6c3e8b93ebd9', u'tenant_id': u'2c7927cda1614d7a924614b0c310ab6f', u'binding:vnic_type': u'normal', u'device_owner': u'', u'port_security_enabled': True, u'security_groups': [u'49eed7e4-600b-457b-a367-5d1ec20faad6'], u'device_id': u''}} prepare_request_body /usr/lib/python2.7/site-packages/neutron/api/v2/base.py:716 req: sg -> 49eed7e4-600b-457b-a367-5d1ec20faad6 tenant -> 2c7927cda1614d7a924614b0c310ab6f ID Name Project 1deb753d-dbad-4668-8c4e-72096e43673e smoketest 8d54453c9c82423b9f173997be5fcd54 1ee7e92d-7330-4b4d-b2f8-68f7d936418c CloudBand-Security-Group-DU1 750b1cc920354372b2b6149abec1a9f9 3f63ca70-54ab-4723-ae7b-63449ebccb2e default 5811183c896242dbaabd9504b2de14a1 49eed7e4-600b-457b-a367-5d1ec20faad6 default 8d54453c9c82423b9f173997be5fcd54 5acdac84-8ff7-49de-9372-3113a7ee3f2a default 29d066aff3614837892b45e658615d25 739c5f71-dfb2-48cb-9e0a-d364e5d0a2cd default 2c7927cda1614d7a924614b0c310ab6f 74f6eef0-2baa-40c6-b34c-487d2478153c CloudBand-Security-Group-BH1 2c7927cda1614d7a924614b0c310ab6f e2193e72-c721-4bc6-895a-0828e9596673 default 750b1cc920354372b2b6149abec1a9f9 as you can see above the request combine sg which not belong to existing tenant . later on we its fail ... 2019-02-11 10:47:13.918 38 INFO neutron.pecan_wsgi.hooks.translation [req-ac726455-d25c-497b-9d11-388d794760f8 640f75a14d77430a9230d720db90046e 2c7927cda1614d7a924614b0c310ab6f - default default] POST failed (client error): The resource could not be found. 2019-02-11 10:47:13.918 38 DEBUG neutron.pecan_wsgi.hooks.notifier [req-ac726455-d25c-497b-9d11-388d794760f8 640f75a14d77430a9230d720db90046e 2c7927cda1614d7a924614b0c310ab6f - default default] No notification will be sent due to unsuccessful status code: 404 after /usr/lib/python2.7/site-packages/neutron/pecan_wsgi/hooks/notifier.py:79 ** Affects: horizon Importance: Undecided Status: New ** Description changed: + [centos-binary-horizon:rocky-latest] + if as tenant creating port in shared network , the ports fail to be created because horizon take the security group of the source network ( admin in my case , vlan net ... ) neutron api log: 2019-02-11 10:17:28.492 33 DEBUG neutron.api.v2.base [req-14fa3687-65ea-4f0e-880c-6fc5336a93ca 640f75a14d77430a9230d720db90046e 2c7927cda1614d7a924614b0c310ab6f - default default] Request body: {u'port': {u'name': u'd', u'admin_state_up' : True, u'network_id': u'0c0b01f3-f73f-4b2f-95ee-6c3e8b93ebd9', u'tenant_id': u'2c7927cda1614d7a924614b0c310ab6f', u'binding:vnic_type': u'normal', u'device_owner': u'', u'port_security_enabled': True, u'security_groups': [u'49eed7e4-600b-457b-a367-5d1ec20faad6'], u'device_id': u''}} prepare_request_body /usr/lib/python2.7/site-packages/neutron/api/v2/base.py:716 req: sg -> 49eed7e4-600b-457b-a367-5d1ec20faad6 tenant -> 2c7927cda1614d7a924614b0c310ab6f ID Name Project 1deb753d-dbad-4668-8c4e-72096e43673e smoketest 8d54453c9c82423b9f173997be5fcd54 1ee7e92d-7330-4b4d-b2f8-68f7d936418c CloudBand-Security-Group-DU1 750b1cc920354372b2b6149abec1a9f9 3f63ca70-54ab-4723-ae7b-63449ebccb2e default 5811183c896242dbaabd9504b2de14a1 49eed7e4-600b-457b-a367-5d1ec20faad6 default 8d54453c9c82423b9f173997be5fcd54 5acdac84-8ff7-49de-9372-3113a7ee3f2a default 29d066aff3614837892b45e658615d25 739c5f71-dfb2-48cb-9e0a-d364e5d0a2cd default 2c7927cda1614d7a924614b0c310ab6f 74f6eef0-2baa-40c6-b34c-487d2478153c CloudBand-Security-Group-BH1 2c7927cda1614d7a924614b0c310ab6f e2193e72-c721-4bc6-895a-0828e9596673 default 750b1cc920354372b2b6149abec1a9f9 as you can see above the request combine sg which not belong to existing tenant . later on we its fail ... 2019-02-11 10:47:13.918 38 INFO neutron.pecan_wsgi.hooks.translation [req-ac726455-d25c-497b-9d11-388d794760f8 640f75a14d77430a9230d720db90046e 2c7927cda1614d7a924614b0c310ab6f - default default] POST failed (client error): The resource could not be found. 2019-02-11 10:47:13.918 38 DEBUG neutron.pecan_wsgi.hooks.notifier [req-ac726455-d25c-497b-9d11-388d794760f8 640f75a14d77430a9230d720db90046e 2c7927cda1614d7a924614b0c310ab6f - default default] No notification will be sent due to unsuccessful status code: 404 after /usr/lib/python2.7/site-packages/neutron/pecan_wsgi/hooks/notifier.py:79 -- You received this bug notification because you are a member of Yahoo! Engineering Team, which is subscribed to OpenStack Dashboard (Horizon). https://bugs.launchpad.net/bugs/1815461 Title: create port in shared network from tenant fail because horizon add wrong SecurityGroup Status in OpenStack Dashboard (Horizon): New Bug description: [centos-binary-horizon:rocky-latest] if as tenant creating port in shared network , the ports fail to be created because horizon take the security group of the source network ( admin in my case , vlan net ... ) neutron api log: 2019-02-11 10:17:28.492 33 DEBUG neutron.api.v2.base [req-14fa3687-65ea-4f0e-880c-6fc5336a93ca 640f75a14d77430a9230d720db90046e 2c7927cda1614d7a924614b0c310ab6f - default default] Request body: {u'port': {u'name': u'd', u'admin_state_up' : True, u'network_id': u'0c0b01f3-f73f-4b2f-95ee-6c3e8b93ebd9', u'tenant_id': u'2c7927cda1614d7a924614b0c310ab6f', u'binding:vnic_type': u'normal', u'device_owner': u'', u'port_security_enabled': True, u'security_groups': [u'49eed7e4-600b-457b-a367-5d1ec20faad6'], u'device_id': u''}} prepare_request_body /usr/lib/python2.7/site-packages/neutron/api/v2/base.py:716 req: sg -> 49eed7e4-600b-457b-a367-5d1ec20faad6 tenant -> 2c7927cda1614d7a924614b0c310ab6f ID Name Project 1deb753d-dbad-4668-8c4e-72096e43673e smoketest 8d54453c9c82423b9f173997be5fcd54 1ee7e92d-7330-4b4d-b2f8-68f7d936418c CloudBand-Security-Group-DU1 750b1cc920354372b2b6149abec1a9f9 3f63ca70-54ab-4723-ae7b-63449ebccb2e default 5811183c896242dbaabd9504b2de14a1 49eed7e4-600b-457b-a367-5d1ec20faad6 default 8d54453c9c82423b9f173997be5fcd54 5acdac84-8ff7-49de-9372-3113a7ee3f2a default 29d066aff3614837892b45e658615d25 739c5f71-dfb2-48cb-9e0a-d364e5d0a2cd default 2c7927cda1614d7a924614b0c310ab6f 74f6eef0-2baa-40c6-b34c-487d2478153c CloudBand-Security-Group-BH1 2c7927cda1614d7a924614b0c310ab6f e2193e72-c721-4bc6-895a-0828e9596673 default 750b1cc920354372b2b6149abec1a9f9 as you can see above the request combine sg which not belong to existing tenant . later on we its fail ... 2019-02-11 10:47:13.918 38 INFO neutron.pecan_wsgi.hooks.translation [req-ac726455-d25c-497b-9d11-388d794760f8 640f75a14d77430a9230d720db90046e 2c7927cda1614d7a924614b0c310ab6f - default default] POST failed (client error): The resource could not be found. 2019-02-11 10:47:13.918 38 DEBUG neutron.pecan_wsgi.hooks.notifier [req-ac726455-d25c-497b-9d11-388d794760f8 640f75a14d77430a9230d720db90046e 2c7927cda1614d7a924614b0c310ab6f - default default] No notification will be sent due to unsuccessful status code: 404 after /usr/lib/python2.7/site-packages/neutron/pecan_wsgi/hooks/notifier.py:79 To manage notifications about this bug go to: https://bugs.launchpad.net/horizon/+bug/1815461/+subscriptions -- Mailing list: https://launchpad.net/~yahoo-eng-team Post to : yahoo-eng-team@lists.launchpad.net Unsubscribe : https://launchpad.net/~yahoo-eng-team More help : https://help.launchpad.net/ListHelp