SecurityGroup exception when there are no subnets
Bug #1252410 reported by
Brent Eagles
This bug affects 2 people
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| OpenStack Compute (nova) |
Fix Released
|
High
|
Aaron Rosen | ||
Bug Description
When booting an instance with a network that has no defined subnets (i.e. you want the instance to have a network interface but not to have the address range managed by neutron), the nova/neutron integration code throws a SecurityGroupCa
To reproduce:
1. create a network -- do not create a subnet!
2. boot a vm a-la "nova boot --image foo --nic net-id=[uuid for aforementioned network] foovm"
Result:
VM fails to boot, enters ERROR state
Revision history for this message
| Armando Migliaccio (armando-migliaccio) wrote | #1 |
| Changed in neutron: | |
| status: | New → Invalid |
| Changed in nova: | |
| status: | New → Confirmed |
| Changed in nova: | |
| assignee: | nobody → sahid (sahid-ferdjaoui) |
| no longer affects: | neutron |
| Changed in nova: | |
| assignee: | sahid (sahid-ferdjaoui) → Aaron Rosen (arosen) |
| importance: | Undecided → High |
Revision history for this message
| OpenStack Infra (hudson-openstack) wrote Fix proposed to nova (master) | #2 |
| Changed in nova: | |
| status: | Confirmed → In Progress |
| tags: | added: icehouse-rc-potential network |
Revision history for this message
| OpenStack Infra (hudson-openstack) wrote Fix merged to nova (master) | #3 |
| Changed in nova: | |
| status: | In Progress → Fix Committed |
| Changed in nova: | |
| milestone: | none → icehouse-rc1 |
| Changed in nova: | |
| status: | Fix Committed → Fix Released |
| Changed in nova: | |
| milestone: | icehouse-rc1 → 2014.1 |
| tags: | removed: icehouse-rc-potential |
| tags: | added: nfv |
To post a comment you must log in.
As you said, Nova does not have the ability to disable security groups for an instance. From the code that raises the fault, it looks like this is by design. Furthermore I don't think this is a Neutron bug.