quantum driver in nova does not translate empty remote IP
Bug #1180828 reported by
Andrea Frittoli
This bug affects 3 people
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| OpenStack Compute (nova) |
Fix Released
|
Medium
|
melanie witt | ||
Bug Description
The quantum driver in nova does not translate empty remote IP in security group rules into a CIDR valid for nova.
Quantum allows for an empty remote_ip_prefix to be specified in ingress rules. An empty value means "any host".
Nova instead expects the remote_ip_prefix to be non-empty:
- create an ingress SG rule with empty remote IP via quantum
- display the rule via nova API works fine
- deleting the rule via nova API fails
The quantum driver in nova shall translate the empty remote IP in the security group rule into 0.0.0.0/0.
| Changed in nova: | |
| assignee: | nobody → Melanie Witt (melwitt) |
| status: | New → Confirmed |
Revision history for this message
| melanie witt (melwitt) wrote | #1 |
Revision history for this message
| OpenStack Infra (hudson-openstack) wrote Fix proposed to nova (master) | #2 |
| Changed in nova: | |
| status: | Confirmed → In Progress |
| Changed in nova: | |
| importance: | Undecided → Medium |
Revision history for this message
| OpenStack Infra (hudson-openstack) wrote Fix merged to nova (master) | #3 |
| Changed in nova: | |
| status: | In Progress → Fix Committed |
| Changed in nova: | |
| milestone: | none → havana-2 |
| status: | Fix Committed → Fix Released |
| Changed in nova: | |
| milestone: | havana-2 → 2013.2 |
To post a comment you must log in.
Do you mean that deleting the rule via nova CLI fails?
Because I'm able to successfully delete a rule created via quantum by calling nova REST API:
DELETE v2/{tenant_
The nova CLI command however requires an argument for the CIDR and trying "" or 0 fail for me and I'm unable to delete the rule.
usage: nova secgroup-