neutron

User cannot create HA L3 Router

Bug #1388716 reported by Sachi King
10
This bug affects 1 person
Affects Status Importance Assigned to Milestone
neutron
Fix Released
Undecided
Sachi King
neutron 2015.1.0 "kilo"
Juno
Fix Released
Undecided
Unassigned
neutron 2014.2.1

Bug Description

Currently, after modifying the policy.json a standard user cannot create a HA L3 router.

This is caused by neutron attempting to create a new network without a tenant under the users context.
All other operations with tenant-less owners performed during the creation of the router will complete successfully.

Sachi King (nakato)
Changed in neutron:
assignee: nobody → Sachi King (nakato)
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to neutron (master)

Fix proposed to branch: master
Review: https://review.openstack.org/132533

Changed in neutron:
status: New → In Progress
Assaf Muller (amuller)
tags: added: l3-ha
Assaf Muller (amuller)
Changed in neutron:
status: In Progress → Incomplete
Revision history for this message
Assaf Muller (amuller) wrote :

This happens without editing the policy file as well:
I changed l3_ha to True in neutron.conf. I then made sure a regular user (Called demo for these purposes) has no HA network, sourced the demo user, and created a router (Which was by default HA), and the creation of the router failed because the creation of the HA network failed.

Changed in neutron:
status: Incomplete → Confirmed
tags: added: juno-backport-potential
OpenStack Infra (hudson-openstack)
Changed in neutron:
status: Confirmed → In Progress
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to neutron (master)

Reviewed: https://review.openstack.org/132533
Committed: https://git.openstack.org/cgit/openstack/neutron/commit/?id=cc9bc24229f1d79dc99303db1affc03c030c011e
Submitter: Jenkins
Branch: master

commit cc9bc24229f1d79dc99303db1affc03c030c011e
Author: Sachi King <email address hidden>
Date: Mon Nov 3 00:35:51 2014 +1100

    Fix L3 HA network creation to allow user to create router

    Update HA Network creation to use an admin context to allow Neutron
    to create the tenant-less network required for the HA router when
    it does not yet exist and is being created by a non-admin user.

    Neutron creates these resources without a tenant so users cannot see
    or modify the HA network, ports, etc. Port creation and association
    already use elivated admin contexts to allow their function when
    an user attempts to create a HA L3 router.

    Change-Id: I36166158a0970b8d08d6702054b11a43fb684281
    Closes-Bug: #1388716

Changed in neutron:
status: In Progress → Fix Committed
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to neutron (stable/juno)

Fix proposed to branch: stable/juno
Review: https://review.openstack.org/133689

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to neutron (stable/juno)

Reviewed: https://review.openstack.org/133689
Committed: https://git.openstack.org/cgit/openstack/neutron/commit/?id=033e1413fa74a12fc4a0601c42e184317b0586c4
Submitter: Jenkins
Branch: stable/juno

commit 033e1413fa74a12fc4a0601c42e184317b0586c4
Author: Sachi King <email address hidden>
Date: Mon Nov 3 00:35:51 2014 +1100

    Fix L3 HA network creation to allow user to create router

    Update HA Network creation to use an admin context to allow Neutron
    to create the tenant-less network required for the HA router when
    it does not yet exist and is being created by a non-admin user.

    Neutron creates these resources without a tenant so users cannot see
    or modify the HA network, ports, etc. Port creation and association
    already use elivated admin contexts to allow their function when
    an user attempts to create a HA L3 router.

    Conflicts:
            neutron/tests/unit/db/test_l3_ha_db.py

    Change-Id: I36166158a0970b8d08d6702054b11a43fb684281
    Closes-Bug: #1388716
    (cherry picked from commit cc9bc24229f1d79dc99303db1affc03c030c011e)

tags: added: in-stable-juno
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Related fix proposed to neutron (master)

Related fix proposed to branch: master
Review: https://review.openstack.org/140598

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Change abandoned on neutron (master)

Change abandoned by Sam Yaple (<email address hidden>) on branch: master
Review: https://review.openstack.org/140598
Reason: Wrong topic

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Related fix proposed to neutron (master)

Related fix proposed to branch: master
Review: https://review.openstack.org/140601

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Change abandoned on neutron (master)

Change abandoned by Sam Yaple (<email address hidden>) on branch: master
Review: https://review.openstack.org/140601

Thierry Carrez (ttx)
Changed in neutron:
milestone: none → kilo-1
status: Fix Committed → Fix Released
Thierry Carrez (ttx)
Changed in neutron:
milestone: kilo-1 → 2015.1.0
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.