OpenStack Compute (nova)

Multiple security groups with the same name are created

Bug #1624065 reported by kiran-vemuri
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
OpenStack Compute (nova)
Invalid
Undecided
Rajesh Tailor

Bug Description

Description:
------------
I am able to create multiple security groups with the same name and same description. This behaviour can result in confusion.

Expected Behaviour:
------------------
Enforcing uniqueness in security group names

AWS gives me an error when I try to create multiple security groups with the same name in the same vpc.

'''
An error occurred creating your security group.
The security group 'launch-wizard-3' already exists for VPC 'vpc-03cfc166'
'''

Environment:
-----------
OpenStack Mitaka on Ubuntu 14.04 server

Reproduction Steps:
-------------------

Steps from horizon:
1. Create multiple security groups with same name and same description

Steps from cli:
1. Run the command "nova secgroup-create test test" multiple times

Result:
------
nova secgroup-list
+--------------------------------------+---------+------------------------+
| Id | Name | Description |
+--------------------------------------+---------+------------------------+
| 7708f691-7107-43d3-87f4-1d3e672dbe8d | default | Default security group |
| 60d730cc-476b-4d0b-8fbe-f06f09a0b9cd | test | test |
| 63481312-0f6c-4575-af37-3941e9864cfb | test | test |
| 827a8642-6b14-47b7-970d-38b8136f62a8 | test | test |
| 827c33b5-ee4b-43eb-867d-56b3c858664c | test | test |
| 95607bc1-43a4-4105-9aad-f072ac330499 | test | test |
+--------------------------------------+---------+------------------------+

See original description
Revision history for this message
kiran-vemuri (kiran-vemuri) wrote :

AWS gives me an error when I try to create multiple security groups with the same name in the same vpc.

'''
An error occurred creating your security group.
The security group 'launch-wizard-3' already exists for VPC 'vpc-03cfc166'
'''

description: updated
Rajesh Tailor (ratailor)
Changed in nova:
assignee: nobody → Rajesh Tailor (ratailor)
Revision history for this message
Matt Riedemann (mriedem) wrote :

This is how neutron works (assuming you're using neutron), security group names and descriptions are not unique. If you were using nova-network (which is now deprecated), security group names are unique per project, but nova-network != neutron and as noted nova-network is deprecated.

Changed in nova:
status: New → Invalid
tags: added: neutron security-groups
Revision history for this message
Armando Migliaccio (armando-migliaccio) wrote :

Names are generally not the unique identifiers in OpenStack. You can create multiple resources, any type, and use the same name over and over again. This is not just an issue with security groups per se.

Revision history for this message
kiran-vemuri (kiran-vemuri) wrote :

@Armando and @Matt I totally understand that OpenStack in general uses UUID's as the unique identifiers for various entities and allows duplication of names.

But, in a project if an admin creates multiple security groups with the same name, how will the other users be able to identify the correct security group to associate to the VM? They can't keep track of the UUID right?

To give you an analogy, if a domain name 'google.com' was pointing to yahoo and facebook IP addresses, we can't really ask the users to remember the IP addresses to uniquely identify what server they want to connect to?

I mean having same name repeated in a different project makes sense but, I'm just trying to understand how it makes sense to allow multiple entities with same name in the same project?

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.