OpenStack Heat

Add support for port_security_enabled property in ProviderNet

Bug #1654048 reported by Dustin Grant
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
OpenStack Heat
Fix Released
Low
Rabi Mishra
OpenStack Heat ocata-3

Bug Description

HEAT does not currently support setting the port_security_enabled property for ProviderNet in the template.

Snippet of template:

....
resources:
   network:
    type: OS::Neutron::ProviderNet
    properties:
      name:
        str_replace:
          template: vlan-vlanid%
          params:
            vlanid%: { get_param: vlanid }
      network_type: vlan
      physical_network: physnet2
      port_security_enabled: false <----------problematic line
      segmentation_id: { get_param: vlanid }
      shared: True
      admin_state_up: True
....

heat stack-create fails with following error:

ERROR: Property error: : resources.network.properties: : Unknown Property port_security_enabled

removing port_security_enabled line results in succcessful creation:

root@node-15:~# neutron net-show vlan-1112
+---------------------------+--------------------------------------+
| Field | Value |
+---------------------------+--------------------------------------+
| admin_state_up | True |
| availability_zone_hints | |
| availability_zones | nova |
| created_at | 2016-12-14T19:06:46 |
| description | |
| id | d767ebaa-7374-43b9-b3cc-b0f2a5a88edc |
| ipv4_address_scope | |
| ipv6_address_scope | |
| mtu | 1500 |
| name | vlan-1111 |
| port_security_enabled | True |
| provider:network_type | vlan |
| provider:physical_network | physnet2 |
| provider:segmentation_id | 1111 |
| router:external | False |
| shared | True |
| status | ACTIVE |
| subnets | 9ee5899e-3d4e-4af3-8b6c-8fde3c85abfd |
| tags | |
| tenant_id | d33081a56e894279902c94a4a0956225 |
| updated_at | 2016-12-14T19:06:46 |
+---------------------------+--------------------------------------+
but have to manually disable with following command:

neutron net-update vlan-1111 --port_security_enabled false

Rabi Mishra (rabi)
Changed in heat:
importance: Undecided → Low
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to heat (master)

Fix proposed to branch: master
Review: https://review.openstack.org/419286

Changed in heat:
assignee: nobody → Rabi Mishra (rabi)
status: New → In Progress
Rabi Mishra (rabi)
Changed in heat:
milestone: none → ocata-3
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to heat (master)

Reviewed: https://review.openstack.org/419286
Committed: https://git.openstack.org/cgit/openstack/heat/commit/?id=cfe4e9ed7a1d3dc3dd5f7fb1ce3880a352e61c45
Submitter: Jenkins
Branch: master

commit cfe4e9ed7a1d3dc3dd5f7fb1ce3880a352e61c45
Author: rabi <email address hidden>
Date: Thu Jan 12 10:28:18 2017 +0530

    Add port_security_enabled property to ProviderNet

    Change-Id: I6d1067dc44304ff5e4dd99cfb74dd8fa0a898de9
    Closes-Bug: #1654048

Changed in heat:
status: In Progress → Fix Released
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix included in openstack/heat 8.0.0.0b3

This issue was fixed in the openstack/heat 8.0.0.0b3 development milestone.

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.