openstack: add support for neutron networks where port security is disabled
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Canonical Juju |
Fix Released
|
High
|
Heather Lanigan | ||
OpenStack Charm Test Infra |
Fix Released
|
High
|
Ryan Beisner | ||
juju-core |
Won't Fix
|
Undecided
|
Unassigned |
Bug Description
During our latest rebuild of serverstack, we've switch to using the neutron feature that allows port security to be disabled at a tenant network level; this has the side effect that we can't bootstrap/deploy juju controllers or models onto networks with this configuration, as security groups are not supported, so the scheduling request fails with:
'Exceeded maximum number of retries. Exceeded max scheduling attempts 3 for instance 7e066ea0-
Said networks would have 'port_security_
tags: | added: serverstack |
description: | updated |
Changed in charm-test-infra: | |
status: | New → Triaged |
importance: | Undecided → High |
Changed in juju: | |
status: | New → Triaged |
importance: | Undecided → High |
assignee: | nobody → Heather Lanigan (hmlanigan) |
milestone: | none → 2.2-rc1 |
Changed in juju: | |
status: | Triaged → In Progress |
Changed in juju: | |
status: | In Progress → Fix Committed |
Changed in juju: | |
status: | Fix Committed → Fix Released |
tags: | added: sts |
Changed in charm-test-infra: | |
status: | Triaged → Fix Released |
assignee: | nobody → Ryan Beisner (1chb1n) |
Changed in juju-core: | |
status: | New → Won't Fix |
Heather, do you have the bandwidth to pick this up? I think you have the
most context.
John
=:->
On Fri, Apr 7, 2017 at 2:27 PM, James Page <email address hidden> wrote:
> Public bug reported: 8e34-4226- 9599-68536b2700 19. Last exception: enabled and subnet associated in order to enabled: False' attribute; This 8e34-4226- 9599-68536b2700 19. Last exception: enabled and subnet associated in order to enabled: False' attribute; This /bugs.launchpad .net/bugs/ 1680787 /bugs.launchpad .net/charm- test-infra/ +bug/1680787/ +subscriptions
>
> During our latest rebuild of serverstack, we've switch to using the
> neutron feature that allows port security to be disabled at a tenant
> network level; this has the side effect that we can't bootstrap/deploy
> juju controllers or models onto networks with this configuration, as
> security groups are not supported, so the scheduling request fails with:
>
> 'Exceeded maximum number of retries. Exceeded max scheduling attempts 3
> for instance 7e066ea0-
> Network requires port_security_
> apply security groups.'
>
> Said networks would have 'port_security_
> key may or may not be present depending on whether the cloud deployer
> has elected to use this feature of neutron. It would be great if juju
> could detect this and drop use of security groups in this type of
> deployment.
>
> ** Affects: charm-test-infra
> Importance: High
> Status: Triaged
>
> ** Affects: juju
> Importance: Undecided
> Status: New
>
>
> ** Tags: serverstack
>
> ** Tags added: serverstack
>
> ** Description changed:
>
> During our latest rebuild of serverstack, we've switch to using the
> neutron feature that allows port security to be disabled at a tenant
> network level; this has the side effect that we can't bootstrap/deploy
> juju controllers or models onto networks with this configuration, as
> security groups are not supported, so the scheduling request fails with:
>
> - Exceeded maximum number of retries. Exceeded max scheduling attempts 3
> + 'Exceeded maximum number of retries. Exceeded max scheduling attempts 3
> for instance 7e066ea0-
> Network requires port_security_
> apply security groups.'
>
> Said networks would have 'port_security_
> key may or may not be present depending on whether the cloud deployer
> has elected to use this feature of neutron. It would be great if juju
> could detect this and drop use of security groups in this type of
> deployment.
>
> ** Also affects: charm-test-infra
> Importance: Undecided
> Status: New
>
> ** Changed in: charm-test-infra
> Status: New => Triaged
>
> ** Changed in: charm-test-infra
> Importance: Undecided => High
>
> --
> You received this bug notification because you are subscribed to juju.
> Matching subscriptions: juju bugs
> https:/
>
> Title:
> openstack: add support for neutron networks where port security is
> disabled
>
> To manage notifications about this bug go to:
> https:/
>