neutron

port security payload sent to agents changed after push notifications

Bug #1709408 reported by Jakub Libosvar on 2017-08-08

This bug report is a duplicate of: Bug #1605654: TestNetworkBasicOps often times out running against tripleo. Edit Remove

6

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	neutron	Confirmed	Critical	Jakub Libosvar

Bug Description

Agent call to get_device_info for security groups changed the payload format. Specifically port_security_enabled is now not part of port dict but under 'security'. So when firewalls check for port security [1] they always get True cause they access port['port_security_enabled'] instead of port['security']['port_security_enabled'].

[1] https://github.com/openstack/neutron/blob/master/neutron/agent/firewall.py#L49

Tags:

Revision history for this message

YaZug (jon-schlueter) wrote on 2017-08-08:

#1

tripleo-ci is seeing this failure

http://logs.openstack.org/15/491415/1/check/gate-tripleo-ci-centos-7-scenario001-multinode-oooq/1c4c797/logs/tempest.html.gz

Revision history for this message

YaZug (jon-schlueter) wrote on 2017-08-08:

#2

test_port_security_macspoofing_port[compute,id-7c0bb1a2-d053-49a4-98f9-ca1a1d849f63,network,slow] - this is the tempest test that is failing

Revision history for this message

wes hayutin (weshayutin) wrote on 2017-08-08:

#3

This is a dupe lp, https://bugs.launchpad.net/tripleo/+bug/1605654 is the original

Revision history for this message

YaZug (jon-schlueter) wrote on 2017-08-08:

#4

this is the candidate for regression: https://review.openstack.org/#/c/410422/

Report a bug

This report contains Public information

Everyone can see this information.

Duplicate of bug #1605654 Remove

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.