neutron-api should enable security group logging when enable-security-group-logging charm config option is set
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
OpenStack Neutron API Charm |
Invalid
|
Undecided
|
Unassigned | ||
OpenStack Neutron API OVN Plugin Charm |
In Progress
|
Wishlist
|
Russell Myers |
Bug Description
neutron-api
- version: 20.4.0
- channel: yoga/stable
- revision: 560
Setting charm config option `enable-
1. Adding `log` into `service_plugins` in /etc/neutron/
2. Adding `extensions = log` in /etc/neutron/
(as described in https:/
As a result, `security_group` resource type is not available in my deployment:
```
$ openstack network loggable resources list
The resource could not be found.
```
I have manually updated /etc/neutron/
```
$ openstack network loggable resources list
+-----------------+
| Supported types |
+-----------------+
| security_group |
+-----------------+
```
...and I am now able to configure logging with e.g. `openstack network log create --resource-type security_group --resource ${SG} --event ACCEPT logme`. The logs go into /var/log/
Changed in charm-neutron-api: | |
status: | Expired → New |
Changed in charm-neutron-api-plugin-ovn: | |
assignee: | nobody → Russell Myers (russellmyers) |
This is very strange; it *should* work as all the code is there to add 'log' to `neutron.conf` and `ml2_conf.ini`.
So, it would be interesting to understand if any of the following messages appeared in the log:
"Disabling NSG logging; implementation only exists for the OVS ML2 driver" security- group-logging option is only supported on Queens or later"
"The enable-