OpenStack Heat

Creation of NetworkInterface resource failed because GroupSet attribute is invalid

Bug #1166084 reported by Simon Pasquier
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
OpenStack Heat
Fix Released
Medium
Jeff Peeler
OpenStack Heat 2013.2 "havana"

Bug Description

Heat fails to create a AWS::EC2::NetworkInterface resource that uses a GroupSet attribute.

Environmenet: devstack + Quantum

{
  "AWSTemplateFormatVersion" : "2010-09-09",

  "Description" : "Template for testing creation of VPC resources",

  "Parameters" : {

    "KeyName" : {
      "Description" : "Name of and existing EC2 KeyPair to enable SSH access to the instance",
      "Type" : "String"
    },

    "InstanceType" : {
      "Description" : "EC2 instance type",
      "Type" : "String",
      "Default" : "t1.micro",
      "AllowedValues" : [ "t1.micro", "m1.small", "m1.large", "m1.xlarge", "m2.xlarge", "m2.2xlarge", "m2.4xlarge", "c1.medium", "c1.xlarge", "cc1.4xlarge" ],
      "ConstraintDescription" : "must be a valid EC2 instance type."
    },

    "LinuxDistribution": {
      "Description" : "Distribution of choice",
      "Type": "String",
      "Default": "cirros-0.3.1-x86_64-uec"
    }

  },

  "Resources" : {

    "myVpc" : {
      "Type" : "AWS::EC2::VPC",
      "Properties" : {
        "CidrBlock" : "20.0.0.0/16"
      }
    },

    "mySubnet" : {
      "Type" : "AWS::EC2::Subnet",
      "Properties" : {
        "VpcId" : { "Ref" : "myVpc" },
        "CidrBlock" : "20.0.0.0/24"
      }
    },

    "InstanceSecurityGroup" : {
      "Type" : "AWS::EC2::SecurityGroup",
      "Properties" : {
        "GroupDescription" : "Enable ICMP + SSH access via port 22",
        "SecurityGroupIngress" : [
          {"IpProtocol" : "icmp", "FromPort" : "-1", "ToPort" : "-1", "CidrIp" : "0.0.0.0/0"},
          {"IpProtocol" : "tcp", "FromPort" : "22", "ToPort" : "22", "CidrIp" : "0.0.0.0/0"}
        ]
      }
    },

    "myNetworkInterface": {
      "Type" : "AWS::EC2::NetworkInterface",
      "Properties" : {
        "SubnetId" : { "Ref" : "mySubnet" },
        "Description" : "myInstance interface",
        "GroupSet" : [ {"Ref" : "InstanceSecurityGroup"} ]
      }
    },

    "myInstance" : {
      "Type" : "AWS::EC2::Instance",
      "Properties" : {
        "ImageId" : { "Ref" : "LinuxDistribution" },
        "KeyName" : { "Ref" : "KeyName" },
        "NetworkInterfaces" : [{ "NetworkInterfaceId": { "Ref" : "myNetworkInterface" }, "DeviceIndex" : "0" }],
        "InstanceType" : { "Ref": "InstanceType" }
      }
    }
  },

  "Outputs" : {
    "InstanceId" : {
      "Value" : { "Ref" : "myInstance" },
      "Description" : "Instance Id of newly created instance"
    }
  }
}

$ heat stack-create --template-file ../templates/vpc6.template -P "KeyName=itadmin" myStack
+--------------------------------------+------------+--------------------+----------------------+
| id | stack_name | stack_status | creation_time |
+--------------------------------------+------------+--------------------+----------------------+
| dbdde212-918c-48db-9141-82cc8178d049 | myStack | CREATE_IN_PROGRESS | 2013-04-08T08:48:36Z |
+--------------------------------------+------------+--------------------+----------------------+
$ heat stack-show myStack
+----------------------+--------------------------------------------------------------------------------------------------------------------------------+
| Property | Value |
+----------------------+--------------------------------------------------------------------------------------------------------------------------------+
...
| stack_name | myStack |
| stack_status | CREATE_FAILED |
| stack_status_reason | Resource NetworkInterface "myNetworkInterface" failed |
| | with: Invalid input for operation: |
| | 'InstanceSecurityGroup' is not an integer or uuid. |
...
+----------------------+--------------------------------------------------------------------------------------------------------------------------------+

Revision history for this message
Simon Pasquier (simon-pasquier) wrote :

Somehow related to the fact that Heat should quantum security groups when VpcId is specified in AWS::EC2::SecurityGroup.
See https://blueprints.launchpad.net/heat/+spec/quantum-security-group

Steve Baker (steve-stevebaker)
Changed in heat:
assignee: nobody → Jeff Peeler (jpeeler-z)
Steven Hardy (shardy)
Changed in heat:
status: New → Triaged
importance: Undecided → Medium
milestone: none → havana-1
Steven Hardy (shardy)
Changed in heat:
milestone: havana-1 → havana-2
Revision history for this message
Jeff Peeler (jpeeler-z) wrote :

This appears to have been fixed by bug 1164913, so I'm setting to fix released.

Changed in heat:
status: Triaged → Fix Released
Thierry Carrez (ttx)
Changed in heat:
milestone: havana-2 → 2013.2
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.