horizon tries to use security groups even its disabled
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| | OpenStack Dashboard (Horizon) |
Low
|
Vishal Manchanda | ||
Bug Description
2014.2.1 deployed by packstack on Centos 7.
I completely disabled security groups in both neutron (ml2 plugin) and nova:
* /etc/neutron/
enable_
* /etc/neutron/
firewall_
* /etc/nova/nova.conf
security_
firewall_
But horizon still shows Security Groups tab in Access & Security and pops up "Error: Unable to retrieve security groups.". The same message is popped up when I create a new instance.
I set 'enable_
There should be a way in Horizon to completely disable security groups references in WebUI:
1) Horizon could detect if security groups are disabled in both nova and neutron
2) An option in Horizon config
| Pavel Gluschak (scsnow) wrote : | #1 |
Fix proposed to branch: master
Review: https:/
| Changed in horizon: | |
| assignee: | nobody → Masco Kaliyamoorthy (masco) |
| status: | New → In Progress |
| Changed in horizon: | |
| importance: | Undecided → Low |
| milestone: | none → kilo-2 |
Reviewed: https:/
Committed: https:/
Submitter: Jenkins
Branch: master
commit 198d9c315c4a5b3
Author: Masco Kaliyamoorthy <email address hidden>
Date: Wed Jan 7 15:51:13 2015 +0530
security group not mandatory to create instance
as per the nova api, the security group is not
mandatory option to create an instance.
but in the launch instance form, it is marked as
mandatory and it is not allowed to create/launch
an instance if no security group was selected.
removing the mandatory field mark '*' for security
group in the launch instance form.
Change-Id: I80d61665a0b794
Partial-Bug: #1405109
| Changed in horizon: | |
| milestone: | kilo-2 → kilo-3 |
| Changed in horizon: | |
| milestone: | kilo-3 → kilo-rc1 |
| Changed in horizon: | |
| milestone: | kilo-rc1 → liberty-1 |
| tags: | added: kilo-rc-potential |
| tags: | removed: kilo-rc-potential |
| Changed in horizon: | |
| assignee: | Masco Kaliyamoorthy (masco) → nobody |
| Changed in horizon: | |
| milestone: | liberty-1 → liberty-2 |
| Changed in horizon: | |
| milestone: | liberty-2 → liberty-3 |
| Lin Hua Cheng (lin-hua-cheng) wrote : | #4 |
Masco: are there follow-up patches needed for this bug?
| Changed in horizon: | |
| milestone: | liberty-3 → liberty-rc1 |
| Changed in horizon: | |
| assignee: | nobody → Masco Kaliyamoorthy (masco) |
| Lin Hua Cheng (lin-hua-cheng) wrote : | #5 |
I think there is still some room for improvement in here.
I tried creating an Instance without selecting any Security Group, after the instance is created, it is uses the default Security Group.
I don't know if this default Nova behavior or a bug in Horizon.
We could also hide the Security Groups section in the details page where there are Security Group associated with the Instance
| Changed in horizon: | |
| assignee: | Masco Kaliyamoorthy (masco) → nobody |
| status: | In Progress → New |
| Masco (masco) wrote : | #6 |
Hi Lin,
It is nova behaviour. if you didn't give any security group, nova will select the default one.
| Changed in horizon: | |
| milestone: | liberty-rc1 → next |
| Changed in horizon: | |
| assignee: | nobody → Pramod (pramod-raghavendra-jayathirth) |
| Akihiro Motoki (amotoki) wrote : | #7 |
As of Queens, the security group support is provided by neutron. horizon should check security-group extension is enabled in neutron.
| Changed in horizon: | |
| assignee: | Pramod (pramod-raghavendra-jayathirth) → nobody |
| status: | New → Triaged |
| tags: | added: low-hanging-fruit neutron |
| Changed in horizon: | |
| assignee: | nobody → Vishal Manchanda (vishalmanchanda) |
| Fabian Zimmermann (dev-faz) wrote : | #8 |
Is any "work in progress" here? Any help wanted? I would like to disable sg on my cluster, but these err-msg in horizon are ugly.
I forgot to mention, that because of that horizon does not allow me to create an instance:
Security Groups
This field is required.
It still wants a security group to be provided.