OpenStack Dashboard (Horizon)

security group association per port is not supported

Bug #1637444 reported by Akihiro Motoki
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
OpenStack Dashboard (Horizon)
Fix Released
High
Akihiro Motoki
OpenStack Dashboard (Horizon) queens-2

Bug Description

Horizon security group association interface only allows users to apply security groups with an instance (server). There is no way to apply security groups to a specific port.

It is a usual use case where a server has multiple interfaces and each interface has a specific purpose (for example, one for internal connectivity and the other for external connectivity). In this case, a user wants to apply different security groups to different ports.

It comes from the neutron user feedback session in Barcelona.
https://etherpad.openstack.org/p/ocata-neutron-end-user-operator-feedback (L.35+)

Tags: neutron
Revision history for this message
Akihiro Motoki (amotoki) wrote :

This is really a typical use case and I heard this several times from users, so I would like to set the priority to High. I try to find an assignee.

Changed in horizon:
importance: Undecided → High
Kenji Ishii (ken-ishii)
Changed in horizon:
assignee: nobody → Kenji Ishii (ken-ishii)
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to horizon (master)

Fix proposed to branch: master
Review: https://review.openstack.org/404178

Changed in horizon:
status: New → In Progress
Kenji Ishii (ken-ishii)
Changed in horizon:
milestone: none → next
OpenStack Infra (hudson-openstack)
Changed in horizon:
assignee: Kenji Ishii (ken-ishii) → Akihiro Motoki (amotoki)
OpenStack Infra (hudson-openstack)
Changed in horizon:
assignee: Akihiro Motoki (amotoki) → Kenji Ishii (ken-ishii)
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Related fix proposed to horizon (master)

Related fix proposed to branch: master
Review: https://review.openstack.org/451620

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to horizon (master)

Fix proposed to branch: master
Review: https://review.openstack.org/451627

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Change abandoned on horizon (master)

Change abandoned by Akihiro Motoki (<email address hidden>) on branch: master
Review: https://review.openstack.org/451627
Reason: Let's use the original review https://review.openstack.org/404178 to add the security group per port feature. We can easily track the history.

Changed in horizon:
assignee: Kenji Ishii (ken-ishii) → Akihiro Motoki (amotoki)
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Related fix merged to horizon (master)

Reviewed: https://review.openstack.org/451620
Committed: https://git.openstack.org/cgit/openstack/horizon/commit/?id=5aab8bf508aa9b070dc6bb439603fbf20f0efd3e
Submitter: Jenkins
Branch: master

commit 5aab8bf508aa9b070dc6bb439603fbf20f0efd3e
Author: Kenji Ishii <email address hidden>
Date: Thu Mar 30 01:46:08 2017 +0000

    Refactor the current UpdatePort form to workflow version

    This patch change UpdatePort form to workflow in order to
    be able to add extra tabs like the setting of security groups.
    Originally, this work is a part of the subsequent patch
    "Support security groups association per port",
    but the changes are big so it is divided into two patches.
    This patch focuses on refactoring the existing implementation
    from the form to the workflow.

    Change-Id: Id42b311242b66ee25e8870ed86e45b5464e19c01
    Co-Authored-By: Akihiro Motoki <email address hidden>
    Related-bug: #1637444

Ying Zuo (yingzuo)
Changed in horizon:
milestone: next → queens-1
Ying Zuo (yingzuo)
Changed in horizon:
milestone: queens-1 → queens-2
Bo.Jin (bojin)
Changed in horizon:
assignee: Akihiro Motoki (amotoki) → 金博 (bojin)
assignee: 金博 (bojin) → nobody
Revision history for this message
Akihiro Motoki (amotoki) wrote :

The current in-progress patch is https://review.openstack.org/#/c/404178/

Changed in horizon:
assignee: nobody → Akihiro Motoki (amotoki)
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to horizon (master)

Reviewed: https://review.openstack.org/404178
Committed: https://git.openstack.org/cgit/openstack/horizon/commit/?id=e9db12382e5cf3d231ab9a483ede0beb6546338a
Submitter: Zuul
Branch: master

commit e9db12382e5cf3d231ab9a483ede0beb6546338a
Author: Kenji Ishii <email address hidden>
Date: Thu Mar 30 02:43:49 2017 +0000

    Support security groups association per port

    This patch support operation for operators and project users to
    associate security groups to a port. The feature is mentioned at
    the neutron user feedback session in Barcelona summit [1].

    This function UI is same as the function of security groups
    association per instance. To realize this, the way of implementation
    for 'Edit port' is changed, which move from a single modal to a
    workflow base.

    [1] https://etherpad.openstack.org/p/ocata-neutron-end-user-operator-feedback (L.35+)

    Also we need to display how security groups is associated at a port.
    At the moment, there is not way to be able to see it (only this function).
    It should be done as an another patch.

    Change-Id: I96e0fafdffbf05b8167ec1b85f7430176fdaab90
    Closes-Bug: #1637444
    Co-Authored-By: Akihiro Motoki <email address hidden>

Changed in horizon:
status: In Progress → Fix Released
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix included in openstack/horizon 13.0.0.0b2

This issue was fixed in the openstack/horizon 13.0.0.0b2 development milestone.

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.