Deleting 'default' security group of a non-admin tenant by admin is not working
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| Juniper Openstack |
Fix Committed
|
Undecided
|
Babu Shanmugam | ||
| OpenContrail |
Fix Committed
|
Undecided
|
Babu Shanmugam | ||
Bug Description
There are some contradictory behaviour of the 'default' security group created for each tenant when compared with OVS neutron plugin. With OVS plugin, the admin user can delete the 'default' SG of any tenant except its own. Where as, contrail does not allow for the admin user to delete the default SG of other tenants.
After deleting the 'default' SG by admin, following scenarios were observed.
1. Create a new SG with name 'default' - Denied with reason "Default security group already exists."
2. Show 'default' SG - Shows a newly created 'default' SG details
3. List SGs - List result includes newly created 'default' SG
4. Update 'default' SG - Updates a newly created SG
5. SG rule-list - Does not include the rules that belonged to 'default' group
6. SG rule-create - Creates a rule and adds to the newly created 'default' SG group's rules.
| tags: | added: config |
| Changed in opencontrail: | |
| assignee: | nobody → Babu Shanmugam (anbu-p) |
| Changed in juniperopenstack: | |
| assignee: | nobody → Babu Shanmugam (anbu-p) |
| OpenContrail Admin (ci-admin-f) wrote A change has been merged | #1 |
| Changed in juniperopenstack: | |
| status: | New → Fix Committed |
| Changed in opencontrail: | |
| status: | New → Fix Committed |
Reviewed: https:/
Committed: http://
Submitter: Zuul
Branch: master
commit 50e23cb8af5f0cc
Author: Babu Shanmugam <email address hidden>
Date: Wed Dec 3 08:31:43 2014 +0000
Fix contradictory behaviour of default security group
Closes-Bug: #1398732
Change-Id: I0f0fb12aa3e65f