Juniper Openstack

Heat:Default SG is always attached to vip port of LBAAS instance though it was supposed to use user created SG

  1. Series r3.0
  2. Bug #1578920
Bug #1578920 reported by Sandip Dey
10
This bug affects 2 people
Affects Status Importance Assigned to Milestone
Juniper Openstack
Status tracked in Trunk
R3.0
New
High
Rudra Rugge
Trunk
New
Undecided
Rudra Rugge

Bug Description

Please see the template attached.

Used the following configuration.Was expecting that the 'vip_security_group1' to be used while creating the neutron port for the vip.But the default security group got attached to this port.

lb_vip_port4:
    type: OS::Neutron::Port
    properties:
      security_groups: [{ get_resource: vip_security_group1 }]
      network_id: { get_resource: private_network4 }
      fixed_ips:
        - subnet_id: { get_resource: private_subnet4 }

vip_security_group1:
    type: OS::Neutron::SecurityGroup
    properties:
      description: 'Security group for ICMP, HTTP and SSH'
      name: vip-sec-group1
      rules:
      - direction: egress
        ethertype: IPv4
        remote_ip_prefix: 0.0.0.0/0
      - direction: ingress
        protocol: icmp
      - direction: ingress
        ethertype: IPv4
        port_range_max: 80
        port_range_min: 80
        protocol: tcp
      - direction: ingress
        ethertype: IPv4
        port_range_max: 8000
        port_range_min: 8000
        protocol: tcp
      - direction: ingress
        ethertype: IPv4
        port_range_max: 22
        port_range_min: 22
        protocol: tcp

Tags: heat
Revision history for this message
Sandip Dey (sandipd) wrote :
Jeba Paulaiyan (jebap)
information type: Proprietary → Public
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.