Security group rule quota is not working well with default security group rule.

Bug #2067239 reported by Kyuyeong Lee
12
This bug affects 2 people
Affects Status Importance Assigned to Milestone
neutron
In Progress
Medium
Kyuyeong Lee

Bug Description

OpenStack Version: 2023.2

How to reproduce :
1. Remove all of default-security-group-rules.
2. Create a new project and set the quota of security-group-rules to 5.
3. Create a new security-group, and create 4 security-group-rules in this security-group.
4. Create another new security-group.

Expected :
At step 4, the security-group will be created without any security-group-rules since I removed all of default-security-group-rules at step 1.
There will be no problem with the security-group-rules quota. (I have 4 rules, and the quota is 5.)

Actual :
Failed to create the security-group at step 4 with the message below.
- Error: Unable to create security group: %s Details
- Quota exceeded for resources: ['security_group_rule'].

It seems the security-group-rules quota validation logic in the security group creation code has to be modified.

Tags: sg-fw
Kyuyeong Lee (kyu0)
Changed in neutron:
assignee: nobody → Kyuyeong Lee (kyu0)
Kyuyeong Lee (kyu0)
tags: added: sg-fw
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to neutron (master)

Fix proposed to branch: master
Review: https://review.opendev.org/c/openstack/neutron/+/921909

Changed in neutron:
status: New → In Progress
Changed in neutron:
importance: Undecided → Medium
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.