duplicated security group name causes 500 on boot
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
OpenStack Compute (nova) |
New
|
Undecided
|
Unassigned | ||
neutron |
New
|
Undecided
|
Unassigned |
Bug Description
Creating two security group with the same name is succeeding when using the neutron as network driver. (This is refused by nova network)
When I try to boot a server with the duplicated security group name I got 500 response.
$ nova secgroup-create foo bar
+------
| Id | Name | Description |
+------
| 09689314-
+------
$ nova secgroup-create foo bar
+------
| Id | Name | Description |
+------
| a562e82d-
+------
$ nova --debug boot server --flavor 42 --image cirros-
REQ: curl -i http://
DEBUG (connectionpool
RESP: [500] CaseInsensitive
RESP BODY: {"computeFault": {"message": "The server has either erred or is incapable of performing the requested operation.", "code": 500}}
DEBUG (shell:724) The server has either erred or is incapable of performing the requested operation. (HTTP 500) (Request-ID: req-c3ec0e69-
Traceback (most recent call last):
File "/opt/stack/
OpenStackCo
File "/opt/stack/
args.
File "/opt/stack/
server = cs.servers.
File "/opt/stack/
**boot_kwargs)
File "/opt/stack/
return_
File "/opt/stack/
_resp, body = self.api.
File "/opt/stack/
return self._cs_
File "/opt/stack/
**kwargs)
File "/opt/stack/
resp, body = self.request(url, method, **kwargs)
File "/opt/stack/
raise exceptions.
ClientException: The server has either erred or is incapable of performing the requested operation. (HTTP 500) (Request-ID: req-c3ec0e69-
ERROR: The server has either erred or is incapable of performing the requested operation. (HTTP 500) (Request-ID: req-c3ec0e69-
n-api log:
2013-10-18 10:05:00.948 ERROR nova.api.openstack [req-c3ec0e69-
2013-10-18 10:05:00.948 22544 TRACE nova.api.openstack Traceback (most recent call last):
2013-10-18 10:05:00.948 22544 TRACE nova.api.openstack File "/opt/stack/
2013-10-18 10:05:00.948 22544 TRACE nova.api.openstack return req.get_
2013-10-18 10:05:00.948 22544 TRACE nova.api.openstack File "/usr/lib/
2013-10-18 10:05:00.948 22544 TRACE nova.api.openstack application, catch_exc_
2013-10-18 10:05:00.948 22544 TRACE nova.api.openstack File "/usr/lib/
2013-10-18 10:05:00.948 22544 TRACE nova.api.openstack app_iter = application(
2013-10-18 10:05:00.948 22544 TRACE nova.api.openstack File "/usr/lib/
2013-10-18 10:05:00.948 22544 TRACE nova.api.openstack return resp(environ, start_response)
2013-10-18 10:05:00.948 22544 TRACE nova.api.openstack File "/opt/stack/
2013-10-18 10:05:00.948 22544 TRACE nova.api.openstack return self.app(env, start_response)
2013-10-18 10:05:00.948 22544 TRACE nova.api.openstack File "/usr/lib/
2013-10-18 10:05:00.948 22544 TRACE nova.api.openstack return resp(environ, start_response)
2013-10-18 10:05:00.948 22544 TRACE nova.api.openstack File "/usr/lib/
2013-10-18 10:05:00.948 22544 TRACE nova.api.openstack return resp(environ, start_response)
2013-10-18 10:05:00.948 22544 TRACE nova.api.openstack File "/usr/lib/
2013-10-18 10:05:00.948 22544 TRACE nova.api.openstack response = self.app(environ, start_response)
2013-10-18 10:05:00.948 22544 TRACE nova.api.openstack File "/usr/lib/
2013-10-18 10:05:00.948 22544 TRACE nova.api.openstack return resp(environ, start_response)
2013-10-18 10:05:00.948 22544 TRACE nova.api.openstack File "/usr/lib/
2013-10-18 10:05:00.948 22544 TRACE nova.api.openstack resp = self.call_func(req, *args, **self.kwargs)
2013-10-18 10:05:00.948 22544 TRACE nova.api.openstack File "/usr/lib/
2013-10-18 10:05:00.948 22544 TRACE nova.api.openstack return self.func(req, *args, **kwargs)
2013-10-18 10:05:00.948 22544 TRACE nova.api.openstack File "/opt/stack/
2013-10-18 10:05:00.948 22544 TRACE nova.api.openstack content_type, body, accept)
2013-10-18 10:05:00.948 22544 TRACE nova.api.openstack File "/opt/stack/
2013-10-18 10:05:00.948 22544 TRACE nova.api.openstack action_result = self.dispatch(meth, request, action_args)
2013-10-18 10:05:00.948 22544 TRACE nova.api.openstack File "/opt/stack/
2013-10-18 10:05:00.948 22544 TRACE nova.api.openstack return method(req=request, **action_args)
2013-10-18 10:05:00.948 22544 TRACE nova.api.openstack File "/opt/stack/
2013-10-18 10:05:00.948 22544 TRACE nova.api.openstack legacy_
2013-10-18 10:05:00.948 22544 TRACE nova.api.openstack File "/opt/stack/
2013-10-18 10:05:00.948 22544 TRACE nova.api.openstack rv = f(*args, **kwargs)
2013-10-18 10:05:00.948 22544 TRACE nova.api.openstack File "/opt/stack/
2013-10-18 10:05:00.948 22544 TRACE nova.api.openstack legacy_
2013-10-18 10:05:00.948 22544 TRACE nova.api.openstack File "/opt/stack/
2013-10-18 10:05:00.948 22544 TRACE nova.api.openstack block_device_
2013-10-18 10:05:00.948 22544 TRACE nova.api.openstack File "/opt/stack/
2013-10-18 10:05:00.948 22544 TRACE nova.api.openstack self._check_
2013-10-18 10:05:00.948 22544 TRACE nova.api.openstack File "/opt/stack/
2013-10-18 10:05:00.948 22544 TRACE nova.api.openstack if not self.security_
2013-10-18 10:05:00.948 22544 TRACE nova.api.openstack File "/opt/stack/
2013-10-18 10:05:00.948 22544 TRACE nova.api.openstack neutron, 'security_group', name)
2013-10-18 10:05:00.948 22544 TRACE nova.api.openstack File "/opt/stack/
2013-10-18 10:05:00.948 22544 TRACE nova.api.openstack return _find_resourcei
2013-10-18 10:05:00.948 22544 TRACE nova.api.openstack File "/opt/stack/
2013-10-18 10:05:00.948 22544 TRACE nova.api.openstack name=name)
2013-10-18 10:05:00.948 22544 TRACE nova.api.openstack NeutronClientNo
Expected behavior A:
The security group names are unique per tenant, and the second security group creation fails with 409.
Expected behavior B:
The booting is refused by 409, with the 'Multiple security_group matches found for name 'foo', use an ID to be more specific.' error message.
tags: | added: api network |
I am even not able to delete the groups by ID.
nova secgroup-list ------- ------- ------- ------- ----+-- ------- +------ ------- + ------- ------- ------- ------- ----+-- ------- +------ ------- + a21f-4637- 8327-71ac3d585e 4b | default | default | b834-4f87- bfc3-464bc06ac0 e5 | foo | bar | dc0c-4c75- bc4d-3345b1c494 ee | foo | bar | ------- ------- ------- ------- ----+-- ------- +------ ------- + devstack- 1382090206 ~]$ nova secgroup-delete 09689314- b834-4f87- bfc3-464bc06ac0 e5 b834-4f87- bfc3-464bc06ac0 e5' not found. devstack- 1382090206 ~]$ nova secgroup-delete a562e82d- dc0c-4c75- bc4d-3345b1c494 ee dc0c-4c75- bc4d-3345b1c494 ee' not found.
+------
| Id | Name | Description |
+------
| 20c0f51f-
| 09689314-
| a562e82d-
+------
[fedora@
ERROR: Secgroup ID or name '09689314-
[fedora@
ERROR: Secgroup ID or name 'a562e82d-