OpenStack Compute (nova)

Bug #1415835
Activity log

Activity log for bug #1415835

Date	Who	What changed	Old value	New value	Message
2015-01-29 10:49:05	Valeriy Ponomaryov	bug			added bug
2015-01-29 10:50:02	Valeriy Ponomaryov	description	Commit https://review.openstack.org/#/c/124059/ has introduced bug, where Nova can not boot VM. Steps to reproduce: 1) Create port in Neutron 2) Boot Vm without security group: nova --debug boot tt --image=25a15f92-6bbe-43d6-8da5-b015966a4bd1 --flavor=100 --nic port-id=01e02c22-6ea3-4fe6-8cfe-407a06b634a0 ... REQ: curl -i 'http://172.18.198.52:8774/v2/35b86f321c03497fbfa1c0fdf98a3426/servers' -X POST -H "Accept: application/json" -H "Content-Type: application/json" -H "User-Agent: python-novaclient" -H "X-Auth-Project-Id: demo" -H "X-Auth-Token: {SHA1}696ac31a35c12934a64485459b0a95a48a9ab4dd" -d '{"server": {"name": "tt", "imageRef": "25a15f92-6bbe-43d6-8da5-b015966a4bd1", "flavorRef": "100", "max_count": 1, "min_count": 1, "networks": [{"port": "01e02c22-6ea3-4fe6-8cfe-407a06b634a0"}]}}' ... Trace as a result: 2015-01-29 12:14:03.338 ERROR nova.compute.manager [-] Instance failed network setup after 1 attempt(s) 2015-01-29 12:14:03.338 TRACE nova.compute.manager Traceback (most recent call last): 2015-01-29 12:14:03.338 TRACE nova.compute.manager File "/opt/stack/nova/nova/compute/manager.py", line 1677, in _allocate_network_async 2015-01-29 12:14:03.338 TRACE nova.compute.manager dhcp_options=dhcp_options) 2015-01-29 12:14:03.338 TRACE nova.compute.manager File "/opt/stack/nova/nova/network/neutronv2/api.py", line 457, in allocate_for_instance 2015-01-29 12:14:03.338 TRACE nova.compute.manager raise exception.SecurityGroupNotAllowedTogetherWithPort() 2015-01-29 12:14:03.338 TRACE nova.compute.manager SecurityGroupNotAllowedTogetherWithPort: It's not allowed to specify security groups if port_id is provided on instance boot. Neutron should be used to configure security groups on port. 2015-01-29 12:14:03.338 TRACE nova.compute.manager Traceback (most recent call last): File "/usr/local/lib/python2.7/dist-packages/eventlet/hubs/poll.py", line 115, in wait listener.cb(fileno) File "/usr/local/lib/python2.7/dist-packages/eventlet/greenthread.py", line 214, in main result = function(args, kwargs) File "/opt/stack/nova/nova/compute/manager.py", line 1677, in _allocate_network_async dhcp_options=dhcp_options) File "/opt/stack/nova/nova/network/neutronv2/api.py", line 457, in allocate_for_instance raise exception.SecurityGroupNotAllowedTogetherWithPort() SecurityGroupNotAllowedTogetherWithPort: It's not allowed to specify security groups if port_id is provided on instance boot. Neutron should be used to configure security groups on port. Removing descriptor: 19 2015-01-29 12:14:03.529 DEB 2015-01-29 12:14:03.710 INFO nova.virt.libvirt.driver [-] [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] Using config drive 2015-01-29 12:14:03.763 ERROR nova.compute.manager [-] [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] Instance failed to spawn 2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] Traceback (most recent call last): 2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] File "/opt/stack/nova/nova/compute/manager.py", line 2303, in _build_resources 2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] yield resources 2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] File "/opt/stack/nova/nova/compute/manager.py", line 2173, in _build_and_run_instance 2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] flavor=flavor) 2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] File "/opt/stack/nova/nova/virt/libvirt/driver.py", line 2309, in spawn 2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] admin_pass=admin_password) 2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] File "/opt/stack/nova/nova/virt/libvirt/driver.py", line 2783, in _create_image 2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] content=files, extra_md=extra_md, network_info=network_info) 2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] File "/opt/stack/nova/nova/api/metadata/base.py", line 159, in __init__ 2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] ec2utils.get_ip_info_for_instance_from_nw_info(network_info) 2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] File "/opt/stack/nova/nova/api/ec2/ec2utils.py", line 152, in get_ip_info_for_instance_from_nw_info 2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] fixed_ips = nw_info.fixed_ips() 2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] File "/opt/stack/nova/nova/network/model.py", line 450, in _sync_wrapper 2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] self.wait() 2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] File "/opt/stack/nova/nova/network/model.py", line 482, in wait 2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] self[:] = self._gt.wait() 2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] File "/usr/local/lib/python2.7/dist-packages/eventlet/greenthread.py", line 175, in wait 2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] return self._exit_event.wait() 2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] File "/usr/local/lib/python2.7/dist-packages/eventlet/event.py", line 125, in wait 2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] current.throw(self._exc) 2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] File "/usr/local/lib/python2.7/dist-packages/eventlet/greenthread.py", line 214, in main 2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] result = function(args, *kwargs) 2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] File "/opt/stack/nova/nova/compute/manager.py", line 1677, in _allocate_network_async 2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] dhcp_options=dhcp_options) 2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] File "/opt/stack/nova/nova/network/neutronv2/api.py", line 457, in allocate_for_instance 2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] raise exception.SecurityGroupNotAllowedTogetherWithPort() 2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] SecurityGroupNotAllowedTogetherWithPort: It's not allowed to specify security groups if port_id is provided on instance boot. Neutron should be used to configure security groups on port. 2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] Reason of bug - Nova raises error in case security group is provided. And it is always provided, because nova pushes default security group is None is provided with request, see: https://github.com/openstack/nova/blob/37af08116249dee64a7d688b06fff509422911ac/nova/api/openstack/compute/servers.py#L515	Commit https://review.openstack.org/#/c/124059/ has introduced bug, where Nova can not boot VM. Steps to reproduce: 1) Create port in Neutron 2) Boot Vm without security group, but with port: nova --debug boot tt --image=25a15f92-6bbe-43d6-8da5-b015966a4bd1 --flavor=100 --nic port-id=01e02c22-6ea3-4fe6-8cfe-407a06b634a0 ... REQ: curl -i 'http://172.18.198.52:8774/v2/35b86f321c03497fbfa1c0fdf98a3426/servers' -X POST -H "Accept: application/json" -H "Content-Type: application/json" -H "User-Agent: python-novaclient" -H "X-Auth-Project-Id: demo" -H "X-Auth-Token: {SHA1}696ac31a35c12934a64485459b0a95a48a9ab4dd" -d '{"server": {"name": "tt", "imageRef": "25a15f92-6bbe-43d6-8da5-b015966a4bd1", "flavorRef": "100", "max_count": 1, "min_count": 1, "networks": [{"port": "01e02c22-6ea3-4fe6-8cfe-407a06b634a0"}]}}' ... Trace as a result: 2015-01-29 12:14:03.338 ERROR nova.compute.manager [-] Instance failed network setup after 1 attempt(s) 2015-01-29 12:14:03.338 TRACE nova.compute.manager Traceback (most recent call last): 2015-01-29 12:14:03.338 TRACE nova.compute.manager File "/opt/stack/nova/nova/compute/manager.py", line 1677, in _allocate_network_async 2015-01-29 12:14:03.338 TRACE nova.compute.manager dhcp_options=dhcp_options) 2015-01-29 12:14:03.338 TRACE nova.compute.manager File "/opt/stack/nova/nova/network/neutronv2/api.py", line 457, in allocate_for_instance 2015-01-29 12:14:03.338 TRACE nova.compute.manager raise exception.SecurityGroupNotAllowedTogetherWithPort() 2015-01-29 12:14:03.338 TRACE nova.compute.manager SecurityGroupNotAllowedTogetherWithPort: It's not allowed to specify security groups if port_id is provided on instance boot. Neutron should be used to configure security groups on port. 2015-01-29 12:14:03.338 TRACE nova.compute.manager Traceback (most recent call last): File "/usr/local/lib/python2.7/dist-packages/eventlet/hubs/poll.py", line 115, in wait listener.cb(fileno) File "/usr/local/lib/python2.7/dist-packages/eventlet/greenthread.py", line 214, in main result = function(args, kwargs) File "/opt/stack/nova/nova/compute/manager.py", line 1677, in _allocate_network_async dhcp_options=dhcp_options) File "/opt/stack/nova/nova/network/neutronv2/api.py", line 457, in allocate_for_instance raise exception.SecurityGroupNotAllowedTogetherWithPort() SecurityGroupNotAllowedTogetherWithPort: It's not allowed to specify security groups if port_id is provided on instance boot. Neutron should be used to configure security groups on port. Removing descriptor: 19 2015-01-29 12:14:03.529 DEB 2015-01-29 12:14:03.710 INFO nova.virt.libvirt.driver [-] [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] Using config drive 2015-01-29 12:14:03.763 ERROR nova.compute.manager [-] [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] Instance failed to spawn 2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] Traceback (most recent call last): 2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] File "/opt/stack/nova/nova/compute/manager.py", line 2303, in _build_resources 2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] yield resources 2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] File "/opt/stack/nova/nova/compute/manager.py", line 2173, in _build_and_run_instance 2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] flavor=flavor) 2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] File "/opt/stack/nova/nova/virt/libvirt/driver.py", line 2309, in spawn 2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] admin_pass=admin_password) 2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] File "/opt/stack/nova/nova/virt/libvirt/driver.py", line 2783, in _create_image 2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] content=files, extra_md=extra_md, network_info=network_info) 2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] File "/opt/stack/nova/nova/api/metadata/base.py", line 159, in __init__ 2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] ec2utils.get_ip_info_for_instance_from_nw_info(network_info) 2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] File "/opt/stack/nova/nova/api/ec2/ec2utils.py", line 152, in get_ip_info_for_instance_from_nw_info 2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] fixed_ips = nw_info.fixed_ips() 2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] File "/opt/stack/nova/nova/network/model.py", line 450, in _sync_wrapper 2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] self.wait() 2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] File "/opt/stack/nova/nova/network/model.py", line 482, in wait 2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] self[:] = self._gt.wait() 2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] File "/usr/local/lib/python2.7/dist-packages/eventlet/greenthread.py", line 175, in wait 2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] return self._exit_event.wait() 2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] File "/usr/local/lib/python2.7/dist-packages/eventlet/event.py", line 125, in wait 2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] current.throw(self._exc) 2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] File "/usr/local/lib/python2.7/dist-packages/eventlet/greenthread.py", line 214, in main 2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] result = function(args, *kwargs) 2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] File "/opt/stack/nova/nova/compute/manager.py", line 1677, in _allocate_network_async 2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] dhcp_options=dhcp_options) 2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] File "/opt/stack/nova/nova/network/neutronv2/api.py", line 457, in allocate_for_instance 2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] raise exception.SecurityGroupNotAllowedTogetherWithPort() 2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] SecurityGroupNotAllowedTogetherWithPort: It's not allowed to specify security groups if port_id is provided on instance boot. Neutron should be used to configure security groups on port. 2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] Reason of bug - Nova raises error in case security group is provided. And it is always provided, because nova pushes default security group is None is provided with request, see: https://github.com/openstack/nova/blob/37af08116249dee64a7d688b06fff509422911ac/nova/api/openstack/compute/servers.py#L515
2015-01-29 10:52:00	Valeriy Ponomaryov	description	Commit https://review.openstack.org/#/c/124059/ has introduced bug, where Nova can not boot VM. Steps to reproduce: 1) Create port in Neutron 2) Boot Vm without security group, but with port: nova --debug boot tt --image=25a15f92-6bbe-43d6-8da5-b015966a4bd1 --flavor=100 --nic port-id=01e02c22-6ea3-4fe6-8cfe-407a06b634a0 ... REQ: curl -i 'http://172.18.198.52:8774/v2/35b86f321c03497fbfa1c0fdf98a3426/servers' -X POST -H "Accept: application/json" -H "Content-Type: application/json" -H "User-Agent: python-novaclient" -H "X-Auth-Project-Id: demo" -H "X-Auth-Token: {SHA1}696ac31a35c12934a64485459b0a95a48a9ab4dd" -d '{"server": {"name": "tt", "imageRef": "25a15f92-6bbe-43d6-8da5-b015966a4bd1", "flavorRef": "100", "max_count": 1, "min_count": 1, "networks": [{"port": "01e02c22-6ea3-4fe6-8cfe-407a06b634a0"}]}}' ... Trace as a result: 2015-01-29 12:14:03.338 ERROR nova.compute.manager [-] Instance failed network setup after 1 attempt(s) 2015-01-29 12:14:03.338 TRACE nova.compute.manager Traceback (most recent call last): 2015-01-29 12:14:03.338 TRACE nova.compute.manager File "/opt/stack/nova/nova/compute/manager.py", line 1677, in _allocate_network_async 2015-01-29 12:14:03.338 TRACE nova.compute.manager dhcp_options=dhcp_options) 2015-01-29 12:14:03.338 TRACE nova.compute.manager File "/opt/stack/nova/nova/network/neutronv2/api.py", line 457, in allocate_for_instance 2015-01-29 12:14:03.338 TRACE nova.compute.manager raise exception.SecurityGroupNotAllowedTogetherWithPort() 2015-01-29 12:14:03.338 TRACE nova.compute.manager SecurityGroupNotAllowedTogetherWithPort: It's not allowed to specify security groups if port_id is provided on instance boot. Neutron should be used to configure security groups on port. 2015-01-29 12:14:03.338 TRACE nova.compute.manager Traceback (most recent call last): File "/usr/local/lib/python2.7/dist-packages/eventlet/hubs/poll.py", line 115, in wait listener.cb(fileno) File "/usr/local/lib/python2.7/dist-packages/eventlet/greenthread.py", line 214, in main result = function(args, kwargs) File "/opt/stack/nova/nova/compute/manager.py", line 1677, in _allocate_network_async dhcp_options=dhcp_options) File "/opt/stack/nova/nova/network/neutronv2/api.py", line 457, in allocate_for_instance raise exception.SecurityGroupNotAllowedTogetherWithPort() SecurityGroupNotAllowedTogetherWithPort: It's not allowed to specify security groups if port_id is provided on instance boot. Neutron should be used to configure security groups on port. Removing descriptor: 19 2015-01-29 12:14:03.529 DEB 2015-01-29 12:14:03.710 INFO nova.virt.libvirt.driver [-] [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] Using config drive 2015-01-29 12:14:03.763 ERROR nova.compute.manager [-] [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] Instance failed to spawn 2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] Traceback (most recent call last): 2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] File "/opt/stack/nova/nova/compute/manager.py", line 2303, in _build_resources 2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] yield resources 2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] File "/opt/stack/nova/nova/compute/manager.py", line 2173, in _build_and_run_instance 2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] flavor=flavor) 2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] File "/opt/stack/nova/nova/virt/libvirt/driver.py", line 2309, in spawn 2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] admin_pass=admin_password) 2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] File "/opt/stack/nova/nova/virt/libvirt/driver.py", line 2783, in _create_image 2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] content=files, extra_md=extra_md, network_info=network_info) 2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] File "/opt/stack/nova/nova/api/metadata/base.py", line 159, in __init__ 2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] ec2utils.get_ip_info_for_instance_from_nw_info(network_info) 2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] File "/opt/stack/nova/nova/api/ec2/ec2utils.py", line 152, in get_ip_info_for_instance_from_nw_info 2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] fixed_ips = nw_info.fixed_ips() 2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] File "/opt/stack/nova/nova/network/model.py", line 450, in _sync_wrapper 2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] self.wait() 2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] File "/opt/stack/nova/nova/network/model.py", line 482, in wait 2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] self[:] = self._gt.wait() 2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] File "/usr/local/lib/python2.7/dist-packages/eventlet/greenthread.py", line 175, in wait 2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] return self._exit_event.wait() 2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] File "/usr/local/lib/python2.7/dist-packages/eventlet/event.py", line 125, in wait 2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] current.throw(self._exc) 2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] File "/usr/local/lib/python2.7/dist-packages/eventlet/greenthread.py", line 214, in main 2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] result = function(args, *kwargs) 2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] File "/opt/stack/nova/nova/compute/manager.py", line 1677, in _allocate_network_async 2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] dhcp_options=dhcp_options) 2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] File "/opt/stack/nova/nova/network/neutronv2/api.py", line 457, in allocate_for_instance 2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] raise exception.SecurityGroupNotAllowedTogetherWithPort() 2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] SecurityGroupNotAllowedTogetherWithPort: It's not allowed to specify security groups if port_id is provided on instance boot. Neutron should be used to configure security groups on port. 2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] Reason of bug - Nova raises error in case security group is provided. And it is always provided, because nova pushes default security group is None is provided with request, see: https://github.com/openstack/nova/blob/37af08116249dee64a7d688b06fff509422911ac/nova/api/openstack/compute/servers.py#L515	Commit https://review.openstack.org/#/c/124059/ has introduced bug, where Nova can not boot VM. Steps to reproduce: 1) Create port in Neutron 2) Boot Vm without security group, but with port: nova --debug boot tt --image=25a15f92-6bbe-43d6-8da5-b015966a4bd1 --flavor=100 --nic port-id=01e02c22-6ea3-4fe6-8cfe-407a06b634a0 ... REQ: curl -i 'http://172.18.198.52:8774/v2/35b86f321c03497fbfa1c0fdf98a3426/servers' -X POST -H "Accept: application/json" -H "Content-Type: application/json" -H "User-Agent: python-novaclient" -H "X-Auth-Project-Id: demo" -H "X-Auth-Token: {SHA1}696ac31a35c12934a64485459b0a95a48a9ab4dd" -d '{"server": {"name": "tt", "imageRef": "25a15f92-6bbe-43d6-8da5-b015966a4bd1", "flavorRef": "100", "max_count": 1, "min_count": 1, "networks": [{"port": "01e02c22-6ea3-4fe6-8cfe-407a06b634a0"}]}}' ... Trace as a result: 2015-01-29 12:14:03.338 ERROR nova.compute.manager [-] Instance failed network setup after 1 attempt(s) 2015-01-29 12:14:03.338 TRACE nova.compute.manager Traceback (most recent call last): 2015-01-29 12:14:03.338 TRACE nova.compute.manager File "/opt/stack/nova/nova/compute/manager.py", line 1677, in _allocate_network_async 2015-01-29 12:14:03.338 TRACE nova.compute.manager dhcp_options=dhcp_options) 2015-01-29 12:14:03.338 TRACE nova.compute.manager File "/opt/stack/nova/nova/network/neutronv2/api.py", line 457, in allocate_for_instance 2015-01-29 12:14:03.338 TRACE nova.compute.manager raise exception.SecurityGroupNotAllowedTogetherWithPort() 2015-01-29 12:14:03.338 TRACE nova.compute.manager SecurityGroupNotAllowedTogetherWithPort: It's not allowed to specify security groups if port_id is provided on instance boot. Neutron should be used to configure security groups on port. 2015-01-29 12:14:03.338 TRACE nova.compute.manager Traceback (most recent call last): File "/usr/local/lib/python2.7/dist-packages/eventlet/hubs/poll.py", line 115, in wait listener.cb(fileno) File "/usr/local/lib/python2.7/dist-packages/eventlet/greenthread.py", line 214, in main result = function(args, kwargs) File "/opt/stack/nova/nova/compute/manager.py", line 1677, in _allocate_network_async dhcp_options=dhcp_options) File "/opt/stack/nova/nova/network/neutronv2/api.py", line 457, in allocate_for_instance raise exception.SecurityGroupNotAllowedTogetherWithPort() SecurityGroupNotAllowedTogetherWithPort: It's not allowed to specify security groups if port_id is provided on instance boot. Neutron should be used to configure security groups on port. Removing descriptor: 19 2015-01-29 12:14:03.529 DEB 2015-01-29 12:14:03.710 INFO nova.virt.libvirt.driver [-] [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] Using config drive 2015-01-29 12:14:03.763 ERROR nova.compute.manager [-] [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] Instance failed to spawn 2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] Traceback (most recent call last): 2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] File "/opt/stack/nova/nova/compute/manager.py", line 2303, in _build_resources 2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] yield resources 2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] File "/opt/stack/nova/nova/compute/manager.py", line 2173, in _build_and_run_instance 2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] flavor=flavor) 2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] File "/opt/stack/nova/nova/virt/libvirt/driver.py", line 2309, in spawn 2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] admin_pass=admin_password) 2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] File "/opt/stack/nova/nova/virt/libvirt/driver.py", line 2783, in _create_image 2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] content=files, extra_md=extra_md, network_info=network_info) 2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] File "/opt/stack/nova/nova/api/metadata/base.py", line 159, in __init__ 2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] ec2utils.get_ip_info_for_instance_from_nw_info(network_info) 2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] File "/opt/stack/nova/nova/api/ec2/ec2utils.py", line 152, in get_ip_info_for_instance_from_nw_info 2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] fixed_ips = nw_info.fixed_ips() 2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] File "/opt/stack/nova/nova/network/model.py", line 450, in _sync_wrapper 2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] self.wait() 2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] File "/opt/stack/nova/nova/network/model.py", line 482, in wait 2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] self[:] = self._gt.wait() 2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] File "/usr/local/lib/python2.7/dist-packages/eventlet/greenthread.py", line 175, in wait 2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] return self._exit_event.wait() 2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] File "/usr/local/lib/python2.7/dist-packages/eventlet/event.py", line 125, in wait 2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] current.throw(self._exc) 2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] File "/usr/local/lib/python2.7/dist-packages/eventlet/greenthread.py", line 214, in main 2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] result = function(args, *kwargs) 2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] File "/opt/stack/nova/nova/compute/manager.py", line 1677, in _allocate_network_async 2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] dhcp_options=dhcp_options) 2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] File "/opt/stack/nova/nova/network/neutronv2/api.py", line 457, in allocate_for_instance 2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] raise exception.SecurityGroupNotAllowedTogetherWithPort() 2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] SecurityGroupNotAllowedTogetherWithPort: It's not allowed to specify security groups if port_id is provided on instance boot. Neutron should be used to configure security groups on port. 2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] Reason of bug - Nova raises error in case security group is provided. And it is always provided, because Nova pushes in "default" security group in case None is provided with request, see: https://github.com/openstack/nova/blob/37af08116249dee64a7d688b06fff509422911ac/nova/api/openstack/compute/servers.py#L515
2015-01-29 11:11:17	OpenStack Infra	nova: status	New	In Progress
2015-01-29 11:11:17	OpenStack Infra	nova: assignee		Matthew Booth (mbooth-9)
2015-01-29 17:12:44	OpenStack Infra	nova: assignee	Matthew Booth (mbooth-9)	Matt Riedemann (mriedem)
2015-01-29 19:56:00	Matt Riedemann	nova: importance	Undecided	High
2015-01-29 19:56:07	Matt Riedemann	tags		network neutron
2015-01-30 21:05:18	OpenStack Infra	nova: status	In Progress	Fix Committed
2015-02-05 20:15:25	Thierry Carrez	nova: status	Fix Committed	Fix Released
2015-02-05 20:15:25	Thierry Carrez	nova: milestone		kilo-2
2015-04-30 09:17:39	Thierry Carrez	nova: milestone	kilo-2	2015.1.0