Handling Down Cells in nova - security_groups can be in the response for GET /servers/detail
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
OpenStack Compute (nova) |
Fix Released
|
Medium
|
Takashi Natsume |
Bug Description
- [x] This doc is inaccurate in this way:
This came up during a review to remove nova-net usage from functional tests and enhance the neutron fixture used in those tests:
https:/
In summary, GET /servers/detail responses for servers in a down cell may include a "security_groups" key because the API proxies that information from neutron only using the server id (the neutron security group driver finds the ports from that server id and the security groups from the ports). None of the security group information about a server, when using neutron, is cached with the server in the cell database unlike the port information (VIFs i.e. instance.
As a result, the doc is wrong for the keys it says can be returned from a GET /servers/detail response in a down cell scenario since it doesn't include 'security_groups'. The linked patch above shows that with the changed sample:
https:/
Also note that this is not the same for the GET /servers/
without including any security group information.
Note that fixing the API to be consistent between show and detail would require a microversion and is likely not worth a new microversion of that, a user can get security group information from the networking API directly with something like this:
GET /v2.0/ports?
And from the ports response the client can get the security groups by id.
This bug is just to update the down cell API guide docs.
-------
Release: 19.1.0.dev1588 on 2019-09-24 00:12:44
SHA: 2b15e162546ff5a
Source: https:/
URL: https:/
Changed in nova: | |
assignee: | nobody → Takashi NATSUME (natsume-takashi) |
status: | Confirmed → In Progress |
Fix proposed to branch: master /review. opendev. org/686520
Review: https:/