OpenStack Compute (Nova)

Security Group Trigger notifications not propagated to Quantum

Reported by David Lapsley on 2012-02-15
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
OpenStack Compute (nova)
Undecided
David Lapsley

Bug Description

Nova allows security group information to be CRUD'd via both the ec2 and openstack APIs. Both of these APIs notify nova compute via three methods:

def trigger_security_group_rules_refresh(self, context, security_group_id,
def trigger_security_group_members_refresh(self, context, group_ids,
def trigger_provider_fw_rules_refresh(self, context):

These indicate that the security group tables in the database have been modified so that nova can take appropriate action. Currently, quantum is not notified of these changes. A lightweight mechanism is required to ensure quantum is able to receive this notifications.

Fix proposed to branch: master
Review: https://review.openstack.org/4218

Changed in nova:
assignee: nobody → David Lapsley (dlapsley)
status: New → In Progress

Reviewed: https://review.openstack.org/4218
Committed: http://github.com/openstack/nova/commit/269c0fca4d2dd78fecdd142047c5198b41c4e7d7
Submitter: Jenkins
Branch: master

commit 269c0fca4d2dd78fecdd142047c5198b41c4e7d7
Author: Dave Lapsley <email address hidden>
Date: Wed Feb 15 18:04:23 2012 -0500

    Fix bug 933147 Security group trigger notifications.

    Add a lightweight mechanism to allow security group trigger
    notifications to be propagated to quantum security group handlers.

    Add a global flag: "security_group_handler" to allow for runtime
    selection of security group handler class.

    Change-Id: I8a3768c26c97020071ad4e52d3a22d8898e72e9f

Changed in nova:
status: In Progress → Fix Committed
Thierry Carrez (ttx) on 2012-02-29
Changed in nova:
milestone: none → essex-4
status: Fix Committed → Fix Released
Thierry Carrez (ttx) on 2012-04-05
Changed in nova:
milestone: essex-4 → 2012.1
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers