Bug #1814859 “Neutron quotas for firewall params fail to update” : Bugs : python-neutronclient

Revision history for this message

Slawek Kaplonski (slaweq) wrote on 2019-02-07:

#1

Can You do those calls with "--debug" option and provide output which You will have there?
It looks for me that it is more likely OSC issue instead of Neutron bug but if Your requests are reaching neutron server, can You also put here error which You got there?

Revision history for this message

Kobi Samoray (ksamoray) wrote on 2019-02-07:

#2

Download full text (11.0 KiB)

Indeed the request doesn't reach Neutron backend. Client debug output below:
$ neutron quota-update --firewall-rule 200 --debug
neutron CLI is deprecated and will be removed in the future. Use openstack CLI instead.
DEBUG: stevedore.extension found extension EntryPoint.parse('v1password = swiftclient.authv1:PasswordLoader')
DEBUG: stevedore.extension found extension EntryPoint.parse('token_endpoint = openstackclient.api.auth_plugin:TokenEndpoint')
DEBUG: stevedore.extension found extension EntryPoint.parse('noauth = cinderclient.contrib.noauth:CinderNoAuthLoader')
DEBUG: stevedore.extension found extension EntryPoint.parse('v2token = keystoneauth1.loading._plugins.identity.v2:Token')
DEBUG: stevedore.extension found extension EntryPoint.parse('none = keystoneauth1.loading._plugins.noauth:NoAuth')
DEBUG: stevedore.extension found extension EntryPoint.parse('v3oauth1 = keystoneauth1.extras.oauth1._loading:V3OAuth1')
DEBUG: stevedore.extension found extension EntryPoint.parse('admin_token = keystoneauth1.loading._plugins.admin_token:AdminToken')
DEBUG: stevedore.extension found extension EntryPoint.parse('v3oidcauthcode = keystoneauth1.loading._plugins.identity.v3:OpenIDConnectAuthorizationCode')
DEBUG: stevedore.extension found extension EntryPoint.parse('v2password = keystoneauth1.loading._plugins.identity.v2:Password')
DEBUG: stevedore.extension found extension EntryPoint.parse('v3samlpassword = keystoneauth1.extras._saml2._loading:Saml2Password')
DEBUG: stevedore.extension found extension EntryPoint.parse('v3password = keystoneauth1.loading._plugins.identity.v3:Password')
DEBUG: stevedore.extension found extension EntryPoint.parse('v3adfspassword = keystoneauth1.extras._saml2._loading:ADFSPassword')
DEBUG: stevedore.extension found extension EntryPoint.parse('v3oidcaccesstoken = keystoneauth1.loading._plugins.identity.v3:OpenIDConnectAccessToken')
DEBUG: stevedore.extension found extension EntryPoint.parse('v3oidcpassword = keystoneauth1.loading._plugins.identity.v3:OpenIDConnectPassword')
DEBUG: stevedore.extension found extension EntryPoint.parse('v3kerberos = keystoneauth1.extras.kerberos._loading:Kerberos')
DEBUG: stevedore.extension found extension EntryPoint.parse('token = keystoneauth1.loading._plugins.identity.generic:Token')
DEBUG: stevedore.extension found extension EntryPoint.parse('v3oidcclientcredentials = keystoneauth1.loading._plugins.identity.v3:OpenIDConnectClientCredentials')
DEBUG: stevedore.extension found extension EntryPoint.parse('v3tokenlessauth = keystoneauth1.loading._plugins.identity.v3:TokenlessAuth')
DEBUG: stevedore.extension found extension EntryPoint.parse('v3token = keystoneauth1.loading._plugins.identity.v3:Token')
DEBUG: stevedore.extension found extension EntryPoint.parse('v3totp = keystoneauth1.loading._plugins.identity.v3:TOTP')
DEBUG: stevedore.extension found extension EntryPoint.parse('v3applicationcredential = keystoneauth1.loading._plugins.identity.v3:ApplicationCredential')
DEBUG: stevedore.extension found extension EntryPoint.parse('password = keystoneauth1.loading._plugins.identity.generic:Password')
DEBUG: stevedore.extension found extension EntryPoint.parse('v3fedkerb = keystoneauth1.extras.ker...

Indeed the request doesn't reach Neutron backend. Client debug output below:
$ neutron quota-update --firewall-rule 200 --debug
neutron CLI is deprecated and will be removed in the future. Use openstack CLI instead.
DEBUG: stevedore.extension found extension EntryPoint.parse('v1password = swiftclient.authv1:PasswordLoader')
DEBUG: stevedore.extension found extension EntryPoint.parse('token_endpoint = openstackclient.api.auth_plugin:TokenEndpoint')
DEBUG: stevedore.extension found extension EntryPoint.parse('noauth = cinderclient.contrib.noauth:CinderNoAuthLoader')
DEBUG: stevedore.extension found extension EntryPoint.parse('v2token = keystoneauth1.loading._plugins.identity.v2:Token')
DEBUG: stevedore.extension found extension EntryPoint.parse('none = keystoneauth1.loading._plugins.noauth:NoAuth')
DEBUG: stevedore.extension found extension EntryPoint.parse('v3oauth1 = keystoneauth1.extras.oauth1._loading:V3OAuth1')
DEBUG: stevedore.extension found extension EntryPoint.parse('admin_token = keystoneauth1.loading._plugins.admin_token:AdminToken')
DEBUG: stevedore.extension found extension EntryPoint.parse('v3oidcauthcode = keystoneauth1.loading._plugins.identity.v3:OpenIDConnectAuthorizationCode')
DEBUG: stevedore.extension found extension EntryPoint.parse('v2password = keystoneauth1.loading._plugins.identity.v2:Password')
DEBUG: stevedore.extension found extension EntryPoint.parse('v3samlpassword = keystoneauth1.extras._saml2._loading:Saml2Password')
DEBUG: stevedore.extension found extension EntryPoint.parse('v3password = keystoneauth1.loading._plugins.identity.v3:Password')
DEBUG: stevedore.extension found extension EntryPoint.parse('v3adfspassword = keystoneauth1.extras._saml2._loading:ADFSPassword')
DEBUG: stevedore.extension found extension EntryPoint.parse('v3oidcaccesstoken = keystoneauth1.loading._plugins.identity.v3:OpenIDConnectAccessToken')
DEBUG: stevedore.extension found extension EntryPoint.parse('v3oidcpassword = keystoneauth1.loading._plugins.identity.v3:OpenIDConnectPassword')
DEBUG: stevedore.extension found extension EntryPoint.parse('v3kerberos = keystoneauth1.extras.kerberos._loading:Kerberos')
DEBUG: stevedore.extension found extension EntryPoint.parse('token = keystoneauth1.loading._plugins.identity.generic:Token')
DEBUG: stevedore.extension found extension EntryPoint.parse('v3oidcclientcredentials = keystoneauth1.loading._plugins.identity.v3:OpenIDConnectClientCredentials')
DEBUG: stevedore.extension found extension EntryPoint.parse('v3tokenlessauth = keystoneauth1.loading._plugins.identity.v3:TokenlessAuth')
DEBUG: stevedore.extension found extension EntryPoint.parse('v3token = keystoneauth1.loading._plugins.identity.v3:Token')
DEBUG: stevedore.extension found extension EntryPoint.parse('v3totp = keystoneauth1.loading._plugins.identity.v3:TOTP')
DEBUG: stevedore.extension found extension EntryPoint.parse('v3applicationcredential = keystoneauth1.loading._plugins.identity.v3:ApplicationCredential')
DEBUG: stevedore.extension found extension EntryPoint.parse('password = keystoneauth1.loading._plugins.identity.generic:Password')
DEBUG: stevedore.extension found extension EntryPoint.parse('v3fedkerb = keystoneauth1.extras.kerberos._loading:MappedKerberos')
DEBUG: stevedore.extension found extension EntryPoint.parse('table = cliff.formatters.table:TableFormatter')
DEBUG: stevedore.extension found extension EntryPoint.parse('json = cliff.formatters.json_format:JSONFormatter')
DEBUG: stevedore.extension found extension EntryPoint.parse('shell = cliff.formatters.shell:ShellFormatter')
DEBUG: stevedore.extension found extension EntryPoint.parse('value = cliff.formatters.value:ValueFormatter')
DEBUG: stevedore.extension found extension EntryPoint.parse('yaml = cliff.formatters.yaml_format:YAMLFormatter')
DEBUG: neutronclient.neutron.v2_0.quota.UpdateQuota run(Namespace(columns=[], fit_width=False, floatingip=None, formatter='table', healthmonitor=None, listener=None, loadbalancer=None, max_width=0, member=None, network=None, noindent=False, pool=None, port=None, pos_tenant_id=u'200', prefix='', print_empty=False, rbac_policy=None, request_format='json', router=None, security_group=None, security_group_rule=None, subnet=None, tenant_id=None, variables=[], vip=None))
DEBUG: keystoneauth.session REQ: curl -g -i -X GET http://192.168.100.102/identity -H "Accept: application/json" -H "User-Agent: neutron keystoneauth1/3.11.2 python-requests/2.21.0 CPython/2.7.12"
DEBUG: keystoneauth.session RESP: [300] Connection: close Content-Length: 274 Content-Type: application/json Date: Thu, 07 Feb 2019 14:25:28 GMT Location: http://192.168.100.102/identity/v3/ Server: Apache/2.4.18 (Ubuntu) Vary: X-Auth-Token x-openstack-request-id: req-be986881-c40d-4139-819a-639e29601a88
DEBUG: keystoneauth.session RESP BODY: {"versions": {"values": [{"status": "stable", "updated": "2019-01-22T00:00:00Z", "media-types": [{"base": "application/json", "type": "application/vnd.openstack.identity-v3+json"}], "id": "v3.12", "links": [{"href": "http://192.168.100.102/identity/v3/", "rel": "self"}]}]}}
DEBUG: keystoneauth.session GET call to http://192.168.100.102/identity used request id req-be986881-c40d-4139-819a-639e29601a88
DEBUG: keystoneauth.identity.v3.base Making authentication request to http://192.168.100.102/identity/v3/auth/tokens
DEBUG: keystoneauth.identity.v3.base {"token": {"is_domain": false, "methods": ["password"], "roles": [{"id": "9caac1a8268f474dbb7e265d9f16bba4", "name": "member"}, {"id": "101f7b1311fa4959a25989ac473c8777", "name": "reader"}, {"id": "9508ddf27e4e46a497beac01bf689f6f", "name": "admin"}], "expires_at": "2019-02-07T15:25:28.000000Z", "project": {"domain": {"id": "default", "name": "Default"}, "id": "17e41e8de440402497f04923a605c450", "name": "demo"}, "catalog": [{"endpoints": [{"url": "http://192.168.100.102/placement", "interface": "public", "region": "RegionOne", "region_id": "RegionOne", "id": "69eeec9a94334d1283a2bcad004a491a"}], "type": "placement", "id": "0c88cb031da14ccda8e9a8dd741a77d3", "name": "placement"}, {"endpoints": [{"url": "http://192.168.100.102/volume/v1/17e41e8de440402497f04923a605c450", "interface": "public", "region": "RegionOne", "region_id": "RegionOne", "id": "07ed00fe84e84e7c90962229dea273b2"}], "type": "volume", "id": "1a8235c249cd4b6f99e9a3efe122b7cb", "name": "cinder"}, {"endpoints": [{"url": "http://192.168.100.102/volume/v3/17e41e8de440402497f04923a605c450", "interface": "public", "region": "RegionOne", "region_id": "RegionOne", "id": "e3cb6a0140ef4f88b5f28ff11803c290"}], "type": "volumev3", "id": "26517811a2284eba9405511c083538f1", "name": "cinderv3"}, {"endpoints": [{"url": "http://192.168.100.102/image", "interface": "public", "region": "RegionOne", "region_id": "RegionOne", "id": "124cb29258d346c3aa42b7e84afcd06a"}], "type": "image", "id": "3898c5052f8b436fa2f3e7d580504c5b", "name": "glance"}, {"endpoints": [{"url": "http://192.168.100.102/load-balancer", "interface": "admin", "region": "RegionOne", "region_id": "RegionOne", "id": "55ebf2d246844c0fab00843790e03a95"}, {"url": "http://192.168.100.102/load-balancer", "interface": "internal", "region": "RegionOne", "region_id": "RegionOne", "id": "8a98e2d973a7466095addf439c709f65"}, {"url": "http://192.168.100.102/load-balancer", "interface": "public", "region": "RegionOne", "region_id": "RegionOne", "id": "e174757fa845471a925fe0e3f9c2b4d5"}], "type": "load-balancer", "id": "4ca4bb8486474c86999ba39ea31e43f4", "name": "octavia"}, {"endpoints": [{"url": "http://192.168.100.102/volume/v2/17e41e8de440402497f04923a605c450", "interface": "public", "region": "RegionOne", "region_id": "RegionOne", "id": "0101b98f972f4b6d992d30f878a9b95b"}], "type": "volumev2", "id": "5f91d57b37274ecab677d7cb89490089", "name": "cinderv2"}, {"endpoints": [{"url": "http://192.168.100.102/volume/v3/17e41e8de440402497f04923a605c450", "interface": "public", "region": "RegionOne", "region_id": "RegionOne", "id": "2ba365ca5df74c729ec3994d2b89d4e0"}], "type": "block-storage", "id": "6e9d86d333ce4ae2a09a543bc2f4ac30", "name": "cinder"}, {"endpoints": [{"url": "http://192.168.100.102/identity", "interface": "admin", "region": "RegionOne", "region_id": "RegionOne", "id": "8f1ec404a36b4cd1a32d5f5dcca3cf78"}, {"url": "http://192.168.100.102/identity", "interface": "public", "region": "RegionOne", "region_id": "RegionOne", "id": "b3651f2e8eec416fa1cde524d14e0e61"}], "type": "identity", "id": "9138f485147f4fb6a934aa45f028abe3", "name": "keystone"}, {"endpoints": [{"url": "http://192.168.100.102:9696/", "interface": "public", "region": "RegionOne", "region_id": "RegionOne", "id": "83873beb38ca40b1acbd64399212803c"}], "type": "network", "id": "c8bc6e90acea4b6b969e4161346ad851", "name": "neutron"}, {"endpoints": [{"url": "http://192.168.100.102/compute/v2.1", "interface": "public", "region": "RegionOne", "region_id": "RegionOne", "id": "f0258401bc22444e9ebf7634db94f417"}], "type": "compute", "id": "e98f0b81734f47f4b945b05d345b8179", "name": "nova"}, {"endpoints": [{"url": "http://192.168.100.102/compute/v2/17e41e8de440402497f04923a605c450", "interface": "public", "region": "RegionOne", "region_id": "RegionOne", "id": "a6cf331d05fc4268b4aa8ddc9ffcb453"}], "type": "compute_legacy", "id": "f7330fafe71345acb22c4bb538c50ef5", "name": "nova_legacy"}, {"endpoints": [{"url": "http://192.168.100.102:9001/", "interface": "public", "region": "RegionOne", "region_id": "RegionOne", "id": "5eae2939fcf34038b0419bc7acd55535"}], "type": "dns", "id": "f77bbd005a7f4f26b59c652eb2359fe0", "name": "designate"}], "user": {"domain": {"id": "default", "name": "Default"}, "password_expires_at": null, "name": "admin", "id": "b6f87633bab0406fbaaf598b51a64165"}, "audit_ids": ["hWOAyzsERwS3nFETtRMOqA"], "issued_at": "2019-02-07T14:25:28.000000Z"}}
DEBUG: stevedore.extension found extension EntryPoint.parse('port_pair = networking_sfc.cli.port_pair')
DEBUG: stevedore.extension found extension EntryPoint.parse('port_pair_group = networking_sfc.cli.port_pair_group')
DEBUG: stevedore.extension found extension EntryPoint.parse('flow_classifier = networking_sfc.cli.flow_classifier')
DEBUG: stevedore.extension found extension EntryPoint.parse('port_chain = networking_sfc.cli.port_chain')
ERROR: neutronclient.shell Must specify a valid resource with new quota value
Traceback (most recent call last):
  File "/opt/stack/python-neutronclient/neutronclient/shell.py", line 531, in run_subcommand
    return run_command(cmd, cmd_parser, sub_argv)
  File "/opt/stack/python-neutronclient/neutronclient/shell.py", line 68, in run_command
    return cmd.run(known_args)
  File "/opt/stack/python-neutronclient/neutronclient/neutron/v2_0/__init__.py", line 335, in run
    return super(NeutronCommand, self).run(parsed_args)
  File "/usr/local/lib/python2.7/dist-packages/cliff/display.py", line 116, in run
    column_names, data = self.take_action(parsed_args)
  File "/opt/stack/python-neutronclient/neutronclient/neutron/v2_0/quota.py", line 234, in take_action
    body = self.args2body(parsed_args)
  File "/opt/stack/python-neutronclient/neutronclient/neutron/v2_0/quota.py", line 225, in args2body
    message=_('Must specify a valid resource with new quota '
CommandError: Must specify a valid resource with new quota value
Must specify a valid resource with new quota value

Slawek Kaplonski (slaweq) on 2019-02-07

affects:

neutron → python-neutronclient

Bharath bhushan Patel (pbharathbhu) on 2020-03-08

information type:

Public → Public Security

Revision history for this message

Akihiro Motoki (amotoki) wrote on 2020-03-09:

#3

I don't see any reason that it is related to security. Moving it back to the normal bug type "Security".

information type:

Public Security → Public

python-neutronclient

Neutron quotas for firewall params fail to update

Bug Description

Other bug subscribers

Remote bug watches