User can't modify security-group-rule via nova-api if there are duplicated security group name
Bug #1156932 reported by
Nachi Ueno
This bug affects 4 people
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
neutron |
Invalid
|
Undecided
|
Unassigned | ||
python-novaclient |
Won't Fix
|
Low
|
Unassigned | ||
python-novaclient (Ubuntu) |
Triaged
|
Low
|
Unassigned | ||
Raring |
Won't Fix
|
Low
|
Unassigned | ||
Saucy |
Won't Fix
|
Low
|
Unassigned |
Bug Description
User can't modify security-group-rule via nova-api if there are duplicated security group name.
When quantum security group is enabled in nova,
nova admin user can't modify security group rule via nova-api.
nova secgroup-list shows two default security group.
Both of that has same name "default", so CLI says please specify security group id.
But it looks no way to know security group id from nova-api.
affects: | nova → python-novaclient |
Changed in python-novaclient (Ubuntu): | |
importance: | Undecided → High |
Changed in python-novaclient (Ubuntu Raring): | |
importance: | Undecided → High |
Changed in python-novaclient (Ubuntu Raring): | |
status: | Confirmed → Triaged |
Changed in python-novaclient (Ubuntu Saucy): | |
status: | Confirmed → Triaged |
Changed in python-novaclient: | |
importance: | Undecided → Low |
status: | New → Triaged |
Changed in python-novaclient: | |
assignee: | nobody → Jyotsna (jyotsna-priya1) |
assignee: | Jyotsna (jyotsna-priya1) → tcs_openstack_group (tcs-openstack-group) |
Changed in python-novaclient: | |
assignee: | tcs_openstack_group (tcs-openstack-group) → Sanjay Kumar Singh (sanjay6-singh) |
To post a comment you must log in.
If using nova's security group implemention you can not create security groups that overlap in name though quantum allows this. Periously nova would let you delete security groups if they overlapped in name as the admin user but this was dangerious as you didn't know which group you were deleting. That said the issue you are seeing is actually a python-novaclient issue -- it does not explose a way to delete via id. You can retreieve the security group ids by running:
nova --debug secgroup-list ;
Then you can make a curl call in order to delete the security group id that you want if it overlapps with another security group (for example: curl -i http:// 10.34.95. 210:8774/ v2/38025118215c 4802adb4381f54d 91535/os- security- groups/ 8516db07- 9902-4e14- 9cef-800fa9df47 99 -X DELETE ..<snip>)
Or you could use the python- quantumclient which supports deleting security groups that overlap in name.