Bug 1055529 - VMware: VC driver lacks support for firewall rules
Summary: VMware: VC driver lacks support for firewall rules
Alias: None
Product: Red Hat OpenStack
Classification: Red Hat
Component: openstack-nova
Version: 3.0
Hardware: x86_64
OS: Linux
Target Milestone: rc
: 5.0 (RHEL 7)
Assignee: Matthew Booth
QA Contact: Jaroslav Henner
Depends On:
Blocks: 1055536 1077811
TreeView+ depends on / blocked
Reported: 2014-01-20 13:44 UTC by Jaroslav Henner
Modified: 2019-09-09 13:28 UTC (History)
8 users (show)

Fixed In Version: openstack-nova-2014.1-3.el7ost
Doc Type: Bug Fix
Doc Text:
OpenStack did not check previously whether the driver in use supports security groups. The VMware driver does not support security groups with flat networking, which resulted in the use of the feature resulting in an error. OpenStack now checks to see whether the driver supports security groups. Attempting to use security groups with the VMware driver and flat networking now results in a warning rather than an error.
Clone Of:
: 1077811 (view as bug list)
Last Closed: 2014-07-08 15:27:50 UTC
Target Upstream Version:
jhenner: needinfo-

Attachments (Terms of Use)

System ID Private Priority Status Summary Last Updated
Launchpad 1269448 0 None None None Never
OpenStack gerrit 69600 0 None None None Never
Red Hat Product Errata RHEA-2014:0853 0 normal SHIPPED_LIVE Red Hat Enterprise Linux OpenStack Platform Enhancement - Compute 2014-07-08 19:22:38 UTC

Description Jaroslav Henner 2014-01-20 13:44:00 UTC
See the LP bug.

Comment 2 Stephen Gordon 2014-01-22 15:22:36 UTC
Setting priority low as apparently this is not an issue when using Neutron, only nova-network.

Comment 3 Stephen Gordon 2014-03-13 14:31:04 UTC
Looks like a fix merged for icehouse-rc1.

Comment 5 Jaroslav Henner 2014-06-17 12:48:24 UTC
# grep 'does not support' /var/log/nova/*.log
/var/log/nova/other.log:2014-06-17 08:37:56.998 21682 WARNING nova.compute.manager [req-dd8857ea-2df4-43da-a099-6a8bc8339b68 admin admin] [instance: 7a76e8f8-bccc-451a-95f0-a7e0853998bc] Hypervisor driver does not support security groups.

# iptables -S | grep ' 33 '
[[[ empty here ]]]


Comment 9 errata-xmlrpc 2014-07-08 15:27:50 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.


Note You need to log in before you can comment on or make changes to this bug.