Bug 1281907 - should not add default security group to quantum unless api-request had it
Summary: should not add default security group to quantum unless api-request had it
Keywords:
Status: CLOSED CURRENTRELEASE
Alias: None
Product: Red Hat OpenStack
Classification: Red Hat
Component: openstack-nova
Version: 7.0 (Kilo)
Hardware: Unspecified
OS: Unspecified
medium
medium
Target Milestone: ---
: 8.0 (Liberty)
Assignee: Eoghan Glynn
QA Contact: nlevinki
URL:
Whiteboard:
: 1284123 (view as bug list)
Depends On:
Blocks: 1191185 1281573 1396157
TreeView+ depends on / blocked
 
Reported: 2015-11-13 18:57 UTC by Stephen Gordon
Modified: 2019-09-09 15:09 UTC (History)
12 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2017-01-04 16:11:43 UTC
Target Upstream Version:
Embargoed:


Attachments (Terms of Use)

Description Stephen Gordon 2015-11-13 18:57:38 UTC
Cloned from launchpad bug 1175464.

Description:

when booting an instance nova-api automatically adds a default security group if one is not specified, though we shouldn't be doing this and instead quantum should handle be handing this. This actually causes an issue for plugins that implement the port_security_api and have port_security_enabled=False on a network. 

https://github.com/openstack/nova/blob/master/nova/api/openstack/compute/contrib/security_groups.py#L498
https://github.com/openstack/nova/blob/master/nova/api/openstack/compute/contrib/security_groups.py#L511

Specification URL (additional information):

https://bugs.launchpad.net/nova/+bug/1175464

Comment 2 Eoghan Glynn 2015-11-24 16:53:37 UTC
*** Bug 1284123 has been marked as a duplicate of this bug. ***

Comment 3 Sirius Rayner-Karlsson 2017-01-04 16:11:43 UTC
As per e-mail discussion, closing currentrelease as this is in Newton/ROSP10. Double-checked with Joe Donohue as well and he's good.


Note You need to log in before you can comment on or make changes to this bug.