Bug 1539829
| Summary: | [RFE] Provide support for adding security groups and rules using ovirt-provider-ovn | ||
|---|---|---|---|
| Product: | [oVirt] ovirt-provider-ovn | Reporter: | Yaniv Lavi <ylavi> |
| Component: | provider | Assignee: | Miguel Duarte Barroso <mduarted> |
| Status: | CLOSED CURRENTRELEASE | QA Contact: | msheena |
| Severity: | high | Docs Contact: | Rolfe Dlugy-Hegwer <rdlugyhe> |
| Priority: | high | ||
| Version: | 1.2.1 | CC: | bugs, danken, dholler, mburman, mduarted, mmirecki, msheena, myakove, ratamir, rdlugyhe, sgoodman |
| Target Milestone: | ovirt-4.3.0 | Keywords: | FutureFeature |
| Target Release: | --- | Flags: | rule-engine:
ovirt-4.3+
mburman: testing_plan_complete+ ylavi: planning_ack+ danken: devel_ack+ mburman: testing_ack+ |
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
| Whiteboard: | |||
| Fixed In Version: | ovirt-engine-4.3.0_rc | Doc Type: | Enhancement |
| Doc Text: |
This feature provides support for adding security groups and rules using the ovirt-provider-ovn package, as described by the OpenStack Networking API.
|
Story Points: | --- |
| Clone Of: | Environment: | ||
| Last Closed: | 2019-02-13 07:43:02 UTC | Type: | Bug |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | Network | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | 1652841, 1669123 | ||
| Bug Blocks: | |||
|
Description
Yaniv Lavi
2018-01-29 17:10:26 UTC
Isn't should be targeted to 4.3? Did we agreed to test this on 4.2.7? I don't recall if we already agreed on it. I surely want to have it, as customers expect it from an SDN. I hope you can grant your ack for 4.2.z. Note that Miguel tells me that 4.2.7 is too optimistic. Let us consider this in 4.2.8. Verified following flows:
- Provisioning security groups
- Provisioning security group rules
- Ingress/egress traffic filtering using security group rules:
- Using remote group ID
- Using remote IP prefix (IPv4 only)
The 'os_security_group' and 'os_security_group_rules' Ansible modules [1], [2] were out of scope for verification due to dependency constraints.
[1] - https://docs.ansible.com/ansible/2.5/modules/os_security_group_module.html
[2] - https://docs.ansible.com/ansible/2.5/modules/os_security_group_rule_module.html
Moving back to ASSIGNED since several flows failed for versions: ovirt-provider-ovn-1.2.17-1.el7ev.noarch 4.3.0-0.8.rc2.el7 The main flow that is blocking other flows: - Port security turned on, and then turned off This bug is in modified for 4.3.0 while the builds for the last RC have been published. If this fix is included in last release candidate please move to QE. If it's not included either raise this as blocker and push a build ASAP or re-target to another milestone. Verified on versions: (Red Hat Virtualization Manager) 4.3.0.4-0.1.el7 ovirt-provider-ovn-1.2.19-1.el7ev.noarch openvswitch2.10-2.10.0-28.el7fdp.x86_64 openvswitch2.10-ovn-central-2.10.0-28.el7fdp.x86_64 (Guest OS) Red Hat Enterprise Linux Server 7.6 (Maipo) (Guest OS kernel) 3.10.0-957.el7.x86_64 (Host OS) Red Hat Enterprise Linux Server 7.6 (Maipo) (Host OS kernel) 3.10.0-957.5.1.el7.x86_64 This bugzilla is included in oVirt 4.3.0 release, published on February 4th 2019. Since the problem described in this bug report should be resolved in oVirt 4.3.0 release, it has been closed with a resolution of CURRENT RELEASE. If the solution does not work for you, please open a new bug report. |