Version: Grizzly on RHEL6.4, puddle 2013-05-24.3 Description: I've installed 2-nodes environment with OpenStack Networking using packstack and created a vlan network. By listing the *nova* security group rules, it looks like there are 2 rules with neither protocol nor ip range, only ports where set to -1. [root@puma10 ~(keystone_admin)]# nova secgroup-list-rules default +-------------+-----------+---------+----------+--------------+ | IP Protocol | From Port | To Port | IP Range | Source Group | +-------------+-----------+---------+----------+--------------+ | | -1 | -1 | | default | | | -1 | -1 | | default | +-------------+-----------+---------+----------+--------------+ [root@puma10 ~(keystone_admin)]# nova secgroup-list +---------+-------------+ | Name | Description | +---------+-------------+ | default | default | +---------+-------------+ [root@puma10 ~(keystone_admin)]# nova secgroup-list --all-tenant +---------+-------------+----------------------------------+ | Name | Description | Tenant_ID | +---------+-------------+----------------------------------+ | default | default | 7d346a9d1689408db183924fda2ca9c7 | +---------+-------------+----------------------------------+ Note that all security group tables in nova database are empty: mysql> select * from security_group_default_rules; Empty set (0.00 sec) mysql> select * from security_group_rules; Empty set (0.00 sec) mysql> select * from security_groups; Empty set (0.00 sec) mysql> select * from security_group_instance_association; Empty set (0.00 sec)
@Rami Vaknin, just to clarify, does this only happen with 2 nodes?
I see that the same also happens in 4-nodes environment.
This behavior appears to be harmless, so I'm closing as WONTFIX. Please feel free to reopen if that's incorrect.