967297 – "quantum security-group-rule-list" cli command doesn't work

Bug 967297 - "quantum security-group-rule-list" cli command doesn't work

Summary: "quantum security-group-rule-list" cli command doesn't work

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Red Hat OpenStack
Classification:	Red Hat
Component:	python-cliff
Sub Component:
Version:	3.0
Hardware:	Unspecified
OS:	Unspecified
Priority:	high
Severity:	high
Target Milestone:	rc
Target Release:	3.0
Assignee:	Brent Eagles
QA Contact:	Rami Vaknin
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2013-05-26 12:10 UTC by Rami Vaknin
Modified:	2016-04-26 21:05 UTC (History)
CC List:	11 users (show)
Fixed In Version:	python-cliff-1.3-1.el6ost
Doc Type:	Rebase: Bug Fixes and Enhancements
Doc Text:	Important: if this rebase instead contains only bug fixes, or only enhancements, select the correct option from the Doc Type drop-down list. Rebase package(s) to version: 1.3-1 Highlights, important fixes, or notable enhancements: This package incorporates the upstream changes for cliff 1.3 which include Python 2.6 compatibility. Other notable changes include a Python 3 subpackage and removal of a dependency on python-tablib.
Clone Of:
Environment:
Last Closed:	2013-06-27 17:15:53 UTC
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Product Errata	RHBA-2013:0968	0	normal	SHIPPED_LIVE	Red Hat OpenStack 3.0 ("Grizzly") bug fix and enhancement update	2013-06-27 21:14:27 UTC

Internal Links: 972055 980964

Description Rami Vaknin 2013-05-26 12:10:08 UTC

Version:
Grizzly on RHEL6.4, puddle 2013-05-24.3

Description:
It looks like there is not way to list OpenStack Networking security group rules using "quantum security-group-rule-list" cli command.

[root@puma10 ~(keystone_admin)]# quantum security-group-list 
+--------------------------------------+---------+-------------+
| id                                   | name    | description |
+--------------------------------------+---------+-------------+
| dc3c6a17-b825-4a9f-8a1c-499c9e5de915 | default | default     |
+--------------------------------------+---------+-------------+
[root@puma10 ~(keystone_admin)]# quantum security-group-rule-list default
Invalid values_specs default
[root@puma10 ~(keystone_admin)]# quantum security-group-rule-list dc3c6a17-b825-4a9f-8a1c-499c9e5de915
Invalid values_specs dc3c6a17-b825-4a9f-8a1c-499c9e5de915
[root@puma10 ~(keystone_admin)]# quantum security-group-rule-list 
'module' object has no attribute 'compress'
[root@puma10 ~(keystone_admin)]#

Comment 1 Attila Fazekas 2013-05-26 12:26:05 UTC

I had the same issue, I almost duplicated the bug:


quantum  --debug security-group-rule-list 
'module' object has no attribute 'compress'
Traceback (most recent call last):
  File "/usr/lib/python2.6/site-packages/quantumclient/shell.py", line 506, in run_subcommand
    return run_command(cmd, cmd_parser, sub_argv)
  File "/usr/lib/python2.6/site-packages/quantumclient/shell.py", line 50, in run_command
    return cmd.run(known_args)
  File "/usr/lib/python2.6/site-packages/quantumclient/common/command.py", line 35, in run
    return super(OpenStackCommand, self).run(parsed_args)
  File "/usr/lib/python2.6/site-packages/cliff/display.py", line 85, in run
    self.produce_output(parsed_args, column_names, data)
  File "/usr/lib/python2.6/site-packages/cliff/lister.py", line 55, in produce_output
    parsed_args,
  File "/usr/lib/python2.6/site-packages/cliff/formatters/table.py", line 32, in emit_list
    first_row = next(data_iter)
  File "/usr/lib/python2.6/site-packages/cliff/lister.py", line 51, in <genexpr>
    for row in data)
AttributeError: 'module' object has no attribute 'compress'
'module' object has no attribute 'compress'

Related network traffic:

GET /v2.0/security-group-rules.json HTTP/1.1
Host: 10.34.69.214:9696
x-auth-token: a5ecf707d40b40608af28e1b414a0697
content-type: application/json
accept-encoding: gzip, deflate
accept: application/json
user-agent: python-quantumclient

HTTP/1.1 200 OK
Content-Type: application/json; charset=UTF-8
Content-Length: 2010
Date: Sun, 26 May 2013 12:16:38 GMT

{"security_group_rules": [{"remote_group_id": null, "direction": "egress", "remote_ip_prefix": null, "protocol": null, "tenant_id": "0b4f2254484840d8b38285f27cbb3440", "port_range_max": null, "security_group_id": "7b540061-588d-4e0d-b877-91809e99e925", "port_range_min": null, "ethertype": "IPv4", "id": "7b506945-66ad-46e1-9aa3-8862cde22546"}, {"remote_group_id": null, "direction": "egress", "remote_ip_prefix": null, "protocol": null, "tenant_id": "0b4f2254484840d8b38285f27cbb3440", "port_range_max": null, "security_group_id": "7b540061-588d-4e0d-b877-91809e99e925", "port_range_min": null, "ethertype": "IPv6", "id": "8715fa20-1e1d-4a46-917d-cc90a21e4559"}, {"remote_group_id": "11b2e76a-a295-4ef7-bdf7-86d660e73f21", "direction": "ingress", "remote_ip_prefix": null, "protocol": null, "tenant_id": "0b4f2254484840d8b38285f27cbb3440", "port_range_max": null, "security_group_id": "11b2e76a-a295-4ef7-bdf7-86d660e73f21", "port_range_min": null, "ethertype": "IPv4", "id": "8884f990-09e8-4c2e-805e-bbc938640ed9"}, {"remote_group_id": null, "direction": "egress", "remote_ip_prefix": null, "protocol": null, "tenant_id": "0b4f2254484840d8b38285f27cbb3440", "port_range_max": null, "security_group_id": "11b2e76a-a295-4ef7-bdf7-86d660e73f21", "port_range_min": null, "ethertype": "IPv6", "id": "aa162845-64d8-41ad-8491-48baf82af54d"}, {"remote_group_id": null, "direction": "egress", "remote_ip_prefix": null, "protocol": null, "tenant_id": "0b4f2254484840d8b38285f27cbb3440", "port_range_max": null, "security_group_id": "11b2e76a-a295-4ef7-bdf7-86d660e73f21", "port_range_min": null, "ethertype": "IPv4", "id": "badc0cb3-8deb-46b1-be98-1fa629f5893a"}, {"remote_group_id": "11b2e76a-a295-4ef7-bdf7-86d660e73f21", "direction": "ingress", "remote_ip_prefix": null, "protocol": null, "tenant_id": "0b4f2254484840d8b38285f27cbb3440", "port_range_max": null, "security_group_id": "11b2e76a-a295-4ef7-bdf7-86d660e73f21", "port_range_min": null, "ethertype": "IPv6", "id": "e7f1cafa-f434-47d8-b87c-83d94a09230a"}]}

GET /v2.0/security-groups.json?fields=id&fields=name&id=None&id=7b540061-588d-4e0d-b877-91809e99e925&id=11b2e76a-a295-4ef7-bdf7-86d660e73f21 HTTP/1.1
Host: 10.34.69.214:9696
x-auth-token: a5ecf707d40b40608af28e1b414a0697
content-type: application/json
accept-encoding: gzip, deflate
accept: application/json
user-agent: python-quantumclient

HTTP/1.1 200 OK
Content-Type: application/json; charset=UTF-8
Content-Length: 152
Date: Sun, 26 May 2013 12:16:38 GMT

{"security_groups": [{"id": "11b2e76a-a295-4ef7-bdf7-86d660e73f21", "name": "default"}, {"id": "7b540061-588d-4e0d-b877-91809e99e925", "name": "test"}]}





Note (wireshark said):"The capture file appears to have been cut short in the middle of a packet."


# rpm -qa |grep quantum
python-quantum-2013.1.1-8.el6ost.noarch
openstack-quantum-2013.1.1-8.el6ost.noarch
openstack-quantum-openvswitch-2013.1.1-8.el6ost.noarch
python-quantumclient-2.2.1-1.el6ost.noarch

Comment 3 Brent Eagles 2013-05-31 13:33:30 UTC

Can you provide the output of:

yum info python-cliff

and

python -c "from itertools import izip; print 'hi'"

Comment 4 Brent Eagles 2013-05-31 15:47:00 UTC

The issue appears to be caused by an older version of python-cliff (1.0-3.el6). The current epel version (1.3-1.el6) works fine.

Comment 5 Brent Eagles 2013-05-31 20:53:39 UTC

Where this issue involves a package dependency (python-cliff) included with the OpenStack distros, we need to determine what the best approach to resolving it is: either by altering the cliff 1.0.3 package or rebasing to 1.3.1.

Comment 6 Rami Vaknin 2013-05-31 21:19:01 UTC

[root@puma10 ~(keystone_admin)]# yum info python-cliff
Loaded plugins: priorities, product-id, rhnplugin, security, subscription-manager
This system is not registered to Red Hat Subscription Management. You can use subscription-manager to register.
This system is receiving updates from RHN Classic or RHN Satellite.
Installed Packages
Name        : python-cliff
Arch        : noarch
Version     : 1.0
Release     : 3.el6
Size        : 431 k
Repo        : installed
From repo   : openstack-now
Summary     : Command Line Interface Formulation Framework
URL         : http://pypi.python.org/pypi/cliff
License     : ASL 2.0
Description : cliff is a framework for building command line programs. It uses setuptools
            : entry points to provide subcommands, output formatters, and other
            : extensions.
            : 
            : Documentation for cliff is hosted on readthedocs.org at
            : http://readthedocs.org/docs/cliff/en/latest/

[root@puma10 ~(keystone_admin)]# python -c "from itertools import izip; print 'hi'"
hi
[root@puma10 ~(keystone_admin)]#

Comment 7 Chris Wright 2013-05-31 22:16:44 UTC

I believe we simply need to refresh the python-cliff package in RDO repo and RHOS puddle to the one that is in EPEL now.  Looks like we just got out of sync.

Comment 8 Brent Eagles 2013-06-05 12:42:33 UTC

New packages with 1.3 rebase pushed.

Comment 11 Rami Vaknin 2013-06-18 06:39:52 UTC

Verified on grizzly running on rhel6.4 with python-cliff-1.3-1.el6ost (puddle 2013-06-13.2).

From admin user
===============

# quantum security-group-rule-list
+--------------------------------------+----------------+-----------+----------+------------------+--------------+
| id                                   | security_group | direction | protocol | remote_ip_prefix | remote_group |
+--------------------------------------+----------------+-----------+----------+------------------+--------------+
| 04b69c0e-4fe1-44ba-b772-794d844e5101 | default        | ingress   | tcp      | 0.0.0.0/0        |              |
| 19d17912-2e20-46d0-bf8d-1fc6c52220ce | default        | egress    |          |                  |              |
| 1f158243-cb24-4950-803a-e19025e1ac9f | default        | egress    |          |                  |              |
| 5acf9b3d-347c-483b-9ab4-e79f4d044918 | default        | ingress   |          |                  | default      |
| 5bb0e605-3bab-45ae-bedd-898f484daec0 | default        | ingress   | icmp     | 0.0.0.0/0        |              |
| 5cccde9b-ebae-450a-8590-5d36797ddd9c | default        | ingress   |          |                  | default      |
| 6b5b5d71-123e-41ff-9b93-0b1db724b540 | default        | egress    |          |                  |              |
| 7057ea12-44c1-4090-a93c-dd80ae1c6414 | default        | egress    |          |                  |              |
| 8c53ad7b-565e-433b-809c-b69b40518ad3 | default        | ingress   |          |                  | default      |
| 9bccf920-2da7-4566-b590-eb2fb091f0b2 | default        | ingress   |          |                  | default      |
| af095e7f-55d1-4d90-ac29-7741424ade57 | default        | egress    |          |                  |              |
| b7d7742d-11c3-428f-835f-6191b4303d15 | default        | egress    |          |                  |              |
| ce1708e0-db0b-41f2-894f-d630d63069fe | default        | ingress   |          |                  | default      |
| dc4cd283-6aa1-49a4-ac2d-9d1fd2296e1d | default        | ingress   |          |                  | default      |
| e221c58f-f08b-4b18-a501-7d88c2b6fa27 | default        | ingress   | icmp     | 0.0.0.0/0        |              |
| e77e4065-37a8-4f0d-ac06-4e826328e218 | default        | ingress   | tcp      | 0.0.0.0/0        |              |
+--------------------------------------+----------------+-----------+----------+------------------+--------------+

From other tenant user
======================

$ quantum security-group-rule-list
+--------------------------------------+----------------+-----------+----------+------------------+--------------+
| id                                   | security_group | direction | protocol | remote_ip_prefix | remote_group |
+--------------------------------------+----------------+-----------+----------+------------------+--------------+
| 19d17912-2e20-46d0-bf8d-1fc6c52220ce | default        | egress    |          |                  |              |
| 9bccf920-2da7-4566-b590-eb2fb091f0b2 | default        | ingress   |          |                  | default      |
| b7d7742d-11c3-428f-835f-6191b4303d15 | default        | egress    |          |                  |              |
| dc4cd283-6aa1-49a4-ac2d-9d1fd2296e1d | default        | ingress   |          |                  | default      |
| e221c58f-f08b-4b18-a501-7d88c2b6fa27 | default        | ingress   | icmp     | 0.0.0.0/0        |              |
| e77e4065-37a8-4f0d-ac06-4e826328e218 | default        | ingress   | tcp      | 0.0.0.0/0        |              |
+--------------------------------------+----------------+-----------+----------+------------------+--------------+

Comment 13 errata-xmlrpc 2013-06-27 17:15:53 UTC

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHBA-2013-0968.html

Note You need to log in before you can comment on or make changes to this bug.