[Expired for neutron because there has been no activity for 60 days.]
** Changed in: neutron
Status: Incomplete => Expired
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/1340194
Title:
Removed security group rules are still persistent on instances
Status in OpenStack Neutron (virtual network service):
Expired
Bug description:
Even after removing the scurity group rules , able to do the
operations like ssh/ping on vms.
Erlier to this we added rules to allow ssh and ping , and then removed
those rules.
Below is log
nova list
+--------------------------------------+-------------+--------+------------+-------------+-----------------------------+
| ID | Name | Status | Task State |
Power State | Networks |
+--------------------------------------+-------------+--------+------------+-------------+-----------------------------+
| a1426d0a-07df-40c8-b883-3f5fb34bbec2 | testvm1-az1 | ACTIVE | None |
Running | Net1=2.2.2.2, 10.233.53.105 |
| 329b0493-e1f9-4baa-bfc9-5ecf9c2d4687 | testvm1-az2 | ACTIVE | None |
Running | Net1=2.2.2.4 |
+--------------------------------------+-------------+--------+------------+-------------+-----------------------------+
root@controller:~# nova show a1426d0a-07df-40c8-b883-3f5fb34bbec2
+--------------------------------------+----------------------------------------------------------+
| Property | Value
|
+--------------------------------------+----------------------------------------------------------+
| status | ACTIVE
|
| updated | 2014-07-03T06:34:31Z
|
| OS-EXT-STS:task_state | None
|
| OS-EXT-SRV-ATTR:host | compute1
|
| key_name | None
|
| image | CirrOS 0.3.1
(ea93e47e-558e-4baf-bea1-777b4814ca5d) |
| hostId |
64a50db012ab0b483697b85be03d02d66535ff2656170b6c8fb9a8f8 |
| Net1 network | 2.2.2.2, 10.233.53.105
|
| OS-EXT-STS:vm_state | active
|
| OS-EXT-SRV-ATTR:instance_name | instance-00000018
|
| OS-SRV-USG:launched_at | 2014-07-03T06:34:31.000000
|
| OS-EXT-SRV-ATTR:hypervisor_hostname | compute1
|
| flavor | myF1 (6)
|
| id | a1426d0a-07df-40c8-b883-3f5fb34bbec2
|
| security_groups | [{u'name': u'default'}]
| --------------------------> using default secgroup.
| OS-SRV-USG:terminated_at | None
|
| user_id | 0dc64e9cfb07442b8d6ce7d518200d06
|
| name | testvm1-az1
|
| created | 2014-07-03T06:33:54Z
|
| tenant_id | 8a5dee0f17204539a73987d6a8f255cd
|
| OS-DCF:diskConfig | MANUAL
|
| metadata | {}
|
| os-extended-volumes:volumes_attached | []
|
| accessIPv4 |
|
| accessIPv6 |
|
| progress | 0
|
| OS-EXT-STS:power_state | 1
|
| OS-EXT-AZ:availability_zone | azhyd1
|
| config_drive |
|
+--------------------------------------+----------------------------------------------------------+
root@controller:~# nova secgroup-list-rules default
+-------------+-----------+---------+----------+--------------+
| IP Protocol | From Port | To Port | IP Range | Source Group |
+-------------+-----------+---------+----------+--------------+
| | | | | default |
| | | | | default |
+-------------+-----------+---------+----------+--------------+
root@controller:~# ip netns exec qdhcp-acf1b559-0602-461f-8b86-9e7c5a7cec80
ping 2.2.2.2
PING 2.2.2.2 (2.2.2.2) 56(84) bytes of data.
64 bytes from 2.2.2.2: icmp_req=1 ttl=64 time=3.28 ms
64 bytes from 2.2.2.2: icmp_req=2 ttl=64 time=1.83 ms
We are using havana version of openstack on ubuntu 12.o4/64bit.
To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/1340194/+subscriptions
--
Mailing list: https://launchpad.net/~yahoo-eng-team
Post to : yahoo-eng-team@lists.launchpad.net
Unsubscribe : https://launchpad.net/~yahoo-eng-team
More help : https://help.launchpad.net/ListHelp
