Security group in profile are not applied
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
senlin |
In Progress
|
Critical
|
Duc Truong |
Bug Description
When creating a cluster using a profile that has security groups specified like this, the nodes are created only belonging to the default security group.
type: os.nova.server
version: 1.0
properties:
name: cirros_server
flavor: 1
image: "cirros-
networks:
- network: private
metadata:
test_key: test_value
security_groups:
- 46f7acd4-
- 30e334ff-
user_data: |
#!/bin/sh
echo 'hello, world' > /tmp/test_file
The problem is that Senlin creates the port manually on a network and then passes those ports to the server create API. When doing so, the server create API will ignore the passed in security groups as per its API documentation (https:/
Requested security groups are not applied to pre-existing ports.
To workaround this problem, the security groups have to be specified as part of each network:
type: os.nova.server
version: 1.0
properties:
name: cirros_server
flavor: 1
image: "cirros-
networks:
- network: private
security_
- 46f7acd4-
- 30e334ff-
metadata:
test_key: test_value
user_data: |
#!/bin/sh
echo 'hello, world' > /tmp/test_file
Changed in senlin: | |
status: | New → In Progress |
importance: | Undecided → Critical |
assignee: | nobody → Duc Truong (dtruong) |
I think in here have a problem.. because i was try make a server with a profile like this above profile in last month. And, i was saw server created with security group.