Shared security groups
Originally reported as a bug: https:/
Description
===========
Nova does not support shared security groups for new virtual mashines. It happens because Nova filters security groups by tenant ID here https:/
Steps to reproduce
==================
* create two projects A and B
* in project A create security group in Neutron
* share the security group to project B via RBAC (https:/
* try to create VM with this security group in project B
Expected result
===============
The VM should be created if security group shared to this project.
Actual result
=============
The error in logs:
Traceback (most recent call last):
File "/nova-
yield resources
File "/nova-
block_
File "/nova-
admin_password, network_info, block_device_info)
File "/nova-
vm_folder)
File "/nova-
vm_
File "/nova-
network_info)
File "/nova-
for vif in network_info:
File "/nova-
return self._sync_
File "/nova-
self.wait()
File "/nova-
self[:] = self._gt.wait()
File "/var/lib/
return self._exit_
File "/var/lib/
current.
File "/var/lib/
result = function(*args, **kwargs)
File "/nova-
return func(*args, **kwargs)
File "/nova-
six.
File "/nova-
bind_
File "/nova-
instance, neutron, security_groups)
File "/nova-
security_
SecurityGroupNo
Blueprint information
- Status:
- Not started
- Approver:
- None
- Priority:
- Undefined
- Drafter:
- Mark Goddard
- Direction:
- Needs approval
- Assignee:
- None
- Definition:
- New
- Series goal:
- None
- Implementation:
- Unknown
- Milestone target:
- None
- Started by
- Completed by
Related branches
Related bugs
Sprints
Whiteboard
Gerrit topic: https:/
Addressed by: https:/
Support creating servers with RBAC SGs