Instance launching fails when using neutron network/port with "port_security_enabled=False"
Issue
- If I disable
neutron port_securityon network then I am unable to spawn new instance in that network:
[heat-admin@slmsc1ctl0 ~]$ nova boot cirros124 --image cirros-0.3.3-x86_64 --flavor m1.tiny --nic port-id=55da69bc-b5e3-478b-8fcd-9157641186ea --poll
[...]
Error building server
ERROR (InstanceInErrorState): Build of instance 04612709-4cd0-4340-bcb2-57cf6533162e was re-scheduled: Network requires port_security_enabled and subnet associated in order to apply security groups.
2016-01-27 17:50:07.438 3161 ERROR nova.compute.manager [req-adab7cc7-a658-4de6-97c0-183aa9c61865 a615c6e437be4d95874d3ea379965212 95f3ea8f9a5145f2b5e5ef6a36961dfe - - -] [instance: 04612709-4cd0-4340-bcb2-57cf6533162e] Instance failed to spawn
2016-01-27 17:50:07.438 3161 TRACE nova.compute.manager [instance: 04612709-4cd0-4340-bcb2-57cf6533162e] Traceback (most recent call last):
2016-01-27 17:50:07.438 3161 TRACE nova.compute.manager [instance: 04612709-4cd0-4340-bcb2-57cf6533162e] File "/usr/lib/python2.7/site-packages/nova/compute/manager.py", line 2474, in _build_resources
2016-01-27 17:50:07.438 3161 TRACE nova.compute.manager [instance: 04612709-4cd0-4340-bcb2-57cf6533162e] yield resources
2016-01-27 17:50:07.438 3161 TRACE nova.compute.manager [instance: 04612709-4cd0-4340-bcb2-57cf6533162e] File "/usr/lib/python2.7/site-packages/nova/compute/manager.py", line 2346, in _build_and_run_instance
2016-01-27 17:50:07.438 3161 TRACE nova.compute.manager [instance: 04612709-4cd0-4340-bcb2-57cf6533162e] block_device_info=block_device_info)
2016-01-27 17:50:07.438 3161 TRACE nova.compute.manager [instance: 04612709-4cd0-4340-bcb2-57cf6533162e] File "/usr/lib/python2.7/site-packages/nova/virt/libvirt/driver.py", line 2460, in spawn
2016-01-27 17:50:07.438 3161 TRACE nova.compute.manager [instance: 04612709-4cd0-4340-bcb2-57cf6533162e] write_to_disk=True)
2016-01-27 17:50:07.438 3161 TRACE nova.compute.manager [instance: 04612709-4cd0-4340-bcb2-57cf6533162e] File "/usr/lib/python2.7/site-packages/nova/virt/libvirt/driver.py", line 4308, in _get_guest_xml
2016-01-27 17:50:07.438 3161 TRACE nova.compute.manager [instance: 04612709-4cd0-4340-bcb2-57cf6533162e] network_info_str = str(network_info)
2016-01-27 17:50:07.438 3161 TRACE nova.compute.manager [instance: 04612709-4cd0-4340-bcb2-57cf6533162e] File "/usr/lib/python2.7/site-packages/nova/network/model.py", line 480, in __str__
2016-01-27 17:50:07.438 3161 TRACE nova.compute.manager [instance: 04612709-4cd0-4340-bcb2-57cf6533162e] return self._sync_wrapper(fn, *args, **kwargs)
2016-01-27 17:50:07.438 3161 TRACE nova.compute.manager [instance: 04612709-4cd0-4340-bcb2-57cf6533162e] File "/usr/lib/python2.7/site-packages/nova/network/model.py", line 463, in _sync_wrapper
2016-01-27 17:50:07.438 3161 TRACE nova.compute.manager [instance: 04612709-4cd0-4340-bcb2-57cf6533162e] self.wait()
2016-01-27 17:50:07.438 3161 TRACE nova.compute.manager [instance: 04612709-4cd0-4340-bcb2-57cf6533162e] File "/usr/lib/python2.7/site-packages/nova/network/model.py", line 495, in wait
2016-01-27 17:50:07.438 3161 TRACE nova.compute.manager [instance: 04612709-4cd0-4340-bcb2-57cf6533162e] self[:] = self._gt.wait()
2016-01-27 17:50:07.438 3161 TRACE nova.compute.manager [instance: 04612709-4cd0-4340-bcb2-57cf6533162e] File "/usr/lib/python2.7/site-packages/eventlet/greenthread.py", line 175, in wait
2016-01-27 17:50:07.438 3161 TRACE nova.compute.manager [instance: 04612709-4cd0-4340-bcb2-57cf6533162e] return self._exit_event.wait()
2016-01-27 17:50:07.438 3161 TRACE nova.compute.manager [instance: 04612709-4cd0-4340-bcb2-57cf6533162e] File "/usr/lib/python2.7/site-packages/eventlet/event.py", line 125, in wait
2016-01-27 17:50:07.438 3161 TRACE nova.compute.manager [instance: 04612709-4cd0-4340-bcb2-57cf6533162e] current.throw(*self._exc)
2016-01-27 17:50:07.438 3161 TRACE nova.compute.manager [instance: 04612709-4cd0-4340-bcb2-57cf6533162e] File "/usr/lib/python2.7/site-packages/eventlet/greenthread.py", line 214, in main
2016-01-27 17:50:07.438 3161 TRACE nova.compute.manager [instance: 04612709-4cd0-4340-bcb2-57cf6533162e] result = function(*args, **kwargs)
2016-01-27 17:50:07.438 3161 TRACE nova.compute.manager [instance: 04612709-4cd0-4340-bcb2-57cf6533162e] File "/usr/lib/python2.7/site-packages/nova/compute/manager.py", line 1795, in _allocate_network_async
2016-01-27 17:50:07.438 3161 TRACE nova.compute.manager [instance: 04612709-4cd0-4340-bcb2-57cf6533162e] dhcp_options=dhcp_options)
2016-01-27 17:50:07.438 3161 TRACE nova.compute.manager [instance: 04612709-4cd0-4340-bcb2-57cf6533162e] File "/usr/lib/python2.7/site-packages/nova/network/neutronv2/api.py", line 549, in allocate_for_instance
2016-01-27 17:50:07.438 3161 TRACE nova.compute.manager [instance: 04612709-4cd0-4340-bcb2-57cf6533162e] raise exception.SecurityGroupCannotBeApplied()
2016-01-27 17:50:07.438 3161 TRACE nova.compute.manager [instance: 04612709-4cd0-4340-bcb2-57cf6533162e] SecurityGroupCannotBeApplied: Network requires port_security_enabled and subnet associated in order to apply security groups.
Environment
- Red Hat Open Stack 7
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.
