Closed (fixed)
Project:
Cloud
Version:
7.x-1.x-dev
Component:
Code
Priority:
Major
Category:
Bug report
Assigned:
Unassigned
Reporter:
Created:
19 Dec 2012 at 13:44 UTC
Updated:
14 Jan 2013 at 18:20 UTC
Jump to comment: Most recent file
Error performing "Add Permissions to Security Group"
The errors are: An unknown error has occurred. Please try your request again.
Base cloud : OpenStack
| Comment | File | Size | Author |
|---|---|---|---|
| #7 | Sec-Groups-Modifications-1870284-7.patch | 7.17 KB | baldwinlouie |
| #6 | Fullscreen 12:20:12 4:30 PM.png | 253.44 KB | baldwinlouie |
| #6 | add-revoke-rule-issue-1870284-6.patch | 4.52 KB | baldwinlouie |
| #6 | Sec-Groups-Modifications-1870284-6.patch | 9.68 KB | baldwinlouie |
| #5 | Sec-Groups-Modifications-1870284.patch | 3.68 KB | aelgammal |
Comments
Comment #1
baldwinlouie commentedHere is the nova-api log trace too. Will have to investigate further.
Comment #2
baldwinlouie commentedI looked through the python code of the nova api and came across this:
It looks like support for the latest PHP SDK might not supported yet. Any thoughts?
Will investigate a bit more.
Comment #3
baldwinlouie commentedAlso filed a question to Nova Launchpad: https://answers.launchpad.net/nova/+question/217216
Comment #4
ahmed_samir commentedThanks for the logs, after some debugging with my colleagues we found a solution.
Comment #5
aelgammal commentedThere was a problem when Adding & Revoking (Deleting) IPs such as "TCP/UDP", "ICMP", and "Add Group" after creating a Security Group with OpenStack Cloud.
There was also a problem when adding Security Groups, because there was no source to read the IPs & Port Range from. So I added a code to read the IP & Ports from the fields in the "Add TCP/UDP" Form.
Issues fixed in the below patches.
I've tested it and it is working fine with OpenStack Cloud, please perform the testing with EC2.
Comment #6
baldwinlouie commentedThanks for the patch! I'm excited that you are helping me with this issue!
I applied the patch and it works well for adding security rules in OpenStack. But when trying to revoke Security Groups, it would revoke all permission that is associated with the group.
When I tried to use the code for EC2, I got errors because SecurityGroupName and SecurityGroupOwnerId cannot be passed in the IpPermissions array. I found out that within IpPermissions, you can pass GroupName and OwnerId in a nested array() and the Security Group is also added without needing SecurityGroupName and SecurityGroupOwnerId.
Regarding the patch: Sec-Groups-Modifications-1870284.patch, I like the idea! But I also think that you can add ICMP ip addresses as well. I've decided to add the TCP/UDP/ICMP fields directly into the "Add Group" fieldset. The form will use Ajax to reload the fields between TCP/UDP & ICMP. I'm attaching a screenshot for you so you can see what I mean.
Finally, I'm attaching two patches for you to take a look it. I took the basis of your work, enhanced it, cleaned it up a bit with what I described in this issue. Try it out and see if this works for you.
You might want to apply the patches against a clean checkout. There were some changes made to aws_cloud_get_security_action()
Comments and thoughts are appreciated!
Comment #7
baldwinlouie commentedHad to reroll the Sec-Groups-Modifications-1870284-6.patch to clean up some commented out code. Here it is again.
Comment #8
aelgammal commentedThank you very much and I'm glad that it helped you, but unfortunately Fridays & Saturdays are off here so I won't be able to connect with the Openstack Cloud and test it until Sunday from Work.
But I do like the idea of putting it all together in a single form and the user can just switch between TCP/UDP/ICMP.
I will take a look at the code until I perform the testing on Sunday and update you with the news, and thank you for your support.
Comment #9
aelgammal commentedI've tested the code and its working fine, thank you very much.
However I had to apply it manually because I keep getting this error message when I try to apply the patch:-
Sec-Groups-Modifications-1870284-7.patch:24: trailing whitespace.
Sec-Groups-Modifications-1870284-7.patch:150: trailing whitespace.
error: patch failed: modules/iaas/modules/aws_cloud/includes/aws_cloud_security_groups_ui.inc:364
error: modules/iaas/modules/aws_cloud/includes/aws_cloud_security_groups_ui.inc: patch does not apply
I tried the following command:-
git apply --reject --whitespace=fix Sec-Groups-Modifications-1870284-7.patch
But it still did not work, anyways ....
I believe everything is working fine from our part or the Openstack Cloud in general, except for the Failover issue.
Comment #10
baldwinlouie commentedMerry Christmas and happy new years! I didn't get to commit this last week. But here it is:
http://drupalcode.org/project/cloud.git/commit/28d9cd7