Hi,
I've been working on some sanity checks for our labtestn (mitaka/neutron) deployment [0].
I found a weird issue when trying to create an instance in the 'tooling' network (the vxlan based network):
<< Network requires port_security_enabled and subnet associated in order to apply security groups.
This error is seen in the /var/log/nova/nova-conductor.log file when I create an instance with this cmdline:
% openstack server create --flavor 2 \ --image 66e544e8-fe4f-41f7-9809-6723e53b5a99 aborrero-test1 \ --nic port-id=9389a984-d58e-4776-8b7a-30ff93073917 \ --property subnet=3ec06de7-3b9e-4de3-86c6-67ba1895b253
However:
% neutron port-show 9389a984-d58e-4776-8b7a-30ff93073917 \ | grep port_security_enabled
| port_security_enabled | True
(this port was created manually by me)
Not sure if the 'server create' command is lacking some additional option. I generated it following what I saw in our bootstrap docs + labtestcontrol2003 history
I also tried with this command:
% openstack server create --flavor 2 \ --image 66e544e8-fe4f-41f7-9809-6723e53b5a99 aborrero-test1 \ --nic net-id=60aa9467-253c-4fdf-9fa0-eba42dafc975
with the same result (i.e, a net instead of a port)
I'm probably misunderstanding some openstack concepts: nics, ports, subnets, nets, etc.
[0] https://wikitech.wikimedia.org/wiki/Portal:Cloud_VPS/Admin/Deployment_sanity...