Project

General

Profile

Actions

Bug #6535

closed

EC2 Security Groups - empty box

Added by Dominic Cleal over 10 years ago. Updated over 6 years ago.

Status:
Closed
Priority:
Normal
Category:
Compute resources - EC2
Target version:
Difficulty:
Triaged:
Fixed in Releases:
Found in Releases:

Description

Cloned from https://bugzilla.redhat.com/show_bug.cgi?id=1101998
This is only a issue tracker. I think, this is really important to solve before release.

Description of problem:
I did not find way, how can I get security groups from Amazon EC2. I have got the box for choosing, but the box is empty. I have got tow security groups in EC2.

Version-Release number of selected component (if applicable):
Satellite-6.0.3-RHEL-6-20140521.0

(10:51:01) mkorbel: Dominic: I have next one question, how can I add a security groups into foreman.
(10:54:55) mkorbel: Dominic: When I try create new virtual machine in EC2, I see empty box of security groups.
(10:55:52) Dominic: mkorbel: it should "just work".. I think there's a VPC dropdown too, so if you're using those you might have to select that first for them to update, otherwise I don't know


Files

Screenshot from 2014-08-02 12_37_24.png View Screenshot from 2014-08-02 12_37_24.png 60.1 KB Joshua Hoblitt, 08/02/2014 03:44 PM
Screenshot from 2014-08-02 12_38_29.png View Screenshot from 2014-08-02 12_38_29.png 87.1 KB Joshua Hoblitt, 08/02/2014 03:44 PM
Screenshot from 2014-08-02 12_38_49.png View Screenshot from 2014-08-02 12_38_49.png 84.6 KB Joshua Hoblitt, 08/02/2014 03:44 PM
security_groups_vpc.png View security_groups_vpc.png 19.6 KB My VPC security groups are shown Shlomi Zadok, 09/07/2014 03:24 AM
security_groups_on_amazon.png View security_groups_on_amazon.png 39.6 KB All of my security groups on Amazon Shlomi Zadok, 09/07/2014 03:26 AM

Related issues 2 (1 open1 closed)

Related to Foreman - Bug #4235: EC2 compute profile loses Security Group setting.New02/03/2014Actions
Related to Foreman - Bug #12837: Security Groups not populated after selecting Subnet in New Host > Virtual MachineDuplicate12/15/2015Actions
Actions #1

Updated by Dominic Cleal over 10 years ago

  • Category set to Compute resources
  • Assignee deleted (Dominic Cleal)

This may be related to IAM.

Updated by Joshua Hoblitt over 10 years ago

I believe I've encountered this issue, or something similar, in 1.5.2. The "EC2" subnet is empty but two magic subnet's have appeared with security groups in them. However, all attemps at provisioning fail with a a sparse error message.

Successfully decrypted field for Foreman::Model::EC2 ec2-us-west-1
Rolling back due to a problem: [Set up compute instance ec2test.sdm.noao.edu     2     failed    ...

I've ruled out an IAM credientals problem both by changing the privs to administrator and foreman is able to stop/destroy instances that I manual create via the ec2 console.

Actions #3

Updated by Joshua Hoblitt over 10 years ago

  • Related to Bug #4235: EC2 compute profile loses Security Group setting. added
Actions #4

Updated by Joshua Hoblitt over 10 years ago

I tried deleting and recreating the compute resource. There's now a 3rd magical 172.31.x subnet and it's only listing the default security group but not the other 2 that are visible from the AWS console. Instance creation still fails at the first step.

Actions #5

Updated by Dominic Cleal over 10 years ago

  • Category changed from Compute resources to Compute resources - EC2
  • Target version set to 1.7.5
Actions #6

Updated by Anonymous over 10 years ago

  • Target version changed from 1.7.5 to 1.7.4
Actions #7

Updated by Shlomi Zadok about 10 years ago

  • Assignee set to Shlomi Zadok

Updated by Shlomi Zadok about 10 years ago

It seems you have to create VPC specific security groups for this to show security groups under a subnet (of the VPC).
As you may see from my screen shots, on my AWS account I have 5 security groups. 3 are EC2-classic and 2 are EC2-VPC.
When I create a new host on Foreman, and choose a subnet, it will show only the security groups that belong to the subnet.
If I have none, it will display none.
Can you please verify?

Actions #9

Updated by Shlomi Zadok about 10 years ago

  • Status changed from New to Feedback
Actions #10

Updated by Anonymous about 10 years ago

  • Target version changed from 1.7.4 to 1.7.3
Actions #11

Updated by Dominic Cleal about 10 years ago

  • Status changed from Feedback to New
  • Assignee deleted (Shlomi Zadok)

I'm setting this back, as I don't believe Shlomi's successful attempt negates the fact this isn't working for two people.

Actions #12

Updated by Dominic Cleal about 10 years ago

  • Target version changed from 1.7.3 to 1.7.2
Actions #13

Updated by Ohad Levy about 10 years ago

  • Target version deleted (1.7.2)
Actions #14

Updated by Tom Caspy almost 10 years ago

I just tested this on latest foreman develop, and it seems that the security groups are properly shown... are there specific conditions under which this can be replicated?

edit:
Tested this under two conditions:
1. IAM account (in the RedHat EC2 account)
- normal security groups (no VPC) - properly shown
- VPC security groups - properly shown
2. Master account (my personal one)
- normal security groups (no VPC) - properly shown
- VPC security groups - properly shown

This may be caused by the compute resource being under a different region, where the security groups and VPCs are not defined, i.e. using us-east-1 (N. Virginia) but having the EC2 compute resource go to us-west-2 (Oregon) - in which case, a "default" security group should still be shown IMHO.

Actions #15

Updated by Tommy McNeely almost 10 years ago

I was just able to reproduce this issue.

1. Create a "New Image" under the compute resource. Select a specific subnet, AZ, security groups...
2. Save
3. Edit that image.
4. NOTE: the security groups boxes are blank.

WORKAROUND: If you change the "subnet" to something else, then back to the desired subnet, it will repopulate the security groups. Then you can re-select the one you originally intended.

THOUGHTS: Dom said it was loading with JS, so perhaps we just need to trigger some sort of "initial" load of the data??

~tommy

Actions #16

Updated by Tommy McNeely almost 10 years ago

Sorry, I meant to say, this also happens on the "New Host" screen in the "Network" tab...

Same workaround, change the "subnet" to something else, then back, then the groups will load and you can select the SG you want.

Actions #17

Updated by Stefan Goethals almost 9 years ago

The JQuery selector in https://github.com/theforeman/foreman/blob/develop/app/assets/javascripts/compute_resource.js#L195 returns 2 elements.
The following functions don't take that into account and thus the security_groups and subnets variables are never populated.

Changing https://github.com/theforeman/foreman/blob/develop/app/assets/javascripts/compute_resource.js#L196
From
sg_select = $('.security_group_ids')
To
sg_select = $('select.security_group_ids')

seems to resolve the issue.

Actions #18

Updated by Jordan Snodgrass almost 9 years ago

  • Related to Bug #12837: Security Groups not populated after selecting Subnet in New Host > Virtual Machine added
Actions #19

Updated by Jordan Snodgrass almost 9 years ago

Stefan Goethals wrote:

Changing https://github.com/theforeman/foreman/blob/develop/app/assets/javascripts/compute_resource.js#L196
From
sg_select = $('.security_group_ids')
To
sg_select = $('select.security_group_ids')

I've verified that this also fixes my issue #12837 (and probably many other security-group related issues). Will you be submitting a pull request to get this included in the next release?

Actions #20

Updated by The Foreman Bot almost 9 years ago

  • Status changed from New to Ready For Testing
  • Pull request https://github.com/theforeman/foreman/pull/3097 added
Actions #22

Updated by Anonymous almost 9 years ago

  • Status changed from Ready For Testing to Closed
  • % Done changed from 0 to 100
Actions #23

Updated by Dominic Cleal almost 9 years ago

  • Assignee set to Stefan Goethals
  • Translation missing: en.field_release set to 123
Actions

Also available in: Atom PDF