Bug #6535
closedEC2 Security Groups - empty box
Added by Dominic Cleal over 10 years ago. Updated over 6 years ago.
Description
Cloned from https://bugzilla.redhat.com/show_bug.cgi?id=1101998
This is only a issue tracker. I think, this is really important to solve before release.
Description of problem:
I did not find way, how can I get security groups from Amazon EC2. I have got the box for choosing, but the box is empty. I have got tow security groups in EC2.
Version-Release number of selected component (if applicable):
Satellite-6.0.3-RHEL-6-20140521.0
(10:51:01) mkorbel: Dominic: I have next one question, how can I add a security groups into foreman.
(10:54:55) mkorbel: Dominic: When I try create new virtual machine in EC2, I see empty box of security groups.
(10:55:52) Dominic: mkorbel: it should "just work".. I think there's a VPC dropdown too, so if you're using those you might have to select that first for them to update, otherwise I don't know
Files
Screenshot from 2014-08-02 12_37_24.png | View Screenshot from 2014-08-02 12_37_24.png | 60.1 KB | Joshua Hoblitt, 08/02/2014 03:44 PM | ||
Screenshot from 2014-08-02 12_38_29.png | View Screenshot from 2014-08-02 12_38_29.png | 87.1 KB | Joshua Hoblitt, 08/02/2014 03:44 PM | ||
Screenshot from 2014-08-02 12_38_49.png | View Screenshot from 2014-08-02 12_38_49.png | 84.6 KB | Joshua Hoblitt, 08/02/2014 03:44 PM | ||
security_groups_vpc.png | View security_groups_vpc.png | 19.6 KB | My VPC security groups are shown | Shlomi Zadok, 09/07/2014 03:24 AM | |
security_groups_on_amazon.png | View security_groups_on_amazon.png | 39.6 KB | All of my security groups on Amazon | Shlomi Zadok, 09/07/2014 03:26 AM |
Updated by Dominic Cleal over 10 years ago
- Category set to Compute resources
- Assignee deleted (
Dominic Cleal)
This may be related to IAM.
Updated by Joshua Hoblitt over 10 years ago
- File Screenshot from 2014-08-02 12_37_24.png Screenshot from 2014-08-02 12_37_24.png added
- File Screenshot from 2014-08-02 12_38_29.png Screenshot from 2014-08-02 12_38_29.png added
- File Screenshot from 2014-08-02 12_38_49.png Screenshot from 2014-08-02 12_38_49.png added
I believe I've encountered this issue, or something similar, in 1.5.2. The "EC2" subnet is empty but two magic subnet's have appeared with security groups in them. However, all attemps at provisioning fail with a a sparse error message.
Successfully decrypted field for Foreman::Model::EC2 ec2-us-west-1 Rolling back due to a problem: [Set up compute instance ec2test.sdm.noao.edu 2 failed ...
I've ruled out an IAM credientals problem both by changing the privs to administrator and foreman is able to stop/destroy instances that I manual create via the ec2 console.
Updated by Joshua Hoblitt over 10 years ago
- Related to Bug #4235: EC2 compute profile loses Security Group setting. added
Updated by Joshua Hoblitt over 10 years ago
I tried deleting and recreating the compute resource. There's now a 3rd magical 172.31.x subnet and it's only listing the default security group but not the other 2 that are visible from the AWS console. Instance creation still fails at the first step.
Updated by Dominic Cleal over 10 years ago
- Category changed from Compute resources to Compute resources - EC2
- Target version set to 1.7.5
Updated by Anonymous over 10 years ago
- Target version changed from 1.7.5 to 1.7.4
Updated by Shlomi Zadok about 10 years ago
- File security_groups_vpc.png security_groups_vpc.png added
- File security_groups_on_amazon.png security_groups_on_amazon.png added
It seems you have to create VPC specific security groups for this to show security groups under a subnet (of the VPC).
As you may see from my screen shots, on my AWS account I have 5 security groups. 3 are EC2-classic and 2 are EC2-VPC.
When I create a new host on Foreman, and choose a subnet, it will show only the security groups that belong to the subnet.
If I have none, it will display none.
Can you please verify?
Updated by Anonymous about 10 years ago
- Target version changed from 1.7.4 to 1.7.3
Updated by Dominic Cleal about 10 years ago
- Status changed from Feedback to New
- Assignee deleted (
Shlomi Zadok)
I'm setting this back, as I don't believe Shlomi's successful attempt negates the fact this isn't working for two people.
Updated by Dominic Cleal about 10 years ago
- Target version changed from 1.7.3 to 1.7.2
Updated by Tom Caspy almost 10 years ago
I just tested this on latest foreman develop, and it seems that the security groups are properly shown... are there specific conditions under which this can be replicated?
edit:
Tested this under two conditions:
1. IAM account (in the RedHat EC2 account)
- normal security groups (no VPC) - properly shown
- VPC security groups - properly shown
2. Master account (my personal one)
- normal security groups (no VPC) - properly shown
- VPC security groups - properly shown
This may be caused by the compute resource being under a different region, where the security groups and VPCs are not defined, i.e. using us-east-1 (N. Virginia) but having the EC2 compute resource go to us-west-2 (Oregon) - in which case, a "default" security group should still be shown IMHO.
Updated by Tommy McNeely almost 10 years ago
I was just able to reproduce this issue.
1. Create a "New Image" under the compute resource. Select a specific subnet, AZ, security groups...
2. Save
3. Edit that image.
4. NOTE: the security groups boxes are blank.
WORKAROUND: If you change the "subnet" to something else, then back to the desired subnet, it will repopulate the security groups. Then you can re-select the one you originally intended.
THOUGHTS: Dom said it was loading with JS, so perhaps we just need to trigger some sort of "initial" load of the data??
~tommy
Updated by Tommy McNeely almost 10 years ago
Sorry, I meant to say, this also happens on the "New Host" screen in the "Network" tab...
Same workaround, change the "subnet" to something else, then back, then the groups will load and you can select the SG you want.
Updated by Stefan Goethals almost 9 years ago
The JQuery selector in https://github.com/theforeman/foreman/blob/develop/app/assets/javascripts/compute_resource.js#L195 returns 2 elements.
The following functions don't take that into account and thus the security_groups and subnets variables are never populated.
Changing https://github.com/theforeman/foreman/blob/develop/app/assets/javascripts/compute_resource.js#L196
From
sg_select = $('.security_group_ids')
To
sg_select = $('select.security_group_ids')
seems to resolve the issue.
Updated by Jordan Snodgrass almost 9 years ago
- Related to Bug #12837: Security Groups not populated after selecting Subnet in New Host > Virtual Machine added
Updated by Jordan Snodgrass almost 9 years ago
Stefan Goethals wrote:
Changing https://github.com/theforeman/foreman/blob/develop/app/assets/javascripts/compute_resource.js#L196
From
sg_select = $('.security_group_ids')
To
sg_select = $('select.security_group_ids')
I've verified that this also fixes my issue #12837 (and probably many other security-group related issues). Will you be submitting a pull request to get this included in the next release?
Updated by The Foreman Bot almost 9 years ago
- Status changed from New to Ready For Testing
- Pull request https://github.com/theforeman/foreman/pull/3097 added
Updated by Stefan Goethals almost 9 years ago
Updated by Anonymous almost 9 years ago
- Status changed from Ready For Testing to Closed
- % Done changed from 0 to 100
Applied in changeset 062f653f53519a4704c31c297da2fca050e1234d.
Updated by Dominic Cleal almost 9 years ago
- Assignee set to Stefan Goethals
- Translation missing: en.field_release set to 123