From 47b406d603821f12f8b4bf49d37969ad08aa4ead Mon Sep 17 00:00:00 2001 From: Lin Yang Date: Tue, 1 Mar 2016 10:59:06 +0800 Subject: [PATCH] Fix incorrect ICMP rule in SecurityGroup When protocol is ICMP in security group, port_range_min and port_range_max are used to indicate type and code for ICMP. The default port setting in core library generates ICMP rule with incorrect setting 'icmptype 0 code 0', which make user cannot ping instance created by Murano environment. So removed them. Change-Id: I93b5073db2ece804e3eccdde8432216d4fb12301 Closes-Bug: #1512710 --- .../io.murano/Classes/system/NeutronSecurityGroupManager.yaml | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/meta/io.murano/Classes/system/NeutronSecurityGroupManager.yaml b/meta/io.murano/Classes/system/NeutronSecurityGroupManager.yaml index ab085ee8..18b431e8 100644 --- a/meta/io.murano/Classes/system/NeutronSecurityGroupManager.yaml +++ b/meta/io.murano/Classes/system/NeutronSecurityGroupManager.yaml @@ -79,9 +79,7 @@ Methods: properties: description: format('Composite security group of Murano environment {0}', $.environment.name) rules: - - port_range_min: null - port_range_max: null - protocol: icmp + - protocol: icmp remote_ip_prefix: '0.0.0.0/0' - $.environment.stack.updateTemplate($template)