yahoo-eng-team team mailing list archive
-
yahoo-eng-team team
-
Mailing list archive
-
Message #23541
[Bug 1255142] Re: unable to get router's external IP when non admin (blocker for VPNaaS)
Reviewed: https://review.openstack.org/126911
Committed: https://git.openstack.org/cgit/openstack/neutron/commit/?id=b1282b8410ca546bfa15e1174ab9bafe1c29ee43
Submitter: Jenkins
Branch: proposed/juno
commit b1282b8410ca546bfa15e1174ab9bafe1c29ee43
Author: Kevin Benton <blak111@xxxxxxxxx>
Date: Wed Jun 18 12:03:01 2014 -0700
Allow reading a tenant router's external IP
Adds an external IPs field to the external gateway information
for a router so the external IP address of the router can be
read by the tenant.
DocImpact
Closes-Bug: #1255142
Change-Id: If4e77c445e9b855ff77deea6c8df4a0b3cf249d4
(cherry picked from commit c7baaa068ed1d3c8b02717232edef60ba1b655f6)
** Changed in: neutron
Status: Fix Committed => Fix Released
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/1255142
Title:
unable to get router's external IP when non admin (blocker for VPNaaS)
Status in OpenStack Neutron (virtual network service):
Fix Released
Bug description:
In order to set up VPNaaS, a user needs to know his router's external
IP (to configure it as endpoint).
PROBLEM : When a user is not admin, the external IP of a router is not
visible:
source openrc demo demo
neutron router-list
+--------------------------------------+---------+-----------------------------------------------------------------------------+
| id | name | external_gateway_info |
+--------------------------------------+---------+-----------------------------------------------------------------------------+
| 2bd1f015-6c98-4861-a078-5a69256ca7b0 | router1 | {"network_id": "8ae6890d-5bb5-4f07-9059-77499628048c", "enable_snat": true} |
+--------------------------------------+---------+-----------------------------------------------------------------------------+
neutron router-port-list 2bd1f015-6c98-4861-a078-5a69256ca7b0
+--------------------------------------+------+-------------------+-----------------------------------------------------------------------------------+
| id | name | mac_address | fixed_ips |
+--------------------------------------+------+-------------------+-----------------------------------------------------------------------------------+
| 8ae7206d-19af-4a2a-a15b-0f8cdb98861e | | fa:16:3e:0a:ee:14 | {"subnet_id": "c69b14f9-c2e4-4877-8516-57ff2bdeaa9e", "ip_address": "172.17.0.1"} |
+--------------------------------------+------+-------------------+-----------------------------------------------------------------------------------+
It's visible only as admin:
source openrc admin demo
neutron router-port-list 2bd1f015-6c98-4861-a078-5a69256ca7b0
+--------------------------------------+------+-------------------+---------------------------------------------------------------------------------------+
| id | name | mac_address | fixed_ips |
+--------------------------------------+------+-------------------+---------------------------------------------------------------------------------------+
| 8ae7206d-19af-4a2a-a15b-0f8cdb98861e | | fa:16:3e:0a:ee:14 | {"subnet_id": "c69b14f9-c2e4-4877-8516-57ff2bdeaa9e", "ip_address": "172.17.0.1"} |
| fd56a686-480d-4ede-b021-010253c3de42 | | fa:16:3e:a5:d2:92 | {"subnet_id": "29f5737c-417f-4aa9-a95e-2bef3a04729e", "ip_address": "192.168.57.226"} |
+--------------------------------------+------+-------------------+---------------------------------------------------------------------------------------+
Since users need to know the external IP of their router in order to
set up VPNaaS this is quite blocking because it requires users to be
admin in order to use this feature. It's not an issue for a private
cloud, but a big issue for public clouds.
To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/1255142/+subscriptions
