yahoo-eng-team team mailing list archive

[Tobias Urdin <2105502@xxxxxxxxxxxxxxxxxx>]

Public bug reported:

The octavia project's network driver need more permissions to work
without admin role, this is for the allowed address pair network driver
that allocates ports for tenant networks on a project that octavia
handles where it places amphora instances

This should be fixed so that it only needs to have the service role by
filling the gaps for the service role.

This is:

- get_subnet

- get_network_ip_availability

- allowed address pairs in create and update port

- device_id in create and update port as proposed in [1]

[1] https://review.opendev.org/c/openstack/neutron/+/861169

** Affects: neutron
     Importance: Undecided
         Status: In Progress

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/2105502

Title:
  service role permissions not enough for octavia allowed address pair
  driver

Status in neutron:
  In Progress

Bug description:
  The octavia project's network driver need more permissions to work
  without admin role, this is for the allowed address pair network
  driver that allocates ports for tenant networks on a project that
  octavia handles where it places amphora instances

  This should be fixed so that it only needs to have the service role by
  filling the gaps for the service role.

  This is:

  - get_subnet

  - get_network_ip_availability

  - allowed address pairs in create and update port

  - device_id in create and update port as proposed in [1]

  [1] https://review.opendev.org/c/openstack/neutron/+/861169

To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/2105502/+subscriptions