yahoo-eng-team team mailing list archive
-
yahoo-eng-team team
-
Mailing list archive
-
Message #95631
[Bug 2105502] [NEW] service role permissions not enough for octavia allowed address pair driver
Public bug reported:
The octavia project's network driver need more permissions to work
without admin role, this is for the allowed address pair network driver
that allocates ports for tenant networks on a project that octavia
handles where it places amphora instances
This should be fixed so that it only needs to have the service role by
filling the gaps for the service role.
This is:
- get_subnet
- get_network_ip_availability
- allowed address pairs in create and update port
- device_id in create and update port as proposed in [1]
[1] https://review.opendev.org/c/openstack/neutron/+/861169
** Affects: neutron
Importance: Undecided
Status: In Progress
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/2105502
Title:
service role permissions not enough for octavia allowed address pair
driver
Status in neutron:
In Progress
Bug description:
The octavia project's network driver need more permissions to work
without admin role, this is for the allowed address pair network
driver that allocates ports for tenant networks on a project that
octavia handles where it places amphora instances
This should be fixed so that it only needs to have the service role by
filling the gaps for the service role.
This is:
- get_subnet
- get_network_ip_availability
- allowed address pairs in create and update port
- device_id in create and update port as proposed in [1]
[1] https://review.opendev.org/c/openstack/neutron/+/861169
To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/2105502/+subscriptions
Follow ups