Hey Kevin,

Thanks for the quick response. But any particular use-case where we would need 
port/network from different tenants unless it’s a shared network?

Thanks,
Varun

From: Kevin Benton <blak...@gmail.com<mailto:blak...@gmail.com>>
Reply-To: "OpenStack Development Mailing List (not for usage questions)" 
<openstack-dev@lists.openstack.org<mailto:openstack-dev@lists.openstack.org>>
Date: Tuesday, February 10, 2015 at 2:33 PM
To: "OpenStack Development Mailing List (not for usage questions)" 
<openstack-dev@lists.openstack.org<mailto:openstack-dev@lists.openstack.org>>
Subject: Re: [openstack-dev] [neutron] - port-create with network from a 
different tenant does not fail

You can have ports from different tenants in a network. It's an admin-only 
capability unless the network is marked as "shared".

On Tue, Feb 10, 2015 at 2:30 PM, Varun Lodaya 
<varun_lod...@symantec.com<mailto:varun_lod...@symantec.com>> wrote:
Adding the right subject line.

From: Varun Lodaya <varun_lod...@symantec.com<mailto:varun_lod...@symantec.com>>
Date: Tuesday, February 10, 2015 at 2:26 PM
To: "OpenStack Development Mailing List (not for usage questions)" 
<openstack-dev@lists.openstack.org<mailto:openstack-dev@lists.openstack.org>>
Subject: port-create with network from a different tenant does not fail

Hi,

We were seeing this issue where if the user role is admin in 2 tenants A and B 
and he issues neutron port-create <network-id> in tenant A where <network-id> 
is in tenant B, it ends up creating that port. Ideally, it should have failed 
since you cannot have the port/network in different tenants.

varunlodaya@ubuntu:~/devstack$ neutron port-show 
fc6917ea-0c0c-4ec5-9202-4441701c9984
+-----------------------+----------------------------------------------------------------------------------+
| Field                 | Value                                                 
                           |
+-----------------------+----------------------------------------------------------------------------------+
| admin_state_up        | True                                                  
                           |
| allowed_address_pairs |                                                       
                           |
| binding:host_id       |                                                       
                           |
| binding:profile       | {}                                                    
                           |
| binding:vif_details   | {}                                                    
                           |
| binding:vif_type      | unbound                                               
                           |
| binding:vnic_type     | normal                                                
                           |
| device_id             |                                                       
                           |
| device_owner          |                                                       
                           |
| extra_dhcp_opts       |                                                       
                           |
| fixed_ips             | {"subnet_id": "8c9f5682-daf8-40e1-9b6a-57cfed7f024c", 
"ip_address": "10.1.1.13"} |
| id                    | fc6917ea-0c0c-4ec5-9202-4441701c9984                  
                           |
| mac_address           | fa:16:3e:18:6e:95                                     
                           |
| name                  |                                                       
                           |
| network_id            | 0036a345-35ea-42c8-a66c-f9831d0a03a5                  
                           |
| security_groups       | 45786089-d53f-4eec-8be6-cb49766e55c1                  
                           |
| status                | DOWN                                                  
                           |
| tenant_id             | d0d1e6e21268418b8888b0adcea413a3                      
                           |
+-----------------------+----------------------------------------------------------------------------------+
varunlodaya@ubuntu:~/devstack$ neutron net-show 
0036a345-35ea-42c8-a66c-f9831d0a03a5
+---------------------------+--------------------------------------+
| Field                     | Value                                |
+---------------------------+--------------------------------------+
| admin_state_up            | True                                 |
| id                        | 0036a345-35ea-42c8-a66c-f9831d0a03a5 |
| name                      | alt_private                          |
| provider:network_type     | vxlan                                |
| provider:physical_network |                                      |
| provider:segmentation_id  | 1003                                 |
| router:external           | False                                |
| shared                    | False                                |
| status                    | ACTIVE                               |
| subnets                   | 8c9f5682-daf8-40e1-9b6a-57cfed7f024c |
| tenant_id                 | 099bfd6e59434b51a479ab7142ff01df     |
+---------------------------+--------------------------------------+
varunlodaya@ubuntu:~/devstack$


Is this an expected behavior or a known bug? Should I create a new one?

Thanks,
Varun

__________________________________________________________________________
OpenStack Development Mailing List (not for usage questions)
Unsubscribe: 
openstack-dev-requ...@lists.openstack.org?subject:unsubscribe<http://openstack-dev-requ...@lists.openstack.org?subject:unsubscribe>
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev




--
Kevin Benton
__________________________________________________________________________
OpenStack Development Mailing List (not for usage questions)
Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev

Reply via email to