Hi Assaf,
Now reading the rbac network specs carefully, I believe it does allow private
networks to be shared to other tenants by non-admin users.
So the command "neutron rbac create <net-uuid|net-name> --type network
--tenant-id <tenant-uuid> --action access_as_shared" - can this be only used by
an admin ? From the specs, it did not seem so.
Also is the action access_as_external available now ?
On Tue, Jun 2, 2015 at 9:14 PM, Assaf Muller <[email protected]> wrote:
Check out:
http://specs.openstack.org/openstack/neutron-specs/specs/liberty/rbac-networks.html
If I understand correctly, what Anik is probably asking for is way to connect
two OpenStack projects together from a network point of view, where a private
network in Project1 can be connected to a Router in Project2. AFAIK, I don't
think we are planning to expose such model in RBAC where a tenant (non-admin)
has a way control who can see/connect-to his/her resources.
@Anik, please correct me if I am wrong.
Kevin is trying to solve exactly this problem. We're really hoping to land it in
time for Liberty.
----- Original Message -----
> Hi,
>
> Trying to understand if somebody has come across the following scenario:
>
> I have a two projects: Project 1 and Project 2
>
> I have a neutron private network in Project 1, that I want to connect that
> private network to a neutron port in Project 2.
>
> This does not seem to be possible without using admin credentials. I am not
> talking about a shared provider network here.
>
> It seems that the problem lies in the fact that there is no data model today
> that lets one Project have knowledge about any other Project inside the same
> OpenStack region.
>
> Any pointers there will be helpful.
> Regards,
> Anik
>
> __________________________________________________________________________
> OpenStack Development Mailing List (not for usage questions)
> Unsubscribe: [email protected]?subject:unsubscribe
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
>
__________________________________________________________________________
OpenStack Development Mailing List (not for usage questions)
Unsubscribe: [email protected]?subject:unsubscribe
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
__________________________________________________________________________
OpenStack Development Mailing List (not for usage questions)
Unsubscribe: [email protected]?subject:unsubscribe
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
__________________________________________________________________________
OpenStack Development Mailing List (not for usage questions)
Unsubscribe: [email protected]?subject:unsubscribe
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
