> On Mar 16, 2018, at 7:40 AM, Simon Leinen wrote:
>
> Joe Topjian writes:
>> Terraform hat! I want to slightly nit-pick this one since the words
>> "leak" and "admin-priv" can sound scary: Terraform technically wasn't
>> doing anything wrong. The problem was that Octavia was creating
>> resourc
...@gmail.com]
Sent: Friday, March 16, 2018 5:21 AM
To: OpenStack Development Mailing List (not for usage questions)
Subject: Re: [openstack-dev] [k8s][octavia][lbaas] Experiences on using the LB
APIs with K8s
Just FYI, l7 policy/rule support for Neutron LBaaS V2 and Octavia is on its
way[1], because we
Joe Topjian writes:
> Terraform hat! I want to slightly nit-pick this one since the words
> "leak" and "admin-priv" can sound scary: Terraform technically wasn't
> doing anything wrong. The problem was that Octavia was creating
> resources but not setting ownership to the tenant. When it came time
On Fri, Mar 16, 2018 at 5:01 AM, Joe Topjian wrote:
> Hi Chris,
>
> I wear a number of hats related to this discussion, so I'll add a few
> points of view :)
>
> It turns out that with
>> Terraform, it's possible to tear down resources in a way that causes
>> Neutron to
>> leak administrator-priv
Just FYI, l7 policy/rule support for Neutron LBaaS V2 and Octavia is on its
way[1], because we will have both octavia and magnum deployed on our
openstack based public cloud this year, an ingress controller for
openstack(octavia) is also on our TODO list, any kind of collaboration are
welcomed :-)
Hi Chris,
I wear a number of hats related to this discussion, so I'll add a few
points of view :)
It turns out that with
> Terraform, it's possible to tear down resources in a way that causes
> Neutron to
> leak administrator-privileged resources that can not be deleted by a
> non-privileged user
As I've been working more in the Kubernetes community, I've been evaluating the
different points of integration between OpenStack services and the Kubernetes
application platform. One of the weaker points of integration has been in using
the OpenStack LBaaS APIs to create load balancers for Kuberne
