Hi,
I don't believe this would be the right way to go about it based off
keystone's scoping
With the 'cloud-admin' role
openstack server list --all-projects
works becasue the 'cloud-admin' has the ability view all server's for
all tenant's within his domain, meaning
Project/tenant A uuid | servername
uuidA | provider-instance
Project/tenant B uuid | servername
uuidB | provider-instance
will be returned by 'openstack server list --all-projects'
But when executing
openstack server show provider-instance
either
1) Domain-scoped tokens: You'll get an authentication error (because it won't
know if it should return the instance in Tenant A or tenant B due to having
identical names)
or
2) Project-scoped tokens: If that same user is also a member of Tenant C
and no server in tenant C with the name 'provider-instance' exists, then
it won't return anything.
The best way to get around this is to either define the tenant when
doing the openstack server show --os-project-id, or to define the
project within the openrc file
** Changed in: python-openstackclient (Ubuntu)
Status: Confirmed => Invalid
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1821766
Title:
Comands with admin user over vms in other tenants work with ID, but no
with name
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/python-openstackclient/+bug/1821766/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
