user-provided IP address (v4-fixed-ip) on shared network

asked 2017-03-16 08:45:40 -0600

doka.ua gravatar image

Hi colleagues,

are there ways to give regular user (without admin rights) ability to provide fixed IP address to VM on shared network, while disabling any other IP addresses on the VM's port except list of allowed for this user? Smth like

openstack server create [ ... ] --nic net-id=jnet,v4-fixed-ip=10.20.0.75,port-id=UUID [ ... ]

where:

  • jnet is shared between tenants network (e.g. VLAN-based), connected to external gateways and other infrastructure
  • port-id contains list of 'allowed_address', which includes all addresses allowed for this user
  • and v4-fixed-ip is provided by user

It can be useful, for example, if user migrate services between VMs in his tenant and want to save IP address of service.

At the moment, any tries to provide v4-fixed-address to shared (not tenant) network (was trying with flat and vlan) fails as it violates rules in policy.json.

Any ideas on how to implement this?

Thank you!

edit retag flag offensive close merge delete