Shared public network not visible

asked 2014-01-21 09:11:46 -0600

foexle gravatar image

Heyho guys,

my public network should not be visible for each tenant. I mean, normally a customer should see the tenant networks and he can create and associate a floating ip.

If i disable the share on the floating ip network (public) tenants can't creatie and associate floating ip's and don't see the network (that's correct).

How can i say: no one, instead of admin user, can see the floating network but all tenants can assotiate a floating ip.

Is that possible ? What's the right way, normally should an external_net not visible as an network for all tenants. Unprivileged users/tenants should use the floating ip functions but this functions needs a shared net too.

I'm going to prevent customers to attach on instance boot an interface with floating networks. This doesn't works and will grow up the support.

Ubuntu 12.04 (Havana|OVS-Gre)

Cheers and Thanks Heiko

edit retag flag offensive close merge delete

1 answer

Sort by ยป oldest newest most voted

answered 2014-01-22 08:06:58 -0600

gabriel_staicu gravatar image

Have you tried to investigate policy.json which you can find in /etc/neutron. Maybe you can modify or add a rule there that can limit the right of the user to just allocate floating ip.

edit flag offensive delete link more

Get to know Ask OpenStack

Resources for moderators

Question Tools



Asked: 2014-01-21 09:11:46 -0600

Seen: 386 times

Last updated: Jan 22 '14