external network not visible [closed]

asked 2014-01-22 18:49:49 -0600

marica gravatar image

Hi all,

concerning havana neutron, I have noticed that if I log on as Member of a tenant I can't see the available external network (owned by the admin tenant and not shared) that could be used to grab floating IPs. Yet, the rule "get_network": "rule:admin_or_owner or rule:shared or rule:external" set in /etc/neutron/policy.json should allow to see the external network and this was the behavior of quantum in grizzly.

Note that I don't want to make this external network shared because in this case the user could try to attach a VM to it.

Then, what is the best configuration in order to

  1. allow the user (tenant member) to create floating ips from the external network
  2. prevent the user from instantiating a VM with a NIC on the external network

where the external network is the same for all the tenants.

Thank you in advance for your help.

edit retag flag offensive reopen merge delete

Closed for the following reason question is not relevant or outdated by rbowen
close date 2016-09-28 14:36:30.421982


Closing: This question refers to a version of OpenStack which has been designated End Of Life. (See http://releases.openstack.org ). If the problem still exists in a more recent version, please open a new issue with updated details. Thanks.

rbowen gravatar imagerbowen ( 2016-09-28 14:36:26 -0600 )edit