rbac_policy quota should be configurable
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| OpenStack Neutron API Charm |
New
|
Undecided
|
Unassigned | ||
Bug Description
Currently default quota for rbac policy is set 10 for any new project created:
$ neutron quota-show --tenant_id $(openstack project show admin --format value -c id) | grep rbac
| rbac_policy | 10 |
As an operator I would like to be able to set a different default quota.
Currently I can only set the following quota:
$ juju config neutron-api | grep quota-
quota-floatingip:
quota-
quota-member:
quota-network:
quota-pool:
quota-port:
quota-router:
quota-
quota-
quota-subnet:
quota-vip:
Also there are cases where the number of shared networks are above the rbac_policy quota so a new project comes with a number of rbac policies already in place that is above the quota and user can't create any rbac without increasing the default or set to -1.
I could not find any reference to the rbac quota and how to set on upstream doc for neutron.conf, we should evaluate if this is an upstream bug as well.
https:/
| Adam Dyess (addyess) wrote | #1 |
| Adam Dyess (addyess) wrote | #2 |
Looking into the neutron code [1], it may be a missing documentation around the option:
Please add to the charm as well.
quota_rbac_policy - Default number of RBAC entries allowed per tenant. A negative value means unlimited.
[1] https:/