Could not spawn an instance with a Shared or private image
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Ironic |
Triaged
|
Wishlist
|
Unassigned |
Bug Description
TLDR:
In a Nova deployment context, we hit a bug : If the nova user is spawning a private or shared image, Ironic can not validate the image project_id, so letting an error:
ironic.
More detail:
Linked to https:/
In the current situation, it seems that it's not possible spawn a nova instance except if the image is public.
May be a quick work around would be to check if the call is coming from nova, and assuming that nova already made the preliminary verification before asking ironic to deploy.
Noting a comment in IRC from another user:
> which rights does the ironic user have? We gave ours image_admin and we can use private images, pretty sure shared images as well.
I think there's room for improvement here, but first we need to determine the cases that work/break.