Hi,
I do not use availability_zones extra_spec. I use these specs on both share types:
driver_handles_share_servers : False storage_protocol : NFS vendor_name : Ceph
Problem is not about forcing a share type according to user's availability zone choice but a user can access to a ceph pool without any authorization.
openstack share type access list st2 project1_id project2_id
If I create a share in project3 I should not be able to use st2. I do not see it but user can still access ceph's pool through AZ choice.
You will find below my 2 shares:
+--------------------------------------+---------------+------+-------------+-----------+-----------+-----------------+------+-------------------+ | ID | Name | Size | Share Proto | Status | Is Public | Share Type Name | Host | Availability Zone | +--------------------------------------+---------------+------+-------------+-----------+-----------+-----------------+------+-------------------+ | id1 | ShareBUG | 99 | NFS | available | False | st1 | | az2 | | id2 | ShareOK | 25 | NFS | available | False | st1 | | az1 | +--------------------------------------+---------------+------+-------------+-----------+-----------+-----------------+------+-------------------+
But ShareBUG with share type "st1" will write data into ceph's pool matching "st2"
Hi,
I do not use availability_zones extra_spec. I use these specs on both share types:
driver_ handles_ share_servers : False
storage_protocol : NFS
vendor_name : Ceph
Problem is not about forcing a share type according to user's availability zone choice but a user can access to a ceph pool without any authorization.
openstack share type access list st2
project1_id
project2_id
If I create a share in project3 I should not be able to use st2. I do not see it but user can still access ceph's pool through AZ choice.
You will find below my 2 shares:
+------ ------- ------- ------- ------- ----+-- ------- ------+ ------+ ------- ------+ ------- ----+-- ------- --+---- ------- ------+ ------+ ------- ------- -----+ ------- ------- ------- ------- ----+-- ------- ------+ ------+ ------- ------+ ------- ----+-- ------- --+---- ------- ------+ ------+ ------- ------- -----+ ------- ------- ------- ------- ----+-- ------- ------+ ------+ ------- ------+ ------- ----+-- ------- --+---- ------- ------+ ------+ ------- ------- -----+
| ID | Name | Size | Share Proto | Status | Is Public | Share Type Name | Host | Availability Zone |
+------
| id1 | ShareBUG | 99 | NFS | available | False | st1 | | az2 |
| id2 | ShareOK | 25 | NFS | available | False | st1 | | az1 |
+------
But ShareBUG with share type "st1" will write data into ceph's pool matching "st2"