Comment 2 for bug 2007917
Revision history for this message
| Romain (romain-chanu) wrote Re: [xena][cephfs] Manilla availability zone allow to use unauthorized share-type | #2 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
0e1f616
(Get the code!)
Hi,
I do not use availability_zones extra_spec. I use these specs on both share types:
driver_
storage_protocol : NFS
vendor_name : Ceph
Problem is not about forcing a share type according to user's availability zone choice but a user can access to a ceph pool without any authorization.
openstack share type access list st2
project1_id
project2_id
If I create a share in project3 I should not be able to use st2. I do not see it but user can still access ceph's pool through AZ choice.
You will find below my 2 shares:
+------
| ID | Name | Size | Share Proto | Status | Is Public | Share Type Name | Host | Availability Zone |
+------
| id1 | ShareBUG | 99 | NFS | available | False | st1 | | az2 |
| id2 | ShareOK | 25 | NFS | available | False | st1 | | az1 |
+------
But ShareBUG with share type "st1" will write data into ceph's pool matching "st2"