[RFE] Get me a network

This seems like a reasonable thing to me, thanks for writing it up Brian! The subnetpools integration at a future date would be pretty cool, but it seems it's an enhancement and could be deferred to later as you indicate here.

I subscribed Monty and Jay here in the hopes of getting their comments.

I think this should move to a spec, and if Carl, Doug, Akihiro and Kevin agree, one of them can move it to "Triaged" and Brian can file a simple spec defining the API.

Instead of "retrieve_networks", where retrieve is essentially synonymous with get and so you'd expect it to not affect any change, what about "get_or_make_network"?

REST orthodoxy says that GETs lack side-effects and that PUT is generally used for creates (POST is for updates). I see no reason to deviate from that here.

I would be totally fine just adding a single new Neutron API call that would be called, switched on some Nova CONF.auto_allocate_private_subnet option, that would do something like this:

            # (1) Retrieve non-public network list owned by the tenant.
            search_opts = {'tenant_id': project_id, 'shared': False}
            nets = neutron.list_networks(**search_opts).get('networks', [])
            if CONF.auto_allocate_private_subnet:
                nets += neutron.allocate_subnet_from_available_pools(tenant_id=project_id)
            else:
                # (2) Retrieve public network list.
                search_opts = {'shared': True}
                nets += neutron.list_networks(**search_opts).get('networks', [])

             if not nets:
                 raise exception.NoAvailableNetworks(...)

The Neutron API call could look something like this?

            POST /subnet_pools
            {
                 "tenant_id": project_id,
                 "allocate_first_available": true
            }

Thanks for the comments Alexis and Jay!

Brian, I hope this provides some more insight and we can move forward a bit more with this now.

@Alexis - so in your opinion this should stay a two-step process:

1) get a list of networks as we do today
2) allocate a network if none exist

And since GET can't have side-effects (like creating a resource), then a PUT is required?

@Jay - I'd rather not have to add a config option to Nova to make the call, but instead have all this logic live in Neutron, since it would have to be configured there by an admin to work anyway.

This would also allow what is allocated to be completely opaque to Nova - it could be a similar-looking 10.0.0.0/16 subnet for everyone, or it could be pulled from a subnetpool, but Nova doesn't need to know the details, only Neutron does.

And I don't think we should change this behavior:

1) get list of tenant-specific networks
2) get list of shared networks
3) if above yielded nothing, make a network

Some deployments will want to use a public (shared) network and want that to be the default.

Jay - not sure why you're specifying 'auto_allocate_private_subnet'? auto_allocate_network seems more general.

With my API-WG hat on, I think it's not really appropriate to create a network on the fly in response to a GET, because there's a state-change in neutron w.r.t the user's quota etc.

So really I think Jay's suggestion is right-on, except I would prefer to call 'allocate_subnet_from_available_pools' something like 'create_network_using_defaults'. The details of that network would come from neutron config. Is that similar to what you had in mind Bryan?

Adding 2 things to my above comment:

1/ the neutron config might be able to say "don't auto_create networks" in which case instance boot would fail

2/ The exact mechanics of REST API is not as simple as PUT=create/POST=update. We have API-WG advice under review at https://review.openstack.org/#/c/181912 - I would expect this to be a POST.

@Brian I don't think it needs to be a two-step process. If I PUT a calendar entry I might just get back a {"cal_id": 12345} record. My request body specifies request parameters which the server can interpret however it likes to create the resource. If I try to put the exact same calendar entry, I may get a new record or the server may choose to de-duplicate and return 12345 again. So I'm suggesting Neutron interpret PUT {} as "make a simple network" and if "a simple network" already exists, it de-duplicate.

GET is definitely not ok because of side-effects, yes. I prefer PUT to POST because POST is more of an append/update than a create, but de facto POST is used for create so whatever. There's also PATCH of course but that's totally update-y.

So the API-WG advice deviates from my understanding of PUT vs POST. Pragmatically I'd suggest you follow their advice rather than mine though :)

Ok, just to sum up things after seeing these responses and talking to Matthew.

We can create a new API call, for now let's call it "get_me_a_network" which is a PUT call, and takes the same params that "list_networks" does today. It will return a network based on some admin-controlled settings, but by default will:

1) Return a pre-existing tenant network
2) Return a shared network
3) Create and return a new tenant network

That seems to satisfy the API requirements, let me know if I mis-understood.

It appears to be all about whether you can subsequently GET the URI you're PUT/POSTing to. If you PUT, you must be able to GET the URI you PUT to. If you have a special "simple_network" URI, that is true so PUT is OK, even if the resultant network is also available from a UUID-based URI.

Marking Triaged, lets get this party started!

See bp whiteboard for updates

status update: http://eavesdrop.openstack.org/meetings/neutron_drivers/2016/neutron_drivers.2016-01-28-22.20.log.txt

Code completed.