Bence, thanks a lot for the additional details. In relation to your points:
* if one wants to keep the bring-up logic of VLAN interfaces static (if you reuse the MAC you can have prefab images), and/or
* if one does not have access to the neutron API from inside the instance with the trunk.
Both use cases could be addressed once [1] goes in and we develop nova metadata support; however, one could simply use user-data and inject a setup script at VM boot. You don't need Neutron API access from the guest to achieve this. In fact access should be prevented to avoid exposing a potential attack surface.
Bence, thanks a lot for the additional details. In relation to your points:
* if one wants to keep the bring-up logic of VLAN interfaces static (if you reuse the MAC you can have prefab images), and/or
* if one does not have access to the neutron API from inside the instance with the trunk.
Both use cases could be addressed once [1] goes in and we develop nova metadata support; however, one could simply use user-data and inject a setup script at VM boot. You don't need Neutron API access from the guest to achieve this. In fact access should be prevented to avoid exposing a potential attack surface.
[1] https:/ /review. openstack. org/#/c/ 374388/