Octavia should ignore project_id on API create commands (except load_balancer)
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
octavia |
Fix Released
|
High
|
Michael Johnson |
Bug Description
Right now, the Octavia API allows the specification of the project_id on the create commands for the following objects:
listener
health_monitor
member
pool
However, all of these objects should be inheriting their project_id from the ancestor load_balancer object. Allowing the specification of project_id when we create these objects could lead to a situation where the descendant object's project_id is different from said object's ancestor load_balancer project_id.
We don't want to break our API's backward compatibility for at least two release cycles, so for now we should simply ignore this parameter if specified (and get it from the load_balancer object in the database directly), and insert TODO notes in the API code to remove the ability to specify project_id after a certain openstack release.
We should also update the Octavia driver in neutron_lbaas to stop specifying the project_id on descendant object creation.
This bug is related to https:/
affects: | octavia → neutron |
affects: | neutron → octavia |
tags: | added: api |
tags: | added: lbaas lbaas-merge |
Changed in octavia: | |
importance: | Undecided → High |
no longer affects: | neutron |
Changed in octavia: | |
assignee: | nobody → Michael Johnson (johnsom) |
I think this all needs to change as part of the merge activity. project_id should come from keystone when the token is validated, so we should not be accepting project_id at all on the Octavia API going forward.