openstack-api-site

Bug #1477397
Comment #1

Comment 1 for bug 1477397

Revision history for this message

Keiichiro Tokunaga (keiichiro) wrote on 2015-07-23:

Here is what I confirmed. There's only one "tenant_id" that is the ID of the tenant who owns the security group *rule*.

$ neutron security-group-rule-list
+--------------------------------------+----------------+-----------+-----------+---------------+-----------------+
| id | security_group | direction | ethertype | protocol/port | remote |
+--------------------------------------+----------------+-----------+-----------+---------------+-----------------+
| 1def2163-b6c3-474e-9902-0a9e42958f86 | default | ingress | IPv6 | any | default (group) |
| 4a5c2dac-a520-41f8-9288-82261b7e0138 | default | egress | IPv6 | any | any |
| 4ff7a294-9f23-4add-9f06-8703cf59ebd6 | default | ingress | IPv6 | any | default (group) |
| 691b855b-958f-492c-b1aa-6068ce08b60f | default | egress | IPv4 | any | any |
| 98ace602-b0ed-494f-ab75-37924e366ecf | default | ingress | IPv4 | any | default (group) |
| d06efb94-89f5-4bf6-af9c-160bd37e8ab6 | default | egress | IPv4 | any | any |
| f2e7922d-8e0c-4329-a245-62e680b66846 | default | ingress | IPv4 | any | default (group) |
| f82aa751-34ec-42ae-bb7d-c21c997d4954 | default | egress | IPv6 | any | any |
+--------------------------------------+----------------+-----------+-----------+---------------+-----------------+
$ curl -s -X GET -H "x-auth-token: $TOKEN" http://192.168.122.111:9696/v2.0/security-group-rules/1def2163-b6c3-474e-9902-0a9e42958f86 | jq "."
{
  "security_group_rule": {
    "security_group_id": "d8110539-9db8-454d-9fca-e6e8b9fd939f",
    "id": "1def2163-b6c3-474e-9902-0a9e42958f86",
    "remote_group_id": "d8110539-9db8-454d-9fca-e6e8b9fd939f",
    "direction": "ingress",
    "remote_ip_prefix": null,
    "protocol": null,
    "ethertype": "IPv6",
    "tenant_id": "56b048ae10a94b3893c3ac0b1cfb40a3",
    "port_range_max": null,
    "port_range_min": null
  }
}

Here is what I confirmed.  There's only one "tenant_id" that is the ID of the tenant who owns the security group *rule*.

$ neutron security-group-rule-list
+--------------------------------------+----------------+-----------+-----------+---------------+-----------------+
| id                                   | security_group | direction | ethertype | protocol/port | remote          |
+--------------------------------------+----------------+-----------+-----------+---------------+-----------------+
| 1def2163-b6c3-474e-9902-0a9e42958f86 | default        | ingress   | IPv6      | any           | default (group) |
| 4a5c2dac-a520-41f8-9288-82261b7e0138 | default        | egress    | IPv6      | any           | any             |
| 4ff7a294-9f23-4add-9f06-8703cf59ebd6 | default        | ingress   | IPv6      | any           | default (group) |
| 691b855b-958f-492c-b1aa-6068ce08b60f | default        | egress    | IPv4      | any           | any             |
| 98ace602-b0ed-494f-ab75-37924e366ecf | default        | ingress   | IPv4      | any           | default (group) |
| d06efb94-89f5-4bf6-af9c-160bd37e8ab6 | default        | egress    | IPv4      | any           | any             |
| f2e7922d-8e0c-4329-a245-62e680b66846 | default        | ingress   | IPv4      | any           | default (group) |
| f82aa751-34ec-42ae-bb7d-c21c997d4954 | default        | egress    | IPv6      | any           | any             |
+--------------------------------------+----------------+-----------+-----------+---------------+-----------------+
$ curl -s -X GET -H "x-auth-token: $TOKEN" http://192.168.122.111:9696/v2.0/security-group-rules/1def2163-b6c3-474e-9902-0a9e42958f86 | jq "."
{
  "security_group_rule": {
    "security_group_id": "d8110539-9db8-454d-9fca-e6e8b9fd939f",
    "id": "1def2163-b6c3-474e-9902-0a9e42958f86",
    "remote_group_id": "d8110539-9db8-454d-9fca-e6e8b9fd939f",
    "direction": "ingress",
    "remote_ip_prefix": null,
    "protocol": null,
    "ethertype": "IPv6",
    "tenant_id": "56b048ae10a94b3893c3ac0b1cfb40a3",
    "port_range_max": null,
    "port_range_min": null
  }
}