Add support for tenant_id based authentication with Neutron
Bug #1285921 reported by
OpenStack Infra
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
openstack-manuals |
Fix Released
|
Medium
|
Summer Long |
Bug Description
https:/
commit e80cf75fc0f25f6
Author: Phil Day <email address hidden>
Date: Wed Jan 29 20:48:49 2014 +0000
Add support for tenant_id based authentication with Neutron
Keystone v3 supports non-unique project/tenant names, so
Nova should switch to using tenant ID for admin authentication.
Implements blueprint tenant-
DocImpact: Adds new flag, nova_admin_
existing flag, nova_admin_
Change-Id: I4a4ffe84fdcf98
Changed in openstack-manuals: | |
status: | New → Confirmed |
importance: | Undecided → Medium |
Changed in openstack-manuals: | |
status: | Confirmed → Incomplete |
Changed in openstack-manuals: | |
milestone: | icehouse → juno |
To post a comment you must log in.
I don't think the fact that Keystone v3 supports non-unique tenant names should drive us to requiring UUIDs in config files. We already have several models of how to handle non-unique names in OpenStack. For example, Nova allows multiple instances to have the same name, but still allows me to reference instances by name. If type "nova show myserver" and "myserver" is unique, it works; if it is not unique, I get:
ERROR: Unable to delete any of the specified servers.
Glance operates the same way with respect to image names.
Cinder operates the same way with respect to volume names.
Requiring a UUID in this file needlessly complicates configuration management tools, since now keystone must be up and running at the time the neutron configuration is generated.
I would like to see this value accept either UUIDs *or* names, and produce a sane error message in the event that a name matches multiple tenants.