nova list does not validate tenant id for --tenant
Bug #1408630 reported by
Amandeep
This bug affects 2 people
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| python-novaclient |
Confirmed
|
Wishlist
|
Unassigned | ||
Bug Description
When we are trying to list instances with wrong tenant id then the command work without any error, it should throw an error of invalid tenant id or invalid tenant name.
steps:
1. nova list --tenant abc
it works correctly and do not throw any error.
| description: | updated |
| Changed in python-novaclient: | |
| assignee: | nobody → Raghavendra Kalimisetty (raghavendra-kalimisetty) |
| Changed in python-novaclient: | |
| importance: | Undecided → Wishlist |
| status: | New → Confirmed |
Revision history for this message
| melanie witt (melwitt) wrote | #2 |
| summary: |
- nova list work with wrong tenant id or tenant name + nova list does not validate tenant id for --tenant |
| Changed in python-novaclient: | |
| assignee: | Raghavendra Kalimisetty (raghavendra-kalimisetty) → nobody |
| Changed in python-novaclient: | |
| assignee: | nobody → Jude Augustine Job (judeaugustine-j) |
| Changed in python-novaclient: | |
| status: | Confirmed → In Progress |
| Changed in python-novaclient: | |
| status: | In Progress → New |
| Changed in python-novaclient: | |
| status: | New → Confirmed |
| Changed in python-novaclient: | |
| assignee: | Jude Augustine Job (judeaugustine-j) → nobody |
| Changed in python-novaclient: | |
| assignee: | nobody → Sirisha (sirisha-1) |
Revision history for this message
| Shashwat Srivastava (shashwat-srivastava) wrote | #3 |
| Changed in python-novaclient: | |
| assignee: | Sirisha (sirisha-1) → Shashwat Srivastava (shashwat-srivastava) |
| Changed in python-novaclient: | |
| assignee: | Shashwat Srivastava (shashwat-srivastava) → NidhiMittalHada (nidhimittal19) |
| Changed in python-novaclient: | |
| assignee: | NidhiMittalHada (nidhimittal19) → nobody |
To post a comment you must log in.
Note that 'nova list --tenant' only works with tenant ids, not tenant names, see https:/
That said, I tried out some things in devstack and got interesting results.
I created two instances, one in admin tenant and one in demo tenant. As admin/admin, I found in order for --tenant to work as expected, you have to also give --all-tenants.
1. 'nova list' shows the instance in admin tenant
2. 'nova list --all-tenants' shows both instances, the one in demo tenant and the one in admin tenant
3. 'nova list --tenant 5d460e88a8ea450
4. 'nova list --all-tenants --tenant blah' shows an empty list
5. 'nova list --tenant blah' shows the instance in admin tenant
The 4. result is what I'd expect to see if I gave a wrong tenant id (list of nothing). The only way to check tenant id validity would be to make an extra call to keystone on the client-side. Because just because no instance in nova belongs to a tenant, doesn't necessarily mean the tenant is invalid. I also mentioned this in bug 1233492
So, I'm going to mark this as a Wishlist item, to have the client check keystone for validity if nothing is returned from nova api.