© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
a60fb26
(Get the code!)
hi,
First, nova quantum API does it (attach instance) in two ways:
1. list nets, subnets, create new port with device_id. This is in the same tenant context as nova
2.attach instance to port. In this case, we also need to make sure the port belongs to the same nova tenant
our current behaviour is: tenant can only operate his own net and port.
If this is not enough for port, we can make sure port's device_id cannot be changed after first being assigned a value.
if we need admin context to do port's device id assignment, nova quantum api has the quantum user which must be a admin account, since it will list the network information for all instances hosted by that host, so we can use this account.
all in all, we can limit the only once assignment of device_id for tenant user, but allow admin user for change it without limit. This way, we don't need to modify nova code, at the same time, keep the flexibility.