>> In Telecom Cloud applications, the requirements for every application are different. One application might need 10 CPUs, 10GB RAM and no disk. Another application might need 1 CPU, 512MB RAM and 100GB >>Disk. This varied requirements directly affects the flavors which need to be created for different applications (virtual instances). Customer has his own custom requirements for CPU, RAM and other >>hardware requirements. So, based on the requests from the customers, we believe that the flavor creation should be done along with the instance creation, just before the instance is created. Most of >>flavors will be specific to that application and therefore will not be suitable by other instances.
>> The obvious way is to allow users to create flavors and boot customized instances through Heat. As of now, users can launch instances through heat along with predefined nova flavors only. We have made >>some changes in our setup and tested it. This change allows creation of customized nova flavors using heat templates. We are also using extra-specs in the flavors for use in our private cloud >>deployment.
>> This gives an option to the user to mention custom requirements for the flavor in the heat template directly along with the instance details. There is one problem in the nova flavor creation using >>heat templates. Admin privileges are required to create nova flavors. There should be a way to allow a normal user to create flavors.
>Seems like you just need to setup your Nova policy to allow a role to do
>flavor creation:
>"compute_extension:flavormanage": "rule:admin_api",
>"compute_extension:v3:flavor-manage": "rule:admin_api",
>And then enhance Heat to make those API calls.

There must be some valid reason for adding those checks in the Nova Policy. I would like to understand the implications before making any changes.


