On Fri, 2019-01-18 at 10:55 -0600, Matt Riedemann wrote: > On 1/4/2019 7:20 AM, Sean Mooney wrote: > > so in rocky the vm should boot, there will be no prevention of over subsciption in placement and netuon will > > configure > > the minium bandwith policy if the network backend suports it. The ingress qos minium bandwith rules was only added > > in > > neutron be egress qos minium bandwith support was added in newton with > > https://github.com/openstack/neutron/commit/60325f4ae9ec53734d792d111cbcf24270d57417#diff-4bbb0b6d12a0d060196c0e3f10e57cec > > You said "The ingress qos minium bandwith rules was only added in > neutron" - did you mean a release rather than "neutron", as in a release > newer than newton, presumably much newer? yes i meant to say minium ingress qos was only added to neutron in rocky where as minium egress qos dates back to newton. > > > so there are will be a lot of existing cases where ports will have minium bandwith policies before stein. > > Isn't this all admin-only by default in neutron since newton? So how do > we know there will be "a lot" of existing cases? Do we know of any > public openstack clouds that enable this for their users? If not, I'm > guessing by "a lot" maybe you mean a lot of telco private cloud > openstack deployments that just have a single MANO tenant? yes telco/nfv deployment where a mano system is used to manage openstack was the primary usecase i was thinking about. looking at the api definition https://github.com/openstack/neutron-lib/blob/master/neutron_lib/api/definitions/qos.py and api docs https://developer.openstack.org/api-ref/network/v2/index.html?expanded=create-minimum-bandwidth-rule-detail#qos-minimum-bandwidth-rules i dont see anything calling this api as admin only. i know qos in general was not intended to be admin only. looking at https://github.com/openstack/neutron/blob/master/neutron/conf/policies/qos.py it looks like you need admin right to create update and delete qos rules/policies but i think any user can aplly a qos policy that was created by an admin to a port or network https://github.com/openstack/neutron-lib/blob/master/neutron_lib/api/definitions/qos.py#L91-L108 extends the port and network resouces with a qos policy id. https://github.com/openstack/neutron/blob/master/neutron/conf/policies/qos.py https://github.com/openstack/neutron/blob/master/neutron/conf/policies/port.py https://github.com/openstack/neutron/blob/master/neutron/conf/policies/network.py do not set an adming only policy on the qos policy id so i assuem the default of RULE_ANY ('rule:regular_user') or RULE_ADMIN_OR_OWNER ('rule:admin_or_owner') applies. the intenat of haveing policy creation be admin only but requesting a policy be available to all tenants was to allow opertor to chage for guaranteed bandwith or priorised trafic and enable tenants to opt in to that. if the admin did not define any qos policies and used teh defult api polices then yes there are likely few users of this out side of telco deployments.