In Trove's case, I would suggest to consider the flavor/volume of the instance and floating IP if instance is public.

---
Lingxian Kong
Senior Cloud Engineer (Catalyst Cloud)
Trove PTL (OpenStack)
OpenStack Cloud Provider Co-Lead (Kubernetes)


On Mon, Feb 8, 2021 at 5:51 PM Ammad Syed <syedammad83@gmail.com> wrote:
Hi Lingxian,

You are right, the user has access to the database instance and that is what a user expects from Database as a Service. I was thinking as a cloud operator keeping in view the billing perspective, we usually do billing in terms of nova instance. Here we need to change our approach. 

Ammad Ali

On Fri, Feb 5, 2021 at 3:08 PM Lingxian Kong <anlin.kong@gmail.com> wrote:
There are several config options you can change to support this model:

[DEFAULT]
remote_nova_client = trove.common.clients.nova_client
remote_neutron_client = trove.common.clients.neutron_client
remote_cinder_client = trove.common.clients.cinder_client
remote_glance_client = trove.common.clients.glance_client

However, those configs are extremely not recommended and not maintained any more in Trove, which means, function may broken in this case.

The reasons are many folds. Apart from the security reason, one important thing is, Trove is a database as a service, what the cloud user is getting from Trove are the access to the database and some management APIs for database operations, rather than a purely Nova VM that has a database installed and can be accessed by the cloud user. If you prefer this model, why not just create Nova VM on your own and manually install database software so you have more control of that?

---
Lingxian Kong
Senior Cloud Engineer (Catalyst Cloud)
Trove PTL (OpenStack)
OpenStack Cloud Provider Co-Lead (Kubernetes)


On Fri, Feb 5, 2021 at 6:52 PM Ammad Syed <syedammad83@gmail.com> wrote:
Hello Kong,

I am using latest victoria release and trove 14.0.

Yes you are right, this is exactly happening. All the nova instances are in trove user service project. From my admin user i am only able to list database instances.

Is it possible that all nova instances should also deploy in any tenant project i.e if i am deploying database instance from admin user having adminproject and default domain the nova instance should be in adminproject rather then trove service project.

Ammad
Sent from my iPhone

On Feb 5, 2021, at 1:49 AM, Lingxian Kong <anlin.kong@gmail.com> wrote:


Hi Syed,

What's the trove version you've deployed?

From your configuration, once a trove instance is created, a nova server is created in the "service" project, as trove user, you can only show the trove instance.

---
Lingxian Kong
Senior Cloud Engineer (Catalyst Cloud)
Trove PTL (OpenStack)
OpenStack Cloud Provider Co-Lead (Kubernetes)


On Fri, Feb 5, 2021 at 12:40 AM Ammad Syed <syedammad83@gmail.com> wrote:
Hi,

I have deployed trove and database instance deployment is successful. But the problem is all the database servers are being created in service account i.e openstack instance list shows the database instances in admin user but when I check openstack server list the database instance won't show up here, its visible in trove service account. 

Can you please advise how the servers will be visible in admin account ? I want to enable multi-tenancy.

Below is the configuration

[DEFAULT]
log_dir = /var/log/trove
# RabbitMQ connection info
transport_url = rabbit://openstack:password@controller
control_exchange = trove
trove_api_workers = 5
network_driver = trove.network.neutron.NeutronDriver
taskmanager_manager = trove.taskmanager.manager.Manager
default_datastore = mysql
cinder_volume_type = database_storage
reboot_time_out = 300
usage_timeout = 900
agent_call_high_timeout = 1200

nova_keypair = trove-key

debug = true
trace = true

# MariaDB connection info
[database]
connection = mysql+pymysql://trove:password@mariadb01/trove

[mariadb]
tcp_ports = 3306,4444,4567,4568

[mysql]
tcp_ports = 3306

[postgresql]
tcp_ports = 5432

[redis]
tcp_ports = 6379,16379

# Keystone auth info
[keystone_authtoken]
www_authenticate_uri = http://controller:5000
auth_url = http://controller:5000
memcached_servers = controller:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = trove
password = servicepassword

[service_credentials]
auth_url = http://controller:5000
region_name = RegionOne
project_domain_name = default
user_domain_name = default
project_name = service
username = trove
password = servicepassword

--
Regards,


Syed Ammad Ali


--
Regards,


Syed Ammad Ali