[nova] Does anyone remember why server_group_members quota is enforced at the user rather than project level?
melanie witt
melwittt at gmail.com
Mon Mar 11 20:06:14 UTC 2019
On Thu, 7 Mar 2019 09:08:46 -0600, Matt Riedemann <mriedemos at gmail.com>
wrote:
> Change [1] in Juno added the server_groups and server_group_members quotas.
>
> Server group quota is counted per project and user [2].
>
> Server group member quota is only counted per group and user [3].
>
> The question coming up in IRC today is why is the server group member
> count not also constrained by project? Or is project implied since the
> member count is within the scope of a group, which is itself per-project?
>
> Note that the original change that added these quotas said, "They can be
> defined per project or per user within a project".
When it says, "they can be defined per project or per user within a
project," that means the quota _limit_ can be defined per project or per
user. Which means, you can define a quota of 100 server group members
for anyone in project A, but could restrict user B in project A to only
10 server group members, if you wanted to. So, the quota limit is
definable per project or per project + user.
This is different than how the server group members are counted. As you
pointed out, server group members are counted only per user, not per
project. I don't know the reasoning behind it either. It might be like
you speculated, that since server groups are owned by a project, then
server group members have a project implied.
> Given none of the people that originally added this are around still
> maintaining it, nor was there a spec (we didn't have specs in Juno),
> we're left to guess as to the reasons.
>
> If we changed the server_group_members quota enforcement to count per
> group/project/user, would that break anything?
It would behave differently, but I'm not aware of anything that would
break. When we talked about moving nova to unified limits, I think the
plan was to change any existing per-user counts to count by project
instead (along with deprecating any per-user quota limit setting). I
think that server group members and key pairs are the only two that
count by user only, today.
-melanie
> [1] https://review.openstack.org/#/c/104957/
> [2]
> https://github.com/openstack/nova/blob/caa37cf099933c5aed02dcdb256055e18479fe13/nova/api/openstack/compute/server_groups.py#L176
> [3]
> https://github.com/openstack/nova/blob/caa37cf099933c5aed02dcdb256055e18479fe13/nova/compute/api.py#L1024
>
More information about the openstack-discuss
mailing list