[nova] Does anyone remember why server_group_members quota is enforced at the user rather than project level?

Chris Friesen chris.friesen at windriver.com
Wed Mar 13 21:28:44 UTC 2019


On 3/13/2019 8:41 AM, Jay Pipes wrote:

> Yep, and IMHO, keypairs is the one and only valid user-specific limit.

Even that is a bit sketchy, since instances are owned by projects.

Currently if a user starts up an instance and then leaves without 
sharing the keypair, other users in the same project would potentially 
need to rebuild the instance to update the keypair before they can log 
in to it.

I think an argument could be made that keypairs should be owned by 
projects, and users should get allocated single-user projects for 
instances they want to keep private.

Chris



More information about the openstack-discuss mailing list