[Openstack] CLI vs Horizon dashboard has different view of networks created by devstack
Danny Choi (dannchoi)
dannchoi at cisco.com
Sun Oct 5 23:29:58 UTC 2014
Hi,
I used devstack to deploy Juno OpenStack.
By default, devstack created 2 users: admin (with role “admin”) and demo.
localadmin at qa4:~/devstack$ source openrc admin admin
localadmin at qa4:~/devstack$ keystone user-list
+----------------------------------+----------+---------+----------------------+
| id | name | enabled | email |
+----------------------------------+----------+---------+----------------------+
| 8ad8cd428ac94cd1a888d4372a61cabc | admin | True | | <<<
| e057de661e644f709899b169dd716037 | alt_demo | True | alt_demo at example.com |
| d55afe55b4de4815bc3e832b2684abd8 | cinder | True | |
| 57a3f7eefcff4a37b064938ebf7335da | demo | True | demo at example.com | <<<
| e40971caaf8040d2bc91ec62ad846377 | glance | True | |
| b6920c6626144595807f40ac36a453e4 | heat | True | |
| 71af3e61cb63442ea6a91fcd221487dd | neutron | True | |
| 259fb79c8bfa4c0f9d5df37c45868ce8 | nova | True | |
+----------------------------------+----------+---------+----------------------+
localadmin at qa4:~/devstack$ keystone tenant-list
+----------------------------------+--------------------+---------+
| id | name | enabled |
+----------------------------------+--------------------+---------+
| 55ec74628b004fedbef9b8cad130a442 | admin | True | <<<
| 2e6b7da08b9643cc95518c8efc7f71c3 | alt_demo | True |
| 51dcdd7f6f6545bd8bb49aeb556dab48 | demo | True | <<<
| e9f10b3e51fd4ff68150ec82eeeac3e4 | invisible_to_admin | True |
| 4264b64d7697419886ebf2ef141069a5 | service | True |
+----------------------------------+--------------------+---------+
localadmin at qa4:~/devstack$ keystone user-get admin
+----------+----------------------------------+
| Property | Value |
+----------+----------------------------------+
| email | |
| enabled | True |
| id | 8ad8cd428ac94cd1a888d4372a61cabc |
| name | admin |
| tenantId | 55ec74628b004fedbef9b8cad130a442 | <<< tenant=admin
| username | admin |
+----------+----------------------------------+
localadmin at qa4:~/devstack$ keystone user-get demo
+----------+----------------------------------+
| Property | Value |
+----------+----------------------------------+
| email | demo at example.com |
| enabled | True |
| id | 57a3f7eefcff4a37b064938ebf7335da |
| name | demo |
| tenantId | 51dcdd7f6f6545bd8bb49aeb556dab48 | <<< tenant=demo
| username | demo |
+----------+----------------------------------+
localadmin at qa4:~/devstack$ keystone user-role-list --user admin --tenant admin
+----------------------------------+------------------+----------------------------------+----------------------------------+
| id | name | user_id | tenant_id |
+----------------------------------+------------------+----------------------------------+----------------------------------+
| 9fe2ff9ee4384b1894a90878d3e92bab | _member_ | 8ad8cd428ac94cd1a888d4372a61cabc | 55ec74628b004fedbef9b8cad130a442 |
| 1f4f0d145e71452d9e633c63baae3696 | admin | 8ad8cd428ac94cd1a888d4372a61cabc | 55ec74628b004fedbef9b8cad130a442 |
| 98b3a4cad94949319d99acde115f682b | heat_stack_owner | 8ad8cd428ac94cd1a888d4372a61cabc | 55ec74628b004fedbef9b8cad130a442 |
+----------------------------------+------------------+----------------------------------+----------------------------------+
localadmin at qa4:~/devstack$ keystone user-role-list --user demo --tenant demo
+----------------------------------+------------------+----------------------------------+----------------------------------+
| id | name | user_id | tenant_id |
+----------------------------------+------------------+----------------------------------+----------------------------------+
| b3831a6a7eac4b8996ba428345cb9067 | Member | 57a3f7eefcff4a37b064938ebf7335da | 51dcdd7f6f6545bd8bb49aeb556dab48 |
| 9fe2ff9ee4384b1894a90878d3e92bab | _member_ | 57a3f7eefcff4a37b064938ebf7335da | 51dcdd7f6f6545bd8bb49aeb556dab48 |
| 750c89eea84f4e53852033331c835617 | anotherrole | 57a3f7eefcff4a37b064938ebf7335da | 51dcdd7f6f6545bd8bb49aeb556dab48 |
| 98b3a4cad94949319d99acde115f682b | heat_stack_owner | 57a3f7eefcff4a37b064938ebf7335da | 51dcdd7f6f6545bd8bb49aeb556dab48 |
+----------------------------------+------------------+----------------------------------+----------------------------------+
There are 2 networks created, public (tenant = admin) and private (tenant = demo); and both networks are not shared.
localadmin at qa4:~/devstack$ neutron net-list
+--------------------------------------+---------+----------------------------------------------------+
| id | name | subnets |
+--------------------------------------+---------+----------------------------------------------------+
| 2d113f8c-d742-4f2f-8cf2-a8e56749d51d | public | ab40f80e-aaf6-43ab-a1da-92f8ac7f7246 172.24.4.0/24 |
| 94d1e13c-cebc-419d-af06-49e6b4f01304 | private | 1265bbd4-e775-4d9b-a7d5-498848c09b37 10.0.0.0/24 |
+--------------------------------------+---------+----------------------------------------------------+
localadmin at qa4:~/devstack$ neutron net-show public
+---------------------------+--------------------------------------+
| Field | Value |
+---------------------------+--------------------------------------+
| admin_state_up | True |
| id | 2d113f8c-d742-4f2f-8cf2-a8e56749d51d |
| name | public |
| provider:network_type | vlan |
| provider:physical_network | p1p1 |
| provider:segmentation_id | 301 |
| router:external | True |
| shared | False |
| status | ACTIVE |
| subnets | ab40f80e-aaf6-43ab-a1da-92f8ac7f7246 |
| tenant_id | 55ec74628b004fedbef9b8cad130a442 | <<< tenant=admin
+---------------------------+--------------------------------------+
localadmin at qa4:~/devstack$ neutron net-show private
+---------------------------+--------------------------------------+
| Field | Value |
+---------------------------+--------------------------------------+
| admin_state_up | True |
| id | 94d1e13c-cebc-419d-af06-49e6b4f01304 |
| name | private |
| provider:network_type | vlan |
| provider:physical_network | p1p1 |
| provider:segmentation_id | 300 |
| router:external | False |
| shared | False |
| status | ACTIVE |
| subnets | 1265bbd4-e775-4d9b-a7d5-498848c09b37 |
| tenant_id | 51dcdd7f6f6545bd8bb49aeb556dab48 | <<< tenant=demo
+---------------------------+--------------------------------------+
In CLI, both networks are visible for both users admin and demo.
localadmin at qa4:~/devstack$ source openrc admin admin
localadmin at qa4:~/devstack$ neutron net-list
+--------------------------------------+---------+----------------------------------------------------+
| id | name | subnets |
+--------------------------------------+---------+----------------------------------------------------+
| 2d113f8c-d742-4f2f-8cf2-a8e56749d51d | public | ab40f80e-aaf6-43ab-a1da-92f8ac7f7246 172.24.4.0/24 |
| 94d1e13c-cebc-419d-af06-49e6b4f01304 | private | 1265bbd4-e775-4d9b-a7d5-498848c09b37 10.0.0.0/24 |
+--------------------------------------+---------+----------------------------------------------------+
localadmin at qa4:~/devstack$
localadmin at qa4:~/devstack$
localadmin at qa4:~/devstack$ source openrc demo demo
localadmin at qa4:~/devstack$ neutron net-list
+--------------------------------------+---------+--------------------------------------------------+
| id | name | subnets |
+--------------------------------------+---------+--------------------------------------------------+
| 2d113f8c-d742-4f2f-8cf2-a8e56749d51d | public | ab40f80e-aaf6-43ab-a1da-92f8ac7f7246 |
| 94d1e13c-cebc-419d-af06-49e6b4f01304 | private | 1265bbd4-e775-4d9b-a7d5-498848c09b37 10.0.0.0/24 |
+--------------------------------------+---------+--------------------------------------------------+
In Horizon dashboard, I logged in as user admin.
>From the Projects pulldown, select admin.
At the left pane, Project->Network->Networks, only the “public" network is shown.
>From the Projects pulldown, select demo.
At the left pane, Project->Network->Networks, only the “private" network is shown.
As a result, when I launch an instance with Horizon dashboard, I can only attach the public network (when project = admin)
or the private network (when project = demo).
However, in CLI, as user admin, I can launch an instance with public or private network.
localadmin at qa4:~/devstack$ source openrc admin admin
localadmin at qa4:~/devstack$ neutron net-list
+--------------------------------------+---------+----------------------------------------------------+
| id | name | subnets |
+--------------------------------------+---------+----------------------------------------------------+
| 2d113f8c-d742-4f2f-8cf2-a8e56749d51d | public | ab40f80e-aaf6-43ab-a1da-92f8ac7f7246 172.24.4.0/24 |
| 94d1e13c-cebc-419d-af06-49e6b4f01304 | private | 1265bbd4-e775-4d9b-a7d5-498848c09b37 10.0.0.0/24 |
+--------------------------------------+---------+----------------------------------------------------+
localadmin at qa4:~/devstack$ nova boot --image cirros-0.3.2-x86_64-uec --flavor 1 --nic net-id=2d113f8c-d742-4f2f-8cf2-a8e56749d51d vm1
+--------------------------------------+----------------------------------------------------------------+
| Property | Value |
+--------------------------------------+----------------------------------------------------------------+
| OS-DCF:diskConfig | MANUAL |
| OS-EXT-AZ:availability_zone | nova |
| OS-EXT-SRV-ATTR:host | - |
| OS-EXT-SRV-ATTR:hypervisor_hostname | - |
| OS-EXT-SRV-ATTR:instance_name | instance-0000000a |
| OS-EXT-STS:power_state | 0 |
| OS-EXT-STS:task_state | scheduling |
| OS-EXT-STS:vm_state | building |
| OS-SRV-USG:launched_at | - |
| OS-SRV-USG:terminated_at | - |
| accessIPv4 | |
| accessIPv6 | |
| adminPass | 3ZGJRjr6s3bk |
| config_drive | |
| created | 2014-10-05T23:03:36Z |
| flavor | m1.tiny (1) |
| hostId | |
| id | c308e2a1-1763-4d05-84ed-8fcf5f02abab |
| image | cirros-0.3.2-x86_64-uec (ea46d1d4-6c10-4f91-96e3-9ccd9cb8d76b) |
| key_name | - |
| metadata | {} |
| name | vm1 |
| os-extended-volumes:volumes_attached | [] |
| progress | 0 |
| security_groups | default |
| status | BUILD |
| tenant_id | 55ec74628b004fedbef9b8cad130a442 |
| updated | 2014-10-05T23:03:36Z |
| user_id | 8ad8cd428ac94cd1a888d4372a61cabc |
+--------------------------------------+----------------------------------------------------------------+
localadmin at qa4:~/devstack$ nova list
+--------------------------------------+------+--------+------------+-------------+-------------------+
| ID | Name | Status | Task State | Power State | Networks |
+--------------------------------------+------+--------+------------+-------------+-------------------+
| c308e2a1-1763-4d05-84ed-8fcf5f02abab | vm1 | ACTIVE | - | Running | public=172.24.4.4 |
+--------------------------------------+------+--------+------------+-------------+-------------------+
localadmin at qa4:~/devstack$ nova boot --image cirros-0.3.2-x86_64-uec --flavor 1 --nic net-id=94d1e13c-cebc-419d-af06-49e6b4f01304 vm2
+--------------------------------------+----------------------------------------------------------------+
| Property | Value |
+--------------------------------------+----------------------------------------------------------------+
| OS-DCF:diskConfig | MANUAL |
| OS-EXT-AZ:availability_zone | nova |
| OS-EXT-SRV-ATTR:host | - |
| OS-EXT-SRV-ATTR:hypervisor_hostname | - |
| OS-EXT-SRV-ATTR:instance_name | instance-0000000b |
| OS-EXT-STS:power_state | 0 |
| OS-EXT-STS:task_state | scheduling |
| OS-EXT-STS:vm_state | building |
| OS-SRV-USG:launched_at | - |
| OS-SRV-USG:terminated_at | - |
| accessIPv4 | |
| accessIPv6 | |
| adminPass | fLQ7xn8pgAhc |
| config_drive | |
| created | 2014-10-05T23:04:09Z |
| flavor | m1.tiny (1) |
| hostId | |
| id | 536a509f-7941-466a-9508-ce26f599f10a |
| image | cirros-0.3.2-x86_64-uec (ea46d1d4-6c10-4f91-96e3-9ccd9cb8d76b) |
| key_name | - |
| metadata | {} |
| name | vm2 |
| os-extended-volumes:volumes_attached | [] |
| progress | 0 |
| security_groups | default |
| status | BUILD |
| tenant_id | 55ec74628b004fedbef9b8cad130a442 |
| updated | 2014-10-05T23:04:09Z |
| user_id | 8ad8cd428ac94cd1a888d4372a61cabc |
+--------------------------------------+----------------------------------------------------------------+
localadmin at qa4:~/devstack$ nova list
+--------------------------------------+------+--------+------------+-------------+-------------------+
| ID | Name | Status | Task State | Power State | Networks |
+--------------------------------------+------+--------+------------+-------------+-------------------+
| c308e2a1-1763-4d05-84ed-8fcf5f02abab | vm1 | ACTIVE | - | Running | public=172.24.4.4 |
| 536a509f-7941-466a-9508-ce26f599f10a | vm2 | ACTIVE | - | Running | private=10.0.0.9 |
+--------------------------------------+------+--------+------------+-------------+—————————+
And as user demo, I can only attach the private network to an instance.
localadmin at qa4:~/devstack$ source openrc demo demo
localadmin at qa4:~/devstack$ neutron net-list
+--------------------------------------+---------+--------------------------------------------------+
| id | name | subnets |
+--------------------------------------+---------+--------------------------------------------------+
| 2d113f8c-d742-4f2f-8cf2-a8e56749d51d | public | ab40f80e-aaf6-43ab-a1da-92f8ac7f7246 |
| 94d1e13c-cebc-419d-af06-49e6b4f01304 | private | 1265bbd4-e775-4d9b-a7d5-498848c09b37 10.0.0.0/24 |
+--------------------------------------+---------+--------------------------------------------------+
localadmin at qa4:~/devstack$ nova boot --image cirros-0.3.2-x86_64-uec --flavor 1 --nic net-id=94d1e13c-cebc-419d-af06-49e6b4f01304 cirros-1
+--------------------------------------+----------------------------------------------------------------+
| Property | Value |
+--------------------------------------+----------------------------------------------------------------+
| OS-DCF:diskConfig | MANUAL |
| OS-EXT-AZ:availability_zone | nova |
| OS-EXT-STS:power_state | 0 |
| OS-EXT-STS:task_state | scheduling |
| OS-EXT-STS:vm_state | building |
| OS-SRV-USG:launched_at | - |
| OS-SRV-USG:terminated_at | - |
| accessIPv4 | |
| accessIPv6 | |
| adminPass | gYHta22xTK9a |
| config_drive | |
| created | 2014-10-05T23:17:28Z |
| flavor | m1.tiny (1) |
| hostId | |
| id | 791ad866-420d-4e32-baad-b34f0b6e50d1 |
| image | cirros-0.3.2-x86_64-uec (ea46d1d4-6c10-4f91-96e3-9ccd9cb8d76b) |
| key_name | - |
| metadata | {} |
| name | cirros-1 |
| os-extended-volumes:volumes_attached | [] |
| progress | 0 |
| security_groups | default |
| status | BUILD |
| tenant_id | 51dcdd7f6f6545bd8bb49aeb556dab48 |
| updated | 2014-10-05T23:17:28Z |
| user_id | 57a3f7eefcff4a37b064938ebf7335da |
+--------------------------------------+----------------------------------------------------------------+
localadmin at qa4:~/devstack$ nova list
+--------------------------------------+----------+--------+------------+-------------+-------------------+
| ID | Name | Status | Task State | Power State | Networks |
+--------------------------------------+----------+--------+------------+-------------+-------------------+
| 791ad866-420d-4e32-baad-b34f0b6e50d1 | cirros-1 | ACTIVE | - | Running | private=10.0.0.12 |
+--------------------------------------+----------+--------+------------+-------------+-------------------+
localadmin at qa4:~/devstack$ nova boot --image cirros-0.3.2-x86_64-uec --flavor 1 --nic net-id=2d113f8c-d742-4f2f-8cf2-a8e56749d51d cirros-2
+--------------------------------------+----------------------------------------------------------------+
| Property | Value |
+--------------------------------------+----------------------------------------------------------------+
| OS-DCF:diskConfig | MANUAL |
| OS-EXT-AZ:availability_zone | nova |
| OS-EXT-STS:power_state | 0 |
| OS-EXT-STS:task_state | scheduling |
| OS-EXT-STS:vm_state | building |
| OS-SRV-USG:launched_at | - |
| OS-SRV-USG:terminated_at | - |
| accessIPv4 | |
| accessIPv6 | |
| adminPass | aZRHa3ZgQAHP |
| config_drive | |
| created | 2014-10-05T23:18:13Z |
| flavor | m1.tiny (1) |
| hostId | |
| id | 6ffd8081-8659-40b3-b7c2-dc6746855692 |
| image | cirros-0.3.2-x86_64-uec (ea46d1d4-6c10-4f91-96e3-9ccd9cb8d76b) |
| key_name | - |
| metadata | {} |
| name | cirros-2 |
| os-extended-volumes:volumes_attached | [] |
| progress | 0 |
| security_groups | default |
| status | BUILD |
| tenant_id | 51dcdd7f6f6545bd8bb49aeb556dab48 |
| updated | 2014-10-05T23:18:13Z |
| user_id | 57a3f7eefcff4a37b064938ebf7335da |
+--------------------------------------+----------------------------------------------------------------+
localadmin at qa4:~/devstack$ nova list
+--------------------------------------+----------+--------+------------+-------------+-------------------+
| ID | Name | Status | Task State | Power State | Networks |
+--------------------------------------+----------+--------+------------+-------------+-------------------+
| 791ad866-420d-4e32-baad-b34f0b6e50d1 | cirros-1 | ACTIVE | - | Running | private=10.0.0.12 |
| 6ffd8081-8659-40b3-b7c2-dc6746855692 | cirros-2 | ERROR | - | NOSTATE | |
+--------------------------------------+----------+--------+------------+-------------+—————————+
Is this the expected behavior?
Thanks,
Danny
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack/attachments/20141005/58eeb0c1/attachment.html>
More information about the Openstack
mailing list