[Openstack] How should an instance learn what tenant it is in?
Andrew Bogott
abogott at wikimedia.org
Wed Jun 17 13:33:43 UTC 2015
On 6/16/15 9:13 PM, Sam Su wrote:
> Did you tried to get the tenant info from the nova API?
I haven't tried that -- that would, I guess, involve giving root on each
instance keystone credentials? I don't otherwise have cause to give
OpenSTack API access to users of my instances.
>
> -----Original Message-----
> From: Andrew Bogott [mailto:abogott at wikimedia.org]
> Sent: Tuesday, June 16, 2015 6:46 PM
> To: openstack at lists.openstack.org
> Subject: [Openstack] How should an instance learn what tenant it is in?
>
> I have many uses cases in which an instance needs to know what project
> it is in. Right now I accomplish this through an intricate hack which
> involves hooking instance creation and writing the tenant name to an ldap
> record.
>
> I'm considering rewriting this hack to write the tenant name into the
> metadata directly, but that will still be a hack. Is there an obvious,
> implemented solution to this that I'm missing? If not, would a nova patch
> that adds tenant id and name to the metadata be welcome? Or, are there
> security reasons for preventing an instance from knowing its tenant?
>
> -Andrew
>
> _______________________________________________
> Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
> Post to : openstack at lists.openstack.org
> Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
>
More information about the Openstack
mailing list