Open Stack

Hi All,

Please help me in understanding below scenario ???

OS::Neutron resources have tenant_id as parameter, so the default
authorization settings in keystone will allow administrative users to
create resources on behalf of a different project.

I mean with an admin token the network can be created in a specific
customer/tenant context.

Why not the same is provided for OS::Nova::Server ??

I had this requirement for auto-healing/scaling of a VM.

I am doing manual scaling based on inputs from monitoring framework instead
of ceilometer alarms.

I launched my heat stack in a tenant using python-api bindings:

>>> tenant_id = 'Tenant-A'

>>> heat_url = 'http://heat.example.org:8004/v1/%s' % tenant_id

>>> auth_token = 'user-A-in-Tenant-A auth-token'

>>> from heatclient.client import Client

>>> heat = Client('1', endpoint=heat_url, token=auth_token)


If I need to scale VM's belonging to this tenant, can I use tenant_id =
'Tenant-A' and auth_token corresponding to admin Tenant who has role access
in Tenant-A.

[I am getting an error like User of admin tenant is is unauthorized for
tenant-A ]

Because through monitoring framework, I can have admin details and no
tenant context ??

Is it suggestible to store user-credentials of Tenant-A and re-generate
auth-token and work ??


Thanks
Eswar
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack/attachments/20160203/a47ac790/attachment.html>