Allow add/delete networks ports as a tenant

Registered by Itxaka Serrano on 2015-12-14

Summary
=======
Allow add/delete networks ports as a tenant instead of it being virtually limited to the admin

Motivation
========
Seems that the tenants, that can already create networks and sub-networks, should be able to create ports without depending on an admin.

Description
=========
Allow add/delete networks ports as a tenant instead of it being limited to the admin.

UX
===
New buttons would appear on the subnet tables

Testing
======
Testing needs to be done to make sure that the new actions are covered by tests.

Outside Dependencies
==================
No outside dependencies

Requirements Update Required
========================
No requirements

Doc Impact
=========
Should meantion on the release notes that a tenant can now create and delete ports.

Blueprint information

Status:
Complete
Approver:
None
Priority:
Undefined
Drafter:
Itxaka Serrano
Direction:
Needs approval
Assignee:
Itxaka Serrano
Definition:
Obsolete
Series goal:
None
Implementation:
Needs Code Review
Milestone target:
None
Started by
Itxaka Serrano on 2016-01-27
Completed by
Itxaka Serrano on 2016-04-20

Related branches

Sprints

Whiteboard

Gerrit topic: https://review.openstack.org/#q,topic:bp/network-ports-tenant,n,z

Addressed by: https://review.openstack.org/253112
    Allow add/delete networks ports as a tenant [ABANDONED]

[robcresswell]
Discussed in the drivers meeting on 2015-01-06; needs more info on use case.

[tsufiev, 2015-01-06] Although I doubt the UX value of regular users being able to Add/Delete ports, I still think that any user who just created a port should be able to delete it as well - if it's not used by a running VM. Both add/delete belongs to a single bp, because one operation doen't make sense w/o another.

[itxaka, 2015-01-07]
On the use case: The automatic added ports for your instances are not always the desired ones. There is at least 3 types of ports (normal, direct, vMac) so maybe you need your instance to use one of those. In that case you need to ask an admin to create a port of that type in your tenant network.
Also, when you deatach ports from a running instance, they keep there but are unused, as attaching port just creates new ones. Why would a user not be able to remove those unused ports?
(To reproduce, create an instance and keep deataching/attaching interfaces, then go to your network and see all the ports in there unused)

On the separation of add/delete: From my POV it makes no sense. To allow a user to add ports but then have the user not able to delete them and resort to either ask an admin or go to the cli is backwards. In fact, that seems like a half assed feature which I rather not do.

Regarding the deleting of ports from running VMS, my opinion differs. Its up to the user to do so or not and if neutron allows to do it, why would we act as a guardian of it? I
 just tested locally and you can delete a port attached to an instance with no problems as a normal non-admin user.
What is the reasoning of removing cli features just because?

Gerrit topic: https://review.openstack.org/#q,topic:bug/1399252,n,z

Addressed by: https://review.openstack.org/320203
    Add Port-Create in Project Dashboard

(?)

Work Items

This blueprint contains Public information 
Everyone can see this information.

Subscribers

No subscribers.