Comment 4 for bug 1165002

Even in folsom, i believe you could have multiple external networks (it
just required multiple l3-agents running on different nodes).

The behavior described in this "bug" is the intended behavior. External
networks are created by an admin user and visible to everyone. I can see a
desire to want to only expose certain external networks to certain tenants,
but that was not the goal of the original design. I can see tracking this
as a change we may want to do in the future, but I don't think we should
track it as a bug, as it required non-trivial discussion around the right
way to expose more flexible control of external networks, which to me
suggests a blueprint.

On Mon, Apr 8, 2013 at 12:49 PM, Salvatore Orlando <
<email address hidden>> wrote:

> Yeah the difference was that for Folsom we were limited to a single
> instance of the l3-agent, and hence a single external network.
> In that case basically the only possible deployment was to have
> provider-owned external networks.
>
> With Grizzly you can have multiple external networks, which are probably
> still provider-owned, but a provider might want to choose how to share
> them among tenants.
>
> This might be even more delicate with Havana were one might end up
> having tenant-owned external networks (but honestly I'm not sure whether
> this is on the roadmap)
>
> --
> You received this bug notification because you are a member of Netstack
> Core Developers, which is subscribed to quantum.
> https://bugs.launchpad.net/bugs/1165002
>
> Title:
> tenant lists the external network of other tenants
>
> Status in OpenStack Quantum (virtual network service):
> Confirmed
>
> Bug description:
> $ quantum net-list
>
> +--------------------------------------+--------+---------------------------------------+
> | id | name | subnets
> |
>
> +--------------------------------------+--------+---------------------------------------+
> | 0b7805ac-f0ae-4bbb-8dd4-75d30d196a61 | pubnet |
> 193dc2ec-9893-423a-a59f-77eca753f197 |
> | d08a06e3-2d42-449c-9579-35c03119d668 | net2 |
> |
>
> +--------------------------------------+--------+---------------------------------------+
>
> Note:
> pubnet is network of other tenant.
> net2 is a shared network of other tenant
>
> gongysh@controlnode:~$ quantum net-show pubnet
> +-----------------+--------------------------------------+
> | Field | Value |
> +-----------------+--------------------------------------+
> | admin_state_up | True |
> | id | 0b7805ac-f0ae-4bbb-8dd4-75d30d196a61 |
> | name | pubnet |
> | router:external | True |
> | shared | False |
> | status | ACTIVE |
> | subnets | 193dc2ec-9893-423a-a59f-77eca753f197 |
> | tenant_id | 3671f46ec35e4bbca6ef92ab7975e463 |
> +-----------------+--------------------------------------+
>
> gongysh@controlnode:~$ quantum port-create pubnet
> {"QuantumError": "Tenant b155cd8ffdc24c77b3d6351f06671d0b not allowed to
> create port on this network"}
> gongysh@controlnode:~$ quantum port-create net2
> Created a new port:
> +----------------+--------------------------------------+
> | Field | Value |
> +----------------+--------------------------------------+
> | admin_state_up | True |
> | device_id | |
> | device_owner | |
> | fixed_ips | |
> | id | f10a2647-42c7-490d-ae70-28d684cc677b |
> | mac_address | fa:16:3e:64:c5:2b |
> | name | |
> | network_id | d08a06e3-2d42-449c-9579-35c03119d668 |
> | status | DOWN |
> | tenant_id | b155cd8ffdc24c77b3d6351f06671d0b |
> +----------------+--------------------------------------+
>
> To manage notifications about this bug go to:
> https://bugs.launchpad.net/quantum/+bug/1165002/+subscriptions
>

--
~~~~~~~~~~~~~~~~~~~~~~~~~~~
Dan Wendlandt
Nicira, Inc: www.nicira.com
twitter: danwendlandt
~~~~~~~~~~~~~~~~~~~~~~~~~~~