Bug 973459
| Summary: | Quantum quota-update returns permission denied error | ||
|---|---|---|---|
| Product: | Red Hat OpenStack | Reporter: | Graeme Gillies <ggillies> |
| Component: | openstack-neutron | Assignee: | Assaf Muller <amuller> |
| Status: | CLOSED ERRATA | QA Contact: | Ofer Blaut <oblaut> |
| Severity: | high | Docs Contact: | |
| Priority: | high | ||
| Version: | 3.0 | CC: | chrisw, ggillies, jkt, jpichon, lpeer, mlopes |
| Target Milestone: | beta | ||
| Target Release: | 4.0 | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | Bug Fix | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2013-12-20 00:05:43 UTC | Type: | Bug |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
Graeme -- I hit the same permission issue recently and came across https://bugs.launchpad.net/neutron/+bug/1189671. Changing the default quota driver as suggested resolved the problem for me, perhaps it will help here too. Graeme, Did the workaround as suggested in comment 3 worked for you? Hi, Sorry for not replying sooner. This resolves the issue. Thanks, Graeme the fix was merged in u/s rc2 build and should be available in RHOS 4.0 tested updated both network and port numbers root@rose11 ~(keystone_admin)]# neutron quota-update --network 20 +---------------------+-------+ | Field | Value | +---------------------+-------+ | floatingip | 50 | | network | 20 | <<<<<< | port | 50 |<<<<<<<< | router | 10 | | security_group | 10 | | security_group_rule | 100 | | subnet | 10 | +---------------------+-------+ [root@rose11 ~(keystone_admin)]# neutron quota-update --port 1000 --tenant-id 80384d55b7554d9ab3d6190142a69d34 +---------------------+-------+ | Field | Value | +---------------------+-------+ | floatingip | 50 | | network | 20 | | port | 1000 | <<<<<<<< | router | 10 | | security_group | 10 | | security_group_rule | 100 | | subnet | 10 | +---------------------+-------+ python-neutronclient-2.3.1-1.el6ost.noarch openstack-neutron-2013.2-3.el6ost.noarch Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. http://rhn.redhat.com/errata/RHEA-2013-1859.html |
Setting up a new environment with openstack grizzly, using quantum with quotas enabled, any attempt to modify the quotas using quantum quota-update gives a permission denied error env | grep OS OS_PASSWORD=<REMOVED> OS_AUTH_URL=http://<REMOVED>:35357/v2.0 OS_USERNAME=admin OS_TENANT_NAME=admin # quantum quota-update --port 1000 --tenant_id b0785756ead14a6d8b9855769a58ee9e {"QuantumError": "Access was denied to this resource."} # quantum quota-update --port 1000 {"QuantumError": "Access was denied to this resource."} The quantum-server log shows 2013-06-12 00:12:28 ERROR [quantum.api.v2.resource] update failed Traceback (most recent call last): File "/usr/lib/python2.6/site-packages/quantum/api/v2/resource.py", line 82, in resource result = method(request=request, **args) File "/usr/lib/python2.6/site-packages/quantum/extensions/quotasv2.py", line 102, in update self._driver.update_quota_limit(request.context, id, key, value) File "/usr/lib/python2.6/site-packages/quantum/quota.py", line 146, in update_quota_limit raise webob.exc.HTTPForbidden() HTTPForbidden: Access was denied to this resource. This seems odd as I am definitely an admin. Regards, Graeme