Description of problem:
As part a part of Octavia API RBAC enforcement, in order to interact with Octavia API a user/project must be assigned with one of the roles mentioned here. As a result, in devstack we both create demo/demo and assign  it with a load-balancer_member role.
In order to successfully run, tempest against Octavia python-tempestconf should assign the load-balancer_member role when it creates.
Otherwise (what currently happens), test_basic_ops fails to run
Arie added the same in Infrared in https://review.gerrithub.io/#/c/406734/
(In reply to Chandan Kumar from comment #1)
> Arie added the same in Infrared in https://review.gerrithub.io/#/c/406734/
> Chandan Kumar
We need the fix in python-tempestconf since Infrared is not a component that we ship as a part of OSP.
Moving to RHOS-14, As it linked with refactoring python-tempestconf
*** Bug 1562085 has been marked as a duplicate of this bug. ***
Instead of creating and assigning custom roles, I submitted a patch that configures tempest.conf to work with Octavia with legacy RBAC.
The above matches the way we configure Octavia, using policy.json
The review has been merged to master.
python-tempestconf-2.0.0-0.20180821043805.d7db90e.el7ost package has been released and it contains a feature which discovers octavia service and sets its configuration. The following values are set under load_balancer section in tempest.conf:
The package is available in the latest puddle (2018-09-05.1).
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.
For information on the advisory, and where to find the updated
files, follow the link below.
If the solution does not work for you, open a new bug report.