Hi there,
I'm using Senlin in stable/queens and find admin user is able to list all
users' cluster but not able to delete other users's clusters/profiles. The
debug log shows it gets ResouceNotFound error Wondering if that is an
expected behavior? How should admin user manage all the Senlin clusters?
Any help is appreciated.
hangyang@ows-api1-qe1[ows_qe]:~$ openstack cluster list --global-project
+----------+-----------------------+--------+----------------------+----------------------+------------+
| id | name | status | created_at |
updated_at | project_id |
+----------+-----------------------+--------+----------------------+----------------------+------------+
| a2294060 | my_test_cluster_YB61d | ACTIVE | 2018-06-12T21:49:19Z |
2018-06-12T21:49:19Z | 152690aa |
hangyang@ows-api1-qe1[ows_qe]:~$ openstack cluster delete a2294060 --debug
...
RESP BODY: {"code": 404, "error": {"code": 404, "message": "The cluster
'a2294060' could not be found.", "type": "ResourceNotFound"},
"explanation": "The resource could not be found.", "title": "Not Found"}
a2294060: failed due to 'Unable to delete Cluster for a2294060'
...
Senlin policy.json
{
"context_is_admin": "role:admin",
"deny_everybody": "!",
"build_info:build_info": "",
"profile_types:index": "",
"profile_types:get": "",
"profile_types:ops": "",
"policy_types:index": "",
"policy_types:get": "",
"clusters:index": "",
"clusters:create": "",
"clusters:delete": "",
"clusters:get": "",
"clusters:action": "",
"clusters:update": "",
"clusters:collect": "",
"clusters:operation": "",
...
Regards,
Hang
I'm using Senlin in stable/queens and find admin user is able to list all
users' cluster but not able to delete other users's clusters/profiles. The
debug log shows it gets ResouceNotFound error Wondering if that is an
expected behavior? How should admin user manage all the Senlin clusters?
Any help is appreciated.
hangyang@ows-api1-qe1[ows_qe]:~$ openstack cluster list --global-project
+----------+-----------------------+--------+----------------------+----------------------+------------+
| id | name | status | created_at |
updated_at | project_id |
+----------+-----------------------+--------+----------------------+----------------------+------------+
| a2294060 | my_test_cluster_YB61d | ACTIVE | 2018-06-12T21:49:19Z |
2018-06-12T21:49:19Z | 152690aa |
hangyang@ows-api1-qe1[ows_qe]:~$ openstack cluster delete a2294060 --debug
...
RESP BODY: {"code": 404, "error": {"code": 404, "message": "The cluster
'a2294060' could not be found.", "type": "ResourceNotFound"},
"explanation": "The resource could not be found.", "title": "Not Found"}
a2294060: failed due to 'Unable to delete Cluster for a2294060'
...
Senlin policy.json
{
"context_is_admin": "role:admin",
"deny_everybody": "!",
"build_info:build_info": "",
"profile_types:index": "",
"profile_types:get": "",
"profile_types:ops": "",
"policy_types:index": "",
"policy_types:get": "",
"clusters:index": "",
"clusters:create": "",
"clusters:delete": "",
"clusters:get": "",
"clusters:action": "",
"clusters:update": "",
"clusters:collect": "",
"clusters:operation": "",
...
Regards,
Hang