I've a issue with a network created for a single project. Our deployment is with DVS.
First I made a shared Net with the horizon GUI and everything works, I can deploy servers from the default Template and they start and I can login.
Then I created a non-shared net for one project only.
If I create a new server, with the same Image as before, in this new net, the deployment takes a long time. After that the server is pingable, but I cannot login because the ssh key is not injected.
I checked the logs on our Log Insight, but I cannot see any warnings. If I compare the two nets, they are almost the same.
Any hints how I can debug this?
Update:
Now I made a net with "--tenant-id xy" and a subnet without a specific --tenant-id and it works.
The Question is: Is this the correct way to create a net/subnet, just available to one project and not visible to others? And is it possible to create a net/subnet visible to some projects but not all?
I could fix this with rbac:
Create net
neutron net-create --provider:network_type vlan --provider:physical_network dvs --provider:segmentation_id 111 vlan_111
Create subnet
neutron subnet-create --name net_192.168.1.0 --gateway 192.168.1.1 --dns-nameserver 192.168.1.2 --ip-version 4 vlan_111 192.168.1.0/24
Create rbac (role based acess control)
neutron rbac-create --target-tenant 8768768768xc64768ds --action access_as_shared --type network vlan_111
I could fix this with rbac:
Create net
neutron net-create --provider:network_type vlan --provider:physical_network dvs --provider:segmentation_id 111 vlan_111
Create subnet
neutron subnet-create --name net_192.168.1.0 --gateway 192.168.1.1 --dns-nameserver 192.168.1.2 --ip-version 4 vlan_111 192.168.1.0/24
Create rbac (role based acess control)
neutron rbac-create --target-tenant 8768768768xc64768ds --action access_as_shared --type network vlan_111