how enforce an updated policy in /etc/nova/policy.json

September 14, 2016 1.6k views
API Ubuntu
tesleft
By:
tesleft

vi /etc/nova/policy.json

change
"computeextension:quotas:update": "rule:adminapi"
to
"compute_extension:quotas:update": ""

nc = nvclient.Client(authurl=os.environ['OSAUTHURL'],username="hello@gmail.com",apikey="hello",projectid="MEDULLA",authsystem=authsystem,authplugin=authplugin,cacert=os.environ['OSCACERT'])

nc.authenticate()

policy.enforce(nc,'quotas:update',{'getall':None})

policy.enforce(nc,'quotas:update',{'getall':None})
Traceback (most recent call last):
File "<stdin>", line 1, in <module>
NameError: name 'policy' is not defined

3 comments
  • tesleft September 14, 2016

    got error in ice version python 2.7

    dir(policyengine)
    ['    class', 'delattr', 'doc', 'format', 'getattribute', 'hash', 'init', 'new', 'reduce', 'reduceex', 'repr', 'setattr', 'sizeof', 'str', 'subclasshook__']

    https://review.openstack.org/gitweb?p=openstack/oslo-specs.git;a=commitdiff;h=17dc70a10053bd4231030c0ed5d9b0a377402b02

    server_policies = [("compute_extension:quotas:update", ""),]

policy_engine = policy.get_rules()
policy_engine.register_opts(server_policies)
Traceback (most recent call last):
  File "<stdin>", line 1, in <module>
AttributeError: 'NoneType' object has no attribute 'register_opts'
>>> policy_engine.enforce('compute_extension:quotas:update', target, nc)
Traceback (most recent call last):
  File "<stdin>", line 1, in <module>
AttributeError: 'NoneType' object has no attribute 'enforce'
  • tesleft September 14, 2016 
    dir(policy)
['CONF', 'IsAdminCheck', '_', '_POLICY_CACHE', '_POLICY_PATH', '__builtins__', '__doc__', '__file__', '__name__', '__package__', '_set_rules', 'cfg', 'check_is_admin', 'enforce', 'exception', 'get_rules', 'init', 'os', 'policy', 'policy_opts', 'reset', 'utils']
  • tesleft September 14, 2016 
    >>> policy.enforce(nc,'quotas:update',{'getall':None})
Traceback (most recent call last):
  File "<stdin>", line 1, in <module>
  File "/usr/lib/python2.7/dist-packages/nova/policy.py", line 92, in enforce
    init()
  File "/usr/lib/python2.7/dist-packages/nova/policy.py", line 62, in init
    reload_func=_set_rules)
  File "/usr/lib/python2.7/dist-packages/nova/utils.py", line 661, in read_cached_file
    mtime = os.path.getmtime(filename)
  File "/usr/lib/python2.7/genericpath.py", line 54, in getmtime
    return os.stat(filename).st_mtime
OSError: [Errno 2] No such file or directory: 'policy.json'
Log In to Comment
1 Answer
tesleft September 15, 2016

i solved by

neutron quota-update --tenant_id " $1 " --router 1

Reply
Have another answer? Share your knowledge.

Related Questions