how enforce an updated policy in /etc/nova/policy.json

Posted September 14, 2016
API Ubuntu

vi /etc/nova/policy.json

change “compute_extension:quotas:update”: “rule:admin_api” to “compute_extension:quotas:update”: “”

nc = nvclient.Client(auth_url=os.environ[‘OS_AUTH_URL’],username=“hello@gmail.com”,api_key=“hello”,project_id=“MEDULLA”,auth_system=auth_system,auth_plugin=auth_plugin,cacert=os.environ[‘OS_CACERT’]) #nc.authenticate()

policy.enforce(nc,‘quotas:update’,{‘getall’:None})

policy.enforce(nc,‘quotas:update’,{‘getall’:None}) Traceback (most recent call last): File “<stdin>”, line 1, in <module> NameError: name ‘policy’ is not defined

tesleft

tesleft • September 14, 2016

>>> policy.enforce(nc,'quotas:update',{'getall':None})
Traceback (most recent call last):
  File "<stdin>", line 1, in <module>
  File "/usr/lib/python2.7/dist-packages/nova/policy.py", line 92, in enforce
    init()
  File "/usr/lib/python2.7/dist-packages/nova/policy.py", line 62, in init
    reload_func=_set_rules)
  File "/usr/lib/python2.7/dist-packages/nova/utils.py", line 661, in read_cached_file
    mtime = os.path.getmtime(filename)
  File "/usr/lib/python2.7/genericpath.py", line 54, in getmtime
    return os.stat(filename).st_mtime
OSError: [Errno 2] No such file or directory: 'policy.json'

tesleft • September 14, 2016

dir(policy)
['CONF', 'IsAdminCheck', '_', '_POLICY_CACHE', '_POLICY_PATH', '__builtins__', '__doc__', '__file__', '__name__', '__package__', '_set_rules', 'cfg', 'check_is_admin', 'enforce', 'exception', 'get_rules', 'init', 'os', 'policy', 'policy_opts', 'reset', 'utils']

tesleft • September 14, 2016

got error in ice version python 2.7

dir(policy_engine) [‘class’, ‘delattr’, ‘doc’, ‘format’, ‘getattribute’, ‘hash’, ‘init’, ‘new’, ‘reduce’, ‘reduce_ex’, ‘repr’, ‘setattr’, ‘sizeof’, ‘str’, ‘subclasshook’]

https://review.openstack.org/gitweb?p=openstack/oslo-specs.git;a=commitdiff;h=17dc70a10053bd4231030c0ed5d9b0a377402b02

server_policies = [("compute_extension:quotas:update", ""),]

policy_engine = policy.get_rules()
policy_engine.register_opts(server_policies)
Traceback (most recent call last):
  File "<stdin>", line 1, in <module>
AttributeError: 'NoneType' object has no attribute 'register_opts'
>>> policy_engine.enforce('compute_extension:quotas:update', target, nc)
Traceback (most recent call last):
  File "<stdin>", line 1, in <module>
AttributeError: 'NoneType' object has no attribute 'enforce'

Submit an answer

You can type!ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

tesleft • September 15, 2016

i solved by

neutron quota-update --tenant_id " $1 " --router 1

DOCTL: DigitalOcean CLI

Interact with the DigitalOcean API via the command line:

DOCTL supports most functionality found in the DigitalOcean control panel
Create, configure, and destroy DigitalOcean resources like Droplets, Kubernetes clusters, firewalls, load balancers, database clusters, domains, and more from your command line

this is a test question

Question

Installing PHP-FPM with Apache2 on Ubuntu 12.10

Question

Try DigitalOcean for free

Click below to sign up and get $100 of credit to try our products over 60 days!

Related

Question

how enforce an updated policy in /etc/nova/policy.json

Related

Try DigitalOcean for free