There is a --restricted flag to counter the --unrestricted flag. It was
documented, but the usage example had missed it. Add it for
completeness.
Change-Id: Ib4cdcacdd16bfb59e9d18714106ecda99e418812
Support Neutron network mtu configuration with a new argument, --mtu
that allows CLI users to set MTU for Neutron networks.
Change-Id: I93d23581c7e8c84eaf9bb3b293360036f60f456b
Implements the commands for endpoint group filter management.
Includes the CRUD management of the endpoint groups and the
association management between them and the projects that are
using this method.
Implements: blueprint keystone-endpoint-filter
Change-Id: I4265f7f8598d028191e90d76781b7b6ece6fef64
This patchset implements support for "--dns-domain" argument to the
following commands: "openstack port create" / "openstack port set".
Change-Id: I4bb001054b00a969b74db3bb310e567033bf589b
Depends-On: https://review.openstack.org/#/c/500660/
Closes-Bug: #1714878
Partial-Bug: #1704769
This change adds tags functionality for projects in keystone. A user
can add a single tag with "--tag", chain "--tag" to add multiple
tags, or clear tags with "--no-tag".
Change-Id: I31cfef3e76dcefe299dacb00c11bb1a10a252628
Partially-Implements: bp project-tags
Add support for creating, retrieving, and deleting application
credentials. Application credentials do not support updates.
In order to provide a positive user experience for the `--role` option,
this patch also includes an improvement to the
`identity.common._get_token_resource()` function that allows it to
introspect the roles list within a token. This way there is no need to
make a request to keystone to retrieve a role object, which would fail
most of the time anyway due to keystone's default policy prohibiting
unprivileged users from retrieving roles.
bp application-credentials
Change-Id: I29e03b72acd931305cbdac5a9ff666854d05c6d7
Now we can associate a qos policy to the floating IP, and
dissociate it. The commands are:
$ openstack floating ip create --qos-policy ...
$ openstack floating ip set --qos-policy ...
$ openstack floating ip set --no-qos-policy ...
$ openstack floating ip unset --qos-policy
These commands are based on the neutron change:
I4efe9e49d268dffeb3df4de4ea1780152218633b
Partially-Implements blueprint: floating-ip-rate-limit
Change-Id: I932b32f78cc5a2b53926feaec1a0b392cf7e8b57
Right now, if a neutron port is owned by a container powered by
Kuryr, there is no way to list and filter those ports because
OSC assumed a neutron port is owned by either a server or router.
This patch adds support for that by introducing an option '--device-id'
to the 'port list' command.
Change-Id: Ib1fd27e8d843a99fb02ccabd8a12a24ac27cec9c
--swap will add a additional storage device,
which not affect the original swap partition/device.
This patch will clarify this misleading description.
Change-Id: Ic079c069985d39cc969b97876901007a81883f57
Signed-off-by: Chen Hanxiao <chenhx@certusnet.com.cn>
Implements the commands that allow to link and endpoint to
a project for endpoint filter management.
Implements: blueprint keystone-endpoint-filter
Change-Id: Iecf61495664fb8413d35ef69f07ea929d190d002
Now, keystone has supported serverl auth method, like 'totp'.
Before we use this method, we should create the credential first.
And we need create it with type 'totp'. But now we cannot create
credential with this method.
Also, I think the type should not have constrains. We can create
any type in keystone project. So, we should do these actions too.
The type would be more which We cannot control.
Change-Id: Ie0482da3133fb515e4bb8e45f8c54f509589cc5e
Closes-bug: #1731848
Neutron API now supports getting details of supported
QoS rule type.
This patch adds support for this feature to OpenStack client.
Change-Id: I74d16563ce2236a7c899f5994f1dab43ace02138
Depends-On: I448b5d4f8e4ef42eafe50d9d6c63d0be666f98fc
Related-Bug: #1686035
Add a boolean option "target-all-projects",
which allows creating rbac policy for all projects.
Change-Id: Ie3af83a1bba7dd66e83b0595bb276bf8fd105831
Closes-Bug: #1728525
Closes-Bug: #1704834
Intel RSD is new architecture that disaggregates compute, storage,
and network resources, and provide the ability to dynamically compose
resources based on workload-specific demands [1]. The python-rsdclient
project provide specific RSD plugin to allow user to invoke RSD API
through OpenStackClient. So Added it into existing plugin list.
[1] https://www.intel.com/content/www/us/en/architecture-and-technology/rack-scale-design-overview.html
Change-Id: Ic49efddfb003c89ece6d782905b27fb46402b3ab
Introduce an option '--no-fixed-ip' on port create command.
If this option is specified and '--fixed-ip' is unspecified,
OSC will send a request to neutron with 'fixed_ips' as an empty
list, which will create an unaddress neutron port.
Note: The use cases of unaddress port was outlined in:
https://specs.openstack.org/openstack/neutron-specs/specs/liberty/unaddressed-port.html
(dtroyer: add Depends-On for Zuul v3 test)
Depends-On: I39e8e49243ab0bda631600715c971c55a34e2fd9
Change-Id: Ibe38598acbbcd0d353c952fc2a6fa67780762151
Closes-Bug: #1717829
This patch adds the "appcontainer" commands to the docs and sets
up the document generation for the python-zunclient plugin
Change-Id: I58bd208e98bd059d9df03ee71dcb83779044f83a
Allow the user to create an inference rule between
two roles. The first, called the prior role
is the role explicitly assigned to an individual.
The second, called the implied role, is one that
the user gets implicitly. For example:
Role B implies Role A.
User X is assigned Role B.
Therefore User X also assigned Role A.
The management and maintenance of the rules is
performed in the Keystone server.
Change-Id: If547c2f16e812bc7fffd742ec37e6a26011f3185
Fixed karborclient has been released. The problem only exists
in karborclient 0.4.0 and the current version is 0.6.0.
This reverts commit 99a502b203235a62c4ec478df81246cec39a0b7b.
Change-Id: Ie28fa1e0502792c87e68ab1c009b3349c739892b
This commit now allows user to specify 'prefix_delegation'
as a Subnetpool during Subnet creation by using the new
--use-prefix-delegation option so that the IPv6
prefixes can be delegated to routers set up by the
cloud admins.
Change-Id: I67e5d81c4155db2e3c5c41ee1df77f2d77a17689
Closes-Bug: #1513894
In keystone version 3.5, "type" optional attribute has been added
to list credentials. This patch add "user_id" and "type" optional
parameter in openstack client.
Change-Id: Ia09ee7c39204fdff2dfd7b9b606d888d007caac5
Neutron tag mechanism now supports network, subnet, port,
subnetpool and router. Tag support for more resources is planned.
This commit introduces a common mixin class to implement
tag operation and individual resource consumes it.
To support tag remove, network unset command is added.
Implements blueprint neutron-client-tag
Change-Id: Iad59d052f46896d27d73c22d6d4bb3df889f2352
Identity providers are now associated with domains. This change
allows a user to specify a domain by ID or by name when creating
an identity provider. [0]
This also adds the column for Domain ID in listing.
Updating a domain for an identity provider is not supported, so
that isn't changed.
[0]. Id18b8b2fe853b97631bc990df8188ed64a6e1275
Closes-Bug: 1698390
Change-Id: Icc408e2fe88f257d5863bd3df716a777d52befcc
