Join Log in
Score:0
Abhijit Anand avatar Ubuntu

Non Admin Openstack user unable to create compute instances on Horizon

eh flag
Abhijit Anand

Problem Statement: Non Admin user is unable to create instances using Openstack Horizon Dashboard.

Errors: Errors seen in sequence on the top right of the page are:

  • Error: Forbidden. Insufficient permissions of the requested operation
  • Error: Unable to retrieve the flavors.
  • Error: Unable to retrieve the images.
  • Error: Unable to retrieve instances. Details Policy doesn't allow os_compute_api:servers:detail to be performed. (HTTP 403) (Request-ID: req-7c777849-af66-48dc-9b1e-48fdeaafbc5d)

Other Symptoms:

  • When choosing the "Compute > Instances > Launch Instance" wizard - the use can not see the option to choose image / flavors.
  • Admin user CAN choose these options and launch an instance.

Versions:

  • Ubuntu 22.04
  • Openstack Antelope release
  • 4 nodes cluster: 2 Compute, 1 Controller, 1 Storage
  • This is a new, manually deployed openstack cluster

Troubleshooting done:

  • Uncommented policy lines in nova_policy.yaml in /usr/share/openstack-dashboard/openstack_dashboard/conf
  • Restarted services, rebooted the controller node.

Any help would be greatly appreciated.

42
0 + 1
in flag
matigo
Non-Admins are not expected to create instances. They can partially manage instances assigned to them, but that's about it. Otherwise non-admins could easily over-provision a server and degrade performance for everyone. If the goal is to have anyone allowed to do anything, then you may want to just grant everyone admin access. Mind you, this would just create a different set of problems.
1
Reply
ธงชาติไทย
Elon Musk
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.