Send provider:physical_network attr from get_networks if net is shared.
The default Neutron policy is that the provider:* attributes are only sent on a get_networks() call if the caller is an admin. Well, Capnet needs that attribute so it knows which Capnet bridge to put a virtual NIC into. And it turns out that if a non-admin user adds a VM to an admin-owned shared network, when Nova sets up the VM, it calls out to Neutron to collect network info for the VM -- but it must be doing it as the tenant user -- not with its admin powers. Well, we have to know this attribute... so we open up the policy a tiny bit to send the provider:physical_network attribute if the network is a shared network. So we override that default Neutron policy bit here. This is really the wrong thing to do, I suppose, because it leaks provider info through get_networks for shared networks. But the alternative is to make a secondary call in our Nova plugin to get_networks() with admin creds, and that I don't have time for right now. (The bit of our Nova plugin that requires this is in compute_capnet/network/neutronv2/api.py .) Nova agent collected the port's network info
Showing with 3 additions and 1 deletion