My environment: Ansible 1.7.1/Ubuntu
I have a private OpenStack network, it works correctly if I use the neutron command:
$ env | grep OS_
OS_PASSWORD=cai
OS_AUTH_URL=http://demo-controller:35357/v2.0
OS_USERNAME=larry
OS_TENANT_NAME=demo
$ neutron net-list
+--------------------------------------+---------+--------------------------+
| id | name | subnets |
+--------------------------------------+---------+--------------------------+
| 5ecc0fbb-091b-4c6a-b905-c73e66e1ffda | ext-net | 3aa6539d-24d3-4c06-.. |
| 76506b52-1980-470c-b438-094e8b4bb3e7 | demo-1 | 52cd943d-7f25-4a11-.. |
+--------------------------------------+---------+--------------------------+
Now I want to get the network-id using the quantum_network module:
$ ansible localhost -m quantum_network -a "state=present login_username=larry login_password=cai login_tenant_name=demo name=demo-1 auth_url=http://demo-controller:35357/v2.0/" -v
But that throws an authentication error:
... File \"/usr/lib/python2.7/dist-packages/keystoneclient/utils.py\", line 318, in
inner\n return func(*args, **kwargs)\n File \"/usr/lib/python2.7/dist- packages/keystoneclient/session.py\", line 251, in request\n raise exceptions.from_response(resp, method, url)\nkeystoneclient.apiclient.exceptions.Forbidden: You are not authorized to perform the requested action, admin_required. (HTTP 403)\n",
"parsed": false
What is the problem?
It is the bug in quantum_network module, see issue #7275, it requires admin permission to get tenant id, which is not needed always.
Not sure which ansible release will include this.
I use the commit as patch in my release