Monday, December 30, 2013

How to determine what Neutron security groups are assigned to what Keystone tenant/project

Today I was trying to use the Neutron Python CLI client to determine what Neutron security groups a specific tenant was using. I'm not sure if this is a Havana bug but regardless of method I continuously received all of the security groups for all of the tenants. I ended up resorting to a MySQL query using the Keystone and Neutron databases. Oh well, when I get a sec I'll search the Havana buglist for an answer as to why.

mysql> select,, from keystone.project JOIN neutron.securitygroups where;
| name        | name    | id                                   |
| service     | default | 0beeb42f-f96c-4ce9-beb2-cc8884121ac0 |
| QA          | default | 5525973b-2453-4d5b-9dac-b24e302f10db |
| admin       | default | 59f4a7f6-84d7-4059-a418-2fdd373b22ef |
| Engineering | default | ca1d104e-cf38-4a78-bbf8-656aea774e0c |
| Engineering | test    | d1f42d05-a8a2-4812-bd06-bf145567891f |
5 rows in set (0.00 sec)

If anyone knows a better way please post it in the Comments section.