Hi, my company is currently starting to implement a public Openstack cloud. I am part of the developer team creating a billing system towards our customers. We want to use Ceilometer's Event API (Liberty release) to retreive the usage information (as /v2/events) of our customers projects(aka tenants). Unfortunately, the RBAC filter prevents REST calls towards the /v2-Web-API from users who are not member of the project (or are their admin). But adding a user to all projects with a distinc ceilometer-reader role or admin role seems not fourtunate to us because to want to serve admin role users to their own domain to each customer. So the ceilometer-reader user could be removed by a customer. Due to this, we ran into some kind of deadlock of good solutions and would be happy to get any help:
- Is there another/common way to retrieve the event based usage information in a way to generate billing information? For example volume A was created at t1 and deleted at t2. - Is there a way to get a project scope token from keystone through some kind of cloud admin user which is not part of the project? - Is there a way to change Ceilometers policy.json in a way to retrieve data from all projects with a admin on the default project or someone similiar? Thanks for your efforts. Greetings, Christian Brinker _______________________________________________ OpenStack-operators mailing list OpenStack-operators@lists.openstack.org http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators