As a quark/neutron developer I have to stand up neutron servers all the time. The way that openstack prefers this be done is with devstack. This is really great and cool if you want to deal with the whole stack and watch how the services interact. If you just want to develop your plugin for Neutron this is quite a bit more than overkill.

The OpenStack community is, rightfully so, pot-committed with their auth solution keystone. This can be seen by clients having --help outputs like:

[code lang=text]
$ neutron –help

–os-auth-strategy <auth-strategy>
DEPRECATED! Only keystone is supported.


This means that if you wish to be a simple, no-nonsense neutron developer and make use of the clients you’ll need to stand up keystone. Despite having done such a thing multiple times I still think it’s a pain in the ass. It’s simply a fact of life that OpenStack is somewhat complicated, maybe needlessly so, and abandoning support for ease-of-use solutions like noauth is a big reason for that.

We forked the client awhile ago to add auth extensions, and because of that noauth is now supported in the client. Now developing for neutron is much more accessible for everyone.

It’s these little things that make open-source development — open.

If you’d like the OpenStack community to embrace the mentality of ease-of-entry, and more openness please show your support in getting these auth extensions upstream.

How to Use noauth

Using noauth is quite simple.

[code lang=text]
neutron –os-auth-strategy noauth –os-url <service endpoint> COMMAND

Some examples:

List networks

[code lang=text]
neutron –os-auth-strategy noauth –os-url http://localhost:9696/v2.0 net-list

Create a network

[code lang=text]
neutron –os-auth-strategy noauth –os-url http://localhost:9696/v2.0 net-create my_nets –tenant-id me

Because you’re doing noauth you’ll need to pass in the tenant-id. This isn’t a big deal though because you can make up whatever you want!

If more examples are necessary just comment.

Leave a Reply