Thursday, November 27, 2014

Lookup Tenant of Floating IP Address in OpenStack

Lets say your security team is doing routine scanning and they find that a few of your OpenStack instances running in your cloud are not passing the security test, what do you do?

You whip up a quick and dirty bash script that takes the floating ip address as an argument and then provides the name of the tenant that ip address belongs to:

#!/bin/bash
FLOAT=`neutron floatingip-list |grep $1|awk -F '|' {'print $2'}`
TENANT=`neutron floatingip-show $FLOAT|grep tenant|awk -F '|' {'print $3'}`
keystone tenant-get $TENANT

Sample run:

 
 ./float2tenant.sh 10.63.10.193
+-------------+---------------------------------------------------------+
|   Property     |                          Value                                                    |
+-------------+---------------------------------------------------------+
| description | This is a sample project                                                     |
|   enabled   |                           True                                                        |
|      id         |             981690ddbe5347bda5c73415134d6664              |
|     name     |                     Project 1                                                       |
+-------------+---------------------------------------------------------+