Configuring a User
- Jyothi KP
Analytics
To set up your Infoblox Grid to work with the Infoblox IPAM Driver for RHOSP, perform the following steps:
Note
To get a holistic view of your cloud network environment through the NIOS management system — the Infoblox Grid Manager enables the Cloud Network Automation license in the Grid Manager. This allows you to manage all the DNS, DHCP, and IPAM (DDI) information organized by tenant, network, and virtual machine for cloud objects in the Infoblox Grid Manager’s Cloud tab. For more information, see Infoblox NIOS Documentation.
You can use the admin user or create a separate user for the Infoblox integration. If you have a Cloud Network Automation license, a cloud-api-only group is created automatically. You can create a user in this group. Otherwise, you may want to create a group specifically for this integration.
In any scenario, the user or group must have the following minimum set of permissions for full DDI functionality to work the Infoblox IPAM Driver for RHOSP:
| Permission Type | Resource | Resource Type | Permission |
|---|---|---|---|
| [DNS] | All A records | A record | RW |
| [DNS] | All AAAA records | AAAA record | RW |
| [DNS, DHCP, IPAM] | All hosts | Host | RW |
| [DNS, DHCP, IPAM] | All IPv4 host addresses | IPv4 host address | RW |
| [DNS, DHCP, IPAM] | All IPv6 host addresses | IPv6 host address | RW |
| [DHCP, IPAM] | All IPv6 networks | IPv6 network | RW |
| [GRID] | All members | Member | RW |
| [DHCP, IPAM] | All IPv4 networks | IPv4 network | RW |
| [DHCP, IPAM] | All network views | Network view | RW |
| [DNS] | All PTR records | PTR record | RW |
| [DHCP] | All IPv4 ranges | IPv4 range | RW |
| [CLOUD] | All tenants | Tenant | RW |
| [DNS] | All DNS views | DNS view | RW |
| [DNS] | All zones | Zone | RW |
If you are testing the IPAM only case which does not require Infoblox to serve DHCP and DNS, here is the minimum set of required permissions:
| Permission Type | Resource | Resource Type | Permission | Comment |
|---|---|---|---|---|
| [GRID] | All members | Member | RW | This can be set RO if Report Grid Sync Time is set to False. |
| [CLOUD] | All tenants | Tenant | RW | |
| [DHCP, IPAM] | All network views | Network view | RW | |
| [DHCP, IPAM] | All IPv4 networks | IPv4 network | RW | |
| [DHCP, IPAM] | All IPv6 networks | IPv6 network | RW |