Hi,

Cinder and Glance are working ok with Netapp FAS8020 ontap 8.3 (NFS). We have a copy offload license and this is also working fine.

However the volume log in Cinder contains permissions errors  as follows -

 ERROR cinder.volume.drivers.netapp.dataontap.performance.perf_cmode NaApiError: NetApp API failed. Reason - 13003:Insufficient privileges: user 'openstack' does not have read access to this resource

and on the netapp command log -

 [kern_command-history:info:909] ontapi :: [ip address] :: openstack :: <netapp xmlns="http://www.netapp.com/filer/admin" version="1.31"><qos-policy-group-delete-iter><max-records>3500</max-records><query><qos-policy-group-info><policy-group>deleted_cinder_*</policy-group><vserver>[vserver_name]</vserver></qos-policy-group-info></query><return-success-list>false</return-success-list><return-failure-list>false</return-failure-list><continue-on-failure>true</continue-on-failure></qos-policy-group-delete-iter></netapp> :: Pending
 [kern_command-history:info:909] ontapi :: [ip address] :: openstack :: Insufficient privileges: user 'openstack' does not have write access to this resource :: ONTAPI :: Error

Any ideas what may be causing this error.?

The NetApp role was set up as per NetApp documentation here -

http://netapp.github.io/openstack-deploy-ops-guide/mitaka/content/cinder.fas.configuration.html#cinder.cdot.account_permissions

The user is a cluster level user