[one-users] OpenNebula SelfManaged User interface

Carlos Martín Sánchez cmartin at opennebula.org
Wed Aug 3 10:21:07 PDT 2011 

Hi Rasika,

With OpenNebula 3.0 the scenario you describe can be set up. The creation
and administration of VM images, networking, and templates resources can be
restricted to certain users, or a group of users; leaving the regular users
the only option to instantiate a new VM from one of the existing templates.
OpenNebula of course manages the physical hosts and schedules the deployment
attending to the VM requirements and the current available resources.

Documentation about users, groups and ACL rules can be found here [1]. As a
testing environment, you could use the default groups 'oneadmin' and
'users'.

The following ACL rules  will allow users in the 'users' group to list
Templates in their group. They won't be able to list existing Images, VNets
or Hosts; just the templates.

$ oneacl list
  ID     USER RES_VHNIUTG   RID OPE_CDUMIPpTW
   1       @1     -H-----     *     --U------
   2       @1     -----T-     *     ------p--

The implicit rules allow them also to instantiate public objects in their
group, so anyone in the 'oneadmin' group will have to create the Images,
VNets and VM Templates; and then change the group of those resources to
'users' and publish them. This process is equally easy from Sunstone (ACL
manager for Sunstone will be added soon) or the CLI [2].

After the permissions have been restricted, Sunstone can be configured to hide
undesired tabs (as the Vnets or Images view). Also it is very easy to hide
specific action buttons in each view. Button configuration objects, along
with the customization of the views, are explained in this guide [3]. You
should leave the Templates and VMs tabs, hiding the rest.

The last requirement, leaving the users the option to customize the Memory
and CPU of the Templates to instantiate, can be addressed in different ways:

If you just want something that works out of the box, then you could define
different capacity templates for each machine, e.g. redhat-small
redhat-medium & redhat-big, so users could choose one of them.

But if you really need to let users set freely some of the attributes of the
templates before they are initialized, then you can implement a new Sunstone
plug-in [4] to replace the current Templates tab. This new plug-in could
take a list of base templates, ask the user to customize some of the
attributes (like Memory or CPU) and create a new Template, owned by the
user. This is only one approach, as you can think of other ways of creating
this specific plugin.

This is a basic example, which can be extended to a multi-tenant
architecture using more groups, or VDCs [5], adding the possibility of
isolated work groups with their group admin.

Finally, as this is a very interesting issue, we are preparing a blog post
in which we will detail a bit better every step of the process.

Thank you for your interest,
Carlos.

[1] http://opennebula.org/documentation:rel3.0:auth_overview
[2] http://opennebula.org/documentation:rel3.0:cli
[3] http://opennebula.org/documentation:rel3.0:sunstone_plugin_guide
[4] http://opennebula.org/documentation:rel3.0:sunstone_plugin_reference
[5] http://opennebula.org/documentation:rel3.0:vdcmngt
--
Carlos Martín, MSc
Project Major Contributor
OpenNebula - The Open Source Toolkit for Cloud Computing
www.OpenNebula.org | cmartin at opennebula.org


On Wed, Aug 3, 2011 at 7:23 AM, Rasika Karunathilaka <
rasika.karunathilaka at yahoo.com> wrote:

> Hi Team,
>
>  Does open nebula has a user interface apart from Sunstone, which provide
> self managed features as in EC2. I need following to be done by the private
> cloud users, that is
>     whenever they need a new machine,
>         * They login to OpenNebula interface and select the operating
> system (It can be Window, RedHat or CentOS)  which they need and select the
> Memory and CPU Power, then just by clicking single link or button machine
> get created to them and they could access it.
>         My users won't know on which machine that he is going to deploy or
> to select whatever machine which has less load. Further, he might not be a
> technical person to understand and create current template, he might just
> know OS name and following quick easy step he should be able to deploy and
> get what he needs. Does open nebula has the capability to look at the
> current setup (Network , hosts, disk space) and figure out on which machine
> to deploy. (Self Manageability)
>
>     OpenNebula is giving fantastic features and I really enjoyed it. if
> there is self managed user interface that will be great to have! Please let
> me know where to look for...
>
>
> Best regards,
> Rasika K
>
> _______________________________________________
> Users mailing list
> Users at lists.opennebula.org
> http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opennebula.org/pipermail/users-opennebula.org/attachments/20110803/db5955fb/attachment-0002.htm>

More information about the Users mailing list