[one-users] groups and images/templates

Carlos Martín Sánchez cmartin at opennebula.org
Mon Aug 29 08:03:58 PDT 2011 

Hi Robert,

You are right about the meaning of "public", its scope is the resource's
group.
Using ACLs, you can create a group (let's say "shared"), and allow everybody
to use and instantiate IMAGE and TEMPLATES in that group.

$ onegroup create shared
ID: 100
ACL_ID: 2
ACL_ID: 3

$ oneacl create "* IMAGE+TEMPLATE/@100 INFO+USE+INSTANTIATE"
ID: 4

$ oneacl list
   ID     USER RES_VHNIUTG   RID OPE_CDUMIPpTW
    0       @1     V-NI-T-     *     C-----p--
    1       @1     -H-----     *     --U------
    2     @100     V-NI-T-     *     C-----p--
    3     @100     -H-----     *     --U------
    4        *     ---I-T-  @100     --U-I--T-

That will provide the scenario you described.
However, there's no straight-forward way for regular users to list the
resources in the "shared" group, as they can only list resources with the
'all', 'mine' or 'group' flag.

You can grant users the right to list all resources (INFO_POOL) if privacy
is not a concern... or you could create some other way to let users know the
list of resources in the "shared" group, for instance creating a new
Sunstone plug-in [1]


Maybe we could use this thread to discuss how to integrate better this
use-case in future versions.
We already have a request for multiple groups [2], that's one of the ways to
address this issue.

Regards,
Carlos.

[1] http://opennebula.org/documentation:rel3.0:sunstone_plugin_reference
[2] http://dev.opennebula.org/issues/761

--
Carlos Martín, MSc
Project Major Contributor
OpenNebula - The Open Source Toolkit for Cloud Computing
www.OpenNebula.org | cmartin at opennebula.org



On Wed, Aug 24, 2011 at 10:40 PM, Robert Parrott <parrott at seas.harvard.edu>
wrote:
> Hi Folks,
>
> Is there some way to make images or templates completely public?
>
> Currently, it looks like making an image or template "public" means
> that anyone within your group can see and use that image or template.
> It would be nice to also have the functionality where members of any
> group can make use of a set of public images and templates as a
> starting point for customizing their own VMs (i.e. "vanilla CentOS 6"
> or Ubuntu 10.04 LTS").
>
> Thanks,
> Rob
>
>
> --
> Robert E. Parrott, Ph.D. (Phys. '06)
> Director, Academic Computing
> Harvard University Sch. of Eng. and App. Sci.
> Maxwell-Dworkin  211,
> 33 Oxford St.
> Cambridge, MA 02138
> (617)-496-1520
> _______________________________________________
> Users mailing list
> Users at lists.opennebula.org
> http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opennebula.org/pipermail/users-opennebula.org/attachments/20110829/dd1bec37/attachment-0003.htm>

More information about the Users mailing list