[one-users] default ownership for VM instances

Carlos Martín Sánchez cmartin at opennebula.org
Tue Apr 2 08:36:56 PDT 2013 

Hi,

I think this can be easily done with a hook [1]. You will need to trigger
it each time a new VM is created:

VM_HOOK = [
    name      = "default_chmod",
    on        = "CREATE",
    command   = "default_chmod.rb",
    arguments = "$ID $TEMPLATE" ]

And then create a small script (default_chmod.rb) that looks for the
default uid and gid inside the vm template (second argument, it will be the
xml base64 enconded); and executes 'onevm chmod'.


Let me know if this works for you.

Regards

[1] http://opennebula.org/documentation:rel3.8:hooks

--
Carlos Martín, MSc
Project Engineer
OpenNebula - The Open-source Solution for Data Center Virtualization
www.OpenNebula.org | cmartin at opennebula.org |
@OpenNebula<http://twitter.com/opennebula><cmartin at opennebula.org>


On Tue, Apr 2, 2013 at 4:40 PM, Gary S. Cuozzo <gary at isgsoftware.net> wrote:

> Hello all,
> Is there a way to have a VM user/group ownership (and potentially ACL's)
> be set based on values in the template?
>
> Here is my use case:
> Currently, all of our VM's are one of a kind.  Each VM is based on a
> unique template and uses persistent images.  It is the virtual equivalent
> of colocated servers where each customer has their own dedicated and
> customized servers.  We basically manage the images & templates, but want
> to give users access to their vm for start/stop/vnc.
>
> What I have right now is I create a user/group for each customer.  The I
> set the ownership of the resources to be their user & group.  When we
> instantiate the VM, we have to remember to set the ownership accordingly or
> it will not show up as a resource when they login to sunstone.
>
> It would be ideal if there was a way to specify, in the template, the
> default user and group which should own the VM and the ACL's.  It would
> also be nice if the default name of the VM could be set (Though I think
> there may already be a feature being added for this).  This way, if we had
> to stop & recreate the VM instance (such as for adding more resources), we
> could do it without having to remember to set permissions manually.
>
> Let me know what you think.
>
> Cheers,
> gary
>
>
> _______________________________________________
> Users mailing list
> Users at lists.opennebula.org
> http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opennebula.org/pipermail/users-opennebula.org/attachments/20130402/b0feb640/attachment-0002.htm>

More information about the Users mailing list