Hi,<div><br></div><div>It is not a good idea, the oned/sched daemons assumes exclusive use of the cluster nodes (a.k.a hypervisors). As pointed by Lars you may end with overcommited memory/CPU.</div><div><br></div><div>My proposal here would be to use clusters. Define a couple of cluster (e.g. demos, production, develop) and assign hypervisor (onecluster command) to them as you need. </div>
<div><br></div><div>Then VMs will be placed in the corresponding cluster using REQUIREMENTS="CLUSTER=demo" for example. This requires users to assume that model and place the REQUIREMENTS string in the VM templates. </div>
<div><br></div><div>There is no straight forward solution for networks as discussed in a separate thread.</div><div><br></div><div>Next release, will include groups + ACLs + VM template pool that will help you to easily implement these use cases...</div>
<div><br></div><div>Cheers</div><div><br></div><div>Ruben</div><div><br><div class="gmail_quote">On Tue, May 3, 2011 at 9:42 PM, Lars Kellogg-Stedman <span dir="ltr"><<a href="mailto:lars@seas.harvard.edu">lars@seas.harvard.edu</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex;"><div class="im">> Does anyone have any experience with this type of configuration or is it<br>
> even possible with OpenNebula?<br>
<br>
</div>We were just discussing this model for our use earlier today as a way<br>
of working around the lack of a granular authorization model. Our use<br>
case is that we want to have some networks only available to our IT<br>
staff, while making other networks available for course and research<br>
use. At first glance, there's nothing to stop you from deploying<br>
multiple OpenNebula servers pointing at the same backend hosts, but<br>
you're going to find it difficult to control resource (primarily CPU<br>
and memory) utilization since the two instances won't be aware of each<br>
other. In theory you could adjust for this by limiting the total<br>
resources available to each server, but I'm not sure off the top of my<br>
head if this is actually possible.<br>
<br>
We may ultimately go with shared accounts (e.g., everyone in IT<br>
authenticates as the "IT" user, and everyone in CS50 authenticates as<br>
the "CS50" user) -- unless the forthcoming release addresses some of<br>
these issues.<br>
<br>
--<br>
<font color="#888888">Lars Kellogg-Stedman <<a href="mailto:lars@seas.harvard.edu">lars@seas.harvard.edu</a>><br>
Senior Technologist<br>
Harvard University SEAS<br>
Academic and Research Computing (ARC)<br>
_______________________________________________<br>
Users mailing list<br>
<a href="mailto:Users@lists.opennebula.org">Users@lists.opennebula.org</a><br>
<a href="http://lists.opennebula.org/listinfo.cgi/users-opennebula.org" target="_blank">http://lists.opennebula.org/listinfo.cgi/users-opennebula.org</a><br>
</font></blockquote></div><br><br clear="all"><br>-- <br>Dr. Ruben Santiago Montero<br>Associate Professor (Profesor Titular), Complutense University of Madrid<br><br>URL: <a href="http://dsa-research.org/doku.php?id=people:ruben" target="_blank">http://dsa-research.org/doku.php?id=people:ruben</a><br>
Weblog: <a href="http://blog.dsa-research.org/?author=7" target="_blank">http://blog.dsa-research.org/?author=7</a><br>
</div>