Hi Robert,<br><br>You are right about the meaning of "public", its scope is the resource's group.<br>Using ACLs, you can create a group (let's say "shared"), and allow everybody to use and instantiate IMAGE and TEMPLATES in that group.<br>
<br><span style="font-family: courier new,monospace;">$ onegroup create shared</span><br style="font-family: courier new,monospace;"><span style="font-family: courier new,monospace;">ID: 100</span><br style="font-family: courier new,monospace;">
<span style="font-family: courier new,monospace;">ACL_ID: 2</span><br style="font-family: courier new,monospace;"><span style="font-family: courier new,monospace;">ACL_ID: 3</span><br style="font-family: courier new,monospace;">
<span style="font-family: courier new,monospace;"><br>$ oneacl create "* IMAGE+TEMPLATE/@100 INFO+USE+INSTANTIATE"</span><br style="font-family: courier new,monospace;"><span style="font-family: courier new,monospace;">ID: 4</span><br style="font-family: courier new,monospace;">
<span style="font-family: courier new,monospace;"><br>$ oneacl list</span><br style="font-family: courier new,monospace;"><span style="font-family: courier new,monospace;"> ID USER RES_VHNIUTG RID OPE_CDUMIPpTW</span><br style="font-family: courier new,monospace;">
<span style="font-family: courier new,monospace;"> 0 @1 V-NI-T- * C-----p--</span><br style="font-family: courier new,monospace;"><span style="font-family: courier new,monospace;"> 1 @1 -H----- * --U------</span><br style="font-family: courier new,monospace;">
<span style="font-family: courier new,monospace;"> 2 @100 V-NI-T- * C-----p--</span><br style="font-family: courier new,monospace;"><span style="font-family: courier new,monospace;"> 3 @100 -H----- * --U------</span><br style="font-family: courier new,monospace;">
<span style="font-family: courier new,monospace;"> 4 * ---I-T- @100 --U-I--T-</span><br><br>That will provide the scenario you described.<br>However, there's no straight-forward way for regular users to list the resources in the "shared" group, as they can only list resources with the 'all', 'mine' or 'group' flag.<br>
<br>You can grant users the right to list all resources (INFO_POOL) if privacy is not a concern... or you could create some other way to let users know the list of resources in the "shared" group, for instance creating a new Sunstone plug-in [1]<br>
<br><br>Maybe we could use this thread to discuss how to integrate better this use-case in future versions.<br>We already have a request for multiple groups [2], that's one of the ways to address this issue.<br><br>Regards,<br>
Carlos.<br><br>[1] <a href="http://opennebula.org/documentation:rel3.0:sunstone_plugin_reference">http://opennebula.org/documentation:rel3.0:sunstone_plugin_reference</a><br>[2] <a href="http://dev.opennebula.org/issues/761">http://dev.opennebula.org/issues/761</a><br>
<br>--<br>Carlos Martín, MSc<br>Project Major Contributor<br>OpenNebula - The Open Source Toolkit for Cloud Computing<br><a href="http://www.OpenNebula.org">www.OpenNebula.org</a> | <a href="mailto:cmartin@opennebula.org">cmartin@opennebula.org</a><br>
<br><br><br>On Wed, Aug 24, 2011 at 10:40 PM, Robert Parrott <<a href="mailto:parrott@seas.harvard.edu">parrott@seas.harvard.edu</a>> wrote:<br>> Hi Folks,<br>><br>> Is there some way to make images or templates completely public?<br>
><br>> Currently, it looks like making an image or template "public" means<br>> that anyone within your group can see and use that image or template.<br>> It would be nice to also have the functionality where members of any<br>
> group can make use of a set of public images and templates as a<br>> starting point for customizing their own VMs (i.e. "vanilla CentOS 6"<br>> or Ubuntu 10.04 LTS").<br>><br>> Thanks,<br>
> Rob<br>
><br>><br>> --<br>> Robert E. Parrott, Ph.D. (Phys. '06)<br>> Director, Academic Computing<br>> Harvard University Sch. of Eng. and App. Sci.<br>> Maxwell-Dworkin 211,<br>> 33 Oxford St.<br>> Cambridge, MA 02138<br>
> (617)-496-1520<br>> _______________________________________________<br>> Users mailing list<br>> <a href="mailto:Users@lists.opennebula.org">Users@lists.opennebula.org</a><br>> <a href="http://lists.opennebula.org/listinfo.cgi/users-opennebula.org">http://lists.opennebula.org/listinfo.cgi/users-opennebula.org</a><br>
><br><br>