<div dir="ltr">I was thinking of adding an "IP reservation" feature that would mark IP as reserved for a given user. Then that user could have template that specifies which IP they want for each VM (when creating the VM / template). That would allow for VMs to be destroyed without the IP being returned to the available pool.<div>
<br></div><div style>- Create a global VNET with all your IP. </div><div style>- Mark IPs as reserved for a given user</div><div style>- User create template /launch VM with their IP, IP changes to "in use" by the VM.</div>
<div style>- When reserved IPs are released (by the user), they turn in "reserved" state for that user (instead of available for other users)</div><div style>- As the Admin, you can add (or remove) IP reservation if the user needs more IP</div>
<div style><br></div><div style>Would this solve your issue?</div><div style><br></div><div style>Simon</div></div><div class="gmail_extra"><br><br><div class="gmail_quote">On Wed, Feb 27, 2013 at 11:03 AM, Gary S. Cuozzo <span dir="ltr"><<a href="mailto:gary@isgsoftware.net" target="_blank">gary@isgsoftware.net</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div><div style="font-size:12pt;font-family:arial,helvetica,sans-serif">Thank you for the feedback.<br><br>It seems like with this approach, the users will get IP's assigned by ONE as they use IP's up to their quota. While the number of IP's they can use is important (quota), our use case is a bit different in that all public IP's are pre-assigned and static for any VM. The VM's are mostly web & email servers & other app servers. So they require properly configured forward & reverse DNS and generally don't change once they are established. We may allocate more IP's for a user to have, upon request, but they are always predetermined for each VM.<br>
<br>I thought by giving each user their own virtual network, I could control specifically which IP's their VM's could use and account for it globally in the "master" virtual network by putting a hold on them once they are assigned to a user's network.<br>
<br>I think as long as ONE doesn't care if the same IP could be part of 2 different virtual networks, this would work well for us. It would only be officially used by one network at any time.<br><br>Thanks again,<br>
gary<br><br><hr><div style="font-size:12pt;font-style:normal;font-family:Helvetica,Arial,sans-serif;text-decoration:none;font-weight:normal"><b>Sent: </b>Wednesday, February 27, 2013 5:48:55 AM<br><b>Subject: </b>Re: [one-users] question about best way to assign IP's to various users<div>
<div class="h5"><br><br>Hi,<div><br></div><div>Here is how I would do it:</div><div><br></div><div>Create a VNet as oneadmin, and grant your users permission to USE it. This can be done moving the vnet to the user's group (onevnet chgrp), changing the permissions (onevnet chmod), or using ACL rules (oneacl). See [1] for more information about all this.</div>
<div><br></div><div>Now you have a way to see which IPs are used, and by whom. To limit how many IPs can your users take from the vnet, set the NETWORK quota [2].</div><div><br></div><div>Note that you need to set the quota for each user or group individually, but the batchquota command will make this easier. In the upcoming 4.0 version you will be able to set the default quota, that will apply to everyone.</div>
<div><br></div><div>I hope this fits your scenario.</div><div>Regards</div><div><br></div><div>[1] <a href="http://opennebula.org/documentation:rel3.8:auth_overview" target="_blank">http://opennebula.org/documentation:rel3.8:auth_overview</a></div>
<div>[2] <a href="http://opennebula.org/documentation:rel3.8:quota_auth" target="_blank">http://opennebula.org/documentation:rel3.8:quota_auth</a><br clear="all"><div>--<br>Carlos Martín, MSc<br>Project Engineer<br>OpenNebula - The Open-source Solution for Data Center Virtualization<div>
<span style="border-collapse:collapse;color:rgb(136,136,136);font-family:arial,sans-serif;font-size:13px"><a href="http://www.OpenNebula.org" target="_blank">www.OpenNebula.org</a> | <a href="mailto:cmartin@opennebula.org" target="_blank">cmartin@opennebula.org</a> | <a href="http://twitter.com/opennebula" target="_blank">@OpenNebula</a></span><span style="border-collapse:collapse;color:rgb(136,136,136);font-family:arial,sans-serif;font-size:13px"><a href="mailto:cmartin@opennebula.org" style="color:rgb(42,93,176)" target="_blank"></a></span></div>
</div>
<br><br><div class="gmail_quote">On Wed, Feb 27, 2013 at 8:45 AM, Gary S. Cuozzo <span dir="ltr"><<a href="mailto:gary@isgsoftware.net" target="_blank">gary@isgsoftware.net</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div><div style="font-size:12pt;font-family:arial,helvetica,sans-serif">Hello users,<br>I am trying to figure out a good way to manage assignments IP addresses to various users. We have a /22 of public IP addresses and I want to be able to give various users access to their IP's that we've allocated. I would also like to be able to see a global view of IP's in use.<br>
<br>What I was thinking is to have a master network defined and use it to simply "hold" IP's as they are assigned so that it's easy to just click and see what's used. Then, I would create each user their own networks which have each IP they have been allowed to use. If I assign them additional IP's, I would add them to their specific network and then mark them as "hold" in the master.<br>
<br>I this method ok, or am I off base? Is there a better way to accomplish what I'm looking for?<br><br>Thanks for any ideas,<br>gary<br><br></div></div><br>_______________________________________________<br>
Users mailing list<br>
<a href="mailto:Users@lists.opennebula.org" target="_blank">Users@lists.opennebula.org</a><br>
<a href="http://lists.opennebula.org/listinfo.cgi/users-opennebula.org" target="_blank">http://lists.opennebula.org/listinfo.cgi/users-opennebula.org</a><br>
<br></blockquote></div><br></div>
</div></div></div><br></div></div><br>_______________________________________________<br>
Users mailing list<br>
<a href="mailto:Users@lists.opennebula.org">Users@lists.opennebula.org</a><br>
<a href="http://lists.opennebula.org/listinfo.cgi/users-opennebula.org" target="_blank">http://lists.opennebula.org/listinfo.cgi/users-opennebula.org</a><br>
<br></blockquote></div><br></div>