Datastore, users and groups

Hello
I would like to restrict user to use specific Datastore. What i’m already did:

Created new group - test1
assigned user to this group
and assign DS1 to this group

after that - i logged under user and create VM - and vms created under default DS0

seems it’s because IMAGE having this:
Datastore DS0

I would like to restict user with DS access

Hi,

They way to grant access is using VDCs.
http://docs.opennebula.org/5.0/operation/users_groups_management/manage_vdcs.html

Remove the group from the default VDC, create a new VDC for your group, and then add that DS and other resources (hosts, vnets).

Hi, hmm each DS then should have VDC ? :frowning:
for example i would like provide to user select DS: sata,sas,ssd - seems i should create 3 VDC ?

You can add as many DS as you need to your VDC.

Yeap, I know it :slight_smile:
for example: I have VDC (Test) and add into this VDC - 3 DS (SATA,SSD,SAS)
when user will create VM on which DS it will be created ?

Hmm create VDC with SATA DS
logged under user -> DataStore - and shows only two DS: SATA and System, but VM anyway created on DataStore - which is default

I;m removed user from default group

That will depend on the scheduler, and your VM template ds_requirements and ds_rank[quote=“Alexey_Shalin, post:6, topic:2610, full:true”]
Hmm create VDC with SATA DS
logged under user -> DataStore - and shows only two DS: SATA and System, but VM anyway created on DataStore - which is default

I;m removed user from default group
[/quote]

Did you remove the new group from the default VDC?

Did you remove the new group from the default VDC?
Yes,

Ok… What i want for now. I’m writing module for IspSystem Billimgr5 … and I would like to give user choice : which DS he would like to use ?

I think VMs create on default DS , b/c IMAGE having this in properties:
Datastore cephds

Ok here is more info

onevdc show 101
VDC 101 INFORMATION
ID : 101
NAME : VDC_SATA

GROUPS
101

HOSTS
ZONE HOST
0 0
0 1
0 2

DATASTORES
ZONE DATASTORE
0 100
0 106

VNETS
ZONE VNET
0 0

VDC TEMPLATE

group 101

onegroup show 101
GROUP 101 INFORMATION
ID : 101
NAME : SATA

GROUP TEMPLATE
SUNSTONE=[
DEFAULT_VIEW=“user”,
GROUP_ADMIN_DEFAULT_VIEW=“groupadmin”,
GROUP_ADMIN_VIEWS=“groupadmin,cloud,admin,user”,
VIEWS=“cloud,user” ]

USER ID ADMIN
50
59

RESOURCE USAGE & QUOTAS

NUMBER OF VMS               MEMORY                  CPU     SYSTEM_DISK_SIZE
  2 /       -        2G /        -      2.00 /        -        0M /        -

NETWORK ID LEASES
0 2 / -

IMAGE ID          RUNNING VMS
       0         1 /        -
       1         1 /        -

user 59
oneuser show 59

USER 59 INFORMATION
ID : 59
NAME : pasha
GROUP : SATA
PASSWORD : 50205d58e67f05cd7c1850368d3b435141d675ad
AUTH_DRIVER : core
ENABLED : Yes

If i will login under this user - in DS i will see only 2 DS (and it’s OK)
but when i’m creating VM … it’s always creates on default DS :frowning: (which was defined in IMAGE)

I just want that VM creates on DS which listed under user

Hi

could you post the onevm show for the VM, I’m interested in the *_REQUIREMENTS section.

Also are the System datastores in more than one cluster? Just in case you are being hit by:

http://dev.opennebula.org/issues/4408

solved in 5.0.2

oneadmin@mcloud:~$ onevm show 45 | grep REQUIREMENTS
AUTOMATIC_DS_REQUIREMENTS="“CLUSTERS/ID” = 100"
AUTOMATIC_REQUIREMENTS="(CLUSTER_ID = 100) & !(PUBLIC_CLOUD = YES)"