Hi there,
I was running ONE 4.12.1 and had a vCenter 5.5 added for monitoring.
I just updated to ONE 4.14.2 and the vCenter instance created monitoring errors:
[Z0][InM][I]: Command execution fail: /var/lib/one/remotes/im/run_probes vcenter /var/lib/one//datastores 4124 20 21 Patna
[Z0][InM][I]: /usr/lib/one/ruby/vendors/rbvmomi/lib/rbvmomi/basic_types.rb:190:in `_get_property': NoPermission: (RbVmomi::Fault)
[Z0][InM][I]: from /usr/lib/one/ruby/vendors/rbvmomi/lib/rbvmomi/basic_types.rb:35:in `block (2 levels) in init'
[Z0][InM][I]: from /usr/lib/one/ruby/vcenter_driver.rb:779:in `monitor_customizations'
[Z0][InM][I]: from ./vcenter.rb:49:in `<main>'
[Z0][InM][E]: Error executing vcenter.rb
[Z0][InM][I]: ExitCode: 1
Any idea what could cause this? Does my vCenter user lack certain permissions which are required after the update?
I checked back with our vSphere admin. He says the user is not defined at the ESX level but at the cluster level instead. The user has all permissions, which are settable via the WebUI on the cluster level. He further states, that these settings “apply to the cluster and all subsequent items.” We currently do not have the ESX console activated.
So do we need to activate the console to set the needed permissions, or is there another way?
Well I’ve seen the UI, our admin showed me. There is the permission tab and all permissions were marked.
That’s the fullest admin we can setup via the vSphere UI for a cluster according to the administrator…
Just to clarify: We did exactly as stated in the latest stable documentation for OpenNebula 4.14.2:
"Define a vCenter user for OpenNebula. This vCenter user (let’s call her oneadmin) needs to have access to the ESX clusters that OpenNebula will manage. In order to avoid problems, the hassle free approach is to declare this oneadmin user as Administrator"
from: http://docs.opennebula.org/4.14/administration/virtualization/vcenterg.html
I double checked with the vCenter Administrator and showed him the documentation. He agrees with me, that this is precisely what we have.
[root@molokai vcenter.d]# ruby vcenter.rb x x x x 21
/usr/lib/one/ruby/vendors/rbvmomi/lib/rbvmomi/basic_types.rb:190:in _get_property': NoPermission: (RbVmomi::Fault) from /usr/lib/one/ruby/vendors/rbvmomi/lib/rbvmomi/basic_types.rb:35:in block (2 levels) in init’
from /usr/lib/one/ruby/vcenter_driver.rb:779:in monitor_customizations' from vcenter.rb:49:in ’
You were right. However we had to set the VirtualMachine.Provisioning.ReadCustSpecs permission on the highest possible hierarchy item, which in our case was “vCenter Server”. Our Hierarchy looks like this: