I´m trying to enable multi tenantcy by creating VDC´s and only give group admins access to it.
Created VDC: tenant1
Created tenant1-group and tenant1-admin user. Give full access and try to define available resources from vCenter (tenants are divived by datacenter → Cluster (Tenant1-CL1)
But I see no resources show, when I log on as tenant1-admin. What am I doing wrong ?
I have no control panel as show in the guides, is that because i´m testing with f community edition of the vOneCloud ?
Thanks
Versions of the related components and OS (frontend, hypervisors, VMs):
Question 1. Not sure what is going on, this might prove useful.
Question 2. It’s been a while since we dumped the control panel, which guide are you using? I suggest using only the official OpenNebula documentation.
Hi Tinova
so I will try to separate tentants with VDC´s and own users ?
Hopefully I can archive multi tenantcy that way, so all tenants gets their own “private” datacenter-> cluster-Network and storage setup, not viewable or accessble by anyone else but them selves and the oneadmin
Hi Peter, yes, that’s within the scope of OpenNebula capabilities. One thing you may want to remove is the default VDC that gives access to all resources by default.
Hi Tino
If I remove all default (including default VDC) wouldn’t that cut of my own global access with the oneadmin account or ?
I have been reading a lot in the documentation - and in my test setup I have created admin groups - and assigned the customer resources in the VDC creation. But I need a coupling between VDC´s and groups (if any) to make sure that IF I log in as a customer admin, then I would only see the resources assigned to that particular customer VDC
Can you exxplain - or direct me to the documentation that describes that in details ?
In short, how can I, separate each customer with VDC - and admin groups, so when they log in, they can only see own resources - and NOT other customer resources
Hopefully you get my point - otherwise please get back to me - and I will try to explain in more detail
THanks
oneadmin can always see and use all resources, removing default VDC avoid new users to have the same reach
I have been reading a lot in the documentation - and in my test setup I have created admin groups - and assigned the customer resources in the VDC creation. But I need a coupling between VDC´s and groups (if any) to make sure that IF I log in as a customer admin, then I would only see the resources assigned to that particular customer VDC
In short, how can I, separate each customer with VDC - and admin groups, so when they log in, they can only see own resources - and NOT other customer resources
this is the default mode on which OpenNebula operates, provided you delete the default VDC
Can you exxplain - or direct me to the documentation that describes that in details ?