Re: [one-users] Is it OK for VM migration between two physical hosts when the home folders of these two hosts are different?

[Carlos Martín Sánchez]

Hi,

The first thing you should do is take a look at the logs [1].

Regards

[1] http://opennebula.org/documentation:rel4.2:log_debug

--
Carlos Martín, MSc
Project Engineer
OpenNebula - Flexible Enterprise Cloud Made Simple
www.OpenNebula.org | cmar...@opennebula.org |
@OpenNebula


On Wed, Nov 27, 2013 at 5:42 AM, Qiubo Su (David Su) wrote:

> Dear OpenNebula Community,
>
> Thanks for your help.
>
> If it is failed when start a VM, how to debug to sort out the cause for
> the error?
>
> Thanks,
> Q.S.
>
>
> On Tue, Nov 26, 2013 at 11:56 PM, Carlos Martín Sánchez <
> cmar...@opennebula.org> wrote:
>
>> Hi,
>>
>> The oneadmin home is not relevant, what is required is that the
>> datastores are mounted in the same location [1]. DATASTORE_LOCATION is
>> defined in oned.conf, and by default it is /var/lib/one/datastores.
>>
>> Regards
>>
>> [1]
>> http://opennebula.org/documentation:rel4.2:system_ds#using_the_shared_transfer_driver
>>
>> --
>> Carlos Martín, MSc
>> Project Engineer
>> OpenNebula - Flexible Enterprise Cloud Made Simple
>> www.OpenNebula.org | cmar...@opennebula.org | 
>> @OpenNebula
>>
>>
>> On Tue, Nov 19, 2013 at 11:51 AM, Qiubo Su (David Su) 
>> wrote:
>>
>>> Dear OpenNebula Community,
>>>
>>> For VM migration between two physical host machines HostA (with IP
>>> 192.168.1.97) and HostB (with IP 192.168.1.98).
>>>
>>> 1) in HostA, create a user "oneadmin", add user to group "oneadmin" and
>>> have /home/var/lib/one as home folder.
>>>
>>> edit /etc/exports as below:
>>>
>>> /home/var/lib/one
>>> 192.168.1.0/24(rw,sync,no_subtree_check,no_root_squash,anonuid=1,anongid=1)
>>>
>>> 2) in HostB, create a user "oneadmin", add user to group "oneadmin" and
>>> have /var/lib/one as home folder.
>>>
>>> edit /etc/fstab as below:
>>>
>>> 192.168.1.97:/home/var/lib/one /var/lib/one nfs defaults
>>> 0 0
>>>
>>> From above 1) and 2) can see that the home folders of HostA and HostB
>>> are different, is this setup OK for VM migration between HostA and HostB?
>>>
>>> Thanks kindly,
>>> Q.S.
>>>
>>>
>>> ___
>>> Users mailing list
>>> Users@lists.opennebula.org
>>> http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
>>>
>>>
>>
>
___
Users mailing list
Users@lists.opennebula.org
http://lists.opennebula.org/listinfo.cgi/users-opennebula.org

Re: [one-users] updating TEMPLATE from hooks with onevm update

[Carlos Martín Sánchez]

Hi,

On Tue, Nov 26, 2013 at 4:02 PM, Olivier Sallou 
 wrote:

>
> On 11/26/2013 03:04 PM, Simon Boulet wrote:
>
>
> Perhaps that's the real problem here... I'm not very familiar with
> context.sh script. Is the entire VM template available (including the
> USER_TEMPLATE) or only the CONTEXT section?
>
>
> user_template is not set by itelf in the vm context file, only the
> context. But in my context, I add variables that refer to USER_TEMPLATE
> (but it is right that there are not set in first place, only after hooks).
> So it seems that we can refer to USER_TEMPLATE var, but only if there are
> predefined, not added in a hook (template not regenerated/calculated).
>
> the best would be to have user_template vars added to the context.sh file
> in addition to the one in the vm template, AFTER the hooks.
>

True, you can get the whole VM (XML format encoded in base64) with the
pre-defined context attribute $TEMPLATE [1]. But that will be done the
moment the VM is created, before the on create hooks can update the
template.

We should change the behaviour and parse the context when the VM is
deployed, or at least the $TEMPLATE variable... A more generic approach
could be to add a synchronized hook before the VM is created, to allow to
edit it before it is parsed by oned.

Meanwhile, I think you have to options:
- Edit the VMs before they are sent to OpenNebula, in the ruby API [2][3]
- Edit the script that creates the cdrom iso [4] and insert your variables,
or the onevm show -x output. It will be located
in /var/lib/one/remotes/tm/shared/context

Regards

[1] http://opennebula.org/documentation:rel4.2:cong
[2]
http://opennebula.org/doc/4.2/oca/ruby/OpenNebula/Template.html#instantiate-instance_method
[3]
http://opennebula.org/doc/4.2/oca/ruby/OpenNebula/VirtualMachine.html#allocate-instance_method
[4] https://github.com/OpenNebula/one/blob/master/src/tm_mad/common/context
--
Carlos Martín, MSc
Project Engineer
OpenNebula - Flexible Enterprise Cloud Made Simple
www.OpenNebula.org  | cmar...@opennebula.org |
@OpenNebula  


On Tue, Nov 26, 2013 at 4:02 PM, Olivier Sallou wrote:

>
> On 11/26/2013 03:04 PM, Simon Boulet wrote:
>
> Bonjour Olivier,
>
>  I think there are two issues in your question.
>
>  On Tue, Nov 26, 2013 at 5:55 AM, Olivier Sallou 
> wrote:
>
>>
>> On 11/26/2013 11:51 AM, Olivier Sallou wrote:
>>
>>
>> On 11/26/2013 11:14 AM, Carlos Martín Sánchez wrote:
>>
>>  stored in VM/USER_TEMPLATE. You can see this with the onevm show -x
>> command. The onevm update action only allows to edit the USER_TEMPLATE
>> attributes, and as you described, the create hook is triggered after the VM
>> has been correctly created.
>>
>>
>  First, yes, you can use the VM CREATE hooks to inject or change the
> USER_TEMPLATE attributes by issuing the onevm update action. To prevent VMs
> from being deployed before the hooks has run, you can set VM_SUBMIT_ON_HOLD
> = "YES", and have your hook do a onevm release at the end of its execution
> for the scheduler to pick and deploy the VM. This will make sure that when
> the VM is deployed, the template contains all the attributes you wanted.
>
>  You can also do some extra sanitization / filtering and not allow the VM
> to be deployed if contains some missing attributes, etc. by not calling the
> onevm release at the end.
>
>  This works very well for us. In fact, we do some heavy stuff in the
> hooks, such as attaching additional IP addresses, attaching or detaching
> disks, etc. dynamically according to external sources, such as the
> OpenNebula user template (but also external databases, CRM, etc.)
>
> My hook job is ok regarding vm user_template  update, I tried with and
> without VM_SUBMIT_ON_HOLD (thanks for the hint), but I have the same issue,
> my user_template variables are not set in the context.sh file.
>
>
>
>>   What I expect is to get my USER_TEMPLATE in the context.sh mounted in
>> my VM.
>>
>> A basic use case is to generate a unique password for a web application
>> running in the VM. I'd like to generate the passsword with a hook and send
>> the password to the user by mail (until here, this is fine). The generated
>> password is also in the VM context/template so that it appears in the
>> context.sh of the VM. At startup, a specific init script read the VM
>> contextualization and init the web application with the password provided.
>>
>>  The above example could be managed directly in the VM, without specific
>> contextualization, but there are cases where some variables could be user
>> dependent, so those variables would need to be set dynamically on
>> opennebula server side.
>>
>>
>
>  Perhaps that's the real problem here... I'm not very familiar with
> context.sh script. Is the entire VM template available (including the
> USER_TEMPLATE) or only the CONTEXT section?
>
>
> user_template is not set by itelf in the vm context file, only the
> context. But in my context, I add variables that

[one-users] Controlling KVM VMs from network

[Daniel Dehennin]

Hello,

We are trying to build an automated integration test environment and are
facing one issue: controlling KVM VMs.

Looking around, we saw that jenkins.debian.net use “vncdo” to send keys
to automated their qemu based tests[1].

Another solution could be the use of the Qemu Machine Protocol[2].

Is is possible do control VMs in this way with ONE?

Regards.

Footnotes: 
[1]  
http://anonscm.debian.org/gitweb/?p=users/holger/jenkins.debian.net.git;a=blob;f=bin/g-i-installation.sh;hb=HEAD

[2]  http://wiki.qemu.org/QMP

-- 
Daniel Dehennin
Récupérer ma clef GPG:
gpg --keyserver pgp.mit.edu --recv-keys 0x7A6FE2DF


pgpu74uJbCvHF.pgp
Description: PGP signature
___
Users mailing list
Users@lists.opennebula.org
http://lists.opennebula.org/listinfo.cgi/users-opennebula.org

[one-users] Unable to create template as user

[Stefan Kooman]

Hi,

Me again :). Correct me if I'm wrong, but as a "default user" (member of
group users) you should be able to create "templates", right? I'm unable to do
so. Even if I add an acl for this specific user I'm unable to create a
template. Well, I can start the "create template wizard" but when I
click "create" the wizard window disappears but no template is created.
No little feedback popup either in the rightback corner (sunstone). No errors
logged on oned.log. 

oneacl (11( for this user (9):

ID USER RES_VHNIUTGDCO   RID OPE_UMAC
0   @1 V-NI-T * ---c
1   @1 -H * -m--
2* -O * ---c
11   #9 -T * umac

Testing this on 4.3.90

Gr. Stefan


-- 
| BIT BV  http://www.bit.nl/Kamer van Koophandel 09090351
| GPG: 0xD14839C6   +31 318 648 688 / i...@bit.nl


signature.asc
Description: Digital signature
___
Users mailing list
Users@lists.opennebula.org
http://lists.opennebula.org/listinfo.cgi/users-opennebula.org

Re: [one-users] Unable to create template as user

[Daniel Molina]

Hi Stefan,


On 27 November 2013 13:29, Stefan Kooman  wrote:

> Hi,
>
> Me again :). Correct me if I'm wrong, but as a "default user" (member of
> group users) you should be able to create "templates", right? I'm unable
> to do
> so. Even if I add an acl for this specific user I'm unable to create a
> template. Well, I can start the "create template wizard" but when I
> click "create" the wizard window disappears but no template is created.
> No little feedback popup either in the rightback corner (sunstone). No
> errors
> logged on oned.log.
>
> oneacl (11( for this user (9):
>
> ID USER RES_VHNIUTGDCO   RID OPE_UMAC
> 0   @1 V-NI-T * ---c
> 1   @1 -H * -m--
> 2* -O * ---c
> 11   #9 -T * umac
>
> Testing this on 4.3.90
>

It was a bug, I fixed it a few minutes ago
http://dev.opennebula.org/projects/opennebula/repository/revisions/086504cc872036af2fa6ad31d76a6299d5df1601

Cheers


>
> Gr. Stefan
>
>
> --
> | BIT BV  http://www.bit.nl/Kamer van Koophandel 09090351
> | GPG: 0xD14839C6   +31 318 648 688 / i...@bit.nl
>
> -BEGIN PGP SIGNATURE-
> Version: GnuPG v1.4.10 (GNU/Linux)
>
> iF4EAREIAAYFAlKV5Z4ACgkQTyGgYdFIOcZdPgD8DZwKRKTHDzeVw+/RPb0t3afw
> D4PXzIRqMk0MZQ8OAEAA/0ipew2mNg6hxhQeEu6UsA8pK0yNPPMnZPX55SdDKCq5
> =qSLe
> -END PGP SIGNATURE-
>
> ___
> Users mailing list
> Users@lists.opennebula.org
> http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
>
>


-- 
--
Daniel Molina
Project Engineer
OpenNebula - Flexible Enterprise Cloud Made Simple
www.OpenNebula.org | dmol...@opennebula.org | @OpenNebula
___
Users mailing list
Users@lists.opennebula.org
http://lists.opennebula.org/listinfo.cgi/users-opennebula.org

[one-users] Member of oneadmin group unable to see user/groups

[Stefan Kooman]

Hi,

I made a priviliged user (member of oneadmin group) but this user is
unable to see users / groups / ACLs or any other resource that needs
more than default priviliges in sunstone. Testing this on 4.3.90. Can
someone re-produce this behaviour?

Gr. Stefan


-- 
| BIT BV  http://www.bit.nl/Kamer van Koophandel 09090351
| GPG: 0xD14839C6   +31 318 648 688 / i...@bit.nl


signature.asc
Description: Digital signature
___
Users mailing list
Users@lists.opennebula.org
http://lists.opennebula.org/listinfo.cgi/users-opennebula.org

Re: [one-users] VM in Opennebula for OpenVZ failed

[knawnd]

Hi Catalina,

please see my comments inline

Catalina Quinde wrote on 27/11/13 14:17:


2. Maybe you got incorrect template, try deploying it by "vzctl create" to 
see if it works

In the process of creating the template I copy debian.conf as VMdebianm64.conf
it was not necessary to do that. It should be enough just to specify a proper value in OSTEMPLATE 
opennebula VM template, e.g.

OSTEMPLATE="debian-7.0-x64"
In that case OpenVZ hypervisor should take into account 
/etc/vz/dists/debian.conf on the cloud node.


3. What procedure did you perform to get an image archive for OpenNebula 
out of the created VM?

When I created the VM in OpenVZ node I used this:
sudo wget http://download.openvz.org/contrib/template/precreated/debian-7.0-amd64-minimal.tar.gz, 
this archive is in /var/lib/vz/template/cache. then with command:

sudo vzctl create 101 --ostemplate debian-7.0-amd64-minimal, I created VM, I 
was in
/var/lib/vz/template/cache directory.

But in /etc/vz/dist/ directory is not present "debian-7.0-amd64-minimal" are 
present this:
alpine.confgentoo.conf slackware-9.1.conf
altlinux-2.4.confmandrake.conf slackware.conf
altlinux.confopensuse.confsles.conf
arch.confowl.confsuse-7.3.conf
centos.confredhat-7.0.conf suse-8.0.conf
debian-3.0.confredhat-7.1.conf suse-8.1.conf
debian-3.1.confredhat-7.2.conf suse-8.2.conf
debian.confredhat-7.3.confsuse.conf
defaultredhat.conf ubuntu-6.06.conf
distribution.conf-template  rhel.conf ubuntu.conf
fedora.confscientific.conf VMdebianm64.conf
fedora-core.confscripts
funtoo.confslackware-9.0.conf

Please perform the following steps as oneadmin user on front-end node:
1) $ wget http://download.openvz.org/contrib/template/precreated/debian-7.0-amd64-minimal.tar.gz -P 
/tmp/


2) $ oneimage create --name "debian-7.0-amd64-minimal" --path /tmp/debian-7.0-amd64-minimal.tar.gz 
--prefix sd --description "Debian 7.0 x64 minimal"


3) Create VM template similar to one below:

CPU="0.01"
DISK=[
  IMAGE_ID="6",
  SIZE="20480" ]
DISK=[
  SIZE="2048",
  TYPE="swap" ]
LOOKUP_HOSTNAME="true"
MEMORY="2048"
NIC=[
  NETWORK_ID="2" ]
OS=[
  ARCH="x86_64",
  BOOT="sd" ]
OSTEMPLATE="debian-7.0-x64"
RCLOCAL="rc.local"
VCPU="1"
VE_LAYOUT="ploop"

4)
$ onetemplate instantiate 

Please, report back on the result.

Regards,
Nikolay.




Regards,
Nikita



___
Users mailing list
Users@lists.opennebula.org
http://lists.opennebula.org/listinfo.cgi/users-opennebula.org

Re: [one-users] VM description/comment

[knawnd]

Daniel Molina wrote on 24/10/12 13:58:

On 24 October 2012 11:08, mailto:kna...@gmail.com>> wrote:

Daniel Molina wrote on 23/10/12 20:23:

On 23 October 2012 14:31, mailto:kna...@gmail.com>
>> wrote:

Dear Ruben,

first of all, sorry for delay with reply!
Please, see my comments inline.

Ruben S. Montero wrote on 19/10/12 00:34:

Hi Ricardo + Nikolay

You are right, one thing we have in our short roadmap is to add 
a generic metada
section
for VMs. This metadata could be updated using the *update* 
functionality currently
present
for other commands.

sounds encouraging! Is any information when such feature is planned 
to be implemented?


Just to give you the rationale behind not having this yet. As 
you probably know the VM
template is extended once the VM created with control data 
(e.g. DISK_ID's, specifric
LEASES, SOURCE for DISK...) for obvious reasons we do not want 
a user to modify this.

seems reasonable

So we will split this in two, one for the control data and 
other to be
used/modified by
the user.

For now, as Nikolay suggests this limit somehow part of the 
out-of-the-box
functionality
(e.g. adding DESCRIPTION in  a bulk submission), this 
functionality will need a custom
program using OCA. About parsing the out put of onevm show, 
note that you can
always get
the full pool information with onevm list -x  (TEMPLATE 
included) the onevm list
command
just parse and pick some of this info and present it in a 
tabular form...

Thanks a lot for detailed reply and explanations!


JFYI You can easily add new columns to the onevm list command. The 
following patch adds a
new DESCRIPTION column to the onevm list output:

https://gist.github.com/8f8499704cbee0e5db84

The onevm.yaml can be defined per user in $HOME/.one/onevm.yaml or 
globally in
/etc/one/cli/onevm.yaml


Dear OpenNebula developers,

It have been very convenient for me to have DESCRIPTION column in vm list but it seems that patch is 
absent in 4.2 release. I wonder if it is planned  to include such feature in mainstream code in 
future releases or it will be needed to apply that patch for every new release?


Best regards,
Nikolay.
___
Users mailing list
Users@lists.opennebula.org
http://lists.opennebula.org/listinfo.cgi/users-opennebula.org

Re: [one-users] Member of oneadmin group unable to see user/groups

[Daniel Molina]

Hi Stefan,


On 27 November 2013 14:03, Stefan Kooman  wrote:

> Hi,
>
> I made a priviliged user (member of oneadmin group) but this user is
> unable to see users / groups / ACLs or any other resource that needs
> more than default priviliges in sunstone. Testing this on 4.3.90. Can
> someone re-produce this behaviour?
>

Could you check this user is using the admin view, you can change the view
from the settings dialog clicking in the top right corner of sunstone.

If you didn't change the configuration in ''/etc/one/sunstone-views.yaml'',
users in the oneadmin group should be able to use any view:

groups:
oneadmin:
- admin
- vdcadmin
- user
- cloud

Cheers




>
> Gr. Stefan
>
>
> --
> | BIT BV  http://www.bit.nl/Kamer van Koophandel 09090351
> | GPG: 0xD14839C6   +31 318 648 688 / i...@bit.nl
>
> -BEGIN PGP SIGNATURE-
> Version: GnuPG v1.4.10 (GNU/Linux)
>
> iF4EAREIAAYFAlKV7YsACgkQTyGgYdFIOcbV3QD/ULgvLBuxD7tCxjFFyhoMbULu
> Nwee5xQObsJiGgoNYLkA/1xO4DojWVxe2oh2BRPFzVQPeSVbY2uII+isEkrOSJ4x
> =468h
> -END PGP SIGNATURE-
>
> ___
> Users mailing list
> Users@lists.opennebula.org
> http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
>
>


-- 
--
Daniel Molina
Project Engineer
OpenNebula - Flexible Enterprise Cloud Made Simple
www.OpenNebula.org | dmol...@opennebula.org | @OpenNebula
___
Users mailing list
Users@lists.opennebula.org
http://lists.opennebula.org/listinfo.cgi/users-opennebula.org

Re: [one-users] Member of oneadmin group unable to see user/groups

[Stefan Kooman]

Quoting Daniel Molina (dmol...@opennebula.org):
> Hi Stefan,
> 
> 
> On 27 November 2013 14:03, Stefan Kooman  wrote:
> 
> > Hi,
> >
> > I made a priviliged user (member of oneadmin group) but this user is
> > unable to see users / groups / ACLs or any other resource that needs
> > more than default priviliges in sunstone. Testing this on 4.3.90. Can
> > someone re-produce this behaviour?
> >
> 
> Could you check this user is using the admin view, you can change the view
> from the settings dialog clicking in the top right corner of sunstone.
> 
> If you didn't change the configuration in ''/etc/one/sunstone-views.yaml'',
> users in the oneadmin group should be able to use any view:
> 
> groups:
> oneadmin:
> - admin
> - vdcadmin
> - user
> - cloud
> 
> Cheers
If have pinpointed the issue and found a "workaround". It doesn't need
to be a "privileged" user. Any new user that has appropriate permissions
is _unable_ to see any resources. If, however, the user updates it's
config (settings -> update config) he _is_ able to see al the resources
all of the sudden. The difference between "before" and "after" this
change is the following:

The user has the following extra attributes:

DEFAULT_VIEW
LANG
TABLE_ORDER
VNC_WSS

What kind of magic happens when a user applies "update config"?

Gr. Stefan




-- 
| BIT BV  http://www.bit.nl/Kamer van Koophandel 09090351
| GPG: 0xD14839C6   +31 318 648 688 / i...@bit.nl


signature.asc
Description: Digital signature
___
Users mailing list
Users@lists.opennebula.org
http://lists.opennebula.org/listinfo.cgi/users-opennebula.org

Re: [one-users] Member of oneadmin group unable to see user/groups

[Daniel Molina]

On 27 November 2013 16:19, Stefan Kooman  wrote:

> Quoting Daniel Molina (dmol...@opennebula.org):
> > Hi Stefan,
> >
> >
> > On 27 November 2013 14:03, Stefan Kooman  wrote:
> >
> > > Hi,
> > >
> > > I made a priviliged user (member of oneadmin group) but this user is
> > > unable to see users / groups / ACLs or any other resource that needs
> > > more than default priviliges in sunstone. Testing this on 4.3.90. Can
> > > someone re-produce this behaviour?
> > >
> >
> > Could you check this user is using the admin view, you can change the
> view
> > from the settings dialog clicking in the top right corner of sunstone.
> >
> > If you didn't change the configuration in
> ''/etc/one/sunstone-views.yaml'',
> > users in the oneadmin group should be able to use any view:
> >
> > groups:
> > oneadmin:
> > - admin
> > - vdcadmin
> > - user
> > - cloud
> >
> > Cheers
> If have pinpointed the issue and found a "workaround". It doesn't need
> to be a "privileged" user. Any new user that has appropriate permissions
> is _unable_ to see any resources. If, however, the user updates it's
> config (settings -> update config) he _is_ able to see al the resources
> all of the sudden. The difference between "before" and "after" this
> change is the following:
>
> The user has the following extra attributes:
>
> DEFAULT_VIEW
> LANG
> TABLE_ORDER
> VNC_WSS
>
> What kind of magic happens when a user applies "update config"?
>

After updating the config this variable is populated based on the select
option:
session[:default_view] = user['TEMPLATE/DEFAULT_VIEW']

Otherwise the default_view is generated form the username and group:
session[:default_view] = $views_config.available_views(session[:user],
session[:user_gname]).first

And the available views will return the first view if there is any defined
for the user or group or the default one from
''/etc/one/sunstone-views.yaml'':
def available_views(user_name, group_name)
available_views = @views_config['users'][user_name] if
@views_config['users']
available_views ||= @views_config['groups'][group_name] if
@views_config['groups']
available_views ||= @views_config['default']

return available_views
end

Therefore, "update config" should not be required using the the default
config files

In this guide, it's explained how to change the views for each user/groups
http://opennebula.org/documentation:rel4.4:suns_views#configuring_access_to_the_views




>
> Gr. Stefan
>
>
>
>
> --
> | BIT BV  http://www.bit.nl/Kamer van Koophandel 09090351
> | GPG: 0xD14839C6   +31 318 648 688 / i...@bit.nl
>
> -BEGIN PGP SIGNATURE-
> Version: GnuPG v1.4.10 (GNU/Linux)
>
> iF4EAREIAAYFAlKWDWQACgkQTyGgYdFIOcZXHQEAwqwZVMm5d2YZtAKwYjJ+ezfs
> dXJjUS6IInmH4UGNC14A/0Hp0CPOHHR3MH/xY84Vjh0p0hvZXsdeuXZvXAmPBLye
> =gzne
> -END PGP SIGNATURE-
>
>


-- 
--
Daniel Molina
Project Engineer
OpenNebula - Flexible Enterprise Cloud Made Simple
www.OpenNebula.org | dmol...@opennebula.org | @OpenNebula
___
Users mailing list
Users@lists.opennebula.org
http://lists.opennebula.org/listinfo.cgi/users-opennebula.org

Re: [one-users] Member of oneadmin group unable to see user/groups

[Stefan Kooman]

Quoting Daniel Molina (dmol...@opennebula.org):
> > > Could you check this user is using the admin view, you can change the
> > view
> > > from the settings dialog clicking in the top right corner of sunstone.
> > >
> > > If you didn't change the configuration in
> > ''/etc/one/sunstone-views.yaml'',
> > > users in the oneadmin group should be able to use any view:
> > >
> > > groups:
> > > oneadmin:
> > > - admin
> > > - vdcadmin
> > > - user
> > > - cloud

I'm able to change the view as oneadmin user to the views "admin,
vdcadmin, user. cloud".
 
> After updating the config this variable is populated based on the select
> option:
> session[:default_view] = user['TEMPLATE/DEFAULT_VIEW']
> 
> Otherwise the default_view is generated form the username and group:
> session[:default_view] = $views_config.available_views(session[:user],
> session[:user_gname]).first
> 
> And the available views will return the first view if there is any defined
> for the user or group or the default one from
> ''/etc/one/sunstone-views.yaml'':
> def available_views(user_name, group_name)
> available_views = @views_config['users'][user_name] if
> @views_config['users']
> available_views ||= @views_config['groups'][group_name] if
> @views_config['groups']
> available_views ||= @views_config['default']
> 
> return available_views
> end
> 
> Therefore, "update config" should not be required using the the default
> config files

I've left those to the default (sunstone-views.yaml):

...
...
groups:
oneadmin:
- admin
- vdcadmin
- user
- cloud
default:
- user

The unprivileged user has only one view: user. But the "update config"
is required in order to see the resources. I'm using your latest
sunstone-util.js btw [1].

Gr. Stefan

[1]:
http://dev.opennebula.org/projects/opennebula/repository/revisions/086504cc872036af2fa6ad31d76a6299d5df1601

-- 
| BIT BV  http://www.bit.nl/Kamer van Koophandel 09090351
| GPG: 0xD14839C6   +31 318 648 688 / i...@bit.nl


signature.asc
Description: Digital signature
___
Users mailing list
Users@lists.opennebula.org
http://lists.opennebula.org/listinfo.cgi/users-opennebula.org

Re: [one-users] Member of oneadmin group unable to see user/groups

[Daniel Molina]

On 27 November 2013 16:54, Stefan Kooman  wrote:

> Quoting Daniel Molina (dmol...@opennebula.org):
> > > > Could you check this user is using the admin view, you can change the
> > > view
> > > > from the settings dialog clicking in the top right corner of
> sunstone.
> > > >
> > > > If you didn't change the configuration in
> > > ''/etc/one/sunstone-views.yaml'',
> > > > users in the oneadmin group should be able to use any view:
> > > >
> > > > groups:
> > > > oneadmin:
> > > > - admin
> > > > - vdcadmin
> > > > - user
> > > > - cloud
>
> I'm able to change the view as oneadmin user to the views "admin,
> vdcadmin, user. cloud".
>
> > After updating the config this variable is populated based on the select
> > option:
> > session[:default_view] = user['TEMPLATE/DEFAULT_VIEW']
> >
> > Otherwise the default_view is generated form the username and group:
> > session[:default_view] =
> $views_config.available_views(session[:user],
> > session[:user_gname]).first
> >
> > And the available views will return the first view if there is any
> defined
> > for the user or group or the default one from
> > ''/etc/one/sunstone-views.yaml'':
> > def available_views(user_name, group_name)
> > available_views = @views_config['users'][user_name] if
> > @views_config['users']
> > available_views ||= @views_config['groups'][group_name] if
> > @views_config['groups']
> > available_views ||= @views_config['default']
> >
> > return available_views
> > end
> >
> > Therefore, "update config" should not be required using the the default
> > config files
>
> I've left those to the default (sunstone-views.yaml):
>
> ...
> ...
> groups:
> oneadmin:
> - admin
> - vdcadmin
> - user
> - cloud
> default:
> - user
>
> The unprivileged user has only one view: user. But the "update config"
> is required in order to see the resources. I'm using your latest
> sunstone-util.js btw [1].
>
>
Any error in the browser console after logging as that user?



> Gr. Stefan
>
> [1]:
>
> http://dev.opennebula.org/projects/opennebula/repository/revisions/086504cc872036af2fa6ad31d76a6299d5df1601
>
> --
> | BIT BV  http://www.bit.nl/Kamer van Koophandel 09090351
> | GPG: 0xD14839C6   +31 318 648 688 / i...@bit.nl
>
> -BEGIN PGP SIGNATURE-
> Version: GnuPG v1.4.10 (GNU/Linux)
>
> iF4EAREIAAYFAlKWFcUACgkQTyGgYdFIOcZy0QEAoU0v7FsGaiPKqAm3vOfbRWCT
> FeP8E4ICDvZylFLpqYMBAIoxfUG2Rn+VsZnJAhNN+EmxeXRjZRWO/AdwQpG9mquJ
> =6nKx
> -END PGP SIGNATURE-
>
>


-- 
--
Daniel Molina
Project Engineer
OpenNebula - Flexible Enterprise Cloud Made Simple
www.OpenNebula.org | dmol...@opennebula.org | @OpenNebula
___
Users mailing list
Users@lists.opennebula.org
http://lists.opennebula.org/listinfo.cgi/users-opennebula.org

Re: [one-users] Member of oneadmin group unable to see user/groups

[Stefan Kooman]

Quoting Daniel Molina (dmol...@opennebula.org):
> Any error in the browser console after logging as that user?

Nope, I can click whatever I want but no errors are given, only empty
result sets, i.e. no resources.

Gr. Stefan

-- 
| BIT BV  http://www.bit.nl/Kamer van Koophandel 09090351
| GPG: 0xD14839C6   +31 318 648 688 / i...@bit.nl


signature.asc
Description: Digital signature
___
Users mailing list
Users@lists.opennebula.org
http://lists.opennebula.org/listinfo.cgi/users-opennebula.org

Re: [one-users] updating TEMPLATE from hooks with onevm update

[Olivier Sallou]

On 11/27/2013 01:05 PM, Carlos Martín Sánchez wrote:
> Hi,
>
> On Tue, Nov 26, 2013 at 4:02 PM, Olivier
> Sallou mailto:olivier.sal...@irisa.fr>> wrote:
>
>
> On 11/26/2013 03:04 PM, Simon Boulet wrote:
>>
>> Perhaps that's the real problem here... I'm not very familiar
>> with context.sh script. Is the entire VM template available
>> (including the USER_TEMPLATE) or only the CONTEXT section?
>
> user_template is not set by itelf in the vm context file, only the
> context. But in my context, I add variables that refer to
> USER_TEMPLATE (but it is right that there are not set in first
> place, only after hooks). So it seems that we can refer to
> USER_TEMPLATE var, but only if there are predefined, not added in
> a hook (template not regenerated/calculated).
>
> the best would be to have user_template vars added to the
> context.sh file in addition to the one in the vm template, AFTER
> the hooks.
>
>
> True, you can get the whole VM (XML format encoded in base64) with the
> pre-defined context attribute $TEMPLATE [1]. But that will be done the
> moment the VM is created, before the on create hooks can update the
> template.
>
> We should change the behaviour and parse the context when the VM is
> deployed, or at least the $TEMPLATE variable... A more generic
> approach could be to add a synchronized hook before the VM is created,
> to allow to edit it before it is parsed by oned.
I think that a hook before VM is created, providing the vm info (user,
vm id etc..) would be perfect. But could we get the vm id is VM is not
yet created ? (vmid is necessary to update its user template).

I can manage for the moment this issue, I manage some things directly in
the VM or via an external server requested by the VM at startup but it
would be easier and better to do this directly in OpenNebula via hooks
as suggested

Olivier
>
> Meanwhile, I think you have to options:
> - Edit the VMs before they are sent to OpenNebula, in the ruby API [2][3]
> - Edit the script that creates the cdrom iso [4] and insert your
> variables, or the onevm show -x output. It will be located
> in /var/lib/one/remotes/tm/shared/context
>
> Regards
>
> [1] http://opennebula.org/documentation:rel4.2:cong
> [2] 
> http://opennebula.org/doc/4.2/oca/ruby/OpenNebula/Template.html#instantiate-instance_method
> [3] 
> http://opennebula.org/doc/4.2/oca/ruby/OpenNebula/VirtualMachine.html#allocate-instance_method
> [4] https://github.com/OpenNebula/one/blob/master/src/tm_mad/common/context
> --
> Carlos Martín, MSc
> Project Engineer
> OpenNebula - Flexible Enterprise Cloud Made Simple
> www.OpenNebula.org
>  | cmar...@opennebula.org
>  | @OpenNebula
> 
>
>
> On Tue, Nov 26, 2013 at 4:02 PM, Olivier Sallou
> mailto:olivier.sal...@irisa.fr>> wrote:
>
>
> On 11/26/2013 03:04 PM, Simon Boulet wrote:
>> Bonjour Olivier,
>>
>> I think there are two issues in your question.
>>
>> On Tue, Nov 26, 2013 at 5:55 AM, Olivier Sallou
>> mailto:olivier.sal...@irisa.fr>> wrote:
>>
>>
>> On 11/26/2013 11:51 AM, Olivier Sallou wrote:
>>>
>>> On 11/26/2013 11:14 AM, Carlos Martín Sánchez wrote:
 stored in VM/USER_TEMPLATE. You can see this with the onevm
 show -x command. The onevm update action only allows to
 edit the USER_TEMPLATE attributes, and as you described,
 the create hook is triggered after the VM has been
 correctly created.

>>
>> First, yes, you can use the VM CREATE hooks to inject or change
>> the USER_TEMPLATE attributes by issuing the onevm update action.
>> To prevent VMs from being deployed before the hooks has run, you
>> can set VM_SUBMIT_ON_HOLD = "YES", and have your hook do a onevm
>> release at the end of its execution for the scheduler to pick and
>> deploy the VM. This will make sure that when the VM is deployed,
>> the template contains all the attributes you wanted.
>>
>> You can also do some extra sanitization / filtering and not allow
>> the VM to be deployed if contains some missing attributes, etc.
>> by not calling the onevm release at the end.
>>
>> This works very well for us. In fact, we do some heavy stuff in
>> the hooks, such as attaching additional IP addresses, attaching
>> or detaching disks, etc. dynamically according to external
>> sources, such as the OpenNebula user template (but also external
>> databases, CRM, etc.)
> My hook job is ok regarding vm user_template  update, I tried with
> and without VM_SUBMIT_ON_HOLD (thanks for the hint), but I have
> the same issue, my user_template variables are not set in the
> context.sh file.
>
>>  
>>
>>> What I expect is to get my USER_TEMPLATE in the context.sh
>>> mounted in my VM.
>>>
>>> A basic use case is to generate a unique passwo

Re: [one-users] Sunstone image upload not working - images not in tmpdir

[Stefan Kooman]

Quoting Daniel Molina (dmol...@opennebula.org):
 
> 
> Could you try exporting the $TMPDIR var before starting the passenger
> processes?
> 
> This is the code that generates the temp file (sunstone-server.rb):
> tmpfile = Tempfile.open('sunstone-upload')
> 
> by default, it uses Dir.tmpdir as temp dir and this method checks the env
> var TMPDIR.  This variable is defined in the sunstone-server script, but
> Apache do not use this script to start new server instances
> 
> You can also specify it as a parameter in the code:
> tmpfile = Tempfile.open('sunstone-upload', '/mnt/sunstone_upload')

Hmm, in opennebula 4.3.90 this isn't working anymore. I have the tmpfile
hardcoded in sunstone-server.rb.

I also tried exporting the TMPDIR in /etc/apache/envvars, /etc/bash.bashrc and 
in
the ruby script itself: 

ENV['TMPDIR'] = '/mnt/sunstone_upload (and in config.ru)

but without any effect. What changes have been made that defeat above
settings?

Thanks,

Stefan





-- 
| BIT BV  http://www.bit.nl/Kamer van Koophandel 09090351
| GPG: 0xD14839C6   +31 318 648 688 / i...@bit.nl


signature.asc
Description: Digital signature
___
Users mailing list
Users@lists.opennebula.org
http://lists.opennebula.org/listinfo.cgi/users-opennebula.org

[one-users] oneflow service names

[Shankhadeep Shome]

Is it possible to change the name of an oneflow service once it's deployed?
If not, I think it would be a nice feature, or at least have a way to
differentiate one instantiation from another. Right now the service name
stays the same, just the two IDs are different.
___
Users mailing list
Users@lists.opennebula.org
http://lists.opennebula.org/listinfo.cgi/users-opennebula.org