Public bug reported: We are using non-administrator to connect the vCenter when start compute service. In vCenter we defined a separate role (you can it in the attachment) for this account and allow it to only access the cluster that is used to provision VM and split with the management cluster.
I can use this user/password to login vCenter, but I hint the follow error when start the compute service. So I want to know what kinds of privleges should be assigned to this account. 2014-07-08 05:26:55.485 30556 WARNING nova.virt.vmwareapi.driver [req-35ad4408-f0d3-423a-a211-c7200ae8da3c None None] Session 527362cd-b3d2-0ba9-0be8-b7dd3200e9f1 is inactive! 2014-07-08 05:27:06.479 30556 ERROR suds.client [-] <?xml version="1.0" encoding="UTF-8"?> <SOAP-ENV:Envelope xmlns:ns0="urn:vim25" xmlns:ns1="http://schemas.xmlsoap.org/soap/envelope/"; xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/";> <ns1:Body> <ns0:TerminateSession> <ns0:_this type="SessionManager">SessionManager</ns0:_this> <ns0:sessionId>527362cd-b3d2-0ba9-0be8-b7dd3200e9f1</ns0:sessionId> </ns0:TerminateSession> </ns1:Body> </SOAP-ENV:Envelope> 2014-07-08 05:27:06.483 30556 DEBUG nova.virt.vmwareapi.driver [req-35ad4408-f0d3-423a-a211-c7200ae8da3c None None] Server raised fault: 'Permission to perform this operation was denied.' 2014-07-08 05:27:44.310 30556 TRACE nova.openstack.common.threadgroup File "/usr/lib/python2.6/site-packages/nova/virt/vmwareapi/error_util.py", line 123, in retrievepropertiesex_fault_checker 2014-07-08 05:27:44.310 30556 TRACE nova.openstack.common.threadgroup exc_msg_list)) 2014-07-08 05:27:44.310 30556 TRACE nova.openstack.common.threadgroup VimFaultException: Error(s) NotAuthenticated occurred in the call to RetrievePropertiesEx 2014-07-08 05:27:44.310 30556 TRACE nova.openstack.common.threadgroup ** Affects: nova Importance: Undecided Status: New -- You received this bug notification because you are a member of Yahoo! Engineering Team, which is subscribed to OpenStack Compute (nova). https://bugs.launchpad.net/bugs/1338881 Title: VMware: Unable to validate session when start nova compute service Status in OpenStack Compute (Nova): New Bug description: We are using non-administrator to connect the vCenter when start compute service. In vCenter we defined a separate role (you can it in the attachment) for this account and allow it to only access the cluster that is used to provision VM and split with the management cluster. I can use this user/password to login vCenter, but I hint the follow error when start the compute service. So I want to know what kinds of privleges should be assigned to this account. 2014-07-08 05:26:55.485 30556 WARNING nova.virt.vmwareapi.driver [req-35ad4408-f0d3-423a-a211-c7200ae8da3c None None] Session 527362cd-b3d2-0ba9-0be8-b7dd3200e9f1 is inactive! 2014-07-08 05:27:06.479 30556 ERROR suds.client [-] <?xml version="1.0" encoding="UTF-8"?> <SOAP-ENV:Envelope xmlns:ns0="urn:vim25" xmlns:ns1="http://schemas.xmlsoap.org/soap/envelope/"; xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/";> <ns1:Body> <ns0:TerminateSession> <ns0:_this type="SessionManager">SessionManager</ns0:_this> <ns0:sessionId>527362cd-b3d2-0ba9-0be8-b7dd3200e9f1</ns0:sessionId> </ns0:TerminateSession> </ns1:Body> </SOAP-ENV:Envelope> 2014-07-08 05:27:06.483 30556 DEBUG nova.virt.vmwareapi.driver [req-35ad4408-f0d3-423a-a211-c7200ae8da3c None None] Server raised fault: 'Permission to perform this operation was denied.' 2014-07-08 05:27:44.310 30556 TRACE nova.openstack.common.threadgroup File "/usr/lib/python2.6/site-packages/nova/virt/vmwareapi/error_util.py", line 123, in retrievepropertiesex_fault_checker 2014-07-08 05:27:44.310 30556 TRACE nova.openstack.common.threadgroup exc_msg_list)) 2014-07-08 05:27:44.310 30556 TRACE nova.openstack.common.threadgroup VimFaultException: Error(s) NotAuthenticated occurred in the call to RetrievePropertiesEx 2014-07-08 05:27:44.310 30556 TRACE nova.openstack.common.threadgroup To manage notifications about this bug go to: https://bugs.launchpad.net/nova/+bug/1338881/+subscriptions -- Mailing list: https://launchpad.net/~yahoo-eng-team Post to : yahoo-eng-team@lists.launchpad.net Unsubscribe : https://launchpad.net/~yahoo-eng-team More help : https://help.launchpad.net/ListHelp
