Hi all, We are considering a new simple approach on this use-case, and we'd like to hear your thoughts:
Resources could have two flags to let other users list/use them: - shared: users in the resource's group. - public: all users This would make it easier to share resources with everybody (there is no need to manage ACLs), and users could list "shared" objects. Regards. -- Carlos Martín, MSc Project Major Contributor OpenNebula - The Open Source Toolkit for Cloud Computing www.OpenNebula.org <http://www.opennebula.org/> | cmar...@opennebula.org 2011/8/29 Robert Parrott <parr...@seas.harvard.edu> > Hi Carlos, > > The workaround you describe will get us going, and we can "enumerate" > our temapltes and resources as needed for now. > > The multiple groups idea is most likely the _right_ approach, but for > the time being perhaps also could be added a "public" flag to listing, > which lists all objects which the user is entitled to see (in fact, at > first blush it seems that this is the correct default setting). > > Rob > > 2011/8/29 Carlos Martín Sánchez <cmar...@opennebula.org>: > > Hi Robert, > > > > You are right about the meaning of "public", its scope is the resource's > > group. > > Using ACLs, you can create a group (let's say "shared"), and allow > everybody > > to use and instantiate IMAGE and TEMPLATES in that group. > > > > $ onegroup create shared > > ID: 100 > > ACL_ID: 2 > > ACL_ID: 3 > > > > $ oneacl create "* IMAGE+TEMPLATE/@100 INFO+USE+INSTANTIATE" > > ID: 4 > > > > $ oneacl list > > ID USER RES_VHNIUTG RID OPE_CDUMIPpTW > > 0 @1 V-NI-T- * C-----p-- > > 1 @1 -H----- * --U------ > > 2 @100 V-NI-T- * C-----p-- > > 3 @100 -H----- * --U------ > > 4 * ---I-T- @100 --U-I--T- > > > > That will provide the scenario you described. > > However, there's no straight-forward way for regular users to list the > > resources in the "shared" group, as they can only list resources with the > > 'all', 'mine' or 'group' flag. > > > > You can grant users the right to list all resources (INFO_POOL) if > privacy > > is not a concern... or you could create some other way to let users know > the > > list of resources in the "shared" group, for instance creating a new > > Sunstone plug-in [1] > > > > > > Maybe we could use this thread to discuss how to integrate better this > > use-case in future versions. > > We already have a request for multiple groups [2], that's one of the ways > to > > address this issue. > > > > Regards, > > Carlos. > > > > [1] http://opennebula.org/documentation:rel3.0:sunstone_plugin_reference > > [2] http://dev.opennebula.org/issues/761 > > > > -- > > Carlos Martín, MSc > > Project Major Contributor > > OpenNebula - The Open Source Toolkit for Cloud Computing > > www.OpenNebula.org | cmar...@opennebula.org > > > > > > > > On Wed, Aug 24, 2011 at 10:40 PM, Robert Parrott < > parr...@seas.harvard.edu> > > wrote: > >> Hi Folks, > >> > >> Is there some way to make images or templates completely public? > >> > >> Currently, it looks like making an image or template "public" means > >> that anyone within your group can see and use that image or template. > >> It would be nice to also have the functionality where members of any > >> group can make use of a set of public images and templates as a > >> starting point for customizing their own VMs (i.e. "vanilla CentOS 6" > >> or Ubuntu 10.04 LTS"). > >> > >> Thanks, > >> Rob > >> > >> > >> -- > >> Robert E. Parrott, Ph.D. (Phys. '06) > >> Director, Academic Computing > >> Harvard University Sch. of Eng. and App. Sci. > >> Maxwell-Dworkin 211, > >> 33 Oxford St. > >> Cambridge, MA 02138 > >> (617)-496-1520 > >> _______________________________________________ > >> Users mailing list > >> Users@lists.opennebula.org > >> http://lists.opennebula.org/listinfo.cgi/users-opennebula.org > >> > > > > > > > > -- > Robert E. Parrott, Ph.D. (Phys. '06) > Director, Academic Computing > Harvard University Sch. of Eng. and App. Sci. > Maxwell-Dworkin 211, > 33 Oxford St. > Cambridge, MA 02138 > (617)-496-1520 >
_______________________________________________ Users mailing list Users@lists.opennebula.org http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
