Quoting Carlos Martín Sánchez (cmar...@opennebula.org): > Hi Stefan, > > On Thu, Jan 30, 2014 at 7:52 AM, Stefan Kooman <ste...@bit.nl> wrote: > > > Hi, > > > > I was reading through Amazon EC2 prerequisites [1] which implies that > > there can be only one set of AWS credentials per opennebula cloud. Is > > that correct? This might not be a problem for a "private cloud" operated > > by only one organisation / company. For a public cloud that want's to > > leave room for 3rd party cloud bursting it is a problem. Ideally every > > user / group should be able to provide his/her own credentials while > > instantiating/creating a new vm. What is the reason to use a config file > > for this instead of having this info in a template? > > > > Gr. Stefan > > > > [1]: > > > > http://docs.opennebula.org/4.4/advanced_administration/cloud_bursting/ec2g.html#prerequisites > > > Actually you can define multiple ec2 accounts, see the Multi EC2 > Site/Region/Account section of that guide [1]. You can create a hybrid host > for each group, and then adjust the permissions so each one can only deploy > VMs in the host with the right credentials.
Ah, I see. Thanks for the pointer. > > We could come up with an ec2 driver that reads the credentials from the VM > template, although I'm not sure how difficult it would be to make it work > with the current code. Please open a feature request if the above multi > account feature does not solve your use case. Generally I would like to avoid having stuff hard coded in config files, except for global settings / defaults. If you would like to give (power)users the possibility to use cloud bursting it would make sense that they are able to configure that by themselves. Then again, I might be thinking the wrong way around. Instead of giving the posiblity to use a public cloud from within OpenNebula, one might as well create a virtual machine with OpenNebula installed just for that. And federate with the cloud it is running on to manage "local" vm's ... I've just read about "vDCs", "Resource Providers" and "Groups". With that functionality in mind, a public cloud might be a Resource Provider by itself and therefore be partitioned by the Group Admin. Multiple public clouds (Resource Providers) might be created this way, each one with different properties and credentials. One thing that is breaking this logic is that someone else than the "owner" (consumer that rents resources) has to configure the Resource (enter the credentials / keys), which doesn't make sense. Just thinking out loud here. I might have to sleep over it for a day. Gr. Stefan -- | BIT BV http://www.bit.nl/ Kamer van Koophandel 09090351 | GPG: 0xD14839C6 +31 318 648 688 / i...@bit.nl _______________________________________________ Users mailing list Users@lists.opennebula.org http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
