[Engine-devel] Creating New Data-Center and Permission on Network

Livnat Peer lpeer at redhat.com
Sun Dec 16 09:51:15 UTC 2012


On 10/12/12 16:06, Moti Asayag wrote:
> Hi,
> 
> When creating a new data-center, a management network is created for it.
> By default the created management network is defined as VM network.
> 
> I'd like to consult from permissions perspective, what is the preferred
> permission settings for that network.
> 
> The network is defined as management network, therefore it is designed
> be used by VMs.

I think you meant that the management network is marked by default as a
VM network and therefor is available for usage within the VMs.

> However, the admin should grant permissions on that
> networks to the target users (which one might find tedious).
> 

I'm in favor of keeping this behavior, I think that by default the
management network should not be available to users unless explicitly a
permission was added by the admin.

> We can grant permission on that network to 'everyone' with role
> 'NetworkUser', but in case the admin doesn't meant this network to be
> used, the permission should be removed.
> 
> In 'Add Logical Network' dialog I've added a new checkbox to allow
> granting 'everyone' a role for using that network ('NetworkUser').
> We can embrace same method in 'Add Data-Center' dialog.
> 

That's an interesting option I'd wait with adding this until we get some
feedback from the users on the usage of network permissions.


> Thoughts ?
> 
> Thanks,
> Moti
> _______________________________________________
> Engine-devel mailing list
> Engine-devel at ovirt.org
> http://lists.ovirt.org/mailman/listinfo/engine-devel
> 




More information about the Engine-devel mailing list