[Users] Quota for VMs created from templates
Mitja Mihelič
mitja.mihelic at arnes.si
Fri Oct 4 12:14:10 UTC 2013
In addition to the described setup:
The user was also given a permission on the data center with the role
VmCreator.
The user is not listed as a consumer of TemplateQuota, but they have an
inherited role VmCreator in the permissions tab.
Could this permission be the reason the user can create and run VMs that
are associated with TemplateQuota?
Regards,
Mitja
--
Mitja Mihelič
ARNES, Tehnološki park 18, p.p. 7, SI-1001 Ljubljana, Slovenia
tel: +386 1 479 8877, fax: +386 1 479 88 78
On 10/03/2013 05:06 PM, Einav Cohen wrote:
> AFAIK, a user cannot create a VM that is associated with one (or more) quota objects on which he doesn't
> have consumer permissions.
> i.e. if the VM was created successfully by the user, and this VM is associated with TemplateQuota, and
> with the quota that has been created for the user (let's call it UserQuota), it means that the user has
> consumer permissions on both TemplateQuota and UserQuota.
> If the user doesn't have permissions on one of these Quota objects - the fact that the VM has been created
> successfully sounds like a bug to me.
>
> ----
> Thanks,
> Einav
>
> ----- Original Message -----
>> From: "Mitja Mihelič" <mitja.mihelic at arnes.si>
>> To: users at ovirt.org
>> Sent: Thursday, October 3, 2013 9:59:06 AM
>> Subject: [Users] Quota for VMs created from templates
>>
>> Hi!
>>
>> We are running engine version 3.3.0 on CentOS6 and we have come across a
>> problem, possibly a bug.
>> When a user creates a VM from a template, the template's quota is
>> assigned to the VM.
>>
>> Here is the setup:
>> - quota is set to Enforced on the data center
>> - quota is created for template purposes (TemplateQuota)
>> - a template is created from a sealed VM with TemplateQuota assigned to it
>> - quota is created for a user, the user is set as its consumer
>> - the user creates a VM from the mentioned template and leaves the quota
>> unchanged
>> - the created VM consumes the user's storage quota but does not consume
>> their memory and CPU quota
>>
>> This way a user can create and run an arbitrary number of VMs as long
>> they stay within their storage quota.
>> No errors are reported in the logs.
>>
>> Kind regards,
>> Mitja Mihelic
>>
>> --
>> --
>> Mitja Mihelič
>> ARNES, Tehnološki park 18, p.p. 7, SI-1001 Ljubljana, Slovenia
>> tel: +386 1 479 8877, fax: +386 1 479 88 78
>>
>>
>> _______________________________________________
>> Users mailing list
>> Users at ovirt.org
>> http://lists.ovirt.org/mailman/listinfo/users
>>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 1-system-dc-quota.png
Type: image/png
Size: 183639 bytes
Desc: not available
URL: <http://lists.ovirt.org/pipermail/users/attachments/20131004/035a1c15/attachment-0004.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 2-system-dc-permissions.png
Type: image/png
Size: 199547 bytes
Desc: not available
URL: <http://lists.ovirt.org/pipermail/users/attachments/20131004/035a1c15/attachment-0005.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 3-dc-quota-consumers.png
Type: image/png
Size: 189082 bytes
Desc: not available
URL: <http://lists.ovirt.org/pipermail/users/attachments/20131004/035a1c15/attachment-0006.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 4-dc-quota-permissions.png
Type: image/png
Size: 214361 bytes
Desc: not available
URL: <http://lists.ovirt.org/pipermail/users/attachments/20131004/035a1c15/attachment-0007.png>
More information about the Users
mailing list