cloudstack-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Geoff Higginbottom <geoff.higginbot...@shapeblue.com>
Subject Re: Cloudstack 4 - Accounts Isolation in a Domain
Date Wed, 23 Jan 2013 13:40:14 GMT
Hi Asmita,

You are correct in your assessment.

If you do want to have VMs in different accounts communicating directly you can create a shared
network which is linked to the Domain. The Accounts would need to belong to the same Domain
for this to work.

Regards

Geoff Higginbottom
CTO / Cloud Architect

D: +44 20 3603 0542<tel:+442036030542> | S: +44 20 3603 0540<tel:+442036030540>|
M: +447968161581<tel:+447968161581>

geoff.higginbottom@shapeblue.com<mailto:geoff.higginbottom@shapeblue.com> |www.shapeblue.com
| Twitter:@shapeblue<https://twitter.com/#!/shapeblue>

ShapeBlue Ltd, 53 Chandos Place, Covent Garden, London, WC2N 4HS

Visit us on stand 291 at Cloud Expo Europe

On 23 Jan 2013, at 13:21, "Asmita Vagyani" <Asmita.Vagyani@sigma-systems.com<mailto:Asmita.Vagyani@sigma-systems.com>>
wrote:

Hi ,

I read in a blog : (Source - http://docs.cloudstack.org/index.php?title=CloudStack_Documentation/FAQ:_CloudStack/How_are_users%2C_accounts%2C_and_domains_handled_in_CloudStack%3F&action=source)
It says:

CloudStack platform users are assigned accounts.
An account is typically a customer of the service provider or a department in a large organization.
Accounts are the unit of isolation in the cloud. Accounts are grouped by domains.
Domains usually contain accounts that have some logical relationship to each other and a set
of delegated administrators with some authority over the domain and its subdomains.
For example, a service provider with several resellers could create a domain for each reseller.

My question is,

In a domain D1, I have two accounts A1 and A2 in D1.
Account A1 has a VM1 assigned and Account A2 has a VM2 assigned.
If the accounts are said to be in isolation ,then the VM1 used by account A1 and VM2  used
by account A2 will not be able to talk to each other?
Is my understanding correct?
Or is the communication between VM1 and VM2 possible since they in the same domain?
Please clarify.

Thanks and Regards.

Asmita Patil Vagyani.

-----Original Message-----
From: Nitin Mehta [mailto:Nitin.Mehta@citrix.com]
Sent: 22 January 2013 PM 03:57
To: cloudstack-users@incubator.apache.org<mailto:cloudstack-users@incubator.apache.org>;
Sailaja Mada
Subject: Re: Issue in Creating instance on Cloudstack 4

Key thing to understand is that the ownership of resources is tied to an account. Users are
mere synonyms for accessing the account resources. So any vm is also owned by an account and
not a user.
All the users of the account have visibility to the resources of the account.

Little more reading on
https://cwiki.apache.org/confluence/display/CLOUDSTACK/Accounts,+Domains,+a
nd+Admin+explained

On 22/01/13 3:49 PM, "Asmita Vagyani" <Asmita.Vagyani@sigma-systems.com<mailto:Asmita.Vagyani@sigma-systems.com>>
wrote:

Hi all,

I have a doubt.
The functionality of my application is :
There will be lots of companies approaching my application to create
VMs for its employees.

I have created one account for one company on CS4.
And the company can have many employees, so is my account having many
users added for each employee.
Is there any way in CS4 to associate a VM instance for a particular
user inside the same account?
I mean one account will have many VMs created, each VM assigned to a
unique user, basically 1:1 association betwn user:VM.

While creating a VM(deployVirtualMachine) I cannot pass the userId in
that to say only user with userId "**" can use this vm.
I can pass only the account with domain name, what does this indicate ,
what is the relation of vm with account?
Does that mean all users belonging to that account and domain can use
this vm.

Thanks and Regards.

Asmita Patil Vagyani.






ShapeBlue provides a range of strategic and technical consulting and implementation services
to help IT Service Providers and Enterprises to build a true IaaS compute cloud. ShapeBlue's
expertise, combined with CloudStack technology, allows IT Service Providers and Enterprises
to deliver true, utility based, IaaS to the customer or end-user.

________________________________

This email and any attachments to it may be confidential and are intended solely for the use
of the individual to whom it is addressed. Any views or opinions expressed are solely those
of the author and do not necessarily represent those of Shape Blue Ltd. If you are not the
intended recipient of this email, you must neither take any action based upon its contents,
nor copy or show it to anyone. Please contact the sender if you believe you have received
this email in error. Shape Blue Ltd is a company incorporated in England & Wales.

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message