Bug 1872318
| Summary: | [v2v][Doc] VM import from RHV/VMware can be run only by Admin | ||||||
|---|---|---|---|---|---|---|---|
| Product: | Container Native Virtualization (CNV) | Reporter: | Ilanit Stein <istein> | ||||
| Component: | Documentation | Assignee: | Avital Pinnick <apinnick> | ||||
| Status: | CLOSED CURRENTRELEASE | QA Contact: | Ilanit Stein <istein> | ||||
| Severity: | high | Docs Contact: | |||||
| Priority: | high | ||||||
| Version: | 2.4.0 | CC: | bthurber, cnv-qe-bugs, fkrepins, jmatthew, masayag, mberube, pkliczew, tjelinek | ||||
| Target Milestone: | --- | ||||||
| Target Release: | 2.4.1 | ||||||
| Hardware: | Unspecified | ||||||
| OS: | Unspecified | ||||||
| Whiteboard: | |||||||
| Fixed In Version: | Doc Type: | If docs needed, set a value | |||||
| Doc Text: | Story Points: | --- | |||||
| Clone Of: | Environment: | ||||||
| Last Closed: | 2020-09-02 10:02:23 UTC | Type: | Bug | ||||
| Regression: | --- | Mount Type: | --- | ||||
| Documentation: | --- | CRM: | |||||
| Verified Versions: | Category: | --- | |||||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
| Cloudforms Team: | --- | Target Upstream Version: | |||||
| Embargoed: | |||||||
| Attachments: |
|
||||||
|
Description
Ilanit Stein
2020-08-25 13:45:52 UTC
Piotr/Moti, Would you please provide details on the permissions required to be granted, in order to be able to run VM import? @Filip, please provide a list of permissions that you think would be needed. I will take a look once I get some time to test the permissions. Created attachment 1712701 [details]
v2v-ui-permissions
I attached all the required permissions. Depending on the environment, following variables have to be set STORAGE_CLASS_CONFIG_MAP_NAMESPACE: one of 'openshift-cnv', 'openshift' V2V_VMWARE_CONFIG_MAP_NAMESPACE: one of 'openshift-cnv', 'kubevirt-hyperconverged' GOLDEN_IMAGES_NAMESPACE: 'openshift-cnv-base-images' (soon will change to openshift-kubevirt-base-images) USER_NAMESPACE example deployment: sed 's/USER_NAMESPACE/allowed-user-ns/g;s/STORAGE_CLASS_CONFIG_MAP_NAMESPACE/openshift/g;s/V2V_VMWARE_CONFIG_MAP_NAMESPACE/kubevirt-hyperconverged/g;s/GOLDEN_IMAGES_NAMESPACE/openshift-cnv-base-images/g' v2v/v2v-ui-permissions.yaml | oc apply -f - should I also compile the list for the whole kubevirt plugin as well and create a 2nd doc bug? Then maybe we could link to that from the v2v and have only relevant v2v parts here - because the permissions list is quite extensive right now thoughts? (In reply to Filip Krepinsky from comment #5) > I attached all the required permissions. Depending on the environment, > following variables have to be set > > STORAGE_CLASS_CONFIG_MAP_NAMESPACE: one of 'openshift-cnv', 'openshift' > V2V_VMWARE_CONFIG_MAP_NAMESPACE: one of 'openshift-cnv', > 'kubevirt-hyperconverged' > GOLDEN_IMAGES_NAMESPACE: 'openshift-cnv-base-images' (soon will change to > openshift-kubevirt-base-images) > USER_NAMESPACE > > > example deployment: > > sed > 's/USER_NAMESPACE/allowed-user-ns/g;s/STORAGE_CLASS_CONFIG_MAP_NAMESPACE/ > openshift/g;s/V2V_VMWARE_CONFIG_MAP_NAMESPACE/kubevirt-hyperconverged/g;s/ > GOLDEN_IMAGES_NAMESPACE/openshift-cnv-base-images/g' > v2v/v2v-ui-permissions.yaml | oc apply -f - Filip, Is this part of the doc bug? These variables are expected to be filled in the yaml file I posted. This is just an example on how to fill them. You can do it manually or use the command according to your deployment. Although there should be only one set of values for each deployment in upstream/downstream I am adding a procedure for granting permissions to a non-admin user. Just a comment -- "V2V_VMWARE_CONFIG_MAP_NAMESPACE" might look a little strange to a user who is importing a RHV VM. the variables can be renamed to anything. Nevertheless the name of the config map is v2v-vmware Changes merged. |