Document URL: https://docs.openshift.com/container-platform/4.5/virt/virtual_machines/importing_vms/virt-importing-rhv-vm.html Please add that only admin can run VM import. Running it by another user will fail, as detailed in: Bug 1871109 - Error messages when trying to do import while not having permissions for it are wrong Please also add the failures to the troubleshooting section. Other users can also get permitted by the admin, by adding them the correct required permissions.
Piotr/Moti, Would you please provide details on the permissions required to be granted, in order to be able to run VM import?
@Filip, please provide a list of permissions that you think would be needed.
I will take a look once I get some time to test the permissions.
Created attachment 1712701 [details] v2v-ui-permissions
I attached all the required permissions. Depending on the environment, following variables have to be set STORAGE_CLASS_CONFIG_MAP_NAMESPACE: one of 'openshift-cnv', 'openshift' V2V_VMWARE_CONFIG_MAP_NAMESPACE: one of 'openshift-cnv', 'kubevirt-hyperconverged' GOLDEN_IMAGES_NAMESPACE: 'openshift-cnv-base-images' (soon will change to openshift-kubevirt-base-images) USER_NAMESPACE example deployment: sed 's/USER_NAMESPACE/allowed-user-ns/g;s/STORAGE_CLASS_CONFIG_MAP_NAMESPACE/openshift/g;s/V2V_VMWARE_CONFIG_MAP_NAMESPACE/kubevirt-hyperconverged/g;s/GOLDEN_IMAGES_NAMESPACE/openshift-cnv-base-images/g' v2v/v2v-ui-permissions.yaml | oc apply -f -
should I also compile the list for the whole kubevirt plugin as well and create a 2nd doc bug? Then maybe we could link to that from the v2v and have only relevant v2v parts here - because the permissions list is quite extensive right now thoughts?
(In reply to Filip Krepinsky from comment #5) > I attached all the required permissions. Depending on the environment, > following variables have to be set > > STORAGE_CLASS_CONFIG_MAP_NAMESPACE: one of 'openshift-cnv', 'openshift' > V2V_VMWARE_CONFIG_MAP_NAMESPACE: one of 'openshift-cnv', > 'kubevirt-hyperconverged' > GOLDEN_IMAGES_NAMESPACE: 'openshift-cnv-base-images' (soon will change to > openshift-kubevirt-base-images) > USER_NAMESPACE > > > example deployment: > > sed > 's/USER_NAMESPACE/allowed-user-ns/g;s/STORAGE_CLASS_CONFIG_MAP_NAMESPACE/ > openshift/g;s/V2V_VMWARE_CONFIG_MAP_NAMESPACE/kubevirt-hyperconverged/g;s/ > GOLDEN_IMAGES_NAMESPACE/openshift-cnv-base-images/g' > v2v/v2v-ui-permissions.yaml | oc apply -f - Filip, Is this part of the doc bug?
These variables are expected to be filled in the yaml file I posted. This is just an example on how to fill them. You can do it manually or use the command according to your deployment. Although there should be only one set of values for each deployment in upstream/downstream
I am adding a procedure for granting permissions to a non-admin user. Just a comment -- "V2V_VMWARE_CONFIG_MAP_NAMESPACE" might look a little strange to a user who is importing a RHV VM.
the variables can be renamed to anything. Nevertheless the name of the config map is v2v-vmware
Changes merged.