Questions about foreman - ovirt integration

Support
1

Hi,

After running the forman and ovirt seperately for a while now, I'm now
trying to integrate them some more so users can deploy their ovirt VM's
through the Foreman.

Currently I'm running into some obstacles on Foreman 1.9 (Katello 2.3)
and oVirt 3.5:

When I try to add a new host with the oVirt provider selected, I
cannot save the host


            Unable to save

  # Failed to create a compute engineen (oVirt) instance
    test.netbulae.test: Cannot add Interface. There is no VM network
    interface profile for the network the user can use. - Please use
    a VM network interface profile instead of a network name.

For the primary interface, I can only select the ovirt management or
storage interface. These are not VM networks as we can't mix tagged
and non-tagged vlan's in oVirt currently. So there is no VM network
interface profile for this.
There are VM networks defined on VLAN's (like vmmanagement,
testcustomer1, etc.), but I'm unable to choose any of these.

Second question is about Quota enforcement, we have quota set for
all users. How does foreman enforce these quota? Also how do
permissions for the user get set on the VM? I cannot test this as I
cannot create a new host but I have seen nothing so far that ties
the host permissions created in the foreman to the permissions on
the VM. Also there is no information in the Foreman about the ovirt
quota as far as I can see.

Third question, as most of our users have their own virtual network
in a VLAN, they are able to have overlapping ip ranges. How do I
configure foreman to have every user to have it's own 10.0.0.*
address pool? Currently the subnet ip pool is shared I believe.

Met vriendelijke groet, With kind regards,

Jorick Astrego

Netbulae Virtualization Experts

··· ---------------- 
Tel: 053 20 30 270 	info@netbulae.eu 	Staalsteden 4-3A 	KvK 08198180
Fax: 053 20 30 271 	www.netbulae.eu 	7547 TA Enschede 	BTW NL821234584B01
2

answers inline

> Hi,
>
> After running the forman and ovirt seperately for a while now, I'm now
> trying to integrate them some more so users can deploy their ovirt VM's
> through the Foreman.
>
> Currently I'm running into some obstacles on Foreman 1.9 (Katello 2.3) and
> oVirt 3.5:
>
> When I try to add a new host with the oVirt provider selected, I cannot
> save the host
>
> Unable to save
> - Failed to create a compute engineen (oVirt) instance
> test.netbulae.test: Cannot add Interface. There is no VM network interface
> profile for the network the user can use. - Please use a VM network
> interface profile instead of a network name.
>
> do you have a subnet in foreman representing your ovirt networks?

> For the primary interface, I can only select the ovirt management or
> storage interface. These are not VM networks as we can't mix tagged and
> non-tagged vlan's in oVirt currently. So there is no VM network interface
> profile for this.
> There are VM networks defined on VLAN's (like vmmanagement, testcustomer1,
> etc.), but I'm unable to choose any of these.
>
> Second question is about Quota enforcement, we have quota set for all
> users. How does foreman enforce these quota? Also how do permissions for
> the user get set on the VM? I cannot test this as I cannot create a new
> host but I have seen nothing so far that ties the host permissions created
> in the foreman to the permissions on the VM. Also there is no information
> in the Foreman about the ovirt quota as far as I can see.
>
> there is a quota option per compute resource, if you have many ovirt
users, you might end up creating multiple compute resources with differernt
user / or quota.

>
> Third question, as most of our users have their own virtual network in a
> VLAN, they are able to have overlapping ip ranges. How do I configure
> foreman to have every user to have it's own 10.0.0.* address pool?
> Currently the subnet ip pool is shared I believe.
>
> this has been relaxed recently [1], you most likely can patch your local
foreman (it would be part of 1.10).

Ohad

[1] Feature #11250: Remove uniqueness check from network address validator in subnet.rb - Foreman

··· On Tue, Aug 25, 2015 at 12:27 PM, Jorick Astrego wrote:

Met vriendelijke groet, With kind regards,

Jorick Astrego

*Netbulae Virtualization Experts *

Tel: 053 20 30 270 info@netbulae.eu Staalsteden 4-3A KvK 08198180 Fax:
053 20 30 271 www.netbulae.eu 7547 TA Enschede BTW NL821234584B01


You received this message because you are subscribed to the Google Groups
"Foreman users" group.
To unsubscribe from this group and stop receiving emails from it, send an
email to foreman-users+unsubscribe@googlegroups.com.
To post to this group, send email to foreman-users@googlegroups.com.
Visit this group at http://groups.google.com/group/foreman-users.
For more options, visit https://groups.google.com/d/optout.

3

> answers inline
>
>
> Hi,
>
> After running the forman and ovirt seperately for a while now, I'm
> now trying to integrate them some more so users can deploy their
> ovirt VM's through the Foreman.
>
> Currently I'm running into some obstacles on Foreman 1.9 (Katello
> 2.3) and oVirt 3.5:
>
> When I try to add a new host with the oVirt provider selected,
> I cannot save the host
>
>
> Unable to save
>
> # Failed to create a compute engineen (oVirt) instance
> test.netbulae.test: Cannot add Interface. There is no VM
> network interface profile for the network the user can
> use. - Please use a VM network interface profile instead
> of a network name.
>
> do you have a subnet in foreman representing your ovirt networks?

Yes there is subnet for ovirt management (no VM network) and several for
the VM/VLAN networks. I think the problem is that the ovirtmgmt is not a
VM network, so it has no vnic_profile. Maybe this messes up being able
to select any of the other networks?

> For the primary interface, I can only select the ovirt
> management or storage interface. These are not VM networks as
> we can't mix tagged and non-tagged vlan's in oVirt currently.
> So there is no VM network interface profile for this.
> There are VM networks defined on VLAN's (like vmmanagement,
> testcustomer1, etc.), but I'm unable to choose any of these.
>
> Second question is about Quota enforcement, we have quota set
> for all users. How does foreman enforce these quota? Also how
> do permissions for the user get set on the VM? I cannot test
> this as I cannot create a new host but I have seen nothing so
> far that ties the host permissions created in the foreman to
> the permissions on the VM. Also there is no information in the
> Foreman about the ovirt quota as far as I can see.
>
> there is a quota option per compute resource, if you have many ovirt
> users, you might end up creating multiple compute resources with
> differernt user / or quota.

Ah yes, I forgot about that. There had been a bug that forced me to use
admin@internal.

This wil work as it appears to be fixed now.

>
> Third question, as most of our users have their own virtual
> network in a VLAN, they are able to have overlapping ip
> ranges. How do I configure foreman to have every user to have
> it's own 10.0.0.* address pool? Currently the subnet ip pool
> is shared I believe.
>
> this has been relaxed recently [1], you most likely can patch your
> local foreman (it would be part of 1.10).
>
> Ohad
>
> [1] Feature #11250: Remove uniqueness check from network address validator in subnet.rb - Foreman
>
Ok, thanks!

Met vriendelijke groet, With kind regards,

Jorick Astrego

Netbulae Virtualization Experts

··· On 08/25/2015 12:19 PM, Ohad Levy wrote: > On Tue, Aug 25, 2015 at 12:27 PM, Jorick Astrego > <j.astrego@netbulae.eu > wrote: 
Tel: 053 20 30 270 	info@netbulae.eu 	Staalsteden 4-3A 	KvK 08198180
Fax: 053 20 30 271 	www.netbulae.eu 	7547 TA Enschede 	BTW NL821234584B01