ViPR 2.2 - Understanding Projects and Consistency Groups
Table of Contents
For an end-user to be able to use a storage provisioning service, the user must belong to the project that will own the provisioned resource.
At the UI, Tenant Administrators and Project Administrators are responsible for creating projects, using an access control list (ACL) to assign users to projects, and assigning permissions to projects. Projects also have the concept of a Project Owner, which conveys certain administrator rights to a user, and enables a Tenant Administrator to delegate administrator rights for a project to a Project Administrator.
The roles associated with a project and the privileges associated with those roles are listed in the table below.
Projects can have an associated quota which can be used to limit the total amount of provisioned storage that belongs to the project.
Thepage is accessible to Tenant Administrators and Project Administrators and displays the projects that they can perform administration on. For a Tenant Administrator this is a list of all projects in the tenant. For a Project Administrator this list contains the projects that the Project Administrator has created or has been assigned ownership of.
For provisioning end-users, thepage is NOT accessible. However, provisioning end-users MUST be assigned to at least 1 project by a Tenant or Project Administrator in order to be able to perform any provisioning operations, as all provisioned resources must belong to a project. Similarly, end-users can only view resources associated with projects to which they are assigned.
The use of ACLs with projects is described in Understanding Users, Roles, and ACLs.Back to Top
Before you begin
- You must be either a Tenant Administrator or a Project Administrator to be allowed to create projects.
- Projects created by a Tenant Administrator can only be administrated by a Project Administrator if the Project Administrator is the project owner.
- Projects created by a Project Administrator are visible to, and can be administrated by, a Tenant Administrator.
- Select .
- Select Add, to create a new project, or click the project name to edit the project.
- Enter the name of the project.
- In the
Owner field, enter the name of the project owner.
This is the AD/LDAP name of the user. If you do not enter a name, you will be the project owner.The project owner should be a Project Administrator. This provides a way of allowing a project created by a Tenant Administrator to be delegated to a Project Administrator.If you are a Tenant Administrator, projects that you own cannot be administrated by Project Administrator unless you make them the owner.If you assign project ownership to a provisioning user, the user will not be able to perform administration at the UI.
- You can associate a quota with the project to limit the amount of storage provision for the project.
- Check the Enable Quota box
- In the Quota field, enter the maximum amount of storage that you want to allow.
- To assign project permissions to other users, select
An ACL field is displayed allowing you enter a user or group name and assign a permission.
- Enter the name of a user or group and set the Type field to be consistent.
- Select the access permission for the user as either ALL or BACKUP.
ALL permission allows users to provision resources that belong to a project and to run services against resources owned by a project. BACKUP allows a user to view the resources belonging to a project and perform data protection operations.
- To add more users or groups, select
Add ACL again.
You can remove an ACL entry by clicking Remove.
- When you have added all ACL entries, click Save.
Thepage in the UI User mode lists the consistency groups that exist and enables consistency groups to be added or deleted.
Consistency groups are associated with projects, so provisioning users will only be allowed to assign volumes to consistency groups that belong to the same project as the volume.
To use consistency groups, the virtual pool associated with a volume must be configured for multi-volume consistency. Once a virtual pool has multi-volume consistency assigned, volumes created from that pool must always be associated with a consistency group.
Volumes in a consistency group must be treated as group. Once a snapshot of a consistency group is created, ViPR will not allow any more volumes to be added to the consistency group. If a user deletes a single volume from the consistency group, ViPR will first delete all the snapshots on the consistency group and then delete the specified volume.
Volumes associated with a consistency group must all belong to the same physical array. Hence, once a volume has been assigned to a consistency group, only volumes belonging to the same array can be added to the consistency group.Back to Top
Before you begin
This operation can be performed by a Tenant Administrator for any project or by a Project Administrator for owned projects.
You must know which project you intend to associate the consistency group with.
- Select .
- If you are the administrator for more than one tenant, select the tenant for which you want to assign the consistency group.
- From the Project drop-down, select the project that the consistency group will be associated with.
- Select Add.
- Enter a name for the consistency group.
- Select Save.