search

nuber-io / nuber

Virtualization management software
https://www.nuber.io
GNU Affero General Public License v3.0
29 stars 5 forks source link

LXD Projects and Nuber #28

Closed vosdev closed 2 years ago

vosdev commented 2 years ago

Hey hello,

I utilize LXD projects to separate my instances into 5 different groups, for example:

~
root @ epyc # lxc project ls
+------------------+--------+----------+-----------------+----------+---------------------+---------+
|       NAME       | IMAGES | PROFILES | STORAGE VOLUMES | NETWORKS |     DESCRIPTION     | USED BY |
+------------------+--------+----------+-----------------+----------+---------------------+---------+
| cloudnative      | YES    | YES      | YES             | NO       |                     | 18      |
+------------------+--------+----------+-----------------+----------+---------------------+---------+
| default          | YES    | YES      | YES             | YES      | Default LXD project | 6       |
+------------------+--------+----------+-----------------+----------+---------------------+---------+
| legacy (current) | NO     | NO       | NO              | NO       |                     | 11      |
+------------------+--------+----------+-----------------+----------+---------------------+---------+

How can I switch between projects in the nuber web interface? I do not use the default profile except for my profiles so without the ability to switch projects..

vosdev commented 2 years ago

Thinking in solutions instead of problems I wanted to try and add a new host through a generated token restricted to a single project:

lxc config trust add --name nuber/legacy --projects legacy

But nuber only supports authentication through the core trust password?

jamielsharief commented 2 years ago

The project feature is not or planned to be added in Nuber. I had wanted to implement a tag based solution, which would be similar.

jamielsharief commented 2 years ago

When you add a host there is option at the bottom for the certificate. Either way, the instructions also says after you add the host to remove the password, its only needed once to process the certificate.

jamielsharief commented 2 years ago

The host password is only required for the initial adding the host, after that , it is not used. You can remove once you have connected to the server.

vosdev commented 2 years ago

If you add support for adding a host through a token you do not have to build this complex feature but rather have the users "switch host" and authenticate to the LXD API using the certificate that is restricted to project XYZ

root @ epyc # lxc config trust add --projects legacy
Please provide client name: nuber/legacy
Client nuber/legacy certificate add token:
eyJjbGllbnRfbmFtZSI6Im51YmVyL2xlZ2FjeSIsImZpbmdlcnByaW50IjoiOGNjZTAwNjIxZDFjZmQxNGNjZmFkNjcyNjE4MzQzOWM2YzdhYjEzMTVm.NkOSIsImFkZHJlc3NlcyI6WyIxOTIuMTY4LjE3OC41Ojg0NDMiLCIxOTIuMTY4LjE3OC43...

When you add a host there is option at the bottom for the certificate. Either way, the instructions also says after you add the host to remove the password, its only needed once to process the certificate.

I do not have that option. I put the certificate token into the password field but I run into the error that the IP address is already added.

image

jamielsharief commented 2 years ago

Nuber was never created to offer a web UI to the whole lxd API. It was created as an easy to use virtualization platform which uses lxd (some of features) under the hood.

jamielsharief commented 2 years ago

On the add host screen above there is a link at the bottom which says host configuration options , if you click that you can download the certificate, and then add that manually to your server. The password is just used to intially transfer that over. The only way I can I see you using multiple hosts with same ipadress is adding entry to the hosts file,so each host has a different address.