openstack-manuals

VMware vSphere in OpenStack Configuration Reference - icehouse: VMware: Need 'Validate session' privilege in the required minimum permissions

Bug #1339440 reported by David Geng on 2014-07-09

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	openstack-manuals	Fix Released	Undecided	Radoslav Gerganov

Bug Description

When using non-administrator account to connect to vCenter, we also need give the 'Validate session' privilege under the 'Sessions' object in vCenter

Otherwise we will hint the below error when start the nova compute service:

<SOAP-ENV:Envelope xmlns:ns0="urn:vim25" xmlns:ns1="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/">
   <ns1:Body>
      <ns0:TerminateSession>
         <ns0:_this type="SessionManager">SessionManager</ns0:_this>
         <ns0:sessionId>52c51b92-776a-3b3a-736d-5a341850e2a9</ns0:sessionId>
      </ns0:TerminateSession>
   </ns1:Body>
</SOAP-ENV:Envelope>
2014-07-07 16:04:34.049 7390 DEBUG nova.virt.vmwareapi.driver [req-7563f6b2-d9c7-4165-9898-d8813e271015 None None] Server raised fault: 'Permission to perform this operation was denied.' _create_session /usr/lib/python2.6/site-packages/nova/virt/vmwareapi/driver.py

Radoslav Gerganov (rgerganov) on 2014-07-09

Changed in openstack-manuals:
assignee:	nobody → Radoslav Gerganov (rgerganov)

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2014-07-09: Fix proposed to openstack-manuals (master)

Fix proposed to branch: master
Review: https://review.openstack.org/105704

Changed in openstack-manuals:
status:	New → In Progress

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2014-07-11: Fix merged to openstack-manuals (master)

Reviewed: https://review.openstack.org/105704
Committed: https://git.openstack.org/cgit/openstack/openstack-manuals/commit/?id=0252a71d5ae6d436326677b4ce3e3b9663210732
Submitter: Jenkins
Branch: master

commit 0252a71d5ae6d436326677b4ce3e3b9663210732
Author: Radoslav Gerganov <email address hidden>
Date: Wed Jul 9 14:10:36 2014 +0300

Add required permission for the vCenter service account

    The VMware compute driver needs 'Sessions/Validate session' permission
    in order to check if a given session is active. This patch adds this to
    the permissions table.

Change-Id: Ice8d2b4a02a6c92253332f39d412119e6be7dde9
Closes-Bug: #1339440

Changed in openstack-manuals:
status:	In Progress → Fix Released

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2017-03-24: Fix included in openstack/openstack-manuals 15.0.0

This issue was fixed in the openstack/openstack-manuals 15.0.0 release.

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.