Chapter 7.
35
Using Projects to Organize Users and
Resources
7.1. Overview of Projects
Projects are used to organize people and resources. CloudPlatform users within a single domain can
group themselves into project teams so they can collaborate and share virtual resources such as VMs,
snapshots, templates, data disks, and IP addresses. CloudPlatform tracks resource usage per project
as well as per user, so the usage can be billed to either a user account or a project. For example, a
private cloud within a software company might have all members of the QA department assigned to
one project, so the company can track the resources used in testing while the project members can
more easily isolate their efforts from other users of the same cloud
You can configure CloudPlatform to allow any user to create a new project, or you can restrict that
ability to just CloudPlatform administrators. Once you have created a project, you become that
project’s administrator, and you can add others within your domain to the project. CloudPlatform
can be set up either so that you can add people directly to a project, or so that you have to send an
invitation which the recipient must accept. Project members can view and manage all virtual resources
created by anyone in the project (for example, share VMs). A user can be a member of any number of
projects and can switch views in the CloudPlatform UI to show only project-related information, such
as project VMs, fellow project members, project-related alerts, and so on.
The project administrator can pass on the role to another project member. The project administrator
can also add more members, remove members from the project, set new resource limits (as long as
they are below the global defaults set by the CloudPlatform administrator), and delete the project.
When the administrator removes a member from the project, resources created by that user, such as
VM instances, remain with the project. This brings us to the subject of resource ownership and which
resources can be used by a project.
Resources created within a project are owned by the project, not by any particular CloudPlatform
account, and they can be used only within the project. A user who belongs to one or more projects
can still create resources outside of those projects, and those resources belong to the user’s account;
they will not be counted against the project’s usage or resource limits. You can create project-level
networks to isolate traffic within the project and provide network services such as port forwarding,
load balancing, VPN, and static NAT. A project can also make use of certain types of resources from
outside the project, if those resources are shared. For example, a shared network or public template is
available to any project in the domain. A project can get access to a private template if the template’s
owner will grant permission. A project can use any service offering or disk offering available in its
domain; however, you can not create private service and disk offerings at the project level..
7.2. Configuring Projects
Before CloudPlatform users start using projects, the CloudPlatform administrator must set up various
systems to support them, including membership invitations, limits on project resources, and controls
on who can create projects.
7.2.1. Setting Up Invitations
CloudPlatform can be set up either so that project administrators can add people directly to a project,
or so that it is necessary to send an invitation which the recipient must accept. The invitation can
be sent by email or through the user’s CloudPlatform account. If you want administrators to use
invitations to add members to projects, turn on and set up the invitations feature in CloudPlatform.