Re: [ovirt-users] Add host to oVirt: unprovisioned without using username/password in vdsm-tool

Hi Douglas, I think we discussed this in 2013 as well, thanks for catching up... you were mentioned on irc already by rgolan :) I needed the --check-fqdn false which fixed it. Very nice and thanks for the example :) Will check further what the possibilities are! Cheers, Matt 2017-01-30 16:46 GMT+01:00 Douglas Schilling Landgraf <dlandgra(a)redhat.com&gt;: > Hello Matt, > > On 01/30/2017 08:52 AM, Matt . wrote: >> >> In a puppetized environment it's just too easy to include a >> manifest/class that will use the ssh key for that manifest, I want to >> avoid that and control the acceptance from the GUI when a possible >> host is added to to engine but not capable to join the cluster yet. > > > I would suggest: > > # vdsm-tool register --engine-fqdn myengine.localdomain > > or without the check of fqdn: > > # vdsm-tool register --engine-fqdn IP_ADDRESS --check-fqdn false > > Later you might want to approve the host via GUI, SDK or REST API. > > A quick example of rest api: > https://github.com/dougsland/ovirt-restapi-scripts/commit/91dcb3fcd2cae65... > > > >> The idea how I used it was very plain and simple, the host exists in >> oVirt but was unprovisioned, you clicked install and there it went. If >> that would be possible again or is in some way I would like to know. >> >> >> >> 2017-01-30 14:07 GMT+01:00 Yaniv Kaul <ykaul(a)redhat.com&gt;: >>> >>> >>> >>> On Mon, Jan 30, 2017 at 12:03 PM, Matt . <yamakasi.014(a)gmail.com&gt; wrote: >>>> >>>> >>>> Could do but then there is still some password like thingy around in >>>> my provisioning system, a key is just a fingerprint which is matched. >>> >>> >>> >>> It's not JUST a fingerprint. It's the fingerprint of a SSH key we use for >>> the authentication. >>> >>>> >>>> What is also the case is that I want to decide in the engine if it's >>>> valid to be provisioned or not. >>> >>> >>> >>> So don't add that SSH key to hosts that you don't want to provision. >>> We don't have this extra phase of 'approving a host when you add it'. >>> If you have permissions to add a host, it'll be added - via the Engine, >>> by >>> the Engine. >>> >>>> >>>> >>>> Security wise it's not ideal if you ask me, that is why I did it using >>>> the URL, http/https was possible. >>>> >>>> No clue there ? >>> >>> >>> >>> I'm probably missing the use case here. >>> Y. >>> >>>> >>>> >>>> Thanks! >>>> >>>> Matt >>>> >>>> 2017-01-30 10:32 GMT+01:00 Yaniv Kaul <ykaul(a)redhat.com&gt;: >>>>> >>>>> Have you tried using SSH public key auth.? >>>>> Y. >>>>> >>>>> >>>>> On Mon, Jan 30, 2017 at 9:57 AM, Matt . <yamakasi.014(a)gmail.com&gt; wrote: >>>>>> >>>>>> >>>>>> Hi All, >>>>>> >>>>>> In the past I was using an URL to add my hosts to over so they exists >>>>>> in the ovirt WebGui but they were unprovisioned so I needed to install >>>>>> them only. >>>>>> >>>>>> This is what I used: >>>>>> >>>>>> >>>>>> >>>>>> >>>>>> http://OVIRTENGINE_FQDN/OvirtEngineWeb/register?vds_ip=HOSTFQDN&port=... >>>>>> >>>>>> Is there some way to accomplish this still without using a user/pass >>>>>> combiation ? >>>>>> >>>>>> Thanks! >>>>>> >>>>>> Matt >>>>>> _______________________________________________ >>>>>> Users mailing list >>>>>> Users(a)ovirt.org >>>>>> http://lists.ovirt.org/mailman/listinfo/users >>>>> >>>>> >>>>> >>> >>> >> _______________________________________________ >> Users mailing list >> Users(a)ovirt.org >> http://lists.ovirt.org/mailman/listinfo/users >> >