Re: [ovirt-users] Add host to oVirt: unprovisioned without using username/password in vdsm-tool

Hello Matt, On 01/30/2017 08:52 AM, Matt . wrote: > > In a puppetized environment it's just too easy to include a > manifest/class that will use the ssh key for that manifest, I want to > avoid that and control the acceptance from the GUI when a possible > host is added to to engine but not capable to join the cluster yet. I would suggest: # vdsm-tool register --engine-fqdn myengine.localdomain or without the check of fqdn: # vdsm-tool register --engine-fqdn IP_ADDRESS --check-fqdn false Later you might want to approve the host via GUI, SDK or REST API. A quick example of rest api: https://github.com/dougsland/ovirt-restapi-scripts/commit/91dcb3fcd2cae65... > The idea how I used it was very plain and simple, the host exists in > oVirt but was unprovisioned, you clicked install and there it went. If > that would be possible again or is in some way I would like to know. > > > > 2017-01-30 14:07 GMT+01:00 Yaniv Kaul <ykaul(a)redhat.com&gt;: >> >> >> >> On Mon, Jan 30, 2017 at 12:03 PM, Matt . <yamakasi.014(a)gmail.com&gt; wrote: >>> >>> >>> Could do but then there is still some password like thingy around in >>> my provisioning system, a key is just a fingerprint which is matched. >> >> >> >> It's not JUST a fingerprint. It's the fingerprint of a SSH key we use for >> the authentication. >> >>> >>> What is also the case is that I want to decide in the engine if it's >>> valid to be provisioned or not. >> >> >> >> So don't add that SSH key to hosts that you don't want to provision. >> We don't have this extra phase of 'approving a host when you add it'. >> If you have permissions to add a host, it'll be added - via the Engine, >> by >> the Engine. >> >>> >>> >>> Security wise it's not ideal if you ask me, that is why I did it using >>> the URL, http/https was possible. >>> >>> No clue there ? >> >> >> >> I'm probably missing the use case here. >> Y. >> >>> >>> >>> Thanks! >>> >>> Matt >>> >>> 2017-01-30 10:32 GMT+01:00 Yaniv Kaul <ykaul(a)redhat.com&gt;: >>>> >>>> Have you tried using SSH public key auth.? >>>> Y. >>>> >>>> >>>> On Mon, Jan 30, 2017 at 9:57 AM, Matt . <yamakasi.014(a)gmail.com&gt; wrote: >>>>> >>>>> >>>>> Hi All, >>>>> >>>>> In the past I was using an URL to add my hosts to over so they exists >>>>> in the ovirt WebGui but they were unprovisioned so I needed to install >>>>> them only. >>>>> >>>>> This is what I used: >>>>> >>>>> >>>>> >>>>> >>>>> http://OVIRTENGINE_FQDN/OvirtEngineWeb/register?vds_ip=HOSTFQDN&port=... >>>>> >>>>> Is there some way to accomplish this still without using a user/pass >>>>> combiation ? >>>>> >>>>> Thanks! >>>>> >>>>> Matt >>>>> _______________________________________________ >>>>> Users mailing list >>>>> Users(a)ovirt.org >>>>> http://lists.ovirt.org/mailman/listinfo/users >>>> >>>> >>>> >> >> > _______________________________________________ > Users mailing list > Users(a)ovirt.org > http://lists.ovirt.org/mailman/listinfo/users >