[ovirt-users] Re: New fenceType in oVirt code for IBM OpenBMC

Hi Martin, On 1 Jul 2020, at 03:26, Martin Perina <mperina@redhat.com<mailto:mperina@redhat.com>> wrote: On Wed, Jul 1, 2020 at 1:57 AM Vinícius Ferrão via Users <users@ovirt.org<mailto:users@ovirt.org>> wrote: Hello, After some days scratching my head I found that oVirt is probably missing fenceTypes for IBM’s implementation of OpenBMC in the Power Management section. The host machine is an OpenPOWER AC922 (ppc64le). The BMC basically is an “ipmilan” device but the ciphers must be defined as 3 or 17 by default: [root@h01 ~]# ipmitool -I lanplus -H 10.20.10.2 root -P 0penBmc -L operator -C 3 channel getciphers ipmi ID IANA Auth Alg Integrity Alg Confidentiality Alg 3 N/A hmac_sha1 hmac_sha1_96 aes_cbc_128 17 N/A hmac_sha256 sha256_128 aes_cbc_128 The default ipmilan connector forces the option cipher=1 which breaks the communication. Hi, have you tried to overwrite the default by adding cipher=3 into Options field when adding/updating fence agent configuration for specific host? Eli, looking at https://www.intel.com/content/dam/www/public/us/en/documents/product-brie... I'm not sure our defaults make sense, because by default we enable IPMIv2 (lanplus=1), but we set IPMIv1 cipher support (cipher=1). Or am I missing something? Yes I’m running this way right now: ipmilan with cipher=17 on options. But to figure it out I took almost a month. Really. I’ve sent a message on 5 June to the list: Power Management on IBM AC922 Power9 (ppc64le); and I was trying to solve it since them. This was mainly due to poor documentation. I only figured it out when I done a lot of searches on Github to read the oVirt code. So the cipher=1 thing show up, and I guessed that it may be it. And it was… I know that no one cares for ppc64le haha. But I think a change on the list of supported fenceTypes will save some people the time I’ve lost with this. If there’s something like “openbmc" would be great. Or at least a better explanation on the Power Management configure box. Not even the options are explained correctly guessing lanplus=1 was hard. I tried a lot of combinations like: I=lanplus -I lanplus -I=lanplus Thanks, Regards, Martin So I was reading the code and found this “fenceType” class, but I wasn't able to found where to define those classes. So I can create another one called something like openbmc to set cipher=17 by default. Another question is how bad the output is, it only returns a JSON-RPC generic error. But I don’t know how to suggest a fix for this. Thanks, _______________________________________________ Users mailing list -- users@ovirt.org<mailto:users@ovirt.org> To unsubscribe send an email to users-leave@ovirt.org<mailto:users-leave@ovirt.org> Privacy Statement: https://www.ovirt.org/privacy-policy.html oVirt Code of Conduct: https://www.ovirt.org/community/about/community-guidelines/ List Archives: https://lists.ovirt.org/archives/list/users@ovirt.org/message/BP33DZ3AET5... -- Martin Perina Manager, Software Engineering Red Hat Czech s.r.o.