[node-devel] CIM plugin for oVirt Node

[Perry Myers]

One of the items on our backlog has been to include CIM server/providers
on oVirt Node.  Initially we'll do this statically and include things
like sblim, tog-pegasus, libvirt-cim as part of the core Node recipe.

Later, we can use the 'plugin' concept so that this functionality can be
added by those that need it, and for those that don't they can ignore.

Some questions have come up around this point, and since the Node team
aren't CIM experts, we wanted to reach out to folks that have been using
it a little more heavily to make sure we're on the right track.

Some of the technical things we've run into are:

1. Our initial attempt at getting tog-pegasus and friends running
   failed due to lots of issues with r/o root filesystem.  Might need
   help from folks more knowledgeable about CIM to halp resolve that.

   Anthony, I think you might have some kickstart snippets that would
   be of use here, correct?

2. Once you've got the CIM server there (tog-pegasus) you need to have
   some way to enable/disable it, which right now isn't easy to do
   except via offline image manipulation (since you can't persist
   symlinks in stateless Linux).

3. When the CIM server is enabled, need to unblock the appropriate
   firewall port, which again is not trivial to do given the stateless
   nature of the Node via tools like lokkit.  (Perhaps firewalld will
   make this easier, but for now firewalld doesn't look mature enough
   to begin using in earnest)

4. How should CIM be secured and configured for authentication?  Do we
   need to provide some mechanism for deploying SSL client certs into
   the Node for tog-pegasus to use?  What about setting simple
   user/pass auth?

5. What sort of other configuration should be exposed for CIM
   providers?

Geert/Anthony/DV, if you guys have thoughts on the above questions or
can point us at other people to loop into this thread, that would be
helpful.

Thanks!

Perry