[ovirt-users] Add host to oVirt: unprovisioned without using username/password in vdsm-tool

Yaniv Kaul ykaul at redhat.com
Mon Jan 30 13:07:00 UTC 2017


On Mon, Jan 30, 2017 at 12:03 PM, Matt . <yamakasi.014 at gmail.com> wrote:

> Could do but then there is still some password like thingy around in
> my provisioning system, a key is just a fingerprint which is matched.
>

It's not JUST a fingerprint. It's the fingerprint of a SSH key we use for
the authentication.


> What is also the case is that I want to decide in the engine if it's
> valid to be provisioned or not.
>

So don't add that SSH key to hosts that you don't want to provision.
We don't have this extra phase of 'approving a host when you add it'.
If you have permissions to add a host, it'll be added - via the Engine, by
the Engine.


>
> Security wise it's not ideal if you ask me, that is why I did it using
> the URL, http/https was possible.
>
> No clue there ?
>

I'm probably missing the use case here.
Y.


>
> Thanks!
>
> Matt
>
> 2017-01-30 10:32 GMT+01:00 Yaniv Kaul <ykaul at redhat.com>:
> > Have you tried using SSH public key auth.?
> > Y.
> >
> >
> > On Mon, Jan 30, 2017 at 9:57 AM, Matt . <yamakasi.014 at gmail.com> wrote:
> >>
> >> Hi All,
> >>
> >> In the past I was using an URL to add my hosts to over so they exists
> >> in the ovirt WebGui but they were unprovisioned so I needed to install
> >> them only.
> >>
> >> This is what I used:
> >>
> >>
> >> http://OVIRTENGINE_FQDN/OvirtEngineWeb/register?vds_
> ip=HOSTFQDN&port=54321&vds_name=HOSTNAME&vds_unique_id=%
> 60dmidecode%20-s%20system-uuid%60&ticket=&__VIEWSTATE='
> >>
> >> Is there some way to accomplish this still without using a user/pass
> >> combiation ?
> >>
> >> Thanks!
> >>
> >> Matt
> >> _______________________________________________
> >> Users mailing list
> >> Users at ovirt.org
> >> http://lists.ovirt.org/mailman/listinfo/users
> >
> >
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ovirt.org/pipermail/users/attachments/20170130/3c076e15/attachment.html>


More information about the Users mailing list