[ovirt-users] Add host to oVirt: unprovisioned without using username/password in vdsm-tool

Douglas Schilling Landgraf dlandgra at redhat.com
Mon Jan 30 15:46:28 UTC 2017


Hello Matt,

On 01/30/2017 08:52 AM, Matt . wrote:
> In a puppetized environment it's just too easy to include a
> manifest/class that will use the ssh key for that manifest, I want to
> avoid that and control the acceptance from the GUI when a possible
> host is added to to engine but not capable to join the cluster yet.

I would suggest:

# vdsm-tool register --engine-fqdn myengine.localdomain

or without the check of fqdn:

# vdsm-tool register --engine-fqdn IP_ADDRESS --check-fqdn false

Later you might want to approve the host via GUI, SDK or REST API.

A quick example of rest api:
https://github.com/dougsland/ovirt-restapi-scripts/commit/91dcb3fcd2cae6570aed06dc3471c4d79caefbc8


> The idea how I used it was very plain and simple, the host exists in
> oVirt but was unprovisioned, you clicked install and there it went. If
> that would be possible again or is in some way I would like to know.
>
>
>
> 2017-01-30 14:07 GMT+01:00 Yaniv Kaul <ykaul at redhat.com>:
>>
>>
>> On Mon, Jan 30, 2017 at 12:03 PM, Matt . <yamakasi.014 at gmail.com> wrote:
>>>
>>> Could do but then there is still some password like thingy around in
>>> my provisioning system, a key is just a fingerprint which is matched.
>>
>>
>> It's not JUST a fingerprint. It's the fingerprint of a SSH key we use for
>> the authentication.
>>
>>>
>>> What is also the case is that I want to decide in the engine if it's
>>> valid to be provisioned or not.
>>
>>
>> So don't add that SSH key to hosts that you don't want to provision.
>> We don't have this extra phase of 'approving a host when you add it'.
>> If you have permissions to add a host, it'll be added - via the Engine, by
>> the Engine.
>>
>>>
>>>
>>> Security wise it's not ideal if you ask me, that is why I did it using
>>> the URL, http/https was possible.
>>>
>>> No clue there ?
>>
>>
>> I'm probably missing the use case here.
>> Y.
>>
>>>
>>>
>>> Thanks!
>>>
>>> Matt
>>>
>>> 2017-01-30 10:32 GMT+01:00 Yaniv Kaul <ykaul at redhat.com>:
>>>> Have you tried using SSH public key auth.?
>>>> Y.
>>>>
>>>>
>>>> On Mon, Jan 30, 2017 at 9:57 AM, Matt . <yamakasi.014 at gmail.com> wrote:
>>>>>
>>>>> Hi All,
>>>>>
>>>>> In the past I was using an URL to add my hosts to over so they exists
>>>>> in the ovirt WebGui but they were unprovisioned so I needed to install
>>>>> them only.
>>>>>
>>>>> This is what I used:
>>>>>
>>>>>
>>>>>
>>>>> http://OVIRTENGINE_FQDN/OvirtEngineWeb/register?vds_ip=HOSTFQDN&port=54321&vds_name=HOSTNAME&vds_unique_id=%60dmidecode%20-s%20system-uuid%60&ticket=&__VIEWSTATE='
>>>>>
>>>>> Is there some way to accomplish this still without using a user/pass
>>>>> combiation ?
>>>>>
>>>>> Thanks!
>>>>>
>>>>> Matt
>>>>> _______________________________________________
>>>>> Users mailing list
>>>>> Users at ovirt.org
>>>>> http://lists.ovirt.org/mailman/listinfo/users
>>>>
>>>>
>>
>>
> _______________________________________________
> Users mailing list
> Users at ovirt.org
> http://lists.ovirt.org/mailman/listinfo/users
>


More information about the Users mailing list