[ovirt-users] Add host to oVirt: unprovisioned without using username/password in vdsm-tool

Matt . yamakasi.014 at gmail.com
Mon Jan 30 15:54:18 UTC 2017


Hi Douglas,

I think we discussed this in 2013 as well, thanks for catching up...
you were mentioned on irc already by rgolan :)

I needed the --check-fqdn false which fixed it.

Very nice and thanks for the example :) Will check further what the
possibilities are!


Cheers,

Matt

2017-01-30 16:46 GMT+01:00 Douglas Schilling Landgraf <dlandgra at redhat.com>:
> Hello Matt,
>
> On 01/30/2017 08:52 AM, Matt . wrote:
>>
>> In a puppetized environment it's just too easy to include a
>> manifest/class that will use the ssh key for that manifest, I want to
>> avoid that and control the acceptance from the GUI when a possible
>> host is added to to engine but not capable to join the cluster yet.
>
>
> I would suggest:
>
> # vdsm-tool register --engine-fqdn myengine.localdomain
>
> or without the check of fqdn:
>
> # vdsm-tool register --engine-fqdn IP_ADDRESS --check-fqdn false
>
> Later you might want to approve the host via GUI, SDK or REST API.
>
> A quick example of rest api:
> https://github.com/dougsland/ovirt-restapi-scripts/commit/91dcb3fcd2cae6570aed06dc3471c4d79caefbc8
>
>
>
>> The idea how I used it was very plain and simple, the host exists in
>> oVirt but was unprovisioned, you clicked install and there it went. If
>> that would be possible again or is in some way I would like to know.
>>
>>
>>
>> 2017-01-30 14:07 GMT+01:00 Yaniv Kaul <ykaul at redhat.com>:
>>>
>>>
>>>
>>> On Mon, Jan 30, 2017 at 12:03 PM, Matt . <yamakasi.014 at gmail.com> wrote:
>>>>
>>>>
>>>> Could do but then there is still some password like thingy around in
>>>> my provisioning system, a key is just a fingerprint which is matched.
>>>
>>>
>>>
>>> It's not JUST a fingerprint. It's the fingerprint of a SSH key we use for
>>> the authentication.
>>>
>>>>
>>>> What is also the case is that I want to decide in the engine if it's
>>>> valid to be provisioned or not.
>>>
>>>
>>>
>>> So don't add that SSH key to hosts that you don't want to provision.
>>> We don't have this extra phase of 'approving a host when you add it'.
>>> If you have permissions to add a host, it'll be added - via the Engine,
>>> by
>>> the Engine.
>>>
>>>>
>>>>
>>>> Security wise it's not ideal if you ask me, that is why I did it using
>>>> the URL, http/https was possible.
>>>>
>>>> No clue there ?
>>>
>>>
>>>
>>> I'm probably missing the use case here.
>>> Y.
>>>
>>>>
>>>>
>>>> Thanks!
>>>>
>>>> Matt
>>>>
>>>> 2017-01-30 10:32 GMT+01:00 Yaniv Kaul <ykaul at redhat.com>:
>>>>>
>>>>> Have you tried using SSH public key auth.?
>>>>> Y.
>>>>>
>>>>>
>>>>> On Mon, Jan 30, 2017 at 9:57 AM, Matt . <yamakasi.014 at gmail.com> wrote:
>>>>>>
>>>>>>
>>>>>> Hi All,
>>>>>>
>>>>>> In the past I was using an URL to add my hosts to over so they exists
>>>>>> in the ovirt WebGui but they were unprovisioned so I needed to install
>>>>>> them only.
>>>>>>
>>>>>> This is what I used:
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>> http://OVIRTENGINE_FQDN/OvirtEngineWeb/register?vds_ip=HOSTFQDN&port=54321&vds_name=HOSTNAME&vds_unique_id=%60dmidecode%20-s%20system-uuid%60&ticket=&__VIEWSTATE='
>>>>>>
>>>>>> Is there some way to accomplish this still without using a user/pass
>>>>>> combiation ?
>>>>>>
>>>>>> Thanks!
>>>>>>
>>>>>> Matt
>>>>>> _______________________________________________
>>>>>> Users mailing list
>>>>>> Users at ovirt.org
>>>>>> http://lists.ovirt.org/mailman/listinfo/users
>>>>>
>>>>>
>>>>>
>>>
>>>
>> _______________________________________________
>> Users mailing list
>> Users at ovirt.org
>> http://lists.ovirt.org/mailman/listinfo/users
>>
>


More information about the Users mailing list