Bug 2070341 - Support for non-password fencing authentication for HP ILO and VMware
Summary: Support for non-password fencing authentication for HP ILO and VMware
Keywords:
Status: ASSIGNED
Alias: None
Product: Red Hat Enterprise Linux 8
Classification: Red Hat
Component: fence-agents
Version: 8.5
Hardware: Unspecified
OS: Unspecified
unspecified
medium
Target Milestone: rc
: ---
Assignee: Oyvind Albrigtsen
QA Contact: cluster-qe
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2022-03-30 21:06 UTC by Tom Sorensen
Modified: 2023-08-10 15:40 UTC (History)
4 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed:
Type: Bug
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Issue Tracker RHELPLAN-117415 0 None None None 2022-03-30 21:09:37 UTC
Red Hat Knowledge Base (Solution) 6877641 0 None None None 2022-04-01 17:01:44 UTC

Description Tom Sorensen 2022-03-30 21:06:54 UTC 
Description of problem:
Support for non-password authentication in HP ILO and VMware fence agents.


Additional info:
Both HP ILO and VMware REST support use of certificates for authentication. Currently fence-agents do not (except ssh, which allows for keys).

RFE for supporting certificates, OATH, tokens, keys, etc. as appropriate for both HP ILO and VMware.

HP ILO v2+ appear to support (v5 docs -- http://itdoc.hitachi.co.jp/manuals/ha8000v/hard/Gen10/iLO/880740-004_en.pdf)

VMware REST supports (https://developer.vmware.com/apis/vsphere-automation/latest/vcenter/#/)

Unclear that VMware SOAP supports; initial indication is that it does not.

Allowing for non-password authn would allow for customers to improve security and more easily change authn information.
Note You need to log in before you can comment on or make changes to this bug.