Note: This bug is displayed in read-only format because the product is no longer active in Red Hat Bugzilla.

Bug 994451

Summary: [RFE] [vdsm-reg] retire vdsm-reg
Product: Red Hat Enterprise Virtualization Manager Reporter: Alon Bar-Lev <alonbl>
Component: RFEsAssignee: Douglas Schilling Landgraf <dougsland>
Status: CLOSED DUPLICATE QA Contact: yeylon <yeylon>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: unspecifiedCC: bazulay, cshao, danken, dfediuck, dougsland, fdeutsch, hadong, huiwa, iheim, leiwang, lpeer, oourfali, rbalakri, rbarry, srevivo, yaniwang, ycui, yeylon
Target Milestone: ---Keywords: FutureFeature, Improvement
Target Release: ---Flags: sherold: Triaged+
Hardware: Unspecified   
OS: Unspecified   
Whiteboard: infra
Fixed In Version: Doc Type: Enhancement
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2015-06-24 18:42:58 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: Infra RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 1135921, 1231379    
Bug Blocks: 1115118    

Description Alon Bar-Lev 2013-08-07 10:25:48 UTC 
OUTLINE

vdsm-reg is currently used for ovirt-node registration.

It is doing much more than it should, and using low quality implementation.

Since ovirt-engine-3.2 there is no actual need for vdsm-reg, we should be able to retire this component when interacting with >=ovirt-engine-3.2 quite easily.

This regadless of the proper method to do this using a generic ovirt-node registration (bug#875088).

It would be best if we have some anonymous engine API to return version, but for now, we will just add a checkbox/parameter for user manual use.

DESIGN

COMPONENT: Registration module

Common to interactive and non interactive processing.

INPUT

engine_url - url
engine_gt_32 - boolean
callbacks - object
    boolean ca_confirm(string pem)

OUTPUT

success
failure - network and other issues
aborted - aborted by user, user did not accept CA

We can do this with exceptions, then we need a special exception for aborted state... or with return enum.

LOGIC

1. If Web CA certificate is missing

a. download into *TEMPORARY* location.

b. extract PEM, callback.ca_confirm(pem)

c. store certificate into final location.

2. Download/store SSH public key.

3. Get vdsmid (create /etc/vdsm/vdsm.id if required)

4. If not enigne_gt_32 use legacy vdsm_reg logic.

5. If engine_gt_32 perform registration using engine_url, please make sure that user:password@ trigger authentication header.

COMPONENT: UI

Two fields:

    Engine URL: _https://____________ (default: https://)
[X] Engine version is 3.2 or above (default: checked)

LOGIC

1. Register callback to present certificate CN and fingerprint and accept.

2. call registration module and call it with UI parameters and callback

COMPONENT: Non interactive

1. add two kernel arguments:

a. management_server_url (url)
b. management_server_gt_32 (boolean, default: 1)

LOGIC

1. register callback to verify management_server_fingerprint against certificate.

2. if management_server_url available:

a. call python module with management_server_url, management_server_gt_32

3. if management_server_url is unavailable but management_server is:

a. call python module with https://management_server:management_port, !engine_gt_32

b. if fail, call python module with http://management_server:management_port, !engine_gt_32
Comment 1 Alon Bar-Lev 2013-08-18 18:56:01 UTC 
*** Bug 970667 has been marked as a duplicate of this bug. ***
Comment 2 Alon Bar-Lev 2013-08-18 18:58:33 UTC 
COMPONENT: CLI

Command-line interface to perform registration.

ovirt-engine-registration --url= --ca-fingerprint=(*|sha1)
Comment 3 Alon Bar-Lev 2013-08-18 19:00:38 UTC 
Implementation notes:

Best if the python library and the CLI can be run on any computer not just ovirt-node, this will allow us to register standard hosts.

Implications are: persist only at ovirt-node... more?
Comment 4 Itamar Heim 2013-08-20 08:37:09 UTC 
(In reply to Alon Bar-Lev from comment #3)
> Implementation notes:
> 
> Best if the python library and the CLI can be run on any computer not just
> ovirt-node, this will allow us to register standard hosts.
> 
> Implications are: persist only at ovirt-node... more?

pass parameter of host type by the client as part of registration?
Comment 5 Alon Bar-Lev 2013-08-20 08:39:03 UTC 
(In reply to Itamar Heim from comment #4)
> (In reply to Alon Bar-Lev from comment #3)
> > Implementation notes:
> > 
> > Best if the python library and the CLI can be run on any computer not just
> > ovirt-node, this will allow us to register standard hosts.
> > 
> > Implications are: persist only at ovirt-node... more?
> 
> pass parameter of host type by the client as part of registration?

Why? we should detect host type while actually installing.
Comment 7 Douglas Schilling Landgraf 2014-05-14 20:31:18 UTC 
*** Bug 1097713 has been marked as a duplicate of this bug. ***
Comment 8 Alon Bar-Lev 2014-06-26 14:23:36 UTC 
*** Bug 1113622 has been marked as a duplicate of this bug. ***
Comment 9 Douglas Schilling Landgraf 2015-06-24 18:42:58 UTC 
Closing this bug as duplicate of bz#1231379 which has all flags for 3.6 release and it's related to the new tool which will deprecate vdsm-reg. For the record, the tool uses the new registration service as requested in bz#994451 and bz#1135921 and it's integrated to ovirt-node and can be used in a ordinary distro.

*** This bug has been marked as a duplicate of bug 1231379 ***