Bug 994451 - [RFE] [vdsm-reg] retire vdsm-reg
Summary: [RFE] [vdsm-reg] retire vdsm-reg
Keywords:
Status: CLOSED DUPLICATE of bug 1231379
Alias: None
Product: Red Hat Enterprise Virtualization Manager
Classification: Red Hat
Component: RFEs
Version: unspecified
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: ---
: ---
Assignee: Douglas Schilling Landgraf
QA Contact: yeylon@redhat.com
URL:
Whiteboard: infra
: 970667 1097713 1113622 (view as bug list)
Depends On: 1135921 1231379
Blocks: 1115118
TreeView+ depends on / blocked
 
Reported: 2013-08-07 10:25 UTC by Alon Bar-Lev
Modified: 2016-04-18 07:12 UTC (History)
18 users (show)

Fixed In Version:
Doc Type: Enhancement
Doc Text:
Clone Of:
Environment:
Last Closed: 2015-06-24 18:42:58 UTC
oVirt Team: Infra
Target Upstream Version:
Embargoed:
sherold: Triaged+


Attachments (Terms of Use)

Description Alon Bar-Lev 2013-08-07 10:25:48 UTC
OUTLINE

vdsm-reg is currently used for ovirt-node registration.

It is doing much more than it should, and using low quality implementation.

Since ovirt-engine-3.2 there is no actual need for vdsm-reg, we should be able to retire this component when interacting with >=ovirt-engine-3.2 quite easily.

This regadless of the proper method to do this using a generic ovirt-node registration (bug#875088).

It would be best if we have some anonymous engine API to return version, but for now, we will just add a checkbox/parameter for user manual use.

DESIGN

COMPONENT: Registration module

Common to interactive and non interactive processing.

INPUT

engine_url - url
engine_gt_32 - boolean
callbacks - object
    boolean ca_confirm(string pem)

OUTPUT

success
failure - network and other issues
aborted - aborted by user, user did not accept CA

We can do this with exceptions, then we need a special exception for aborted state... or with return enum.

LOGIC

1. If Web CA certificate is missing

a. download into *TEMPORARY* location.

b. extract PEM, callback.ca_confirm(pem)

c. store certificate into final location.

2. Download/store SSH public key.

3. Get vdsmid (create /etc/vdsm/vdsm.id if required)

4. If not enigne_gt_32 use legacy vdsm_reg logic.

5. If engine_gt_32 perform registration using engine_url, please make sure that user:password@ trigger authentication header.

COMPONENT: UI

Two fields:

    Engine URL: _https://____________ (default: https://)
[X] Engine version is 3.2 or above (default: checked)

LOGIC

1. Register callback to present certificate CN and fingerprint and accept.

2. call registration module and call it with UI parameters and callback

COMPONENT: Non interactive

1. add two kernel arguments:

a. management_server_url (url)
b. management_server_gt_32 (boolean, default: 1)

LOGIC

1. register callback to verify management_server_fingerprint against certificate.

2. if management_server_url available:

a. call python module with management_server_url, management_server_gt_32

3. if management_server_url is unavailable but management_server is:

a. call python module with https://management_server:management_port, !engine_gt_32

b. if fail, call python module with http://management_server:management_port, !engine_gt_32

Comment 1 Alon Bar-Lev 2013-08-18 18:56:01 UTC
*** Bug 970667 has been marked as a duplicate of this bug. ***

Comment 2 Alon Bar-Lev 2013-08-18 18:58:33 UTC
COMPONENT: CLI

Command-line interface to perform registration.

ovirt-engine-registration --url= --ca-fingerprint=(*|sha1)

Comment 3 Alon Bar-Lev 2013-08-18 19:00:38 UTC
Implementation notes:

Best if the python library and the CLI can be run on any computer not just ovirt-node, this will allow us to register standard hosts.

Implications are: persist only at ovirt-node... more?

Comment 4 Itamar Heim 2013-08-20 08:37:09 UTC
(In reply to Alon Bar-Lev from comment #3)
> Implementation notes:
> 
> Best if the python library and the CLI can be run on any computer not just
> ovirt-node, this will allow us to register standard hosts.
> 
> Implications are: persist only at ovirt-node... more?

pass parameter of host type by the client as part of registration?

Comment 5 Alon Bar-Lev 2013-08-20 08:39:03 UTC
(In reply to Itamar Heim from comment #4)
> (In reply to Alon Bar-Lev from comment #3)
> > Implementation notes:
> > 
> > Best if the python library and the CLI can be run on any computer not just
> > ovirt-node, this will allow us to register standard hosts.
> > 
> > Implications are: persist only at ovirt-node... more?
> 
> pass parameter of host type by the client as part of registration?

Why? we should detect host type while actually installing.

Comment 7 Douglas Schilling Landgraf 2014-05-14 20:31:18 UTC
*** Bug 1097713 has been marked as a duplicate of this bug. ***

Comment 8 Alon Bar-Lev 2014-06-26 14:23:36 UTC
*** Bug 1113622 has been marked as a duplicate of this bug. ***

Comment 9 Douglas Schilling Landgraf 2015-06-24 18:42:58 UTC
Closing this bug as duplicate of bz#1231379 which has all flags for 3.6 release and it's related to the new tool which will deprecate vdsm-reg. For the record, the tool uses the new registration service as requested in bz#994451 and bz#1135921 and it's integrated to ovirt-node and can be used in a ordinary distro.

*** This bug has been marked as a duplicate of bug 1231379 ***


Note You need to log in before you can comment on or make changes to this bug.