Heretofore, VCL SSH's to a hypervisor when it wants to cause some
change (ie: provision or deprovision a VM). The VCL uses pre-shared
SSH keys between VCL and the hypervisor to allow the SSHing the
authenticate. This works for VMware server and regular ESX because
they are configurable to accept SSH keys. ESX 3i isn't configurable
to accept an SSH logon, and can only be communicated with through a
web service which requires a valid hypervisor username and password.
So I'd like to propose that we add a hypervisor username and password
in the VCL database associated. As far as I can tell, there are two
places to add this information.
1) Extend the 'vmhost' table to include a username field and a
password field. This would allow each individual hypervisor to have
its own user/pass. However, if all the hypervisors use the same user/
pass then we've just duplicated a lot of data, and it is very hard to
change this system wide password later.
2) Extend the 'vmprofile' table to include a username field and a
password. In this case a group of hypervisors (linked through the
same vmprofile) would share a single user/pass. This would make
password changes easier since it only has to be updated in one place,
but requires hypervisors to have a consistant username/password across
them. Because of the de-duplication of data, and easyness of password
changes, I favor of this second option.
Whichever table it goes in, here are the lines to be added to the
`username` varchar(8) NOT NULL default ''
`password` varchar(40) NOT NULL default ''
Could someone tell us a bit about how to get that username and
password out of the database and into our module as a variable?
Secure Open Systems Initiative