Versions Compared

Old Version 2

changes.mady.by.user Marcus Sorensen

Saved on

compared with

New Version 3

changes.mady.by.user Marcus Sorensen

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Migrated to Confluence 5.3

Bug Reference

Jira
serverASF JIRA
keyCLOUDSTACK-8339

Purpose

Allow admins to provide non-root credentials to add hypervisor.  This prevents cloudstack from having and showing root credentials for the hypervisor, and keeps admins from having to enable root ssh.

Architecture and Design description

Hypervisor needs a sudo entry for user like:

“ALL=NOPASSWD : /usr/bin/cloudstack-setup-agent”

CloudStack agent install adds an /etc/profile.d file that allows lsmod to be seen in the path, as the management server checks for the kvm modules. This requires that the user have a default .bashrc which sources /etc/bashrc, otherwise the user will not be able to find lsmod with it's non-login "lsmod | grep kvm" remote command. Alternatively, the admin can make their own accommodations for the user ssh command to find lsmod.