[Ovirt-devel] Developer-only mode

Chris Lalancette clalance at redhat.com
Fri Mar 7 13:34:08 UTC 2008 

All,
     After thinking about it for a little while, I think I've come up with a way
to make "developer mode" very simple, without really making any changes to our
source code, and without removing kerberos.  With this model, all developers
would have to do to get up and running would be to download an appliance, start
it up (this will be the management UI), and then just start up a second guest
XML booting to the network (this will be the "managed node").  Beyond that,
there shouldn't be any configuration necessary by the user.  The details:

1.  We provide a pre-built WUI appliance.  Inside this appliance, we have
already configured Ovirt, databases, etc, along with FreeIPA with some default
realm (OVIRT.ORG).  Simplification #1: users don't have to run ipa-server-install.

2.  Inside the appliance, we pre-configure firefox to authenticate to this
realm.  Simplification #2: Users don't have to mess with firefox.

3.  Inside the appliance, we create a default user (ovirtadmin) without a
password, and export the keytab for that user into some location into the
appliance (/usr/share/ovirt-wui/ovirt-admin.keytab).  Set up a cron job to
periodically kdestroy/kinit with this keytab.  Simplification #3: users don't
have to kinit anymore.

4.  The whole appliance is run behind virbr0, so we can hard-code the MAC
address that we use without worrying about colliding on the real network.
Simplification #4: users won't have to muck (much) with the libvirt XML we
provide them.

5.  The "managed node" guest is also run behind virbr0, so we can hard-code a
MAC here as well.  There's no disk to download (since we'll be pulling the image
over PXE), just a default libvirt XML that we provide.

So, basically, I think we can do developer only mode with just configuration.  I
think this setup should be easy enough for most people to set up, assuming they
can create KVM guests (of course, Xen guests would probably work too).  I'm
going to start working on this configuration; any thoughts on it in the meantime?

Chris Lalancette

More information about the ovirt-devel mailing list