[root@192-168-174-42 ~]# yum install -y ovirt-engine-cli.noarch
客户端与engine manager通信使用tls/ssl 证书加密.下载engine manager的证书并导入客户端的证书库.
官方给出了三种方式获取证书:
1.命令行下载curl或wget
[root@192-168-174-42 ~]# wget -O ovirt.cer http://ovirt.skyovirt.com/ca.crt
查看一下证书内容确定正确获取
[root@192-168-174-42 ~]# cat ovirt.cer
-----BEGIN CERTIFICATE-----
MIIDwDCCAqigAwIBAgICEAAwDQYJKoZIhvcNAQEFBQAwRzELMAkGA1UEBhMCVVMxFTATBgNVBAoT
DHNreW92aXJ0LmNvbTEhMB8GA1UEAxMYb3ZpcnQuc2t5b3ZpcnQuY29tLjg1Mjk5MB4XDTE2MDMx
NDA3MTAwNFoXDTI2MDMxMzA3MTAwNFowRzELMAkGA1UEBhMCVVMxFTATBgNVBAoTDHNreW92aXJ0
LmNvbTEhMB8GA1UEAxMYb3ZpcnQuc2t5b3ZpcnQuY29tLjg1Mjk5MIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEAwMO/LC0kVw0UjBTAYg8+8dY4n6Pttu7HU25LAjlYOlHwWb3/J2l7Xq0q
b8YhzNO/nKx5BC5Trr82Pwcj3lsa7g2d/HXC1Nfs56S1es9VFeX48b0XzXMa65sIS/LLVHUcG7W8
oJvSFykpLFIF0ovnucObOt3bBKdvttttttt0jxadhEgscQR9MQooiRtfejnAaZFfAHlAuy0aHw/M
xLE0Tr91f/IBaZQyN/6YyqC5+GtBbuCDvuD5nU44tIywcVQb2pJB9485Ot7eVPosKWOVbh4vfkQO
sFbT1hBWpHp5LmM7x4aZvCT0jVW+w0Hgn0MQ1mUc0ExoxZdWdO6/HsgntwIDAQABo4G1MIGyMB0G
A1UdDgQWBBQfNKZVTfTqfiBhlSM7kVcvITmu4zBwBgNVHSMEaTBngBQfNKZVTfTqfiBhlSM7kVcv
ITmu46FLpEkwRzELMAkGA1UEBhMCVVMxFTATBgNVBAoTDHNreW92aXJ0LmNvbTEhMB8GA1UEAxMY
b3ZpcnQuc2t5b3ZpcnQuY29tLjg1Mjk5ggIQADAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQE
AwIBBjANBgkqhkiG9w0BAQUFAAOCAQEAoOQylKj07Jfk4d1v22XMI5x2U1bUenRgwQzIj7LQgE9L
KZO8FlIxFhxVDkwM88HX7lAfyiK70HAByKESjKHW+8O8Z0iCDqlP3Kg5ahotfDXfeWkG7HqZNqYi
ztvbDOXgLhwAXe9Fb5jPYd+nlkAvE5I7zeN1RjNwd3ltIhSU9dL60z9aeeJg6/z4r/PcVHyIASw3
g2yFgsD0gJvQN1iG/lHwkzuWoAYmC+9G6BwKTGARIfLji7V12q5ErQUYWQOTsMxHB1P6gdS0EHPD
j1zCSbNJf1awce2lJTlq5lh6amPx+F2PviIpyrmSYeKPhwV7hsgTmNr3iEYpmWs3SevbUA==
-----END CERTIFICATE-----
[root@192-168-174-42 ~]# [root@192-168-174-42 ~]# curl -o curlovirt.cer http://ovirt.skyovirt.com/ca.crt
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 1359 100 1359 0 0 178k 0 --:--:-- --:--:-- --:--:-- 189k
两种方法下载的文件是完全相同的.
[root@192-168-174-42 ~]# md5sum curlovirt.cer ovirt.cer
6205dd509cd23dd92398a96ebfe27527 curlovirt.cer
6205dd509cd23dd92398a96ebfe27527 ovirt.cer
2.使用浏览器下载
3.登陆engine-manager服务器使用java keytool导出
[root@ovirt ~]# keytool -exportcert -keystore /etc/pki/ovirt-engine/.truststore -alias cacert -storepass mypass -file ovirtexport.cer
Certificate stored in file
使用ovirt-shell
[root@192-168-174-42 ~]# ovirt-shell -c -l "https://ovirt.skyovirt.com/api" -P 443 -u "admin@internal" -A "ovirt.cer"
Password:
=============================================================================
>>> connected to oVirt manager 3.6.3.0 =============================================================================
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Welcome to oVirt shell
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
[oVirt shell (connected)]#
ovirt-shell会在当前用户下创建.ovirtshellhistory和.ovirtshellrc两个文件,一个是历史命令记录,一个是初始化文件
点击(此处)折叠或打开
-
[oVirt shell (connected)]# list storagedomains
-
-
id : 29d77882-5d31-4e14-b7e4-a3e225f5c0bb
-
name : hosted_storage
-
-
id : 81f667eb-5cf0-4c69-ac4a-7b018d9ea660
-
name : ISO
-
-
id : 072fbaa1-08f3-4a40-9f34-a5ca22dd1d74
-
name : ovirt-image-repository
-
-
id : c5cb8438-36a8-4095-93ee-c906fbbbe7e2
-
name : vm
-
- [oVirt shell (connected)]#