Today we only support freeipmi, ipmitool and redfish as providers for BMC and document that. But we also have couple of more available providers such as SSH and Shell.
The issue is they are not functional out of the box, SSH fails at the first step after we try to enable it and also expects admins to deploy ssh keys at /usr/share/foreman/.ssh/id_rsa in order to give the functionality to ssh into remote hosts and run power operations.
For Shell, there is no use case for it to manage power on remote hosts, as it is basically giving power control over the machine running the smart proxy.
It also creates a confusion for users as they see SSH in the network interfaces form, which technically is not working.
Proposal
We Should remove SSH and Shell as BMC providers until they are fully functional.
Alternative Approach
Hide SSH from nic forms UI until it is properly working
Impacts
This impacts end users as they see SSH listed as BMC provider in nic form but they are unable to use that, and Shell does not provide power management for remote hosts.
That is odd: it should be /usr/share/foreman-proxy/.ssh/id_rsa and then it can use the same key as REX. I think it’s likely nobody actively used this, though they could have used --foreman-proxy-bmc-ssh-key /usr/share/foreman-proxy/.ssh/id_rsa to work around the bug.
Digging into the history. For SSH we have:
Quoting Redmine:
For BMC API testing, I have implemented simple BMC provider that calls “reboot” and “shutdown” via SSH.
Again, digging into the history and we find the shell implementation is even older:
Quoting Redmine:
We have a BMC provider, but not all servers have BMC onboard. We should add capability to reboot servers from the shell, in such cases.
I suspect @Gwmngilfen back then deployed a Smart Proxy on each host that he needed to control but how common are servers without a BMC today compared to 2013?
I think they were never intended to be fully functional but as I noted above as partial implementations. IMHO by now we can remove them.
Given “Shell” is not exposed anywhere (besides the Proxy API), I think it’s save to “just remove it”.
As “SSH” is exposed in the Foreman UI (even if not functional in the default config), we could consider deprecating it (in 3.19?) and removing it later (3.20?), but personally I think that’s not necessary and we can “just” remove it too.
Thanks for the input, I think we can remove SSH from Foreman UI and then start removing the whole functionality from smart-proxy and other places where we expose these providers.
