Version 4 of the Java software development kit is a collection of classes that allows you to interact with the {virt-product-fullname} {engine-name} in Java-based projects. By downloading these classes and adding them to your project, you can access a range of functionality for high-level automation of administrative tasks.
Version 3 of the SDK is no longer supported. For more information, consult the RHV 4.3 version of this guide. |
Prerequisites
To install the Java software development kit, you must have:
-
A system where {enterprise-linux} 8 is installed. Both the Server and Workstation variants are supported.
-
A subscription to {virt-product-fullname} entitlements.
The software development kit is an interface for the {virt-product-fullname} REST API. Use the version of the software development kit that corresponds to the version of your {virt-product-fullname} environment. For example, if you are using {virt-product-fullname} 4.3, use V4 Java software development kit. |
Installing the Java Software Development Kit
Install the Java software development kit and accompanying documentation.
-
Enable the repositories:
# subscription-manager repos \ --enable=rhel-8-for-x86_64-baseos-rpms \ --enable=rhel-8-for-x86_64-appstream-rpms \ --enable=rhv-4.4-manager-for-rhel-8-x86_64-rpms\ --enable=jb-eap-7.4-for-rhel-8-x86_64-rpms # subscription-manager repos \ --enable=rhel-8-for-x86_64-baseos-eus-rpms \ --enable=rhel-8-for-x86_64-appstream-eus-rpms # subscription-manager release --set=8.6
-
Enable the
pki-deps
module.# dnf module -y enable pki-deps
-
Install the required packages for Java SDK V4:
# dnf install java-ovirt-engine-sdk4
The V4 Java software development kit and accompanying documentation are downloaded to the /usr/share/java/java-ovirt-engine-sdk4 directory and can be added to Java projects.
Dependencies
To use the Java software development kit in Java applications, you must add the following JAR files to the class path of those applications:
-
commons-beanutils.jar
-
commons-codec.jar
-
httpclient.jar
-
httpcore.jar
-
jakarta-commons-logging.jar
-
log4j.jar
The packages that provide these JAR files are installed as dependencies to the ovirt-engine-sdk-java
package. By default, they are available in the /usr/share/java directory on {enterprise-linux} 6 and {enterprise-linux} 7 systems.
Configuring SSL
The {virt-product-fullname} {engine-name} Java SDK provides full support for HTTP over Secure Socket Layer (SSL) and the IETF Transport Layer Security (TLS) protocol using the Java Secure Socket Extension (JSSE). JSSE has been integrated into the Java 2 platform as of version 1.4 and works with the Java SDK out of the box. On earlier Java 2 versions, JSSE must be manually installed and configured.
The following procedure outlines how to configure SSL using the Java SDK.
-
Download the certificate used by the {virt-product-fullname} {engine-name}.
By default, the location of the certificate used by the {virt-product-fullname} {engine-name} is in
/etc/pki/ovirt-engine/ca.pem
. -
Create a truststore:
$ keytool -import -alias "server.crt truststore" -file ca.crt -keystore server.truststore
-
Specify the
trustStoreFile
andtrustStorePassword
arguments when constructing an instance of theApi
orConnection
object:myBuilder.trustStoreFile("/home/username/server.truststore"); myBuilder.trustStorePassword("p@ssw0rd");
If you do not specify the
trustStoreFile
option when creating a connection, the Java SDK attempts to use the default truststore specified by the system variablejavax.net.ssl.trustStore
. If this system variable does not specify a truststore, the Java SDK attempts to use a truststore specified in$JAVA_HOME/lib/security/jssecacerts
or$JAVA_HOME/lib/security/cacerts
.
Host Verification
By default, the identity of the host name in the certificate is verified when attempting to open a connection to the {virt-product-fullname} {engine-name}. You can disable verification by passing the following argument when constructing an instance of the Connection
class:
myBuilder.insecure(true);
This method should not be used for production systems due to security reasons, unless it is a conscious decision and you are aware of the security implications of not verifying host identity. |