[ovirt-devel] changing engine domain name

Paul Dyer pmdyermms at gmail.com
Wed Jul 20 17:18:06 UTC 2016 

I have lost track of this during the last week.   I will get some downtime
and start over ( following your email from before ) and keep track of what
happens.

Paul

On Sun, Jul 17, 2016 at 12:48 AM, Yedidyah Bar David <didi at redhat.com>
wrote:

> On Fri, Jul 15, 2016 at 3:43 AM, Paul Dyer <pmdyermms at gmail.com> wrote:
> > Hi,
> >
> > thanks, changing 20-setup-ovrit-post.conf fixed the PKI Organization in
> > engine-setup.
> >
> > after engine-setup completed, I was not able to login to the webportal.
>  I
>
> With what user? admin at internal or some external directory user (or
> something
> else)?
>
> Did you get an error message?
>
> Do you still have logs you can/want to share?
>
> > needed to copy the  /etc/pki/ovirt-engine-backup-before-recreation back
> to
> > ovirt-engine in order to login.
>
> But didn't this partially revert your rename?
>
> >   The errors on the webportal were about PKI
> > something.   I didn't get a picture of it. sorry.
>
> Quite likely it's still possible to find in the logs.
>
> >
> >
> >
> >
> >
> > On Thu, Jul 14, 2016 at 1:02 AM, Yedidyah Bar David <didi at redhat.com>
> wrote:
> >>
> >> On Thu, Jul 14, 2016 at 2:58 AM, Paul Dyer <pmdyermms at gmail.com> wrote:
> >> > I am not having any luck.   When I get to step 5 (engine-setup), the
> >> > "PKI
> >> > organization" still has the old domainname???
> >>
> >> You can try editing
> >> /etc/ovirt-engine-setup.conf.d/20-setup-ovirt-post.conf
> >> and delete the line with 'OVESETUP_PKI/organization', then try
> >> engine-setup
> >> again.
> >>
> >> Best,
> >>
> >> >
> >> >           --== CONFIGURATION PREVIEW ==--
> >> >
> >> >           Update Firewall                         : False
> >> >           Host FQDN                               :
> >> > bacchus.xxxcentral.com
> >> >           Engine database secured connection      : False
> >> >           Engine database host                    : localhost
> >> >           Engine database user name               : engine
> >> >           Engine database name                    : engine
> >> >           Engine database port                    : 5432
> >> >           Engine database host name validation    : False
> >> >           DWH database secured connection         : False
> >> >           DWH database host                       : localhost
> >> >           DWH database user name                  :
> ovirt_engine_history
> >> >           DWH database name                       :
> ovirt_engine_history
> >> >           DWH database port                       : 5432
> >> >           DWH database host name validation       : False
> >> >           Engine installation                     : True
> >> >           PKI organization                        : xxxportal.com
> >> >           DWH installation                        : True
> >> >           Backup DWH database                     : True
> >> >           Engine Host FQDN                        :
> >> > bacchus.xxxcentral.com
> >> >           Configure VMConsole Proxy               : False
> >> >           Configure WebSocket Proxy               : False
> >> >
> >> >
> >> > On Sun, Jul 10, 2016 at 2:27 AM, Yedidyah Bar David <didi at redhat.com>
> >> > wrote:
> >> >>
> >> >> On Sat, Jul 9, 2016 at 2:35 AM, Paul Dyer <pmdyermms at gmail.com>
> wrote:
> >> >> > Hi,
> >> >> >
> >> >> > back in 2015, with the first install of ovirt, I used a domain of
> >> >> > xxxportal.com.   Since the client has an xxxcentral.com wildcard
> >> >> > certificate, I added changed the hostname and domainname, and added
> >> >> > the
> >> >> > cert/cacert to the apache webpage.
> >> >> >
> >> >> > The pki on ovirt and vdsm (host) both still have the original
> >> >> > xxxportal.com
> >> >> > domain.   I am looking for a way to wipe away the old domain.
> >> >> >
> >> >> > Do I need to remove the host (not hosted engine), drop the
> >> >> > datacenter/cluster, and build from a clean db?
> >> >>
> >> >> Basically yes. See also:
> >> >>
> >> >>
> >> >>
> >> >>
> https://www.ovirt.org/documentation/how-to/networking/changing-engine-hostname/
> >> >>
> >> >> If you have lots of data in your engine (hosts, VMs etc), you might
> >> >> manage
> >> >> to
> >> >> keep most of it by something like this, didn't try that:
> >> >>
> >> >> 1. Shutdown all VMs and move all hosts to maintenance
> >> >> 2. Stop ovirt-engine service
> >> >> 3. mv /etc/pki/ovirt-engine
> >> >> /etc/pki/ovirt-engine-backup-before-recreation
> >> >> 4. yum reinstall ovirt-engine-backend, or copy back from above backup
> >> >> only these, without the files they hold (for directories), but keep
> >> >> owner/permissions:
> >> >> cacert.template.in  certs  cert.template.in  keys  openssl.conf
> >> >> private  requests
> >> >> 5. engine-setup
> >> >> It will notice pki is removed and recreate it for you
> >> >> You might need to change admin password because it's encrypted with
> >> >> engine's key
>
> Did you change admin password?
>
> Best,
>
> >> >> 6. Connect to web admin, and per host:
> >> >> 6.1. Right click -> Enroll Certificate
> >> >> 6.2. You might need Right-Click -> Reinstall
> >> >> 6.3. Activate
> >> >>
> >> >> This should be enough, more-or-less. You might want, just in case,
> >> >> before step 6,
> >> >> to connect to all hosts and remove stuff under /etc/pki, but I didn't
> >> >> check
> >> >> what exactly.
> >> >>
> >> >> Best,
> >> >> --
> >> >> Didi
> >> >
> >> >
> >> >
> >> >
> >> > --
> >> > Paul Dyer,
> >> > Mercury Consulting Group, RHCE
> >> > 504-302-8750
> >>
> >>
> >>
> >> --
> >> Didi
> >
> >
> >
> >
> > --
> > Paul Dyer,
> > Mercury Consulting Group, RHCE
> > 504-302-8750
>
>
>
> --
> Didi
>



-- 
Paul Dyer,
Mercury Consulting Group, RHCE
504-302-8750
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ovirt.org/pipermail/devel/attachments/20160720/5dbbb88b/attachment-0001.html>

More information about the Devel mailing list