<html>
<head>
<meta content="text/html; charset=utf-8" http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
hi Yaniv,<br>
<br>
When using http request, ovirt tells me " I Failed to communicate
with the external provider." and I get this on the foreman side:<br>
| Started GET "/api/v2" for 192.168.52.116 at 2015-09-25 11:18:32
+0200<br>
2015-09-25 11:18:32 [app] [I] Processing by
Api::V2::HomeController#index as JSON<br>
2015-09-25 11:18:32 [app] [I] Parameters: {"apiv"=>"v2",
"home"=>{}}<br>
2015-09-25 11:18:32 [app] [I] Redirected to
<a class="moz-txt-link-freetext" href="https://euphorbe.v3.abes.fr/api">https://euphorbe.v3.abes.fr/api</a><br>
2015-09-25 11:18:32 [app] [I] Filter chain halted as
#<a class="moz-txt-link-rfc2396E" href="mailto:Proc:0x000000093503a0@/opt/rh/ruby193/root/usr/share/gems/gems/actionpack-3.2.8/lib/action_controller/metal/force_ssl.rb:28"><Proc:0x000000093503a0@/opt/rh/ruby193/root/usr/share/gems/gems/actionpack-3.2.8/lib/action_controller/metal/force_ssl.rb:28></a>
rendered or redirected<br>
2015-09-25 11:18:32 [app] [I] Completed 301 Moved Permanently in 1ms
(ActiveRecord: 0.0ms)<br>
<br>
But no log comes using https on the foreman side and I get "Test
Failed (unknown error)." with 5-09-25 11:25:31,181 ERROR
[org.ovirt.engine.core.bll.GetProviderCertificateChainQuery]
(ajp--127.0.0.1-8702-4) Error in encoding certificate. Error is {}
java.io.IOException: Keystore was tampered with, or password was
incorrect. <br>
I've just updated to 3.5.4 and otopi asked me for renewing the
certificate. May it be the reason of the issue?<br>
<br>
<div class="moz-cite-prefix">Le 25/09/2015 11:14, Yaniv Bronheim a
écrit :<br>
</div>
<blockquote
cite="mid:CANi4b2UqEh5LpbzJi7cYRZnTzNPCD1CAo870tsn+TJ4t5WkTBw@mail.gmail.com"
type="cite">
<div dir="ltr">
<div>Hi Nathanael,</div>
<div><br>
</div>
This error means that the restAPI request to foreman returned an
error. Most of the time it is a communication issue.. but we
can't know much from this report.
<div>Can you please share the production.log file from your
foreman host? </div>
<div>Better to try to add the server as provider, get the error
and then check the production.log file - it will show us if
engine request got to foreman server, the internal fields and
why foreman returned 5050.</div>
<div><br>
</div>
<div>Greeting,</div>
<div>Yaniv Bronhaim.</div>
</div>
<div class="gmail_extra"><br>
<div class="gmail_quote">On Wed, Sep 23, 2015 at 5:31 PM,
Nathanaël Blanchet <span dir="ltr"><<a
moz-do-not-send="true" href="mailto:blanchet@abes.fr"
target="_blank"><a class="moz-txt-link-abbreviated" href="mailto:blanchet@abes.fr">blanchet@abes.fr</a></a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0
.8ex;border-left:1px #ccc solid;padding-left:1ex">Hello,<br>
<br>
I have a working foreman 1.9.1 installed with katello 2.3.<br>
ruby193-rubygem-ovirt_provision_plugin-1.0.1-1.el7 is also
installed on the same host.<br>
But the issue is the same as below when testing in "add
external provider" from ovirt 3.5.4.<br>
What can I do now?<br>
<br>
Le 06/11/2014 12:31, Oved Ourfali a écrit :<br>
<blockquote class="gmail_quote" style="margin:0 0 0
.8ex;border-left:1px #ccc solid;padding-left:1ex">
<br>
----- Original Message -----<br>
<blockquote class="gmail_quote" style="margin:0 0 0
.8ex;border-left:1px #ccc solid;padding-left:1ex">
From: "Daniel Helgenberger" <<a
moz-do-not-send="true"
href="mailto:daniel.helgenberger@m-box.de"
target="_blank"><a class="moz-txt-link-abbreviated" href="mailto:daniel.helgenberger@m-box.de">daniel.helgenberger@m-box.de</a></a>><br>
To: "Oved Ourfali" <<a moz-do-not-send="true"
href="mailto:oourfali@redhat.com" target="_blank">oourfali@redhat.com</a>><br>
Cc: <a moz-do-not-send="true"
href="mailto:users@ovirt.org" target="_blank">users@ovirt.org</a><br>
Sent: Thursday, November 6, 2014 1:29:38 PM<br>
Subject: Re: [ovirt-users] Foreman: Add external
provider (Failed with error PROVIDER_FAILURE and code
5050)<br>
<br>
<br>
<br>
On 06.11.2014 05:47, Oved Ourfali wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0
.8ex;border-left:1px #ccc solid;padding-left:1ex">
These steps are also in the feature page<br>
</blockquote>
Thanks Oved for pointing to the doc; my bad. I was using
the foreman<br>
integration document [1]. Maybe the pages should be
merged?<br>
<br>
</blockquote>
Yaniv - you planned to merge them, right? That would be a
good time...<br>
<br>
<br>
<blockquote class="gmail_quote" style="margin:0 0 0
.8ex;border-left:1px #ccc solid;padding-left:1ex">
<blockquote class="gmail_quote" style="margin:0 0 0
.8ex;border-left:1px #ccc solid;padding-left:1ex">
, but it would be nice if you review them to see
nothing is missing.<br>
<br>
<a moz-do-not-send="true"
href="http://www.ovirt.org/Features/AdvancedForemanIntegration"
rel="noreferrer" target="_blank">http://www.ovirt.org/Features/AdvancedForemanIntegration</a><br>
</blockquote>
With foreman 1.6 (at least) there is no need to enable
the nightly<br>
builds any more as rb-ovirt is resolved by yum.<br>
<br>
Lastly, I think you need to enable foreman_discovery
with the foreman<br>
installer to work and download images:<br>
<br>
# foreman-installer --enable-foreman-plugin-discovery<br>
--foreman-plugin-discovery-install-images=true<br>
<br>
You have that already listed in the testing env setup;
but this needs to<br>
be put in context with installing foreman-ovirt on the
foreman host.<br>
</blockquote>
Yaniv - please add a note there too.<br>
<br>
Daniel - thanks for the review and the comments!<br>
<br>
Regards,<br>
Oved<br>
<br>
<blockquote class="gmail_quote" style="margin:0 0 0
.8ex;border-left:1px #ccc solid;padding-left:1ex">
<blockquote class="gmail_quote" style="margin:0 0 0
.8ex;border-left:1px #ccc solid;padding-left:1ex">
Thanks<br>
Oved<br>
<br>
</blockquote>
[1] <a moz-do-not-send="true"
href="http://www.ovirt.org/Features/ForemanIntegration"
rel="noreferrer" target="_blank">http://www.ovirt.org/Features/ForemanIntegration</a><br>
<br>
<blockquote class="gmail_quote" style="margin:0 0 0
.8ex;border-left:1px #ccc solid;padding-left:1ex">
On Nov 6, 2014 12:40 AM, Daniel Helgenberger <<a
moz-do-not-send="true"
href="mailto:daniel.helgenberger@m-box.de"
target="_blank"><a class="moz-txt-link-abbreviated" href="mailto:daniel.helgenberger@m-box.de">daniel.helgenberger@m-box.de</a></a>><br>
wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0
.8ex;border-left:1px #ccc solid;padding-left:1ex">
Answering my own question; and maybe a very obvious
cause for the<br>
failing provider: the missiAnswering my own
question; and maybe a very<br>
obvious cause for the<br>
</blockquote>
failing provider: the missing provider plugin in
forman!<br>
So one needs to do:<br>
<br>
yum install ruby193-rubygem-ovirt_provision_plugin<br>
<br>
on the foreman host.<br>
<br>
After that, the connection test in the engine comes up
positive. Sadly,<br>
this is not documented anywhere; only on the GitHub
repo readme [1].<br>
This is also a little bit outdated, as the rbovirt
dependency is<br>
resolved now automatically.<br>
<br>
Also, but I am not sure, the porvider lugin needs the
foreman_discovery<br>
plugin to work:<br>
<br>
yum install ruby193-rubygem-foreman_discovery<br>
<br>
[1]<br>
<a moz-do-not-send="true"
href="https://github.com/theforeman/ovirt_provision_plugin/blob/master/README.md"
rel="noreferrer" target="_blank">https://github.com/theforeman/ovirt_provision_plugin/blob/master/README.md</a><br>
<br>
On 29.10.2014 00:36, Daniel Helgenberger wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0
.8ex;border-left:1px #ccc solid;padding-left:1ex">
Hello,<br>
<br>
did anyone actually get this working in oVirt 3.5 /
EL6 - Engine? I am<br>
trying this for two days now.<br>
<br>
Setup:<br>
Engine; EL6.5<br>
Foreman; EL6.5<br>
<br>
Foreman seems to do it's as I can use it to deploy
hosts and also smart<br>
proxies are running fine.<br>
<br>
I have opened a BZ [1]; because this really can not
work out of the box<br>
with EL6 plain vanilla packages. I wonder if this
was ever tested... ?<br>
Java 7 used i n EL6 [4] does only support DH keys up
to 1024byte. This<br>
is known issue in Foreman [2] as longer DH keys are
now used by default<br>
in Foreman / PuppetCA.<br>
A dirty fix confirmed working is adding default DH
parameters to the<br>
foreman cert; effectively disabling it [3].<br>
<br>
So I got SSL working and I get beyond the
authentication (entering wrong<br>
data gets me auth errors)- however, I am still not
able to add the<br>
external provider. Pressing 'test' results in<br>
(Failed with error PROVIDER_FAILURE and code 5050)<br>
<br>
Sample engine.log<br>
2014-10-28 23:49:40,860 ERROR<br>
[org.ovirt.engine.core.bll.provider.TestProviderConnectivityCommand]<br>
(ajp--127.0.0.1-8702-1) [6a3da4e7] Command<br>
org.ovirt.engine.core.bll.provider.TestProviderConnectivityCommand
throw<br>
Vdc Bll exception. With error message
VdcBLLException: PROVIDER_FAILURE<br>
(Failed with error PROVIDER_FAILURE and code 5050)<br>
<br>
I can't find any more hints in oVirt; access logs in
Foreman are telling<br>
me API queries by the engine. Did I miss a crucial
step in the foreman<br>
setup? How can I debug this issue?<br>
<br>
I am willing to upgrade openjdk; provided this does
not break my engine...<br>
<br>
Thanks!<br>
<br>
[1] <a moz-do-not-send="true"
href="https://bugzilla.redhat.com/show_bug.cgi?id=1157749"
rel="noreferrer" target="_blank">https://bugzilla.redhat.com/show_bug.cgi?id=1157749</a><br>
[2] <a moz-do-not-send="true"
href="https://tickets.puppetlabs.com/browse/SERVER-17"
rel="noreferrer" target="_blank">https://tickets.puppetlabs.com/browse/SERVER-17</a><br>
[3] <a moz-do-not-send="true"
href="http://httpd.apache.org/docs/current/ssl/ssl_faq.html#javadh"
rel="noreferrer" target="_blank">http://httpd.apache.org/docs/current/ssl/ssl_faq.html#javadh</a><br>
[4] java-1.7.0-openjdk-1.7.0.65-2.5.1.2.el6_5.x86_64<br>
<br>
</blockquote>
</blockquote>
--<br>
Daniel Helgenberger<br>
m box bewegtbild GmbH<br>
<br>
P: +49/30/2408781-22<br>
F: +49/30/2408781-10<br>
<br>
ACKERSTR. 19<br>
D-10115 BERLIN<br>
<br>
<br>
<a moz-do-not-send="true" href="http://www.m-box.de"
rel="noreferrer" target="_blank">www.m-box.de</a> <a
moz-do-not-send="true" href="http://www.monkeymen.tv"
rel="noreferrer" target="_blank"><a class="moz-txt-link-abbreviated" href="http://www.monkeymen.tv">www.monkeymen.tv</a></a><br>
<br>
Geschäftsführer: Martin Retschitzegger / Michaela
Göllner<br>
Handeslregister: Amtsgericht Charlottenburg / HRB 112767<br>
<br>
</blockquote>
_______________________________________________<br>
Users mailing list<br>
<a moz-do-not-send="true" href="mailto:Users@ovirt.org"
target="_blank">Users@ovirt.org</a><br>
<a moz-do-not-send="true"
href="http://lists.ovirt.org/mailman/listinfo/users"
rel="noreferrer" target="_blank">http://lists.ovirt.org/mailman/listinfo/users</a><br>
</blockquote>
<br>
-- <br>
Nathanaël Blanchet<br>
<br>
Supervision réseau<br>
Pôle Infrastrutures Informatiques<br>
227 avenue Professeur-Jean-Louis-Viala<br>
34193 MONTPELLIER CEDEX 5 <br>
Tél. 33 (0)4 67 54 84 55<br>
Fax 33 (0)4 67 54 84 14<br>
<a moz-do-not-send="true" href="mailto:blanchet@abes.fr"
target="_blank">blanchet@abes.fr</a><br>
<br>
_______________________________________________<br>
Users mailing list<br>
<a moz-do-not-send="true" href="mailto:Users@ovirt.org"
target="_blank">Users@ovirt.org</a><br>
<a moz-do-not-send="true"
href="http://lists.ovirt.org/mailman/listinfo/users"
rel="noreferrer" target="_blank">http://lists.ovirt.org/mailman/listinfo/users</a><br>
</blockquote>
</div>
<br>
<br clear="all">
<div><br>
</div>
-- <br>
<div class="gmail_signature">
<div dir="ltr">
<div>
<div dir="ltr">
<div><span style="font-size:12.8px"><b>Yaniv Bronhaim.</b></span><br>
</div>
</div>
</div>
</div>
</div>
</div>
</blockquote>
<br>
<pre class="moz-signature" cols="72">--
Nathanaël Blanchet
Supervision réseau
Pôle Infrastrutures Informatiques
227 avenue Professeur-Jean-Louis-Viala
34193 MONTPELLIER CEDEX 5
Tél. 33 (0)4 67 54 84 55
Fax 33 (0)4 67 54 84 14
<a class="moz-txt-link-abbreviated" href="mailto:blanchet@abes.fr">blanchet@abes.fr</a> </pre>
</body>
</html>