On 4/1/20 11:06 AM, Marcin Sobczyk wrote:
> On 4/1/20 9:51 AM, Marcin Sobczyk wrote:
>> On 4/1/20 8:44 AM, Yedidyah Bar David wrote:
>>> On Wed, Apr 1, 2020 at 6:21 AM <email@example.com>
>>> Previous build 1547 passed!, after many months
of failing, thanks to
>>> Evgeny's work
>>> in recent weeks. Above one failed.
>>> I think the root cause is that the engine tried
to connect to vdsm
>>> right after
>>> successfully finishing ansible host-deploy, but
failed. vdsm.log has:
>>> 2020-03-31 22:58:49,773-0400 ERROR (Reactor
>>> uncaptured python exception, closing channel
>>> ('::ffff:192.168.222.76', 46754, 0, 0) at
>>> 'ssl.SSLError'>:[X509] no certificate or crl
>>> Not sure what might have caused this. Can
anyone have a look? Thanks.
>> Probably caused by https://gerrit.ovirt.org/108016
>> Looking into this.
> Turns out that the patch is not the cause of the error
per se - it simply
> uncovered a different problem - the CA on the hosts is
> [root@lago-basic-suite-master-host-0 certs]# openssl
> /etc/pki/vdsm/certs/cacert.pem -text
> unable to load certificate
> 139987452258112:error:0909006C:PEM routines:get_name:no
> line:crypto/pem/pem_lib.c:745:Expecting: TRUSTED
It looks like they have spaces instead of newlines.
When I manually replaced the spaces to newlines, openssl is
able to read
Martin/Dana, couldn't this be caused
by any recent changes in ansible-runner integrations?