4:16 p.m.
On 7/29/19 1:14 PM, Amit Bawer wrote:
Reviving the mail-thread, checking for Non-TLS host-engine
communication resolution:
Current master base for PoC RHEL8 host is:
commit cfe7b11c71c1bf0dada89a8209c8d544b0d0f138 (vdsm-master/master)
Author: Marcin Sobczyk <msobczyk(a)redhat.com <mailto:msobczyk@redhat.com>>
Date: Fri Jul 12 12:54:57 2019 +0200
When trying to "Run" VM on RHEL8 vdsm.log shows following failure trace:
9-07-29 06:58:49,140-0400 INFO (vm/f62ae48a) [virt.vm]
(vmId='f62ae48a-4e6f-4763-9a66-48e04708a2b5') <?xml version='1.0'
encoding='utf-8'?>
<domain xmlns:ns0="http://ovirt.org/vm/tune/1.0"
xmlns:ovirt-vm="http://ovirt.org/vm/1.0" type="kvm">
<name>vm1</name>
<uuid>f62ae48a-4e6f-4763-9a66-48e04708a2b5</uuid>
<memory>1048576</memory>
<currentMemory>1048576</currentMemory>
<iothreads>1</iothreads>
<maxMemory slots="16">4194304</maxMemory>
<vcpu current="1">16</vcpu>
<sysinfo type="smbios">
<system>
<entry name="manufacturer">oVirt</entry>
<entry name="product">RHEL</entry>
<entry name="version">8.0-0.44.el8</entry>
<entry
name="serial">e5825ba8-473e-4821-829a-bc6dbbe79617</entry>
<entry
name="uuid">f62ae48a-4e6f-4763-9a66-48e04708a2b5</entry>
</system>
</sysinfo>
<clock adjustment="0" offset="variable">
<timer name="rtc" tickpolicy="catchup" />
<timer name="pit" tickpolicy="delay" />
<timer name="hpet" present="no" />
</clock>
<features>
<acpi />
</features>
<cpu match="exact">
<model>SandyBridge</model>
<topology cores="1" sockets="16" threads="1"
/>
<numa>
<cell cpus="0-15" id="0" memory="1048576"
/>
</numa>
</cpu>
<cputune />
<devices>
<input bus="usb" type="tablet" />
<channel type="unix">
<target name="ovirt-guest-agent.0" type="virtio"
/>
<source mode="bind"
path="/var/lib/libvirt/qemu/channels/f62ae48a-4e6f-4763-9a66-48e04708a2b5.ovirt-guest-agent.0"
/>
</channel>
<channel type="unix">
<target name="org.qemu.guest_agent.0" type="virtio"
/>
<source mode="bind"
path="/var/lib/libvirt/qemu/channels/f62ae48a-4e6f-4763-9a66-48e04708a2b5.org.qemu.guest_agent.0"
/>
</channel>
<rng model="virtio">
<backend model="random">/dev/urandom</backend>
<alias name="ua-06642ecb-5d30-4119-a939-ee8792dee24b" />
</rng>
<video>
<model heads="1" ram="65536" type="qxl"
vgamem="16384"
vram="8192" />
<alias name="ua-5b36baa2-cc27-4840-b309-bd1a4bbbab2c" />
</video>
<graphics autoport="yes" keymap="en-us"
passwd="*****"
passwdValidTo="1970-01-01T00:00:01" port="-1"
type="vnc">
<listen network="vdsm-ovirtmgmt" type="network" />
</graphics>
<memballoon model="virtio">
<stats period="5" />
<alias name="ua-b1b3f8c9-0d05-4675-9ab5-28a228d68c54" />
</memballoon>
<graphics autoport="yes" passwd="*****"
passwdValidTo="1970-01-01T00:00:01" port="-1" tlsPort="-1"
type="spice">
<channel mode="secure" name="main" />
<channel mode="secure" name="inputs" />
<channel mode="secure" name="cursor" />
<channel mode="secure" name="playback" />
<channel mode="secure" name="record" />
<channel mode="secure" name="display" />
<channel mode="secure" name="smartcard" />
<channel mode="secure" name="usbredir" />
<listen network="vdsm-ovirtmgmt" type="network" />
</graphics>
<channel type="spicevmc">
<target name="com.redhat.spice.0" type="virtio" />
</channel>
<disk device="cdrom" snapshot="no"
type="file">
<driver error_policy="report" name="qemu"
type="raw" />
<source file="" startupPolicy="optional">
<seclabel model="dac" relabel="no"
type="none" />
</source>
<target bus="ide" dev="hdc" />
<readonly />
<alias name="ua-ffd6c93f-62e0-4d6d-a510-03e8a02644ad" />
</disk>
<disk device="disk" snapshot="no"
type="file">
<target bus="virtio" dev="vda" />
<source
file="/rhev/data-center/mnt/10.35.0.136:_exports_data/8a68eacc-0e0e-436a-bb25-c498c9f5f749/images/111de599-2afa-4dbb-9a99-3378ece66187/61e1e186-f289-4ffa-b59e-af90bde5db65">
<seclabel model="dac" relabel="no"
type="none" />
</source>
<driver cache="none" error_policy="stop"
io="threads"
iothread="1" name="qemu" type="raw" />
<alias name="ua-111de599-2afa-4dbb-9a99-3378ece66187" />
<serial>111de599-2afa-4dbb-9a99-3378ece66187</serial>
</disk>
</devices>
<pm>
<suspend-to-disk enabled="no" />
<suspend-to-mem enabled="no" />
</pm>
<os>
<type arch="x86_64"
machine="pc-i440fx-rhel7.6.0">hvm</type>
<smbios mode="sysinfo" />
</os>
<metadata>
<ns0:qos />
<ovirt-vm:vm>
<ovirt-vm:minGuaranteedMemoryMb
type="int">1024</ovirt-vm:minGuaranteedMemoryMb>
<ovirt-vm:clusterVersion>4.4</ovirt-vm:clusterVersion>
<ovirt-vm:custom />
<ovirt-vm:device devtype="disk" name="vda">
<ovirt-vm:poolID>dab8cf3a-a969-11e9-84eb-080027624b78</ovirt-vm:poolID>
<ovirt-vm:volumeID>61e1e186-f289-4ffa-b59e-af90bde5db65</ovirt-vm:volumeID>
<ovirt-vm:imageID>111de599-2afa-4dbb-9a99-3378ece66187</ovirt-vm:imageID>
<ovirt-vm:domainID>8a68eacc-0e0e-436a-bb25-c498c9f5f749</ovirt-vm:domainID>
</ovirt-vm:device>
<ovirt-vm:launchPaused>false</ovirt-vm:launchPaused>
<ovirt-vm:resumeBehavior>auto_resume</ovirt-vm:resumeBehavior>
</ovirt-vm:vm>
</metadata>
</domain>
(vm:2570)
2019-07-29 06:58:49,845-0400 ERROR (vm/f62ae48a) [virt.vm]
(vmId='f62ae48a-4e6f-4763-9a66-48e04708a2b5') The vm start process
failed (vm:841)
Traceback (most recent call last):
File "/usr/lib/python3.6/site-packages/vdsm/virt/vm.py", line 775,
in _startUnderlyingVm
self._run()
File "/usr/lib/python3.6/site-packages/vdsm/virt/vm.py", line 2575,
in _run
dom.createWithFlags(flags)
File
"/usr/lib/python3.6/site-packages/vdsm/common/libvirtconnection.py",
line 131, in wrapper
ret = f(*args, **kwargs)
File "/usr/lib/python3.6/site-packages/vdsm/common/function.py",
line 94, in wrapper
return func(inst, *args, **kwargs)
File "/usr/lib64/python3.6/site-packages/libvirt.py", line 1110, in
createWithFlags
if ret == -1: raise libvirtError ('virDomainCreateWithFlags()
failed', dom=self)
libvirt.libvirtError: unsupported configuration: Auto allocation of
spice TLS port requested but spice TLS is disabled in qemu.conf
2019-07-29 06:58:49,845-0400 INFO (vm/f62ae48a) [virt.vm]
(vmId='f62ae48a-4e6f-4763-9a66-48e04708a2b5') Changed state to Down:
unsupported configuration: Auto allocation of spice TLS port requested
but spice TLS is disabled in qemu.conf (code=1) (vm:1595)
2019-07-29 06:58:49,875-0400 INFO (vm/f62ae48a) [virt.vm]
(vmId='f62ae48a-4e6f-4763-9a66-48e04708a2b5') Stopping connection
(guestagent:455)
2019-07-29 06:58:49,875-0400 DEBUG (vm/f62ae48a)
[jsonrpc.Notification] Sending event {"jsonrpc": "2.0",
"method":
"|virt|VM_status|f62ae48a-4e6f-4763-9a66-48e04708a2b5", "params":
{"f62ae48a-4e6f-4763-9a66-48e04708a2b5": {"status": "Down",
"vmId":
"f62ae48a-4e6f-4763-9a66-48e04708a2b5", "exitCode": 1,
"exitMessage":
"unsupported configuration: Auto allocation of spice TLS port
requested but spice TLS is disabled in qemu.conf", "exitReason": 1},
"notify_time": 4883259290}} (__init__:181)
I'm definitely not a libvirt expert and not sure if it will work, but if
you have my 'py3-hooks' patch in your tree and per [1], you can tree
forcing the VM to run with insecure spice:
cat << EOF > /usr/libexec/vdsm/hooks/before_vm_start/insecure_spice.sh
#!/bin/bash
sed -i 's/secure/insecure/' "$_hook_domxml"
sed -i 's/tlsPort="-1"//' "$_hook_domxml"
EOF
chmod +x /usr/libexec/vdsm/hooks/before_vm_start/insecure_spice.sh
[1]
https://github.com/libvirt/libvirt/blob/3f93884a4d047a012b968c62b94ea07da...
On Wed, Jul 24, 2019 at 12:09 PM Amit Bawer <abawer(a)redhat.com
<mailto:abawer@redhat.com>> wrote:
On Wed, Jul 24, 2019 at 12:02 PM Michal Skrivanek
<michal.skrivanek(a)redhat.com <mailto:michal.skrivanek@redhat.com>>
wrote:
> On 24 Jul 2019, at 10:36, Amit Bawer <abawer(a)redhat.com
> <mailto:abawer@redhat.com>> wrote:
>
> Per +Milan Zamazal <mailto:mzamazal@redhat.com> comment,
> adding +devel <mailto:devel@ovirt.org>
>
> On Wed, Jul 24, 2019 at 11:32 AM Michal Skrivanek
> <michal.skrivanek(a)redhat.com
> <mailto:michal.skrivanek@redhat.com>> wrote:
>
>
>
>> On 24 Jul 2019, at 10:24, Amit Bawer <abawer(a)redhat.com
>> <mailto:abawer@redhat.com>> wrote:
>>
>> Thanks, applied the fixed patch.
>>
>> No I am punished for choosing not to work with SSL/TLS
>> in Vdsm when trying to "Run" VM.
>> - Any known workaround for this?
>
yes, vdsm-tool reconfigure
"vdsm-tool reconfigure" is not a valid option.
>
> That’s part of the ongoing fixes, please don’t discuss
> this privately, this belongs to devel@ list.
> Many people are struggling with the same issues while
> they’re working on their areas, and we need complete
> visibility
>
>>
>> 24 04:04:54,610-0400 INFO (vm/01de706d) [virt.vm]
>> (vmId='01de706d-ee4c-484f-a17f-6b3355adf047') <?xml
>> version='1.0' encoding='utf-8'?>
>> <domain xmlns:ns0="http://ovirt.org/vm/tune/1.0"
>> xmlns:ovirt-vm="http://ovirt.org/vm/1.0"
type="kvm">
>> <name>vm1</name>
>> <uuid>01de706d-ee4c-484f-a17f-6b3355adf047</uuid>
>> <memory>1048576</memory>
>> <currentMemory>1048576</currentMemory>
>> <iothreads>1</iothreads>
>> <maxMemory slots="16">4194304</maxMemory>
>> <vcpu current="1">16</vcpu>
>> <sysinfo type="smbios">
>> <system>
>> <entry
name="manufacturer">oVirt</entry>
>> <entry name="product">RHEL</entry>
>> <entry
name="version">8.0-0.44.el8</entry>
>> <entry
>>
name="serial">e5825ba8-473e-4821-829a-bc6dbbe79617</entry>
>> <entry
>>
name="uuid">01de706d-ee4c-484f-a17f-6b3355adf047</entry>
>> </system>
>> </sysinfo>
>> <clock adjustment="0"
offset="variable">
>> <timer name="rtc" tickpolicy="catchup"
/>
>> <timer name="pit" tickpolicy="delay"
/>
>> <timer name="hpet" present="no" />
>> </clock>
>> <features>
>> <acpi />
>> </features>
>> <cpu match="exact">
>> <model>SandyBridge</model>
>> <topology cores="1" sockets="16"
threads="1" />
>> <numa>
>> <cell cpus="0-15" id="0"
memory="1048576" />
>> </numa>
>> </cpu>
>> <cputune />
>> <devices>
>> <input bus="usb" type="tablet" />
>> <channel type="unix">
>> <target name="ovirt-guest-agent.0"
>> type="virtio" />
>> <source mode="bind"
>>
path="/var/lib/libvirt/qemu/channels/01de706d-ee4c-484f-a17f-6b3355adf047.ovirt-guest-agent.0"
>> />
>> </channel>
>> <channel type="unix">
>> <target name="org.qemu.guest_agent.0"
>> type="virtio" />
>> <source mode="bind"
>>
path="/var/lib/libvirt/qemu/channels/01de706d-ee4c-484f-a17f-6b3355adf047.org.qemu.guest_agent.0"
>> />
>> </channel>
>> <rng model="virtio">
>> <backend
model="random">/dev/urandom</backend>
>> <alias
>> name="ua-117e932d-e465-40d6-9005-bf7d7eb22023" />
>> </rng>
>> <graphics autoport="yes"
passwd="*****"
>> passwdValidTo="1970-01-01T00:00:01" port="-1"
>> tlsPort="-1" type="spice">
>> <channel mode="secure" name="main"
/>
>> <channel mode="secure"
name="inputs" />
>> <channel mode="secure"
name="cursor" />
>> <channel mode="secure"
name="playback" />
>> <channel mode="secure"
name="record" />
>> <channel mode="secure"
name="display" />
>> <channel mode="secure"
name="smartcard" />
>> <channel mode="secure"
name="usbredir" />
>> <listen network="vdsm-ovirtmgmt"
>> type="network" />
>> </graphics>
>> <controller index="0"
model="piix3-uhci"
>> type="usb" />
>> <controller index="0"
model="virtio-scsi"
>> type="scsi">
>> <driver iothread="1" />
>> <alias
>> name="ua-73437643-3c01-4763-b8ef-c4275527606b" />
>> </controller>
>> <graphics autoport="yes"
keymap="en-us"
>> passwd="*****"
passwdValidTo="1970-01-01T00:00:01"
>> port="-1" type="vnc">
>> <listen network="vdsm-ovirtmgmt"
>> type="network" />
>> </graphics>
>> <memballoon model="virtio">
>> <stats period="5" />
>> <alias
>> name="ua-93d69b50-e010-4879-80db-713ee4a11727" />
>> </memballoon>
>> <controller index="0" ports="16"
>> type="virtio-serial">
>> <alias
>> name="ua-cd3edc3f-25c5-4fef-b555-cedf45c86adc" />
>> </controller>
>> <video>
>> <model heads="1" ram="65536"
type="qxl"
>> vgamem="16384" vram="8192" />
>> <alias
>> name="ua-d660095f-dfe6-4f2c-aa76-c3525fb6244e" />
>> </video>
>> <channel type="spicevmc">
>> <target name="com.redhat.spice.0"
>> type="virtio" />
>> </channel>
>> <disk device="cdrom" snapshot="no"
type="file">
>> <driver error_policy="report"
name="qemu"
>> type="raw" />
>> <source file=""
startupPolicy="optional">
>> <seclabel model="dac"
relabel="no"
>> type="none" />
>> </source>
>> <target bus="ide" dev="hdc" />
>> <readonly />
>> <alias
>> name="ua-917aea8a-bc4b-4d15-8580-a0c442e925ee" />
>> </disk>
>> <disk device="disk" snapshot="no"
type="file">
>> <target bus="scsi" dev="sda"
/>
>> <source
>>
file="/rhev/data-center/mnt/10.35.1.6:_exports_data/f49de997-9fb7-4ef8-82bd-f5b97ba31fb0/images/7dee6442-1838-48dd-892a-86fb96a85737/da070fc0-4af5-406e-bf2b-2cf4d89eb276">
>> <seclabel model="dac"
relabel="no"
>> type="none" />
>> </source>
>> <driver cache="none"
error_policy="stop"
>> io="threads" name="qemu" type="raw"
/>
>> <alias
>> name="ua-7dee6442-1838-48dd-892a-86fb96a85737" />
>> <address bus="0" controller="0"
target="0"
>> type="drive" unit="0" />
>> <boot order="1" />
>> <serial>7dee6442-1838-48dd-892a-86fb96a85737</serial>
>> </disk>
>> </devices>
>> <pm>
>> <suspend-to-disk enabled="no" />
>> <suspend-to-mem enabled="no" />
>> </pm>
>> <os>
>> <type arch="x86_64"
>> machine="pc-i440fx-rhel7.6.0">hvm</type>
>> <smbios mode="sysinfo" />
>> </os>
>> <metadata>
>> <ns0:qos />
>> <ovirt-vm:vm>
>> <ovirt-vm:minGuaranteedMemoryMb
>> type="int">1024</ovirt-vm:minGuaranteedMemoryMb>
>> <ovirt-vm:clusterVersion>4.4</ovirt-vm:clusterVersion>
>> <ovirt-vm:custom />
>> <ovirt-vm:device devtype="disk"
name="sda">
>>
<ovirt-vm:poolID>dab8cf3a-a969-11e9-84eb-080027624b78</ovirt-vm:poolID>
>>
<ovirt-vm:volumeID>da070fc0-4af5-406e-bf2b-2cf4d89eb276</ovirt-vm:volumeID>
>>
<ovirt-vm:imageID>7dee6442-1838-48dd-892a-86fb96a85737</ovirt-vm:imageID>
>>
<ovirt-vm:domainID>f49de997-9fb7-4ef8-82bd-f5b97ba31fb0</ovirt-vm:domainID>
>> </ovirt-vm:device>
>> <ovirt-vm:launchPaused>false</ovirt-vm:launchPaused>
>>
<ovirt-vm:resumeBehavior>auto_resume</ovirt-vm:resumeBehavior>
>> </ovirt-vm:vm>
>> </metadata>
>> </domain>
>> (vm:2570)
>> 2019-07-24 04:04:55,348-0400 ERROR (vm/01de706d)
>> [virt.vm] (vmId='01de706d-ee4c-484f-a17f-6b3355adf047')
>> The vm start process failed (vm:841)
>> Traceback (most recent call last):
>> File
>> "/usr/lib/python3.6/site-packages/vdsm/virt/vm.py", line
>> 775, in _startUnderlyingVm
>> self._run()
>> File
>> "/usr/lib/python3.6/site-packages/vdsm/virt/vm.py", line
>> 2575, in _run
>> dom.createWithFlags(flags)
>> File
>>
"/usr/lib/python3.6/site-packages/vdsm/common/libvirtconnection.py",
>> line 131, in wrapper
>> ret = f(*args, **kwargs)
>> File
>>
"/usr/lib/python3.6/site-packages/vdsm/common/function.py",
>> line 94, in wrapper
>> return func(inst, *args, **kwargs)
>> File "/usr/lib64/python3.6/site-packages/libvirt.py",
>> line 1110, in createWithFlags
>> if ret == -1: raise libvirtError
>> ('virDomainCreateWithFlags() failed', dom=self)
>> libvirt.libvirtError: unsupported configuration: Auto
>> allocation of spice TLS port requested but spice TLS is
>> disabled in qemu.conf
>> 2019-07-24 04:04:55,348-0400 INFO (vm/01de706d)
>> [virt.vm] (vmId='01de706d-ee4c-484f-a17f-6b3355adf047')
>> Changed state to Down: unsupported configuration: Auto
>> allocation of spice TLS port requested but spice TLS is
>> disabled in qemu.conf (code=1) (vm:1595)
>> 2019-07-24 04:04:55,525-0400 INFO (vm/01de706d)
>> [virt.vm] (vmId='01de706d-ee4c-484f-a17f-6b3355adf047')
>> Stopping connection (guestagent:455)
>> 2019-07-24 04:04:55,525-0400 DEBUG (vm/01de706d)
>> [jsonrpc.Notification] Sending event {"jsonrpc":
"2.0",
>> "method":
>> "|virt|VM_status|01de706d-ee4c-484f-a17f-6b3355adf047",
>> "params":
{"01de706d-ee4c-484f-a17f-6b3355adf047":
>> {"status": "Down", "vmId":
>> "01de706d-ee4c-484f-a17f-6b3355adf047",
"exitCode": 1,
>> "exitMessage": "unsupported configuration: Auto
>> allocation of spice TLS port requested but spice TLS is
>> disabled in qemu.conf", "exitReason": 1},
"notify_time":
>> 4440824940}} (__init__:181)
>