oVirt messages from engine to vdsm
Hello everyone! Currently I want to determine what information is included in messages passing from oVirt engine to VDSM on ovirt-node. I made up a really simple configuration with one VM representing engine, another - node, a managed to successfully launch a single VM on this node. However, I have chosen to configure everything automatically. Currently traffic is encrypted with default certificates. So, there are three options for me and no one of them really works. 1) Find the format of messages ( what the fields are, session id for example) in docs, but I didn't manage to find it; 2) Use wireshark to decrypt the traffic and the apply maybe a json -dissector to the decrypted data. I have tried many solutions ( thanks god I have rsa private and public keys but there is another session key which is generated every time engine starts to communicate with vdsm, which I cannot get with the help of sslkeylog file or ld_preload technology. Maybe someone knows the exact methodology how to do this correctly? 3) Turn off ssl in oVirt. It is simple to do that for vdsm, but for engine, according to answers on oVirt site, I should do 2 requests to the database. I was really surprised that psql was not installed by oVirt on my system. How did it then created a default database? ( I have chosen to create all locally and with default configurations). I mean these two commands : https://www.ovirt.org/develop/ developer-guide/vdsm/connecting-development-vdsm-to-engine/ . I have a following error there : psql: FATAL: Peer authentication failed for user "engine" Could you please guide my what method is the best and how should I correct my faults there?
Hi, I think what you are looking for is mostly this: https://github.com/oVirt/vdsm/blob/master/lib/vdsm/api/vdsm-api.yml The best way to see what the traffic is is to disable SSL. The postgres database is installed and accessible using the postgres user (the engine user is not allowed to access it directly). You might also be interested in the vdsm fake project we use as node simulator. Its readme will tell you exactly how to do this: https://github.com/oVirt/ovirt-vdsmfake I wrote an article some time ago that explained how to setup a development environment without real hosts: https://www.ovirt.org/blog/2016/11/testing-ovirt-changes-without-cluster/ Might I ask what you goal is? Best regards -- Martin Sivak SLA / oVirt On Sun, May 6, 2018 at 6:26 AM, Anastasiya Ruzhanskaya <anastasiya.ruzhanskaya@frtk.ru> wrote:
Hello everyone! Currently I want to determine what information is included in messages passing from oVirt engine to VDSM on ovirt-node.
I made up a really simple configuration with one VM representing engine, another - node, a managed to successfully launch a single VM on this node. However, I have chosen to configure everything automatically. Currently traffic is encrypted with default certificates. So, there are three options for me and no one of them really works.
1) Find the format of messages ( what the fields are, session id for example) in docs, but I didn't manage to find it; 2) Use wireshark to decrypt the traffic and the apply maybe a json -dissector to the decrypted data. I have tried many solutions ( thanks god I have rsa private and public keys but there is another session key which is generated every time engine starts to communicate with vdsm, which I cannot get with the help of sslkeylog file or ld_preload technology. Maybe someone knows the exact methodology how to do this correctly?
3) Turn off ssl in oVirt. It is simple to do that for vdsm, but for engine, according to answers on oVirt site, I should do 2 requests to the database. I was really surprised that psql was not installed by oVirt on my system. How did it then created a default database? ( I have chosen to create all locally and with default configurations). I mean these two commands : https://www.ovirt.org/develop/developer-guide/vdsm/connecting-development-vd... . I have a following error there : psql: FATAL: Peer authentication failed for user "engine"
Could you please guide my what method is the best and how should I correct my faults there?
_______________________________________________ Devel mailing list Devel@ovirt.org http://lists.ovirt.org/mailman/listinfo/devel
As a part of my university diploma, we are making kind of access control tool as a firewall without dependence on oVirt roles ( this tool should actually work for all libvirt based virtualization products for KVM). It should be similar to Hytrust products or these ones http://en.securitycode.ru/vGate//. So my work is to find out what information I can use from the RPC calls and from where I can get an information about the user. 2018-05-07 11:00 GMT+03:00 Martin Sivak <msivak@redhat.com>:
Hi,
I think what you are looking for is mostly this: https://github.com/oVirt/vdsm/blob/master/lib/vdsm/api/vdsm-api.yml
The best way to see what the traffic is is to disable SSL. The postgres database is installed and accessible using the postgres user (the engine user is not allowed to access it directly).
You might also be interested in the vdsm fake project we use as node simulator. Its readme will tell you exactly how to do this: https://github.com/oVirt/ovirt-vdsmfake
I wrote an article some time ago that explained how to setup a development environment without real hosts: https://www.ovirt.org/blog/2016/11/testing-ovirt-changes-without-cluster/
Might I ask what you goal is?
Best regards
-- Martin Sivak SLA / oVirt
On Sun, May 6, 2018 at 6:26 AM, Anastasiya Ruzhanskaya <anastasiya.ruzhanskaya@frtk.ru> wrote:
Hello everyone! Currently I want to determine what information is included in messages passing from oVirt engine to VDSM on ovirt-node.
I made up a really simple configuration with one VM representing engine, another - node, a managed to successfully launch a single VM on this node. However, I have chosen to configure everything automatically. Currently traffic is encrypted with default certificates. So, there are three options for me and no one of them really works.
1) Find the format of messages ( what the fields are, session id for example) in docs, but I didn't manage to find it; 2) Use wireshark to decrypt the traffic and the apply maybe a json -dissector to the decrypted data. I have tried many solutions ( thanks god I have rsa private and public keys but there is another session key which is generated every time engine starts to communicate with vdsm, which I cannot get with the help of sslkeylog file or ld_preload technology. Maybe someone knows the exact methodology how to do this correctly?
3) Turn off ssl in oVirt. It is simple to do that for vdsm, but for engine, according to answers on oVirt site, I should do 2 requests to the database. I was really surprised that psql was not installed by oVirt on my system. How did it then created a default database? ( I have chosen to create all locally and with default configurations). I mean these two commands : https://www.ovirt.org/develop/developer-guide/vdsm/ connecting-development-vdsm-to-engine/ . I have a following error there : psql: FATAL: Peer authentication failed for user "engine"
Could you please guide my what method is the best and how should I correct my faults there?
_______________________________________________ Devel mailing list Devel@ovirt.org http://lists.ovirt.org/mailman/listinfo/devel
If the engine user is not accessible directly, why then in this command you use it?: psql -U engine engine -c "UPDATE vdc_options set option_value = 'false' WHERE option_name = 'SSLEnabled';" I am not really good in managing databases, I also didn't have postgresql installed after finishing oVirt engine installation and even managing to deploy everything. Does it mean that no database was created at all? I have chosen automatic and local creation in all fields related to database while installing oVirt engine. 2018-05-07 11:00 GMT+03:00 Martin Sivak <msivak@redhat.com>:
Hi,
I think what you are looking for is mostly this: https://github.com/oVirt/vdsm/blob/master/lib/vdsm/api/vdsm-api.yml
The best way to see what the traffic is is to disable SSL. The postgres database is installed and accessible using the postgres user (the engine user is not allowed to access it directly).
You might also be interested in the vdsm fake project we use as node simulator. Its readme will tell you exactly how to do this: https://github.com/oVirt/ovirt-vdsmfake
I wrote an article some time ago that explained how to setup a development environment without real hosts: https://www.ovirt.org/blog/2016/11/testing-ovirt-changes-without-cluster/
Might I ask what you goal is?
Best regards
-- Martin Sivak SLA / oVirt
On Sun, May 6, 2018 at 6:26 AM, Anastasiya Ruzhanskaya <anastasiya.ruzhanskaya@frtk.ru> wrote:
Hello everyone! Currently I want to determine what information is included in messages passing from oVirt engine to VDSM on ovirt-node.
I made up a really simple configuration with one VM representing engine, another - node, a managed to successfully launch a single VM on this node. However, I have chosen to configure everything automatically. Currently traffic is encrypted with default certificates. So, there are three options for me and no one of them really works.
1) Find the format of messages ( what the fields are, session id for example) in docs, but I didn't manage to find it; 2) Use wireshark to decrypt the traffic and the apply maybe a json -dissector to the decrypted data. I have tried many solutions ( thanks god I have rsa private and public keys but there is another session key which is generated every time engine starts to communicate with vdsm, which I cannot get with the help of sslkeylog file or ld_preload technology. Maybe someone knows the exact methodology how to do this correctly?
3) Turn off ssl in oVirt. It is simple to do that for vdsm, but for engine, according to answers on oVirt site, I should do 2 requests to the database. I was really surprised that psql was not installed by oVirt on my system. How did it then created a default database? ( I have chosen to create all locally and with default configurations). I mean these two commands : https://www.ovirt.org/develop/developer-guide/vdsm/ connecting-development-vdsm-to-engine/ . I have a following error there : psql: FATAL: Peer authentication failed for user "engine"
Could you please guide my what method is the best and how should I correct my faults there?
_______________________________________________ Devel mailing list Devel@ovirt.org http://lists.ovirt.org/mailman/listinfo/devel
Hi, you must have postgresql installed or the engine would not work. I see I used the engine user there (the second engine is the database name), but both vdsm fake and my personal notes say to use postgres user. sudo -i -u postgres export ENGINE_DB=dbname psql $ENGINE_DB -c "UPDATE vdc_options set option_value = 'false' WHERE option_name = 'SSLEnabled';" psql $ENGINE_DB -c "UPDATE vdc_options set option_value = 'false' WHERE option_name = 'EncryptHostCommunication';" So I must have done something differently at that time (the article was written in 2016). Best regards Martin Sivak On Mon, May 7, 2018 at 10:40 AM, Anastasiya Ruzhanskaya <anastasiya.ruzhanskaya@frtk.ru> wrote:
If the engine user is not accessible directly, why then in this command you use it?:
psql -U engine engine -c "UPDATE vdc_options set option_value = 'false' WHERE option_name = 'SSLEnabled';"
I am not really good in managing databases, I also didn't have postgresql installed after finishing oVirt engine installation and even managing to deploy everything. Does it mean that no database was created at all? I have chosen automatic and local creation in all fields related to database while installing oVirt engine.
2018-05-07 11:00 GMT+03:00 Martin Sivak <msivak@redhat.com>:
Hi,
I think what you are looking for is mostly this: https://github.com/oVirt/vdsm/blob/master/lib/vdsm/api/vdsm-api.yml
The best way to see what the traffic is is to disable SSL. The postgres database is installed and accessible using the postgres user (the engine user is not allowed to access it directly).
You might also be interested in the vdsm fake project we use as node simulator. Its readme will tell you exactly how to do this: https://github.com/oVirt/ovirt-vdsmfake
I wrote an article some time ago that explained how to setup a development environment without real hosts: https://www.ovirt.org/blog/2016/11/testing-ovirt-changes-without-cluster/
Might I ask what you goal is?
Best regards
-- Martin Sivak SLA / oVirt
On Sun, May 6, 2018 at 6:26 AM, Anastasiya Ruzhanskaya <anastasiya.ruzhanskaya@frtk.ru> wrote:
Hello everyone! Currently I want to determine what information is included in messages passing from oVirt engine to VDSM on ovirt-node.
I made up a really simple configuration with one VM representing engine, another - node, a managed to successfully launch a single VM on this node. However, I have chosen to configure everything automatically. Currently traffic is encrypted with default certificates. So, there are three options for me and no one of them really works.
1) Find the format of messages ( what the fields are, session id for example) in docs, but I didn't manage to find it; 2) Use wireshark to decrypt the traffic and the apply maybe a json -dissector to the decrypted data. I have tried many solutions ( thanks god I have rsa private and public keys but there is another session key which is generated every time engine starts to communicate with vdsm, which I cannot get with the help of sslkeylog file or ld_preload technology. Maybe someone knows the exact methodology how to do this correctly?
3) Turn off ssl in oVirt. It is simple to do that for vdsm, but for engine, according to answers on oVirt site, I should do 2 requests to the database. I was really surprised that psql was not installed by oVirt on my system. How did it then created a default database? ( I have chosen to create all locally and with default configurations). I mean these two commands :
https://www.ovirt.org/develop/developer-guide/vdsm/connecting-development-vd... . I have a following error there : psql: FATAL: Peer authentication failed for user "engine"
Could you please guide my what method is the best and how should I correct my faults there?
_______________________________________________ Devel mailing list Devel@ovirt.org http://lists.ovirt.org/mailman/listinfo/devel
On Mon, May 7, 2018 at 11:40 AM, Anastasiya Ruzhanskaya < anastasiya.ruzhanskaya@frtk.ru> wrote:
If the engine user is not accessible directly, why then in this command you use it?:
psql -U engine engine -c "UPDATE vdc_options set option_value = 'false' WHERE option_name = 'SSLEnabled';"
I am not really good in managing databases, I also didn't have postgresql installed after finishing oVirt engine installation and even managing to deploy everything. Does it mean that no database was created at all? I have chosen automatic and local creation in all fields related to database while installing oVirt engine.
Can you paste the output of the following command rpm -qa |grep postgres
2018-05-07 11:00 GMT+03:00 Martin Sivak <msivak@redhat.com>:
Hi,
I think what you are looking for is mostly this: https://github.com/oVirt/vdsm/blob/master/lib/vdsm/api/vdsm-api.yml
The best way to see what the traffic is is to disable SSL. The postgres database is installed and accessible using the postgres user (the engine user is not allowed to access it directly).
You might also be interested in the vdsm fake project we use as node simulator. Its readme will tell you exactly how to do this: https://github.com/oVirt/ovirt-vdsmfake
I wrote an article some time ago that explained how to setup a development environment without real hosts: https://www.ovirt.org/blog/2016/11/testing-ovirt-changes-without-cluster/
Might I ask what you goal is?
Best regards
-- Martin Sivak SLA / oVirt
On Sun, May 6, 2018 at 6:26 AM, Anastasiya Ruzhanskaya <anastasiya.ruzhanskaya@frtk.ru> wrote:
Hello everyone! Currently I want to determine what information is included in messages passing from oVirt engine to VDSM on ovirt-node.
I made up a really simple configuration with one VM representing engine, another - node, a managed to successfully launch a single VM on this node. However, I have chosen to configure everything automatically. Currently traffic is encrypted with default certificates. So, there are three options for me and no one of them really works.
1) Find the format of messages ( what the fields are, session id for example) in docs, but I didn't manage to find it; 2) Use wireshark to decrypt the traffic and the apply maybe a json -dissector to the decrypted data. I have tried many solutions ( thanks god I have rsa private and public keys but there is another session key which is generated every time engine starts to communicate with vdsm, which I cannot get with the help of sslkeylog file or ld_preload technology. Maybe someone knows the exact methodology how to do this correctly?
3) Turn off ssl in oVirt. It is simple to do that for vdsm, but for engine, according to answers on oVirt site, I should do 2 requests to the database. I was really surprised that psql was not installed by oVirt on my system. How did it then created a default database? ( I have chosen to create all locally and with default configurations). I mean these two commands : https://www.ovirt.org/develop/developer-guide/vdsm/connectin g-development-vdsm-to-engine/ . I have a following error there : psql: FATAL: Peer authentication failed for user "engine"
Could you please guide my what method is the best and how should I correct my faults there?
_______________________________________________ Devel mailing list Devel@ovirt.org http://lists.ovirt.org/mailman/listinfo/devel
_______________________________________________ Devel mailing list Devel@ovirt.org http://lists.ovirt.org/mailman/listinfo/devel
rpm -qa |grep postgres rh-postgresql95-postgresql-libs-9.5.9-1.el7.x86_64 postgresql-libs-9.2.23-3.el7_4.x86_64 rh-postgresql95-runtime-2.2-2.el7.x86_64 rh-postgresql95-postgresql-9.5.9-1.el7.x86_64 postgresql-jdbc-9.2.1002-5.el7.noarch postgresql-contrib-9.2.23-3.el7_4.x86_64 rh-postgresql95-postgresql-server-9.5.9-1.el7.x86_64 postgresql-9.2.23-3.el7_4.x86_64 rh-postgresql95-postgresql-contrib-9.5.9-1.el7.x86_64 collectd-postgresql-5.8.0-2.el7.x86_64 postgresql-server-9.2.23-3.el7_4.x86_64 [skotti@localhost ~]$ psql -U postgres psql: FATAL: Peer authentication failed for user "postgres" But I actually installed it manually, still no succeed. But ovirt engine is working. 2018-05-07 5:22 GMT-04:00 Eli Mesika <emesika@redhat.com>:
On Mon, May 7, 2018 at 11:40 AM, Anastasiya Ruzhanskaya < anastasiya.ruzhanskaya@frtk.ru> wrote:
If the engine user is not accessible directly, why then in this command you use it?:
psql -U engine engine -c "UPDATE vdc_options set option_value = 'false' WHERE option_name = 'SSLEnabled';"
I am not really good in managing databases, I also didn't have postgresql installed after finishing oVirt engine installation and even managing to deploy everything. Does it mean that no database was created at all? I have chosen automatic and local creation in all fields related to database while installing oVirt engine.
Can you paste the output of the following command
rpm -qa |grep postgres
2018-05-07 11:00 GMT+03:00 Martin Sivak <msivak@redhat.com>:
Hi,
I think what you are looking for is mostly this: https://github.com/oVirt/vdsm/blob/master/lib/vdsm/api/vdsm-api.yml
The best way to see what the traffic is is to disable SSL. The postgres database is installed and accessible using the postgres user (the engine user is not allowed to access it directly).
You might also be interested in the vdsm fake project we use as node simulator. Its readme will tell you exactly how to do this: https://github.com/oVirt/ovirt-vdsmfake
I wrote an article some time ago that explained how to setup a development environment without real hosts: https://www.ovirt.org/blog/2016/11/testing-ovirt-changes-wit hout-cluster/
Might I ask what you goal is?
Best regards
-- Martin Sivak SLA / oVirt
On Sun, May 6, 2018 at 6:26 AM, Anastasiya Ruzhanskaya <anastasiya.ruzhanskaya@frtk.ru> wrote:
Hello everyone! Currently I want to determine what information is included in messages passing from oVirt engine to VDSM on ovirt-node.
I made up a really simple configuration with one VM representing engine, another - node, a managed to successfully launch a single VM on this node. However, I have chosen to configure everything automatically. Currently traffic is encrypted with default certificates. So, there are three options for me and no one of them really works.
1) Find the format of messages ( what the fields are, session id for example) in docs, but I didn't manage to find it; 2) Use wireshark to decrypt the traffic and the apply maybe a json -dissector to the decrypted data. I have tried many solutions ( thanks god I have rsa private and public keys but there is another session key which is generated every time engine starts to communicate with vdsm, which I cannot get with the help of sslkeylog file or ld_preload technology. Maybe someone knows the exact methodology how to do this correctly?
3) Turn off ssl in oVirt. It is simple to do that for vdsm, but for engine, according to answers on oVirt site, I should do 2 requests to the database. I was really surprised that psql was not installed by oVirt on my system. How did it then created a default database? ( I have chosen to create all locally and with default configurations). I mean these two commands : https://www.ovirt.org/develop/developer-guide/vdsm/connectin g-development-vdsm-to-engine/ . I have a following error there : psql: FATAL: Peer authentication failed for user "engine"
Could you please guide my what method is the best and how should I correct my faults there?
_______________________________________________ Devel mailing list Devel@ovirt.org http://lists.ovirt.org/mailman/listinfo/devel
_______________________________________________ Devel mailing list Devel@ovirt.org http://lists.ovirt.org/mailman/listinfo/devel
Hi, that sure looks like postgresql SCL packages. Software collections are installed into /opt and need to be enabled using the `scl enable <collection name>` command to allow their usage. Best regards Martin Sivak On Mon, May 7, 2018 at 2:21 PM, Anastasiya Ruzhanskaya <anastasiya.ruzhanskaya@frtk.ru> wrote:
rpm -qa |grep postgres rh-postgresql95-postgresql-libs-9.5.9-1.el7.x86_64 postgresql-libs-9.2.23-3.el7_4.x86_64 rh-postgresql95-runtime-2.2-2.el7.x86_64 rh-postgresql95-postgresql-9.5.9-1.el7.x86_64 postgresql-jdbc-9.2.1002-5.el7.noarch postgresql-contrib-9.2.23-3.el7_4.x86_64 rh-postgresql95-postgresql-server-9.5.9-1.el7.x86_64 postgresql-9.2.23-3.el7_4.x86_64 rh-postgresql95-postgresql-contrib-9.5.9-1.el7.x86_64 collectd-postgresql-5.8.0-2.el7.x86_64 postgresql-server-9.2.23-3.el7_4.x86_64 [skotti@localhost ~]$ psql -U postgres psql: FATAL: Peer authentication failed for user "postgres"
But I actually installed it manually, still no succeed. But ovirt engine is working.
2018-05-07 5:22 GMT-04:00 Eli Mesika <emesika@redhat.com>:
On Mon, May 7, 2018 at 11:40 AM, Anastasiya Ruzhanskaya <anastasiya.ruzhanskaya@frtk.ru> wrote:
If the engine user is not accessible directly, why then in this command you use it?:
psql -U engine engine -c "UPDATE vdc_options set option_value = 'false' WHERE option_name = 'SSLEnabled';"
I am not really good in managing databases, I also didn't have postgresql installed after finishing oVirt engine installation and even managing to deploy everything. Does it mean that no database was created at all? I have chosen automatic and local creation in all fields related to database while installing oVirt engine.
Can you paste the output of the following command
rpm -qa |grep postgres
2018-05-07 11:00 GMT+03:00 Martin Sivak <msivak@redhat.com>:
Hi,
I think what you are looking for is mostly this: https://github.com/oVirt/vdsm/blob/master/lib/vdsm/api/vdsm-api.yml
The best way to see what the traffic is is to disable SSL. The postgres database is installed and accessible using the postgres user (the engine user is not allowed to access it directly).
You might also be interested in the vdsm fake project we use as node simulator. Its readme will tell you exactly how to do this: https://github.com/oVirt/ovirt-vdsmfake
I wrote an article some time ago that explained how to setup a development environment without real hosts:
https://www.ovirt.org/blog/2016/11/testing-ovirt-changes-without-cluster/
Might I ask what you goal is?
Best regards
-- Martin Sivak SLA / oVirt
On Sun, May 6, 2018 at 6:26 AM, Anastasiya Ruzhanskaya <anastasiya.ruzhanskaya@frtk.ru> wrote:
Hello everyone! Currently I want to determine what information is included in messages passing from oVirt engine to VDSM on ovirt-node.
I made up a really simple configuration with one VM representing engine, another - node, a managed to successfully launch a single VM on this node. However, I have chosen to configure everything automatically. Currently traffic is encrypted with default certificates. So, there are three options for me and no one of them really works.
1) Find the format of messages ( what the fields are, session id for example) in docs, but I didn't manage to find it; 2) Use wireshark to decrypt the traffic and the apply maybe a json -dissector to the decrypted data. I have tried many solutions ( thanks god I have rsa private and public keys but there is another session key which is generated every time engine starts to communicate with vdsm, which I cannot get with the help of sslkeylog file or ld_preload technology. Maybe someone knows the exact methodology how to do this correctly?
3) Turn off ssl in oVirt. It is simple to do that for vdsm, but for engine, according to answers on oVirt site, I should do 2 requests to the database. I was really surprised that psql was not installed by oVirt on my system. How did it then created a default database? ( I have chosen to create all locally and with default configurations). I mean these two commands :
https://www.ovirt.org/develop/developer-guide/vdsm/connecting-development-vd... . I have a following error there : psql: FATAL: Peer authentication failed for user "engine"
Could you please guide my what method is the best and how should I correct my faults there?
_______________________________________________ Devel mailing list Devel@ovirt.org http://lists.ovirt.org/mailman/listinfo/devel
_______________________________________________ Devel mailing list Devel@ovirt.org http://lists.ovirt.org/mailman/listinfo/devel
scl enable rh-postgresql95 'psql -U postgres' psql: FATAL: Peer authentication failed for user "postgres" I am not sure why it is trying to execute the command while enabling. 2018-05-07 12:22 GMT-04:00 Martin Sivak <msivak@redhat.com>:
Hi,
that sure looks like postgresql SCL packages. Software collections are installed into /opt and need to be enabled using the `scl enable <collection name>` command to allow their usage.
Best regards
Martin Sivak
rpm -qa |grep postgres rh-postgresql95-postgresql-libs-9.5.9-1.el7.x86_64 postgresql-libs-9.2.23-3.el7_4.x86_64 rh-postgresql95-runtime-2.2-2.el7.x86_64 rh-postgresql95-postgresql-9.5.9-1.el7.x86_64 postgresql-jdbc-9.2.1002-5.el7.noarch postgresql-contrib-9.2.23-3.el7_4.x86_64 rh-postgresql95-postgresql-server-9.5.9-1.el7.x86_64 postgresql-9.2.23-3.el7_4.x86_64 rh-postgresql95-postgresql-contrib-9.5.9-1.el7.x86_64 collectd-postgresql-5.8.0-2.el7.x86_64 postgresql-server-9.2.23-3.el7_4.x86_64 [skotti@localhost ~]$ psql -U postgres psql: FATAL: Peer authentication failed for user "postgres"
But I actually installed it manually, still no succeed. But ovirt engine is working.
2018-05-07 5:22 GMT-04:00 Eli Mesika <emesika@redhat.com>:
On Mon, May 7, 2018 at 11:40 AM, Anastasiya Ruzhanskaya <anastasiya.ruzhanskaya@frtk.ru> wrote:
If the engine user is not accessible directly, why then in this command you use it?:
psql -U engine engine -c "UPDATE vdc_options set option_value =
'false'
WHERE option_name = 'SSLEnabled';"
I am not really good in managing databases, I also didn't have
installed after finishing oVirt engine installation and even managing to deploy everything. Does it mean that no database was created at all? I have chosen automatic and local creation in all fields related to database while installing oVirt engine.
Can you paste the output of the following command
rpm -qa |grep postgres
2018-05-07 11:00 GMT+03:00 Martin Sivak <msivak@redhat.com>:
Hi,
I think what you are looking for is mostly this: https://github.com/oVirt/vdsm/blob/master/lib/vdsm/api/vdsm-api.yml
The best way to see what the traffic is is to disable SSL. The postgres database is installed and accessible using the postgres user (the engine user is not allowed to access it directly).
You might also be interested in the vdsm fake project we use as node simulator. Its readme will tell you exactly how to do this: https://github.com/oVirt/ovirt-vdsmfake
I wrote an article some time ago that explained how to setup a development environment without real hosts:
without-cluster/
Might I ask what you goal is?
Best regards
-- Martin Sivak SLA / oVirt
On Sun, May 6, 2018 at 6:26 AM, Anastasiya Ruzhanskaya <anastasiya.ruzhanskaya@frtk.ru> wrote:
Hello everyone! Currently I want to determine what information is included in
messages
passing from oVirt engine to VDSM on ovirt-node.
I made up a really simple configuration with one VM representing engine, another - node, a managed to successfully launch a single VM on
node. However, I have chosen to configure everything automatically. Currently traffic is encrypted with default certificates. So, there are three options for me and no one of them really works.
1) Find the format of messages ( what the fields are, session id for example) in docs, but I didn't manage to find it; 2) Use wireshark to decrypt the traffic and the apply maybe a json -dissector to the decrypted data. I have tried many solutions (
On Mon, May 7, 2018 at 2:21 PM, Anastasiya Ruzhanskaya <anastasiya.ruzhanskaya@frtk.ru> wrote: postgresql this thanks
god I have rsa private and public keys but there is another session key which is generated every time engine starts to communicate with vdsm, which I cannot get with the help of sslkeylog file or ld_preload technology. Maybe someone knows the exact methodology how to do this correctly?
3) Turn off ssl in oVirt. It is simple to do that for vdsm, but for engine, according to answers on oVirt site, I should do 2 requests to the database. I was really surprised that psql was not installed by oVirt on my system. How did it then created a default database? ( I have chosen to create all locally and with default configurations). I mean these two commands :
https://www.ovirt.org/develop/developer-guide/vdsm/ connecting-development-vdsm-to-engine/ . I have a following error there : psql: FATAL: Peer authentication failed for user "engine"
Could you please guide my what method is the best and how should I correct my faults there?
_______________________________________________ Devel mailing list Devel@ovirt.org http://lists.ovirt.org/mailman/listinfo/devel
_______________________________________________ Devel mailing list Devel@ovirt.org http://lists.ovirt.org/mailman/listinfo/devel
On Tue, May 8, 2018 at 7:11 AM, Anastasiya Ruzhanskaya < anastasiya.ruzhanskaya@frtk.ru> wrote:
scl enable rh-postgresql95 'psql -U postgres'
This should be : scl enable rh-postgresql95 bash
psql: FATAL: Peer authentication failed for user "postgres"
I am not sure why it is trying to execute the command while enabling.
2018-05-07 12:22 GMT-04:00 Martin Sivak <msivak@redhat.com>:
Hi,
that sure looks like postgresql SCL packages. Software collections are installed into /opt and need to be enabled using the `scl enable <collection name>` command to allow their usage.
Best regards
Martin Sivak
rpm -qa |grep postgres rh-postgresql95-postgresql-libs-9.5.9-1.el7.x86_64 postgresql-libs-9.2.23-3.el7_4.x86_64 rh-postgresql95-runtime-2.2-2.el7.x86_64 rh-postgresql95-postgresql-9.5.9-1.el7.x86_64 postgresql-jdbc-9.2.1002-5.el7.noarch postgresql-contrib-9.2.23-3.el7_4.x86_64 rh-postgresql95-postgresql-server-9.5.9-1.el7.x86_64 postgresql-9.2.23-3.el7_4.x86_64 rh-postgresql95-postgresql-contrib-9.5.9-1.el7.x86_64 collectd-postgresql-5.8.0-2.el7.x86_64 postgresql-server-9.2.23-3.el7_4.x86_64 [skotti@localhost ~]$ psql -U postgres psql: FATAL: Peer authentication failed for user "postgres"
But I actually installed it manually, still no succeed. But ovirt engine is working.
2018-05-07 5:22 GMT-04:00 Eli Mesika <emesika@redhat.com>:
On Mon, May 7, 2018 at 11:40 AM, Anastasiya Ruzhanskaya <anastasiya.ruzhanskaya@frtk.ru> wrote:
If the engine user is not accessible directly, why then in this
command
you use it?:
psql -U engine engine -c "UPDATE vdc_options set option_value = 'false' WHERE option_name = 'SSLEnabled';"
I am not really good in managing databases, I also didn't have
installed after finishing oVirt engine installation and even managing to deploy everything. Does it mean that no database was created at all? I have chosen automatic and local creation in all fields related to database while installing oVirt engine.
Can you paste the output of the following command
rpm -qa |grep postgres
2018-05-07 11:00 GMT+03:00 Martin Sivak <msivak@redhat.com>:
Hi,
I think what you are looking for is mostly this: https://github.com/oVirt/vdsm/blob/master/lib/vdsm/api/vdsm-api.yml
The best way to see what the traffic is is to disable SSL. The postgres database is installed and accessible using the postgres user (the engine user is not allowed to access it directly).
You might also be interested in the vdsm fake project we use as node simulator. Its readme will tell you exactly how to do this: https://github.com/oVirt/ovirt-vdsmfake
I wrote an article some time ago that explained how to setup a development environment without real hosts:
https://www.ovirt.org/blog/2016/11/testing-ovirt-changes-wit
hout-cluster/
Might I ask what you goal is?
Best regards
-- Martin Sivak SLA / oVirt
On Sun, May 6, 2018 at 6:26 AM, Anastasiya Ruzhanskaya <anastasiya.ruzhanskaya@frtk.ru> wrote: > Hello everyone! > Currently I want to determine what information is included in
messages
> passing from oVirt engine to VDSM on ovirt-node. > > I made up a really simple configuration with one VM representing > engine, > another - node, a managed to successfully launch a single VM on
> node. > However, I have chosen to configure everything automatically. > Currently > traffic is encrypted with default certificates. > So, there are three options for me and no one of them really works. > > 1) Find the format of messages ( what the fields are, session id for > example) in docs, but I didn't manage to find it; > 2) Use wireshark to decrypt the traffic and the apply maybe a json > -dissector to the decrypted data. I have tried many solutions (
On Mon, May 7, 2018 at 2:21 PM, Anastasiya Ruzhanskaya <anastasiya.ruzhanskaya@frtk.ru> wrote: postgresql this thanks
> god I > have rsa private and public keys but there is another session key > which is > generated every time engine starts to communicate with vdsm, which I > cannot > get with the help of sslkeylog file or ld_preload technology. > Maybe someone knows the exact methodology how to do this correctly? > > 3) Turn off ssl in oVirt. It is simple to do that for vdsm, but for > engine, > according to answers on oVirt site, I should do 2 requests to the > database. > I was really surprised that psql was not installed by oVirt on my > system. > How did it then created a default database? ( I have chosen to create > all > locally and with default configurations). > I mean these two commands : > > https://www.ovirt.org/develop/developer-guide/vdsm/connectin g-development-vdsm-to-engine/ > . I have a following error there : > psql: FATAL: Peer authentication failed for user "engine" > > Could you please guide my what method is the best and how should I > correct > my faults there? > > > _______________________________________________ > Devel mailing list > Devel@ovirt.org > http://lists.ovirt.org/mailman/listinfo/devel
_______________________________________________ Devel mailing list Devel@ovirt.org http://lists.ovirt.org/mailman/listinfo/devel
On Mon, May 7, 2018 at 11:00 AM, Martin Sivak <msivak@redhat.com> wrote:
Hi,
I think what you are looking for is mostly this: https://github.com/oVirt/vdsm/blob/master/lib/vdsm/api/vdsm-api.yml
The best way to see what the traffic is is to disable SSL. The postgres database is installed and accessible using the postgres user (the engine user is not allowed to access it directly).
You might also be interested in the vdsm fake project we use as node simulator. Its readme will tell you exactly how to do this: https://github.com/oVirt/ovirt-vdsmfake
I don't think that vdsm fake is aligned to latest master , I have tried to use it before few months and it had lot of problems. I am afraid that vsm fake is a dead project since AFAIK no maintainer is updating it or testing it in a regular basis The last person I know that touched its code an tried to fix it was Roy Golan, but work is not completed yet
I wrote an article some time ago that explained how to setup a development environment without real hosts: https://www.ovirt.org/blog/2016/11/testing-ovirt-changes-without-cluster/
Might I ask what you goal is?
Best regards
-- Martin Sivak SLA / oVirt
On Sun, May 6, 2018 at 6:26 AM, Anastasiya Ruzhanskaya <anastasiya.ruzhanskaya@frtk.ru> wrote:
Hello everyone! Currently I want to determine what information is included in messages passing from oVirt engine to VDSM on ovirt-node.
I made up a really simple configuration with one VM representing engine, another - node, a managed to successfully launch a single VM on this node. However, I have chosen to configure everything automatically. Currently traffic is encrypted with default certificates. So, there are three options for me and no one of them really works.
1) Find the format of messages ( what the fields are, session id for example) in docs, but I didn't manage to find it; 2) Use wireshark to decrypt the traffic and the apply maybe a json -dissector to the decrypted data. I have tried many solutions ( thanks god I have rsa private and public keys but there is another session key which is generated every time engine starts to communicate with vdsm, which I cannot get with the help of sslkeylog file or ld_preload technology. Maybe someone knows the exact methodology how to do this correctly?
3) Turn off ssl in oVirt. It is simple to do that for vdsm, but for engine, according to answers on oVirt site, I should do 2 requests to the database. I was really surprised that psql was not installed by oVirt on my system. How did it then created a default database? ( I have chosen to create all locally and with default configurations). I mean these two commands : https://www.ovirt.org/develop/developer-guide/vdsm/ connecting-development-vdsm-to-engine/ . I have a following error there : psql: FATAL: Peer authentication failed for user "engine"
Could you please guide my what method is the best and how should I correct my faults there?
_______________________________________________ Devel mailing list Devel@ovirt.org http://lists.ovirt.org/mailman/listinfo/devel
Devel mailing list Devel@ovirt.org http://lists.ovirt.org/mailman/listinfo/devel
participants (3)
-
Anastasiya Ruzhanskaya -
Eli Mesika -
Martin Sivak