10:40 a.m.
Hi guys,
I'm having a problem getting the value from the manager using
vm.get_display().get_certificate().get_subject():
It happens on VM restart and what I get is: 'NoneType' object has no attribute
'get_subject'.
It happens only with get_subject() since I don't have a problem to get other values
like vm address or display port.
Moreover, the second attempt to query the certificate subject always succeeds...
Is there a way to overcome this?
We're using ovirt 3.1 and I've found the same issue here:
http://lists.ovirt.org/pipermail/devel/2013-July/005221.html
Thank you.
10:46 a.m.
On 10/29/2014 10:40 AM, Denis Kirjanov wrote:
When you request the information of a VM not all the details are
populated by default, including the certificate. Thus the
"get_certificate" method returns None. If you want the certificate data
populated you have to use the "all_content" parameter of the method used
to retrieve the VM:
vm = api.vms.get(name="myvm", all_content=True)
Then you should be able to get the certificate and the subject.
--
Dirección Comercial: C/Jose Bardasano Baos, 9, Edif. Gorbea 3, planta
3ºD, 28016 Madrid, Spain
Inscrita en el Reg. Mercantil de Madrid – C.I.F. B82657941 - Red Hat S.L.
11:37 a.m.
Thanks for the tip, but I've got "got an unexpected keyword argument
all_content"
----- Исходное сообщение -----
От: "Juan Hernandez" <jhernand(a)redhat.com>
Кому: "Denis Kirjanov" <kda(a)itsirius.su>, devel(a)ovirt.org
Отправленные: Среда, 29 Октябрь 2014 г 13:46:16
Тема: Re: [ovirt-devel] ovirt-sdk get_subject() problem
On 10/29/2014 10:40 AM, Denis Kirjanov wrote:
When you request the information of a VM not all the details are
populated by default, including the certificate. Thus the
"get_certificate" method returns None. If you want the certificate data
populated you have to use the "all_content" parameter of the method used
to retrieve the VM:
vm = api.vms.get(name="myvm", all_content=True)
Then you should be able to get the certificate and the subject.
--
Dirección Comercial: C/Jose Bardasano Baos, 9, Edif. Gorbea 3, planta
3ºD, 28016 Madrid, Spain
Inscrita en el Reg. Mercantil de Madrid – C.I.F. B82657941 - Red Hat S.L.
11:45 a.m.
On 10/29/2014 11:37 AM, Denis Kirjanov wrote:
Thanks for the tip, but I've got "got an unexpected keyword
argument all_content"
You can solve that updating the version of the Python SDK, no need to
update the engine. Newer versions of the SDK should work correctly with
older versions of the engine, so if you use the 3.5 version of the SDK
this should work.
--
Dirección Comercial: C/Jose Bardasano Baos, 9, Edif. Gorbea 3, planta
3ºD, 28016 Madrid, Spain
Inscrita en el Reg. Mercantil de Madrid – C.I.F. B82657941 - Red Hat S.L.
2:03 p.m.
I've installed rhemv-sdk 3.5.0.7 but nothing has changed.
----- Исходное сообщение -----
От: "Juan Hernandez" <jhernand(a)redhat.com>
Кому: "Denis Kirjanov" <kda(a)itsirius.su>
Копия: devel(a)ovirt.org
Отправленные: Среда, 29 Октябрь 2014 г 14:45:15
Тема: Re: [ovirt-devel] ovirt-sdk get_subject() problem
On 10/29/2014 11:37 AM, Denis Kirjanov wrote:
Thanks for the tip, but I've got "got an unexpected keyword
argument all_content"
You can solve that updating the version of the Python SDK, no need to
update the engine. Newer versions of the SDK should work correctly with
older versions of the engine, so if you use the 3.5 version of the SDK
this should work.
--
Dirección Comercial: C/Jose Bardasano Baos, 9, Edif. Gorbea 3, planta
3ºD, 28016 Madrid, Spain
Inscrita en el Reg. Mercantil de Madrid – C.I.F. B82657941 - Red Hat S.L.
3:53 p.m.
On 10/29/2014 02:03 PM, Denis Kirjanov wrote:
I've installed rhemv-sdk 3.5.0.7 but nothing has changed.
Ok, looks like your server is that old that it doesn't implement the
"All-Content" header. I'd suggest to update, but if it isn't possible
then you can do something like this to obtain the certificate of the
display:
import OpenSSL
import ssl
display_host = ...
display_port = ...
# Get the certificate from the server and convert it to a data structure
# that can be manipulated:
pem = ssl.get_server_certificate(
addr=(display_host, display_port),
ssl_version=ssl.PROTOCOL_TLSv1,
ca_certs="/etc/pki/ovirt-engine/ca.pem"
)
cert = OpenSSL.crypto.load_certificate(OpenSSL.crypto.FILETYPE_PEM, pem)
# Build the subject string iterating the components of the subject
# name:
subject = ""
for component in cert.get_subject().get_components():
subject += "/%s=%s" % component
Note that it is important that you use here the "ca_certs" parameter, so
that the display certificate is propertly validated. Also you will need
to setup that manually if the script is running outside of the engine
machine.
--
Dirección Comercial: C/Jose Bardasano Baos, 9, Edif. Gorbea 3, planta
3ºD, 28016 Madrid, Spain
Inscrita en el Reg. Mercantil de Madrid – C.I.F. B82657941 - Red Hat S.L.
10:58 a.m.
Il 29/10/2014 10:40, Denis Kirjanov ha scritto:
Just out of curiosity (feel free to ignore me), why not upgrading to any later version?
--
Sandro Bonazzola
Better technology. Faster innovation. Powered by community collaboration.
See how it works at redhat.com
11:37 a.m.
We're planning to move to 3.5 but now we're bounded to version 3.1
----- Исходное сообщение -----
От: "Sandro Bonazzola" <sbonazzo(a)redhat.com>
Кому: "Denis Kirjanov" <kda(a)itsirius.su>, devel(a)ovirt.org
Отправленные: Среда, 29 Октябрь 2014 г 13:58:00
Тема: Re: [ovirt-devel] ovirt-sdk get_subject() problem
Il 29/10/2014 10:40, Denis Kirjanov ha scritto:
Just out of curiosity (feel free to ignore me), why not upgrading to any later version?
--
Sandro Bonazzola
Better technology. Faster innovation. Powered by community collaboration.
See how it works at redhat.com
3811
days inactive
3811
days old
7 comments
3 participants
participants (3)
-
Denis Kirjanov -
Juan Hernandez -
Sandro Bonazzola