ssl error during host install
Hi, I'm getting following SSL error when adding new host: engine: [...] 2020-05-18 18:28:35,530-04 WARN [org.ovirt.vdsm.jsonrpc.client.utils.retry.Retryable] (EE-ManagedThreadFactory-engine-Thread-42) [762c711c] Retry failed 2020-05-18 18:28:39,033-04 WARN [org.ovirt.vdsm.jsonrpc.client.utils.retry.Retryable] (EE-ManagedThreadFactory-engine-Thread-43) [762c711c] Retry failed 2020-05-18 18:28:39,033-04 ERROR [org.ovirt.engine.core.bll.hostdeploy.InstallVdsInternalCommand] (EE-ManagedThreadFactory-engine-Thread-3) [762c711c] Host installation failed for host 'ab082e77-315c-4cfe-8188-11fbee94c2b8', 'fc30-glance': Network error during communication with the host host (vdsm log): 2020-05-18 18:26:36,963-0400 ERROR (Reactor thread) [vds.dispatcher] uncaptured python exception, closing channel <yajsonrpc.betterAsyncore.Dispatcher connected ('::ffff:192.168.122.246', 52428, 0, 0) at 0x7f9f8c7e8d30> (<class 'ssl.SSLError'>:[X509] no certificate or crl found (_ssl.c:4053) [/usr/lib64/python3.7/asyncore.py|readwrite|110] [/usr/lib64/python3.7/asyncore.py|handle_write_event|441] [/usr/lib/python3.7/site-packages/yajsonrpc/betterAsyncore.py|handle_write|75] [/usr/lib/python3.7/site-packages/yajsonrpc/betterAsyncore.py|_delegate_call|173] [/usr/lib/python3.7/site-packages/vdsm/sslutils.py|handle_write|190] [/usr/lib/python3.7/site-packages/vdsm/sslutils.py|_handle_io|194] [/usr/lib/python3.7/site-packages/vdsm/sslutils.py|_set_up_socket|154]) (betterAsyncore:184) Any idea what's wrong and/or how to fix it? Both engine and host are on FC30, host is installed from standard ovirt-release44-pre repo and engine is dev build of latest engine master with glance API v2 patches [1]. Thanks Vojta [1] https://gerrit.ovirt.org/#/q/topic:"Image+Service+API+v2"
Hi Vojtech, could you please provide - on host: cat /etc/pki/vdsm/certs/cacert.pem - on engine: rpm -qa "*ansible-runner*" cat /etc/ansible-runner-service/config.yaml My guess is that in the ovirt-release44-pre is missing this patch [1] but you have the newest ansible-runner. [1] https://gerrit.ovirt.org/#/c/108532/ Martin Necas On Tue, May 19, 2020 at 12:53 AM Vojtech Juranek <vjuranek@redhat.com> wrote:
Hi, I'm getting following SSL error when adding new host:
engine:
[...] 2020-05-18 18:28:35,530-04 WARN [org.ovirt.vdsm.jsonrpc.client.utils.retry.Retryable] (EE-ManagedThreadFactory-engine-Thread-42) [762c711c] Retry failed 2020-05-18 18:28:39,033-04 WARN [org.ovirt.vdsm.jsonrpc.client.utils.retry.Retryable] (EE-ManagedThreadFactory-engine-Thread-43) [762c711c] Retry failed 2020-05-18 18:28:39,033-04 ERROR [org.ovirt.engine.core.bll.hostdeploy.InstallVdsInternalCommand] (EE-ManagedThreadFactory-engine-Thread-3) [762c711c] Host installation failed for host 'ab082e77-315c-4cfe-8188-11fbee94c2b8', 'fc30-glance': Network error during communication with the host
host (vdsm log):
2020-05-18 18:26:36,963-0400 ERROR (Reactor thread) [vds.dispatcher] uncaptured python exception, closing channel <yajsonrpc.betterAsyncore.Dispatcher connected ('::ffff:192.168.122.246', 52428, 0, 0) at 0x7f9f8c7e8d30> (<class 'ssl.SSLError'>:[X509] no certificate or crl found (_ssl.c:4053) [/usr/lib64/python3.7/asyncore.py|readwrite|110] [/usr/lib64/python3.7/asyncore.py|handle_write_event|441] [/usr/lib/python3.7/site-packages/yajsonrpc/betterAsyncore.py|handle_write|75] [/usr/lib/python3.7/site-packages/yajsonrpc/betterAsyncore.py|_delegate_call|173] [/usr/lib/python3.7/site-packages/vdsm/sslutils.py|handle_write|190] [/usr/lib/python3.7/site-packages/vdsm/sslutils.py|_handle_io|194] [/usr/lib/python3.7/site-packages/vdsm/sslutils.py|_set_up_socket|154]) (betterAsyncore:184)
Any idea what's wrong and/or how to fix it?
Both engine and host are on FC30, host is installed from standard ovirt-release44-pre repo and engine is dev build of latest engine master with glance API v2 patches [1].
Thanks Vojta
[1] https://gerrit.ovirt.org/#/q/topic :"Image+Service+API+v2"_______________________________________________ Devel mailing list -- devel@ovirt.org To unsubscribe send an email to devel-leave@ovirt.org Privacy Statement: https://www.ovirt.org/privacy-policy.html oVirt Code of Conduct: https://www.ovirt.org/community/about/community-guidelines/ List Archives: https://lists.ovirt.org/archives/list/devel@ovirt.org/message/VSM7HZN5EB27AD...
- on host: cat /etc/pki/vdsm/certs/cacert.pem
# cat /etc/pki/vdsm/certs/cacert.pem -----BEGIN CERTIFICATE----- MIIDpTCCAo2gAwIBAgICEAAwDQYJKoZIhvcNAQELBQAwPjELMAkGA1UEBhMCVVMxDjAMBgNVBAoM BWxvY2FsMR8wHQYDVQQDDBZlbmdpbmUtZGV2LmxvY2FsLjc4NTczMB4XDTIwMDUxNzEzMjQwMVoX DTMwMDUxNjEzMjQwMVowPjELMAkGA1UEBhMCVVMxDjAMBgNVBAoMBWxvY2FsMR8wHQYDVQQDDBZl bmdpbmUtZGV2LmxvY2FsLjc4NTczMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA13CL DlvCAU/vprWOE4gGN/QsiXS3LXTrnCJCm7odqXQjcKFttUKJ7hgdlfQ47UmagZYEJEh6qrFdJzWc ihbN+8ROqYkaKWzLk6xSTBpejbOZstJOp9h8MiUHNuNOIscu2hvCdTdgapUbMUXJTSPUth8oXDNe Avtz4PYIRhCUniWY/VcZAmr2BoRO8QEs81LobY0BCnmGz58vvBGJ+0yuT8mGz56rVEGHv/XXovtQ yBCWFGKla5AuHXY0lDOTvav+Nw4Si1GJPcHv43FPSODQpuBC+Ci/3lEO093LXdTlqXi5UWu9i+ig adZaFZw+FTr+pUIQQTuUkXfvyt1qX6uBiQIDAQABo4GsMIGpMB0GA1UdDgQWBBSWrQ3eWGN55Lpy onaslQFJVlHgJDBnBgNVHSMEYDBegBSWrQ3eWGN55LpyonaslQFJVlHgJKFCpEAwPjELMAkGA1UE BhMCVVMxDjAMBgNVBAoMBWxvY2FsMR8wHQYDVQQDDBZlbmdpbmUtZGV2LmxvY2FsLjc4NTczggIQ ADAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQsFAAOCAQEARqLg FOY3GAItt3LEJyiginLAzVni45AN1xBfEUqWINgOYyX/6kKz0FFYYmjPPDWDp6wp/TfkB2+ZHGED xMbLnY1uzDH7kiBhusag+BDOw8xO1k/eprStDasBsGNbYa5Ex/TKxkp6l+lk5XIqvAveM/LidV0M FSXoovb0mqXdoUGs5cN+HLC+mrgZPapbHOYkes+KyAzZuumLNWZMBw3FXh6Jaw4IBkPxrUjsBNm5 IfkNBxXIwOYa59pb5GKKd7gJvq2lL/iGWql+9ZwY6xQ/QowFfziAhr6YsHC7Ao/sFgMb3CFtjM1t RFfETy6HCBUk3PeV9HZJl2oljlLO7H4hMA== -----END CERTIFICATE-----
- on engine: rpm -qa "*ansible-runner*" cat /etc/ansible-runner-service/config.yaml
$ rpm -qa "*ansible-runner*" ansible-runner-service-dev-1.0.1-4.fc30.noarch python3-ansible-runner-1.4.5-1.fc30.noarch
My guess is that in the ovirt-release44-pre is missing this patch [1] but you have the newest ansible-runner.
I do have this patch in engine build, but checking the patch, ansible runner on engine is not up-to-date, so maybe this is the cause? Trying to update now.
I do have this patch in engine build, but checking the patch, ansible runner on engine is not up-to-date, so maybe this is the cause? Trying to update now.
now I have on engine machine # rpm -qa "*ansible-runner*" python3-ansible-runner-1.4.5-1.fc30.noarch ansible-runner-service-dev-1.0.2-1.fc30.noarch but it didn't help, still same issue
Does the certificate look the same? Maybe try to `systemctl restart httpd ` Before the certificate looked okay. (Strange that it ends with whitespace and not new line) On Tue, May 19, 2020 at 8:31 AM Vojtech Juranek <vjuranek@redhat.com> wrote:
I do have this patch in engine build, but checking the patch, ansible runner on engine is not up-to-date, so maybe this is the cause? Trying to update now.
now I have on engine machine
# rpm -qa "*ansible-runner*" python3-ansible-runner-1.4.5-1.fc30.noarch ansible-runner-service-dev-1.0.2-1.fc30.noarch
but it didn't help, still same issue
Does the certificate look the same?
yes
Maybe try to `systemctl restart httpd `
I'm running engine in developer mode, there's no httpd running, only wildfly on port 8080
Before the certificate looked okay. (Strange that it ends with whitespace and not new line)
On Tue, May 19, 2020 at 8:31 AM Vojtech Juranek <vjuranek@redhat.com> wrote:
I do have this patch in engine build, but checking the patch, ansible
runner
on engine is not up-to-date, so maybe this is the cause? Trying to update now.
now I have on engine machine
# rpm -qa "*ansible-runner*" python3-ansible-runner-1.4.5-1.fc30.noarch ansible-runner-service-dev-1.0.2-1.fc30.noarch
but it didn't help, still same issue
Sorry, my bad. `systemctl restart ansible-runner-service.service` And just to be sure please also share `cat /etc/ansible-runner-service/config.yaml` On Tue, May 19, 2020 at 8:52 AM Vojtech Juranek <vjuranek@redhat.com> wrote:
Does the certificate look the same?
yes
Maybe try to `systemctl restart httpd `
I'm running engine in developer mode, there's no httpd running, only wildfly on port 8080
Before the certificate looked okay. (Strange that it ends with whitespace and not new line)
On Tue, May 19, 2020 at 8:31 AM Vojtech Juranek <vjuranek@redhat.com> wrote:
I do have this patch in engine build, but checking the patch, ansible
runner
on engine is not up-to-date, so maybe this is the cause? Trying to update now.
now I have on engine machine
# rpm -qa "*ansible-runner*" python3-ansible-runner-1.4.5-1.fc30.noarch ansible-runner-service-dev-1.0.2-1.fc30.noarch
but it didn't help, still same issue
Sorry, my bad. `systemctl restart ansible-runner-service.service`
this seems to fix the issue. cacert.pem now looks good (with line breaks) and host is successfully connected. Thanks a lot for a quick help!
And just to be sure please also share `cat /etc/ansible-runner-service/config.yaml`
On Tue, May 19, 2020 at 8:52 AM Vojtech Juranek <vjuranek@redhat.com> wrote:
Does the certificate look the same?
yes
Maybe try to `systemctl restart httpd `
I'm running engine in developer mode, there's no httpd running, only wildfly on port 8080
Before the certificate looked okay. (Strange that it ends with whitespace and not new line)
On Tue, May 19, 2020 at 8:31 AM Vojtech Juranek <vjuranek@redhat.com>
wrote:
I do have this patch in engine build, but checking the patch, ansible
runner
on engine is not up-to-date, so maybe this is the cause? Trying to update now.
now I have on engine machine
# rpm -qa "*ansible-runner*" python3-ansible-runner-1.4.5-1.fc30.noarch ansible-runner-service-dev-1.0.2-1.fc30.noarch
but it didn't help, still same issue
Hi, I've encountered the same problem but restarting ansible-runner-service.service didn't help in my case. I'm using engine in developer mode(current master) and Ovirt node 4.3 as hosts. My configuration: [root@node2 ~]# nodectl info layers: ovirt-node-ng-4.3.7-0.20191121.0: ovirt-node-ng-4.3.7-0.20191121.0+1 bootloader: default: ovirt-node-ng-4.3.7-0.20191121.0 (3.10.0-1062.4.3.el7.x86_64) entries: ovirt-node-ng-4.3.7-0.20191121.0 (3.10.0-1062.4.3.el7.x86_64): index: 0 title: ovirt-node-ng-4.3.7-0.20191121.0 (3.10.0-1062.4.3.el7.x86_64) kernel: /boot/ovirt-node-ng-4.3.7-0.20191121.0+1/vmlinuz-3.10.0-1062.4.3.el7.x86_64 args: "ro crashkernel=auto spectre_v2=retpoline rd.lvm.lv=onn/ovirt-node-ng-4.3.7-0.20191121.0+1 rd.lvm.lv=onn/swap rhgb quiet LANG=en_US.UTF-8 img.bootid=ovirt-node-ng-4.3.7-0.20191121.0+1 null" initrd: /boot/ovirt-node-ng-4.3.7-0.20191121.0+1/initramfs-3.10.0-1062.4.3.el7.x86_64.img root: /dev/onn/ovirt-node-ng-4.3.7-0.20191121.0+1 current_layer: ovirt-node-ng-4.3.7-0.20191121.0+1 Logs from installation: INFO [org.ovirt.engine.core.dal.dbbroker.auditloghandling.AuditLogDirector] (EE-ManagedThreadFactory-engine-Thread-2) [71f8a32b] EVENT_ID: VDS_ANSIBLE_INSTALL_FINISHED(561), Ansible host-deploy playbook execution has successfully finished on host node2. INFO [org.ovirt.vdsm.jsonrpc.client.reactors.ReactorClient] (SSL Stomp Reactor) [] Connecting to node2.ovirt-dev/192.168.144.54 WARN [org.ovirt.vdsm.jsonrpc.client.utils.retry.Retryable] (EE-ManagedThreadFactory-engine-Thread-3) [71f8a32b] Retry failed .... ERROR [org.ovirt.engine.core.bll.hostdeploy.InstallVdsInternalCommand] (EE-ManagedThreadFactory-engine-Thread-2) [71f8a32b] Host installation failed for host '1f9ff20d-cb8d-4b71-8305-3bf925b1db3f', 'node2': Network error during communication with the host [root@node2 ~]# cat /etc/pki/vdsm/certs/cacert.pem -----BEGIN CERTIFICATE----- MIIDujCCAqKgAwIBAgICEAAwDQYJKoZIhvcNAQELBQAwRTELMAkGA1UEBhMCVVMxEjAQBgNVBAoM CW92aXJ0LWRldjEiMCAGA1UEAwwZZGV2ZWxvcGVyLm92aXJ0LWRldi40MzIwMTAeFw0yMDA1MTgw OTUyNDVaFw0zMDA1MTcwOTUyNDVaMEUxCzAJBgNVBAYTAlVTMRIwEAYDVQQKDAlvdmlydC1kZXYx IjAgBgNVBAMMGWRldmVsb3Blci5vdmlydC1kZXYuNDMyMDEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC92c+bQKySXhEh+sPppoiZFgpLXfzcR/DCpHnoh6r4C53LTR7nXe8wMjAHbRU1 guNQiW8D38oe43q3VDXNB59bU6+OHT6x0Vq/V7GlA3PorQjEei0mJUpPa8cuAzI0zK70r+RLFwGC RyxiC0cNRqlft3+EAvlEoe/cbDcbx2aqR8WPtWNHkCMphqSrOb0PNCHI8zcxaY7HcZKIMymzrAZO dE3Jl+L3+gcwH5tVIBPfVCVZcuOuM8xU0H9F6JL2vKm7FXiz3x2h/5HoyEZMjyyASQTd9uOdH5ev gUORvmHeelkru8WdRCPa6t7Cm5du2Thz/JLxQj2094rBDZMeOU5HAgMBAAGjgbMwgbAwHQYDVR0O BBYEFImHdLmvYLEqgW6Z5Mf7D9y0mv4NMG4GA1UdIwRnMGWAFImHdLmvYLEqgW6Z5Mf7D9y0mv4N oUmkRzBFMQswCQYDVQQGEwJVUzESMBAGA1UECgwJb3ZpcnQtZGV2MSIwIAYDVQQDDBlkZXZlbG9w ZXIub3ZpcnQtZGV2LjQzMjAxggIQADAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAN BgkqhkiG9w0BAQsFAAOCAQEAgqvfNakcETpuwiZKzWv3o98CT2F/TgZKO6XKOHm771v6wXR3ffZg QWCtpmqSsuaGWvuVoDDHdmDdjyPsoc1jcG9/8G0G/+AsDpoyAIijjH8WiOO8kAMGYJYTFE8jy0hY 3psr01s0ktQtNgBHi8s58hrcB3sh7iVEsXKnH7qOriop0uWAobKATsX2VK23hDVnwSkJaO9iP5gB LCalnXJTnqqi3OXybk7uR+kxR3FHo4CFjGhQtQcUm92zefk7KtUkcVV0o8lGrxG0U5FVck+awu7Y 4O8LU12HNNW8hxljYhlj/rQBfN1TRKgzsEL2Dn8EBV+rWf3vHPJVZnnx221PKw== -----END CERTIFICATE----- [root@node2 ~]# [root@node2 ~]# systemctl status vdsmd.service -l .... May 19 12:55:30 node2.ovirt-dev vdsm[15226]: ERROR uncaptured python exception, closing channel <yajsonrpc.betterAsyncore.Dispatcher connected ('::ffff:192.168.144.50', 41998, 0, 0) at 0x7fa31fc6e950> (<class 'ssl.SSLError'>:unknown error (_ssl.c:2825) [/usr/lib64/python2.7/asyncore.py|readwrite|110] [/usr/lib64/python2.7/asyncore.py|handle_write_event|468] [/usr/lib/python2.7/site-packages/yajsonrpc/betterAsyncore.py|handle_write|74] [/usr/lib/python2.7/site-packages/yajsonrpc/betterAsyncore.py|_delegate_call|168] [/usr/lib/python2.7/site-packages/vdsm/sslutils.py|handle_write|185] [/usr/lib/python2.7/site-packages/vdsm/sslutils.py|_handle_io|189] [/usr/lib/python2.7/site-packages/vdsm/sslutils.py|_set_up_socket|149]) best regards, radek On Tue, May 19, 2020 at 9:16 AM Vojtech Juranek <vjuranek@redhat.com> wrote:
Sorry, my bad. `systemctl restart ansible-runner-service.service`
this seems to fix the issue. cacert.pem now looks good (with line breaks) and host is successfully connected.
Thanks a lot for a quick help!
And just to be sure please also share `cat /etc/ansible-runner-service/config.yaml`
On Tue, May 19, 2020 at 8:52 AM Vojtech Juranek <vjuranek@redhat.com> wrote:
Does the certificate look the same?
yes
Maybe try to `systemctl restart httpd `
I'm running engine in developer mode, there's no httpd running, only wildfly on port 8080
Before the certificate looked okay. (Strange that it ends with whitespace and not new line)
On Tue, May 19, 2020 at 8:31 AM Vojtech Juranek <vjuranek@redhat.com>
wrote:
I do have this patch in engine build, but checking the patch, ansible
runner
on engine is not up-to-date, so maybe this is the cause? Trying to update now.
now I have on engine machine
# rpm -qa "*ansible-runner*" python3-ansible-runner-1.4.5-1.fc30.noarch ansible-runner-service-dev-1.0.2-1.fc30.noarch
but it didn't help, still same issue
_______________________________________________ Devel mailing list -- devel@ovirt.org To unsubscribe send an email to devel-leave@ovirt.org Privacy Statement: https://www.ovirt.org/privacy-policy.html oVirt Code of Conduct: https://www.ovirt.org/community/about/community-guidelines/ List Archives: https://lists.ovirt.org/archives/list/devel@ovirt.org/message/UIXXVCNZZCTR3K...
Solved by system upgrade. Ansible-runner-service-dev is now 1.0.2-1.el8. best regards, radek On Tue, May 19, 2020 at 1:10 PM Radoslaw Szwajkowski <rszwajko@redhat.com> wrote:
Hi, I've encountered the same problem but restarting ansible-runner-service.service didn't help in my case. I'm using engine in developer mode(current master) and Ovirt node 4.3 as hosts.
My configuration:
[root@node2 ~]# nodectl info layers: ovirt-node-ng-4.3.7-0.20191121.0: ovirt-node-ng-4.3.7-0.20191121.0+1 bootloader: default: ovirt-node-ng-4.3.7-0.20191121.0 (3.10.0-1062.4.3.el7.x86_64) entries: ovirt-node-ng-4.3.7-0.20191121.0 (3.10.0-1062.4.3.el7.x86_64): index: 0 title: ovirt-node-ng-4.3.7-0.20191121.0 (3.10.0-1062.4.3.el7.x86_64) kernel: /boot/ovirt-node-ng-4.3.7-0.20191121.0+1/vmlinuz-3.10.0-1062.4.3.el7.x86_64 args: "ro crashkernel=auto spectre_v2=retpoline rd.lvm.lv=onn/ovirt-node-ng-4.3.7-0.20191121.0+1 rd.lvm.lv=onn/swap rhgb quiet LANG=en_US.UTF-8 img.bootid=ovirt-node-ng-4.3.7-0.20191121.0+1 null" initrd: /boot/ovirt-node-ng-4.3.7-0.20191121.0+1/initramfs-3.10.0-1062.4.3.el7.x86_64.img root: /dev/onn/ovirt-node-ng-4.3.7-0.20191121.0+1 current_layer: ovirt-node-ng-4.3.7-0.20191121.0+1
Logs from installation: INFO [org.ovirt.engine.core.dal.dbbroker.auditloghandling.AuditLogDirector] (EE-ManagedThreadFactory-engine-Thread-2) [71f8a32b] EVENT_ID: VDS_ANSIBLE_INSTALL_FINISHED(561), Ansible host-deploy playbook execution has successfully finished on host node2. INFO [org.ovirt.vdsm.jsonrpc.client.reactors.ReactorClient] (SSL Stomp Reactor) [] Connecting to node2.ovirt-dev/192.168.144.54 WARN [org.ovirt.vdsm.jsonrpc.client.utils.retry.Retryable] (EE-ManagedThreadFactory-engine-Thread-3) [71f8a32b] Retry failed .... ERROR [org.ovirt.engine.core.bll.hostdeploy.InstallVdsInternalCommand] (EE-ManagedThreadFactory-engine-Thread-2) [71f8a32b] Host installation failed for host '1f9ff20d-cb8d-4b71-8305-3bf925b1db3f', 'node2': Network error during communication with the host
[root@node2 ~]# cat /etc/pki/vdsm/certs/cacert.pem -----BEGIN CERTIFICATE----- MIIDujCCAqKgAwIBAgICEAAwDQYJKoZIhvcNAQELBQAwRTELMAkGA1UEBhMCVVMxEjAQBgNVBAoM CW92aXJ0LWRldjEiMCAGA1UEAwwZZGV2ZWxvcGVyLm92aXJ0LWRldi40MzIwMTAeFw0yMDA1MTgw OTUyNDVaFw0zMDA1MTcwOTUyNDVaMEUxCzAJBgNVBAYTAlVTMRIwEAYDVQQKDAlvdmlydC1kZXYx IjAgBgNVBAMMGWRldmVsb3Blci5vdmlydC1kZXYuNDMyMDEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC92c+bQKySXhEh+sPppoiZFgpLXfzcR/DCpHnoh6r4C53LTR7nXe8wMjAHbRU1 guNQiW8D38oe43q3VDXNB59bU6+OHT6x0Vq/V7GlA3PorQjEei0mJUpPa8cuAzI0zK70r+RLFwGC RyxiC0cNRqlft3+EAvlEoe/cbDcbx2aqR8WPtWNHkCMphqSrOb0PNCHI8zcxaY7HcZKIMymzrAZO dE3Jl+L3+gcwH5tVIBPfVCVZcuOuM8xU0H9F6JL2vKm7FXiz3x2h/5HoyEZMjyyASQTd9uOdH5ev gUORvmHeelkru8WdRCPa6t7Cm5du2Thz/JLxQj2094rBDZMeOU5HAgMBAAGjgbMwgbAwHQYDVR0O BBYEFImHdLmvYLEqgW6Z5Mf7D9y0mv4NMG4GA1UdIwRnMGWAFImHdLmvYLEqgW6Z5Mf7D9y0mv4N oUmkRzBFMQswCQYDVQQGEwJVUzESMBAGA1UECgwJb3ZpcnQtZGV2MSIwIAYDVQQDDBlkZXZlbG9w ZXIub3ZpcnQtZGV2LjQzMjAxggIQADAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAN BgkqhkiG9w0BAQsFAAOCAQEAgqvfNakcETpuwiZKzWv3o98CT2F/TgZKO6XKOHm771v6wXR3ffZg QWCtpmqSsuaGWvuVoDDHdmDdjyPsoc1jcG9/8G0G/+AsDpoyAIijjH8WiOO8kAMGYJYTFE8jy0hY 3psr01s0ktQtNgBHi8s58hrcB3sh7iVEsXKnH7qOriop0uWAobKATsX2VK23hDVnwSkJaO9iP5gB LCalnXJTnqqi3OXybk7uR+kxR3FHo4CFjGhQtQcUm92zefk7KtUkcVV0o8lGrxG0U5FVck+awu7Y 4O8LU12HNNW8hxljYhlj/rQBfN1TRKgzsEL2Dn8EBV+rWf3vHPJVZnnx221PKw== -----END CERTIFICATE----- [root@node2 ~]#
[root@node2 ~]# systemctl status vdsmd.service -l .... May 19 12:55:30 node2.ovirt-dev vdsm[15226]: ERROR uncaptured python exception, closing channel <yajsonrpc.betterAsyncore.Dispatcher connected ('::ffff:192.168.144.50', 41998, 0, 0) at 0x7fa31fc6e950> (<class 'ssl.SSLError'>:unknown error (_ssl.c:2825) [/usr/lib64/python2.7/asyncore.py|readwrite|110] [/usr/lib64/python2.7/asyncore.py|handle_write_event|468] [/usr/lib/python2.7/site-packages/yajsonrpc/betterAsyncore.py|handle_write|74] [/usr/lib/python2.7/site-packages/yajsonrpc/betterAsyncore.py|_delegate_call|168] [/usr/lib/python2.7/site-packages/vdsm/sslutils.py|handle_write|185] [/usr/lib/python2.7/site-packages/vdsm/sslutils.py|_handle_io|189] [/usr/lib/python2.7/site-packages/vdsm/sslutils.py|_set_up_socket|149])
best regards, radek
On Tue, May 19, 2020 at 9:16 AM Vojtech Juranek <vjuranek@redhat.com> wrote:
Sorry, my bad. `systemctl restart ansible-runner-service.service`
this seems to fix the issue. cacert.pem now looks good (with line breaks) and host is successfully connected.
Thanks a lot for a quick help!
And just to be sure please also share `cat /etc/ansible-runner-service/config.yaml`
On Tue, May 19, 2020 at 8:52 AM Vojtech Juranek <vjuranek@redhat.com> wrote:
Does the certificate look the same?
yes
Maybe try to `systemctl restart httpd `
I'm running engine in developer mode, there's no httpd running, only wildfly on port 8080
Before the certificate looked okay. (Strange that it ends with whitespace and not new line)
On Tue, May 19, 2020 at 8:31 AM Vojtech Juranek <vjuranek@redhat.com>
wrote:
> I do have this patch in engine build, but checking the patch, > ansible
runner
> on engine is not up-to-date, so maybe this is the cause? Trying to > update > now.
now I have on engine machine
# rpm -qa "*ansible-runner*" python3-ansible-runner-1.4.5-1.fc30.noarch ansible-runner-service-dev-1.0.2-1.fc30.noarch
but it didn't help, still same issue
_______________________________________________ Devel mailing list -- devel@ovirt.org To unsubscribe send an email to devel-leave@ovirt.org Privacy Statement: https://www.ovirt.org/privacy-policy.html oVirt Code of Conduct: https://www.ovirt.org/community/about/community-guidelines/ List Archives: https://lists.ovirt.org/archives/list/devel@ovirt.org/message/UIXXVCNZZCTR3K...
participants (3)
-
Martin Necas -
Radoslaw Szwajkowski -
Vojtech Juranek