Re: [lago-devel] Lago - Installation help needed
Le 26/09/2016 à 12:04, Yedidyah Bar David a écrit :
On Mon, Sep 26, 2016 at 1:02 PM, Nicolas Ecarnot <nicolas@ecarnot.net> wrote:
Le 26/09/2016 à 12:00, Yedidyah Bar David a écrit :
On Mon, Sep 26, 2016 at 12:36 PM, Nicolas Ecarnot <nicolas@ecarnot.net> wrote:
Le 26/09/2016 à 10:55, Yedidyah Bar David a écrit :
So we need engine logs to know more.
If none were generated, it might have failed too early.
Please check system logs - /var/log/messages, journalctl, etc. Thanks.
Just to be sure : are you speaking about the log files on the bare-metal server, or the virtual hosts (engine)?
I referred to the engine vm. In principle both might be interesting/relevant.
If this is the engine, I already provided the only file I got (and I also double-checked its /var/log/message, with no interesting info).
Perhaps journalctl output?
Engine is centos 6, so no systemd at this time...
OK. Can you try starting the service manually and see if you get anything in any log? You can try getting more debug info using e.g.:
OK. I read this BZ, and I also tried to launch a run using basic_suite_4.0 The results were quite different, as I see no more memory issues. Actually, it looks like all the 3 VMs are deployed OK (engine, host0 and host1). Then the tests about the engine are OK. Then I only have an error in post-001_initialize_engine.py But I can not find any detail : @ Collect artifacts: # [Thread-1] lago_basic_suite_4_0_host0: # [Thread-2] lago_basic_suite_4_0_host1: # [Thread-3] lago_basic_suite_4_0_engine: No handlers could be found for logger "paramiko.transport" # [Thread-3] lago_basic_suite_4_0_engine: Success (in 0:01:07) # [Thread-1] lago_basic_suite_4_0_host0: ERROR (in 0:02:18) # [Thread-2] lago_basic_suite_4_0_host1: ERROR (in 0:02:18) (nothing more). The script is not stopping there, and keeps going until 002_bootstrap.py : # add_dc: # add_dc: Success (in 0:00:03) # add_dc_quota: # add_dc_quota: Success (in 0:00:02) # add_cluster: # add_cluster: Success (in 0:00:01) # add_hosts: * Collect artifacts: * Collect artifacts: ERROR (in 0:01:55) # add_hosts: ERROR (in 0:17:08) # Results located at /data/lago/ovirt-system-tests/deployment-basic_suite_4.0/default/nosetests-002_bootstrap.py.xml @ Run test: 002_bootstrap.py: ERROR (in 0:17:16) Error occured, aborting Traceback (most recent call last): File "/usr/lib/python2.7/site-packages/ovirtlago/cmd.py", line 258, in do_run self.cli_plugins[args.ovirtverb].do_run(args) File "/usr/lib/python2.7/site-packages/lago/plugins/cli.py", line 180, in do_run self._do_run(**vars(args)) File "/usr/lib/python2.7/site-packages/lago/utils.py", line 488, in wrapper return func(*args, **kwargs) File "/usr/lib/python2.7/site-packages/lago/utils.py", line 499, in wrapper return func(*args, prefix=prefix, **kwargs) File "/usr/lib/python2.7/site-packages/ovirtlago/cmd.py", line 102, in do_ovirt_runtest raise RuntimeError('Some tests failed') RuntimeError: Some tests failed I'm still having a look at the log files to see what is the issue. Apart that, by connecting into the engine VM, I saw that the engine process was running, so I tried to access the web GUI, by running an SSH connection to the bare-metal host : ssh -L 8443:192.168.200.4:443 root@serv-hv-dev01.sdis.isere.fr (BTW, the readthedoc is showing 200.2 but this is irrelevant for basic_test_4.0, where the engine ip is 200.4) Accessing https://localhost:8443/ is working, but when trying to access the login screen, I'm left with : "The client is not authorized to request an authorization. It's required to access the system using FQDN." ... Dear Redhat employees and al., I sincerely respect your great patience because I'm witnessing the huge complexity of this project, as I'm trying to find my way out this mess^W wonderful project ;) Anyway, I'm feeling I made one step further, so this is encouraging (I have modest expectations and a few is making my day). So about this last issue, please don't answer me that every Lago user is using its own laptop with a graphical layer and running a direct browser access to the web GUI? -- Nicolas ECARNOT
On Wed, Sep 28, 2016 at 4:28 PM, Nicolas Ecarnot <nicolas@ecarnot.net> wrote:
Le 26/09/2016 à 12:04, Yedidyah Bar David a écrit :
On Mon, Sep 26, 2016 at 1:02 PM, Nicolas Ecarnot <nicolas@ecarnot.net> wrote:
Le 26/09/2016 à 12:00, Yedidyah Bar David a écrit :
On Mon, Sep 26, 2016 at 12:36 PM, Nicolas Ecarnot <nicolas@ecarnot.net> wrote:
Le 26/09/2016 à 10:55, Yedidyah Bar David a écrit :
So we need engine logs to know more.
If none were generated, it might have failed too early.
Please check system logs - /var/log/messages, journalctl, etc. Thanks.
Just to be sure : are you speaking about the log files on the bare-metal server, or the virtual hosts (engine)?
I referred to the engine vm. In principle both might be interesting/relevant.
If this is the engine, I already provided the only file I got (and I also double-checked its /var/log/message, with no interesting info).
Perhaps journalctl output?
Engine is centos 6, so no systemd at this time...
OK. Can you try starting the service manually and see if you get anything in any log? You can try getting more debug info using e.g.:
OK.
I read this BZ, and I also tried to launch a run using basic_suite_4.0 The results were quite different, as I see no more memory issues.
Actually, it looks like all the 3 VMs are deployed OK (engine, host0 and host1). Then the tests about the engine are OK. Then I only have an error in post-001_initialize_engine.py But I can not find any detail :
@ Collect artifacts: # [Thread-1] lago_basic_suite_4_0_host0: # [Thread-2] lago_basic_suite_4_0_host1: # [Thread-3] lago_basic_suite_4_0_engine: No handlers could be found for logger "paramiko.transport" # [Thread-3] lago_basic_suite_4_0_engine: Success (in 0:01:07) # [Thread-1] lago_basic_suite_4_0_host0: ERROR (in 0:02:18) # [Thread-2] lago_basic_suite_4_0_host1: ERROR (in 0:02:18)
(nothing more).
The script is not stopping there, and keeps going until 002_bootstrap.py :
# add_dc: # add_dc: Success (in 0:00:03) # add_dc_quota: # add_dc_quota: Success (in 0:00:02) # add_cluster: # add_cluster: Success (in 0:00:01) # add_hosts: * Collect artifacts: * Collect artifacts: ERROR (in 0:01:55) # add_hosts: ERROR (in 0:17:08) # Results located at /data/lago/ovirt-system-tests/ deployment-basic_suite_4.0/default/nosetests-002_bootstrap.py.xml @ Run test: 002_bootstrap.py: ERROR (in 0:17:16) Error occured, aborting Traceback (most recent call last): File "/usr/lib/python2.7/site-packages/ovirtlago/cmd.py", line 258, in do_run self.cli_plugins[args.ovirtverb].do_run(args) File "/usr/lib/python2.7/site-packages/lago/plugins/cli.py", line 180, in do_run self._do_run(**vars(args)) File "/usr/lib/python2.7/site-packages/lago/utils.py", line 488, in wrapper return func(*args, **kwargs) File "/usr/lib/python2.7/site-packages/lago/utils.py", line 499, in wrapper return func(*args, prefix=prefix, **kwargs) File "/usr/lib/python2.7/site-packages/ovirtlago/cmd.py", line 102, in do_ovirt_runtest raise RuntimeError('Some tests failed') RuntimeError: Some tests failed
I'm still having a look at the log files to see what is the issue.
Apart that, by connecting into the engine VM, I saw that the engine process was running, so I tried to access the web GUI, by running an SSH connection to the bare-metal host : ssh -L 8443:192.168.200.4:443 root@serv-hv-dev01.sdis.isere.fr
(BTW, the readthedoc is showing 200.2 but this is irrelevant for basic_test_4.0, where the engine ip is 200.4)
Accessing https://localhost:8443/ is working, but when trying to access the login screen, I'm left with : "The client is not authorized to request an authorization. It's required to access the system using FQDN."
Add to your /etc/hosts 192.168.200.4 engine And connect to https://engine here's my /etc/hosts, as indeed there may be multiple IPs or subnets for engine: [ykaul@ykaul ovirt-system-tests]$ cat /etc/hosts 127.0.0.1 localhost.localdomain localhost ::1 localhost6.localdomain6 localhost6 #192.168.201.3 engine #192.168.203.3 engine 192.168.200.3 engine #192.168.200.99 hosted-engine hosted-engine.lago.local
...
Dear Redhat employees and al., I sincerely respect your great patience because I'm witnessing the huge complexity of this project, as I'm trying to find my way out this mess^W wonderful project ;)
Anyway, I'm feeling I made one step further, so this is encouraging (I have modest expectations and a few is making my day).
So about this last issue, please don't answer me that every Lago user is using its own laptop with a graphical layer and running a direct browser access to the web GUI?
-- Nicolas ECARNOT _______________________________________________ lago-devel mailing list lago-devel@ovirt.org http://lists.ovirt.org/mailman/listinfo/lago-devel
On Wed, Sep 28, 2016 at 11:07 PM, Nicolas Ecarnot <nicolas@ecarnot.net> wrote:
Le 28/09/2016 à 20:47, Yaniv Kaul a écrit :
Apart that, by connecting into the engine VM, I saw that the engine process was running, so I tried to access the web GUI, by running an SSH connection to the bare-metal host : ssh -L 8443:192.168.200.4:443 root@serv-hv-dev01.sdis.isere.fr
Accessing https://localhost:8443/ is working, but when trying to access the login screen, I'm left with : "The client is not authorized to request an authorization. It's required to access the system using FQDN."
Add to your /etc/hosts 192.168.200.4 engine
And connect to https://engine
Yaniv,
If you mean : "Change the /etc/hosts of the bare-metal server which is running Lago", I already tried that :
root@serv-hv-dev01:/etc# cat /etc/hosts 127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4 ::1 localhost localhost.localdomain localhost6 localhost6.localdomain6 192.168.200.4 engine lago-basic-suite-4-0-engine.lago.local
And of course, I adapted the "ssh -L" connection according to it : ssh -L 8443:engine:443 root@serv-hv-dev01 or ssh -L 8443:lago-basic-suite-4-0-engine.lago.local:443 root@serv-hv-dev01
If you mean to change the /etc/hosts of the computer I'm initiating the ssh connection from, it does not seem relevant as it can not reach the internal 192.168.200/24 virtual subnet.
You can do something like this: Add to your client's /etc/hosts: 127.0.3.1 engine And then: ssh -L engine:8443:lago-basic-suite-4-0-engine.lago.local:443 root@serv-hv-dev01 See also: https://bugzilla.redhat.com/show_bug.cgi?id=1325746 I am not aware of lago support for this, patches are likely welcome :-) Best,
That's enough HTML email formating for me this year
In the engine's /var/log/ovirt-engine/engine.log, I clearly see the exception raised with the same error message :
2016-09-28 16:00:58,922 DEBUG [org.ovirt.engine.core.sso.utils.SsoUtils] (default task-29) [] Parameter app_url not found request, using default value 2016-09-28 16:00:58,923 ERROR [org.ovirt.engine.core.sso.utils.SsoUtils] (default task-29) [] The client is not authorized to request an authorization. It's required to access the system using FQDN. 2016-09-28 16:00:58,923 DEBUG [org.ovirt.engine.core.sso.utils.SsoUtils] (default task-29) [] Exception: org.ovirt.engine.core.sso.utils.OAuthException: The client is not authorized to request an authorization. It's required to access the system using FQDN. at org.ovirt.engine.core.sso.utils.SsoUtils.validateClientRequest(SsoUtils.java:460) [enginesso.jar:] at org.ovirt.engine.core.sso.servlets.OAuthAuthorizeServlet.service(OAuthAuthorizeServlet.java:51) [enginesso.jar:] at javax.servlet.http.HttpServlet.service(HttpServlet.java:790) [jboss-servlet-api_3.1_spec-1.0.0.Final.jar:1.0.0.Final] at io.undertow.servlet.handlers.ServletHandler.handleRequest(ServletHandler.java:85) [undertow-servlet-1.4.0.Final.jar:1.4.0.Final] at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:129) [undertow-servlet-1.4.0.Final.jar:1.4.0.Final] and so on...
--
Nicolas ECARNOT
-- Didi
Le 29/09/2016 à 08:36, Yedidyah Bar David a écrit :
On Wed, Sep 28, 2016 at 11:07 PM, Nicolas Ecarnot <nicolas@ecarnot.net> wrote:
Le 28/09/2016 à 20:47, Yaniv Kaul a écrit :
Apart that, by connecting into the engine VM, I saw that the engine process was running, so I tried to access the web GUI, by running an SSH connection to the bare-metal host : ssh -L 8443:192.168.200.4:443 root@serv-hv-dev01.sdis.isere.fr
Accessing https://localhost:8443/ is working, but when trying to access the login screen, I'm left with : "The client is not authorized to request an authorization. It's required to access the system using FQDN."
Add to your /etc/hosts 192.168.200.4 engine
And connect to https://engine
Yaniv,
If you mean : "Change the /etc/hosts of the bare-metal server which is running Lago", I already tried that :
root@serv-hv-dev01:/etc# cat /etc/hosts 127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4 ::1 localhost localhost.localdomain localhost6 localhost6.localdomain6 192.168.200.4 engine lago-basic-suite-4-0-engine.lago.local
And of course, I adapted the "ssh -L" connection according to it : ssh -L 8443:engine:443 root@serv-hv-dev01 or ssh -L 8443:lago-basic-suite-4-0-engine.lago.local:443 root@serv-hv-dev01
If you mean to change the /etc/hosts of the computer I'm initiating the ssh connection from, it does not seem relevant as it can not reach the internal 192.168.200/24 virtual subnet.
You can do something like this:
Add to your client's /etc/hosts:
127.0.3.1 engine
And then:
ssh -L engine:8443:lago-basic-suite-4-0-engine.lago.local:443 root@serv-hv-dev01
Hello, Been there, tried that : to no avail. In the engine log, I see : 2016-09-29 03:35:15,236 DEBUG [org.ovirt.engine.core.sso.utils.SsoUtils] (default task-13) [] Parameter app_url not found request, using default value 2016-09-29 03:35:15,236 ERROR [org.ovirt.engine.core.sso.utils.SsoUtils] (default task-13) [] The client is not authorized to request an authorization. It's required to access the system using FQDN. 2016-09-29 03:35:15,236 DEBUG [org.ovirt.engine.core.sso.utils.SsoUtils] (default task-13) [] Exception: org.ovirt.engine.core.sso.utils.OAuthException: The client is not authorized to request an authorization. It's required to access the system using FQDN. at org.ovirt.engine.core.sso.utils.SsoUtils.validateClientRequest(SsoUtils.java:460) [enginesso.jar:] at org.ovirt.engine.core.sso.servlets.OAuthAuthorizeServlet.service(OAuthAuthorizeServlet.java:51) [enginesso.jar:] Moreover, reading https://www.ovirt.org/release/4.0.4/ , I see : "it's required to access engine only using the same FQDN which was specified during engine-setup invocation." Isn't it the key of this issue? Reading that, should I understand that from the moment this patch was merged in, the "ssh -L" trick could not work anymore?
See also:
https://bugzilla.redhat.com/show_bug.cgi?id=1325746
I am not aware of lago support for this, patches are likely welcome :-)
I would be so glad to be skilled enough to contribute... My skills are limited to testing and reporting. -- Nicolas ECARNOT
On Thu, Sep 29, 2016 at 10:59 AM, Nicolas Ecarnot <nicolas@ecarnot.net> wrote:
Le 29/09/2016 à 08:36, Yedidyah Bar David a écrit :
On Wed, Sep 28, 2016 at 11:07 PM, Nicolas Ecarnot <nicolas@ecarnot.net> wrote:
Le 28/09/2016 à 20:47, Yaniv Kaul a écrit :
Apart that, by connecting into the engine VM, I saw that the engine process was running, so I tried to access the web GUI, by running an SSH connection to the bare-metal host : ssh -L 8443:192.168.200.4:443 root@serv-hv-dev01.sdis.isere.fr
Accessing https://localhost:8443/ is working, but when trying to access the login screen, I'm left with : "The client is not authorized to request an authorization. It's required to access the system using FQDN."
Add to your /etc/hosts 192.168.200.4 engine
And connect to https://engine
Yaniv,
If you mean : "Change the /etc/hosts of the bare-metal server which is running Lago", I already tried that :
root@serv-hv-dev01:/etc# cat /etc/hosts 127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4 ::1 localhost localhost.localdomain localhost6 localhost6.localdomain6 192.168.200.4 engine lago-basic-suite-4-0-engine.lago.local
And of course, I adapted the "ssh -L" connection according to it : ssh -L 8443:engine:443 root@serv-hv-dev01 or ssh -L 8443:lago-basic-suite-4-0-engine.lago.local:443 root@serv-hv-dev01
If you mean to change the /etc/hosts of the computer I'm initiating the ssh connection from, it does not seem relevant as it can not reach the internal 192.168.200/24 virtual subnet.
You can do something like this:
Add to your client's /etc/hosts:
127.0.3.1 engine
And then:
ssh -L engine:8443:lago-basic-suite-4-0-engine.lago.local:443 root@serv-hv-dev01
Hello,
Been there, tried that : to no avail.
In the engine log, I see :
2016-09-29 03:35:15,236 DEBUG [org.ovirt.engine.core.sso.utils.SsoUtils] (default task-13) [] Parameter app_url not found request, using default value 2016-09-29 03:35:15,236 ERROR [org.ovirt.engine.core.sso.utils.SsoUtils] (default task-13) [] The client is not authorized to request an authorization. It's required to access the system using FQDN. 2016-09-29 03:35:15,236 DEBUG [org.ovirt.engine.core.sso.utils.SsoUtils] (default task-13) [] Exception: org.ovirt.engine.core.sso.utils.OAuthException: The client is not authorized to request an authorization. It's required to access the system using FQDN. at org.ovirt.engine.core.sso.utils.SsoUtils.validateClientRequest(SsoUtils.java:460) [enginesso.jar:] at org.ovirt.engine.core.sso.servlets.OAuthAuthorizeServlet.service(OAuthAuthorizeServlet.java:51) [enginesso.jar:]
Moreover, reading https://www.ovirt.org/release/4.0.4/ , I see : "it's required to access engine only using the same FQDN which was specified during engine-setup invocation."
Isn't it the key of this issue?
Indeed.
Reading that, should I understand that from the moment this patch was merged in, the "ssh -L" trick could not work anymore?
I still do not understand why not. In your client's browser, just connect to https://engine:8443. Does this fail?
See also:
You can still try also this one. I didn't yet myself.
I am not aware of lago support for this, patches are likely welcome :-)
I would be so glad to be skilled enough to contribute...
My skills are limited to testing and reporting.
That's much appreciated as well! Best, -- Didi
On Thu, Sep 29, 2016 at 11:28 AM, Yedidyah Bar David <didi@redhat.com> wrote:
On Thu, Sep 29, 2016 at 10:59 AM, Nicolas Ecarnot <nicolas@ecarnot.net> wrote:
Le 29/09/2016 à 08:36, Yedidyah Bar David a écrit :
On Wed, Sep 28, 2016 at 11:07 PM, Nicolas Ecarnot <nicolas@ecarnot.net> wrote:
Le 28/09/2016 à 20:47, Yaniv Kaul a écrit :
Apart that, by connecting into the engine VM, I saw that the engine process was running, so I tried to access the web GUI, by running an SSH connection to the bare-metal host : ssh -L 8443:192.168.200.4:443 root@serv-hv-dev01.sdis.isere.fr
Accessing https://localhost:8443/ is working, but when trying to access the login screen, I'm left with : "The client is not authorized to request an authorization. It's required to access the system using FQDN."
Add to your /etc/hosts 192.168.200.4 engine
And connect to https://engine
Yaniv,
If you mean : "Change the /etc/hosts of the bare-metal server which is running Lago", I already tried that :
root@serv-hv-dev01:/etc# cat /etc/hosts 127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4 ::1 localhost localhost.localdomain localhost6 localhost6.localdomain6 192.168.200.4 engine lago-basic-suite-4-0-engine.lago.local
And of course, I adapted the "ssh -L" connection according to it : ssh -L 8443:engine:443 root@serv-hv-dev01 or ssh -L 8443:lago-basic-suite-4-0-engine.lago.local:443 root@serv-hv-dev01
If you mean to change the /etc/hosts of the computer I'm initiating the ssh connection from, it does not seem relevant as it can not reach the internal 192.168.200/24 virtual subnet.
You can do something like this:
Add to your client's /etc/hosts:
127.0.3.1 engine
And then:
ssh -L engine:8443:lago-basic-suite-4-0-engine.lago.local:443 root@serv-hv-dev01
Hello,
Been there, tried that : to no avail.
In the engine log, I see :
2016-09-29 03:35:15,236 DEBUG [org.ovirt.engine.core.sso.utils.SsoUtils] (default task-13) [] Parameter app_url not found request, using default value 2016-09-29 03:35:15,236 ERROR [org.ovirt.engine.core.sso.utils.SsoUtils] (default task-13) [] The client is not authorized to request an authorization. It's required to access the system using FQDN. 2016-09-29 03:35:15,236 DEBUG [org.ovirt.engine.core.sso.utils.SsoUtils] (default task-13) [] Exception: org.ovirt.engine.core.sso.utils.OAuthException: The client is not authorized to request an authorization. It's required to access the system using FQDN. at org.ovirt.engine.core.sso.utils.SsoUtils.validateClientRequest(SsoUtils.java:460) [enginesso.jar:] at org.ovirt.engine.core.sso.servlets.OAuthAuthorizeServlet.service(OAuthAuthorizeServlet.java:51) [enginesso.jar:]
Moreover, reading https://www.ovirt.org/release/4.0.4/ , I see : "it's required to access engine only using the same FQDN which was specified during engine-setup invocation."
Isn't it the key of this issue?
Indeed.
Reading that, should I understand that from the moment this patch was merged in, the "ssh -L" trick could not work anymore?
I still do not understand why not. In your client's browser, just connect to https://engine:8443. Does this fail?
If it fails due to the port (no idea), you can try also listening on the "real" 443 port. If you also have a local httpd already listening on 443, you'll have to configure it to listen only on specific local addresses, so that you can have your ssh listen on 443 on the address you use for tunneling.
See also:
You can still try also this one. I didn't yet myself.
I am not aware of lago support for this, patches are likely welcome :-)
I would be so glad to be skilled enough to contribute...
My skills are limited to testing and reporting.
That's much appreciated as well!
Best, -- Didi
-- Didi
Le 29/09/2016 à 10:30, Yedidyah Bar David a écrit :
On Thu, Sep 29, 2016 at 11:28 AM, Yedidyah Bar David <didi@redhat.com> wrote:
On Thu, Sep 29, 2016 at 10:59 AM, Nicolas Ecarnot <nicolas@ecarnot.net> wrote:
Le 29/09/2016 à 08:36, Yedidyah Bar David a écrit :
On Wed, Sep 28, 2016 at 11:07 PM, Nicolas Ecarnot <nicolas@ecarnot.net> wrote:
Le 28/09/2016 à 20:47, Yaniv Kaul a écrit :
Apart that, by connecting into the engine VM, I saw that the engine process was running, so I tried to access the web GUI, by running an SSH connection to the bare-metal host : ssh -L 8443:192.168.200.4:443 root@serv-hv-dev01.sdis.isere.fr
Accessing https://localhost:8443/ is working, but when trying to access the login screen, I'm left with : "The client is not authorized to request an authorization. It's required to access the system using FQDN."
Add to your /etc/hosts 192.168.200.4 engine
And connect to https://engine
Yaniv,
If you mean : "Change the /etc/hosts of the bare-metal server which is running Lago", I already tried that :
root@serv-hv-dev01:/etc# cat /etc/hosts 127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4 ::1 localhost localhost.localdomain localhost6 localhost6.localdomain6 192.168.200.4 engine lago-basic-suite-4-0-engine.lago.local
And of course, I adapted the "ssh -L" connection according to it : ssh -L 8443:engine:443 root@serv-hv-dev01 or ssh -L 8443:lago-basic-suite-4-0-engine.lago.local:443 root@serv-hv-dev01
If you mean to change the /etc/hosts of the computer I'm initiating the ssh connection from, it does not seem relevant as it can not reach the internal 192.168.200/24 virtual subnet.
You can do something like this:
Add to your client's /etc/hosts:
127.0.3.1 engine
And then:
ssh -L engine:8443:lago-basic-suite-4-0-engine.lago.local:443 root@serv-hv-dev01
Hello,
Been there, tried that : to no avail.
In the engine log, I see :
2016-09-29 03:35:15,236 DEBUG [org.ovirt.engine.core.sso.utils.SsoUtils] (default task-13) [] Parameter app_url not found request, using default value 2016-09-29 03:35:15,236 ERROR [org.ovirt.engine.core.sso.utils.SsoUtils] (default task-13) [] The client is not authorized to request an authorization. It's required to access the system using FQDN. 2016-09-29 03:35:15,236 DEBUG [org.ovirt.engine.core.sso.utils.SsoUtils] (default task-13) [] Exception: org.ovirt.engine.core.sso.utils.OAuthException: The client is not authorized to request an authorization. It's required to access the system using FQDN. at org.ovirt.engine.core.sso.utils.SsoUtils.validateClientRequest(SsoUtils.java:460) [enginesso.jar:] at org.ovirt.engine.core.sso.servlets.OAuthAuthorizeServlet.service(OAuthAuthorizeServlet.java:51) [enginesso.jar:]
Moreover, reading https://www.ovirt.org/release/4.0.4/ , I see : "it's required to access engine only using the same FQDN which was specified during engine-setup invocation."
Isn't it the key of this issue?
Indeed.
Reading that, should I understand that from the moment this patch was merged in, the "ssh -L" trick could not work anymore?
I still do not understand why not. In your client's browser, just connect to https://engine:8443. Does this fail?
If it fails due to the port (no idea), you can try also listening on the "real" 443 port.
Hallelujah! That was it! It seems the port was also part of the problem. Thank you so much for your patience. Thank you to Didi, Yaniv, Nadav, and everyone who contributed to Lago and its doc. But don't relax, as now that I'm able to access Lago based oVirt's webGUI, I'm very likely to found new issues and keep bugging you for the years to come :) -- Nicolas ECARNOT
On Thu, Sep 29, 2016 at 11:56 AM, Nicolas Ecarnot <nicolas@ecarnot.net> wrote:
Le 29/09/2016 à 10:30, Yedidyah Bar David a écrit :
On Thu, Sep 29, 2016 at 11:28 AM, Yedidyah Bar David <didi@redhat.com> wrote:
On Thu, Sep 29, 2016 at 10:59 AM, Nicolas Ecarnot <nicolas@ecarnot.net> wrote:
Le 29/09/2016 à 08:36, Yedidyah Bar David a écrit :
On Wed, Sep 28, 2016 at 11:07 PM, Nicolas Ecarnot <nicolas@ecarnot.net
wrote:
Le 28/09/2016 à 20:47, Yaniv Kaul a écrit :
Apart that, by connecting into the engine VM, I saw that the engine > process was running, so I tried to access the web GUI, by running an > SSH > connection to the bare-metal host : > ssh -L 8443:192.168.200.4:443 root@serv-hv-dev01.sdis.isere.fr > > > Accessing https://localhost:8443/ is working, but when trying to > access > the login screen, I'm left with : > "The client is not authorized to request an authorization. It's > required > to access the system using FQDN." >
Add to your /etc/hosts 192.168.200.4 engine
And connect to https://engine
Yaniv,
If you mean : "Change the /etc/hosts of the bare-metal server which is running Lago", I already tried that :
root@serv-hv-dev01:/etc# cat /etc/hosts 127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4 ::1 localhost localhost.localdomain localhost6 localhost6.localdomain6 192.168.200.4 engine lago-basic-suite-4-0-engine.lago.local
And of course, I adapted the "ssh -L" connection according to it : ssh -L 8443:engine:443 root@serv-hv-dev01 or ssh -L 8443:lago-basic-suite-4-0-engine.lago.local:443 root@serv-hv-dev01
If you mean to change the /etc/hosts of the computer I'm initiating the ssh connection from, it does not seem relevant as it can not reach the internal 192.168.200/24 virtual subnet.
You can do something like this:
Add to your client's /etc/hosts:
127.0.3.1 engine
And then:
ssh -L engine:8443:lago-basic-suite-4-0-engine.lago.local:443 root@serv-hv-dev01
Hello,
Been there, tried that : to no avail.
In the engine log, I see :
2016-09-29 03:35:15,236 DEBUG [org.ovirt.engine.core.sso.uti ls.SsoUtils] (default task-13) [] Parameter app_url not found request, using default value 2016-09-29 03:35:15,236 ERROR [org.ovirt.engine.core.sso.uti ls.SsoUtils] (default task-13) [] The client is not authorized to request an authorization. It's required to access the system using FQDN. 2016-09-29 03:35:15,236 DEBUG [org.ovirt.engine.core.sso.uti ls.SsoUtils] (default task-13) [] Exception: org.ovirt.engine.core.sso.utils.OAuthException: The client is not authorized to request an authorization. It's required to access the system using FQDN. at org.ovirt.engine.core.sso.utils.SsoUtils.validateClientReque st(SsoUtils.java:460) [enginesso.jar:] at org.ovirt.engine.core.sso.servlets.OAuthAuthorizeServlet. service(OAuthAuthorizeServlet.java:51) [enginesso.jar:]
Moreover, reading https://www.ovirt.org/release/4.0.4/ , I see : "it's required to access engine only using the same FQDN which was specified during engine-setup invocation."
Isn't it the key of this issue?
Indeed.
Reading that, should I understand that from the moment this patch was
merged in, the "ssh -L" trick could not work anymore?
I still do not understand why not. In your client's browser, just connect to https://engine:8443. Does this fail?
If it fails due to the port (no idea), you can try also listening on the "real" 443 port.
Hallelujah! That was it! It seems the port was also part of the problem.
You managed to get Lago with hosted-engine in a 4GB RAM host? That's a Guinness world record! (shame, I managed in 8GB and thought I held that record). Nice! Y.
Thank you so much for your patience. Thank you to Didi, Yaniv, Nadav, and everyone who contributed to Lago and its doc.
But don't relax, as now that I'm able to access Lago based oVirt's webGUI, I'm very likely to found new issues and keep bugging you for the years to come :)
-- Nicolas ECARNOT
Le 29/09/2016 à 12:14, Yaniv Kaul a écrit :
Hallelujah! That was it! It seems the port was also part of the problem.
You managed to get Lago with hosted-engine in a 4GB RAM host? That's a Guinness world record! (shame, I managed in 8GB and thought I held that record). Nice! Y.
Well, though the engine and the 2 hosts are up and running, and the navigation through the web gui is almost smooth, there are still many things missing, but I'm not sure which : - I see no storage domains, though mount points are OK in the engine, and /etc/exports is correct - Actually, I don't know what I should expect from a Lago deployment, so I'm actively digging and reading through the scripts, the docs, the logs, to see what scripts I can manually re-run and how. - When I'll make some progress, I don't know if the script is to create some final user VMs... But hey, all I'm discovering is making me feel it is a real great project. -- Nicolas ECARNOT
Le 29/09/2016 à 12:14, Yaniv Kaul a écrit :
Hallelujah! That was it! It seems the port was also part of the problem.
You managed to get Lago with hosted-engine in a 4GB RAM host? That's a Guinness world record! (shame, I managed in 8GB and thought I held that record). Nice! Y.
Oops I read too fast : I did not run HE, but only basic_suite_4.0 ... You're still holding the record. Well, nested is some sort of HE in a way... :) -- Nicolas ECARNOT
Le 29/09/2016 à 09:59, Nicolas Ecarnot a écrit :
Le 29/09/2016 à 08:36, Yedidyah Bar David a écrit :
You can do something like this:
Add to your client's /etc/hosts:
127.0.3.1 engine
And then:
ssh -L engine:8443:lago-basic-suite-4-0-engine.lago.local:443 root@serv-hv-dev01
OK, I understand why you're suggesting that. It's because : # grep 'OVESETUP_ENGINE_CONFIG/fqdn' /etc/ovirt-engine-setup.conf.d/20-setup-ovirt-post.conf OVESETUP_ENGINE_CONFIG/fqdn=str:engine So your suggestion *should* work. I'll try to raise the debug level as suggested previously. -- Nicolas ECARNOT
participants (3)
-
Nicolas Ecarnot -
Yaniv Kaul -
Yedidyah Bar David