4:28 p.m.
Le 26/09/2016 à 12:04, Yedidyah Bar David a écrit :
On Mon, Sep 26, 2016 at 1:02 PM, Nicolas Ecarnot
<nicolas(a)ecarnot.net> wrote:
> Le 26/09/2016 à 12:00, Yedidyah Bar David a écrit :
>>
>> On Mon, Sep 26, 2016 at 12:36 PM, Nicolas Ecarnot <nicolas(a)ecarnot.net>
>> wrote:
>>>
>>> Le 26/09/2016 à 10:55, Yedidyah Bar David a écrit :
>>>>
>>>>
>>>> So we need engine logs to know more.
>>>>
>>>> If none were generated, it might have failed too early.
>>>>
>>>> Please check system logs - /var/log/messages, journalctl, etc. Thanks.
>>>
>>>
>>>
>>> Just to be sure : are you speaking about the log files on the bare-metal
>>> server, or the virtual hosts (engine)?
>>
>>
>> I referred to the engine vm. In principle both might be
>> interesting/relevant.
>>
>>>
>>>
>>> If this is the engine, I already provided the only file I got (and I also
>>> double-checked its /var/log/message, with no interesting info).
>>
>>
>> Perhaps journalctl output?
>
>
> Engine is centos 6, so no systemd at this time...
OK. Can you try starting the service manually and see if you get anything
in any log? You can try getting more debug info using e.g.:
https://bugzilla.redhat.com/show_bug.cgi?id=1230165#c8
OK.
I read this BZ, and I also tried to launch a run using basic_suite_4.0
The results were quite different, as I see no more memory issues.
Actually, it looks like all the 3 VMs are deployed OK (engine, host0 and
host1).
Then the tests about the engine are OK.
Then I only have an error in post-001_initialize_engine.py
But I can not find any detail :
@ Collect artifacts:
# [Thread-1] lago_basic_suite_4_0_host0:
# [Thread-2] lago_basic_suite_4_0_host1:
# [Thread-3] lago_basic_suite_4_0_engine:
No handlers could be found for logger "paramiko.transport"
# [Thread-3] lago_basic_suite_4_0_engine: Success (in 0:01:07)
# [Thread-1] lago_basic_suite_4_0_host0: ERROR (in 0:02:18)
# [Thread-2] lago_basic_suite_4_0_host1: ERROR (in 0:02:18)
(nothing more).
The script is not stopping there, and keeps going until 002_bootstrap.py :
# add_dc:
# add_dc: Success (in 0:00:03)
# add_dc_quota:
# add_dc_quota: Success (in 0:00:02)
# add_cluster:
# add_cluster: Success (in 0:00:01)
# add_hosts:
* Collect artifacts:
* Collect artifacts: ERROR (in 0:01:55)
# add_hosts: ERROR (in 0:17:08)
# Results located at
/data/lago/ovirt-system-tests/deployment-basic_suite_4.0/default/nosetests-002_bootstrap.py.xml
@ Run test: 002_bootstrap.py: ERROR (in 0:17:16)
Error occured, aborting
Traceback (most recent call last):
File "/usr/lib/python2.7/site-packages/ovirtlago/cmd.py", line 258,
in do_run
self.cli_plugins[args.ovirtverb].do_run(args)
File "/usr/lib/python2.7/site-packages/lago/plugins/cli.py", line
180, in do_run
self._do_run(**vars(args))
File "/usr/lib/python2.7/site-packages/lago/utils.py", line 488, in
wrapper
return func(*args, **kwargs)
File "/usr/lib/python2.7/site-packages/lago/utils.py", line 499, in
wrapper
return func(*args, prefix=prefix, **kwargs)
File "/usr/lib/python2.7/site-packages/ovirtlago/cmd.py", line 102,
in do_ovirt_runtest
raise RuntimeError('Some tests failed')
RuntimeError: Some tests failed
I'm still having a look at the log files to see what is the issue.
Apart that, by connecting into the engine VM, I saw that the engine
process was running, so I tried to access the web GUI, by running an SSH
connection to the bare-metal host :
ssh -L 8443:192.168.200.4:443 root(a)serv-hv-dev01.sdis.isere.fr
(BTW, the readthedoc is showing 200.2 but this is irrelevant for
basic_test_4.0, where the engine ip is 200.4)
Accessing https://localhost:8443/ is working, but when trying to access
the login screen, I'm left with :
"The client is not authorized to request an authorization. It's required
to access the system using FQDN."
...
Dear Redhat employees and al., I sincerely respect your great patience
because I'm witnessing the huge complexity of this project, as I'm
trying to find my way out this mess^W wonderful project ;)
Anyway, I'm feeling I made one step further, so this is encouraging (I
have modest expectations and a few is making my day).
So about this last issue, please don't answer me that every Lago user is
using its own laptop with a graphical layer and running a direct browser
access to the web GUI?
--
Nicolas ECARNOT
9:47 p.m.
New subject: Lago - Installation help needed
On Wed, Sep 28, 2016 at 4:28 PM, Nicolas Ecarnot <nicolas(a)ecarnot.net>
wrote:
Le 26/09/2016 à 12:04, Yedidyah Bar David a écrit :
> On Mon, Sep 26, 2016 at 1:02 PM, Nicolas Ecarnot <nicolas(a)ecarnot.net>
> wrote:
>
>> Le 26/09/2016 à 12:00, Yedidyah Bar David a écrit :
>>
>>>
>>> On Mon, Sep 26, 2016 at 12:36 PM, Nicolas Ecarnot
<nicolas(a)ecarnot.net>
>>> wrote:
>>>
>>>>
>>>> Le 26/09/2016 à 10:55, Yedidyah Bar David a écrit :
>>>>
>>>>>
>>>>>
>>>>> So we need engine logs to know more.
>>>>>
>>>>> If none were generated, it might have failed too early.
>>>>>
>>>>> Please check system logs - /var/log/messages, journalctl, etc.
Thanks.
>>>>>
>>>>
>>>>
>>>>
>>>> Just to be sure : are you speaking about the log files on the
>>>> bare-metal
>>>> server, or the virtual hosts (engine)?
>>>>
>>>
>>>
>>> I referred to the engine vm. In principle both might be
>>> interesting/relevant.
>>>
>>>
>>>>
>>>> If this is the engine, I already provided the only file I got (and I
>>>> also
>>>> double-checked its /var/log/message, with no interesting info).
>>>>
>>>
>>>
>>> Perhaps journalctl output?
>>>
>>
>>
>> Engine is centos 6, so no systemd at this time...
>>
>
> OK. Can you try starting the service manually and see if you get anything
> in any log? You can try getting more debug info using e.g.:
>
> https://bugzilla.redhat.com/show_bug.cgi?id=1230165#c8
>
OK.
I read this BZ, and I also tried to launch a run using basic_suite_4.0
The results were quite different, as I see no more memory issues.
Actually, it looks like all the 3 VMs are deployed OK (engine, host0 and
host1).
Then the tests about the engine are OK.
Then I only have an error in post-001_initialize_engine.py
But I can not find any detail :
@ Collect artifacts:
# [Thread-1] lago_basic_suite_4_0_host0:
# [Thread-2] lago_basic_suite_4_0_host1:
# [Thread-3] lago_basic_suite_4_0_engine:
No handlers could be found for logger "paramiko.transport"
# [Thread-3] lago_basic_suite_4_0_engine: Success (in 0:01:07)
# [Thread-1] lago_basic_suite_4_0_host0: ERROR (in 0:02:18)
# [Thread-2] lago_basic_suite_4_0_host1: ERROR (in 0:02:18)
(nothing more).
The script is not stopping there, and keeps going until 002_bootstrap.py :
# add_dc:
# add_dc: Success (in 0:00:03)
# add_dc_quota:
# add_dc_quota: Success (in 0:00:02)
# add_cluster:
# add_cluster: Success (in 0:00:01)
# add_hosts:
* Collect artifacts:
* Collect artifacts: ERROR (in 0:01:55)
# add_hosts: ERROR (in 0:17:08)
# Results located at /data/lago/ovirt-system-tests/
deployment-basic_suite_4.0/default/nosetests-002_bootstrap.py.xml
@ Run test: 002_bootstrap.py: ERROR (in 0:17:16)
Error occured, aborting
Traceback (most recent call last):
File "/usr/lib/python2.7/site-packages/ovirtlago/cmd.py", line 258, in
do_run
self.cli_plugins[args.ovirtverb].do_run(args)
File "/usr/lib/python2.7/site-packages/lago/plugins/cli.py", line 180,
in do_run
self._do_run(**vars(args))
File "/usr/lib/python2.7/site-packages/lago/utils.py", line 488, in
wrapper
return func(*args, **kwargs)
File "/usr/lib/python2.7/site-packages/lago/utils.py", line 499, in
wrapper
return func(*args, prefix=prefix, **kwargs)
File "/usr/lib/python2.7/site-packages/ovirtlago/cmd.py", line 102, in
do_ovirt_runtest
raise RuntimeError('Some tests failed')
RuntimeError: Some tests failed
I'm still having a look at the log files to see what is the issue.
Apart that, by connecting into the engine VM, I saw that the engine
process was running, so I tried to access the web GUI, by running an SSH
connection to the bare-metal host :
ssh -L 8443:192.168.200.4:443 root(a)serv-hv-dev01.sdis.isere.fr
(BTW, the readthedoc is showing 200.2 but this is irrelevant for
basic_test_4.0, where the engine ip is 200.4)
Accessing https://localhost:8443/ is working, but when trying to access
the login screen, I'm left with :
"The client is not authorized to request an authorization. It's required
to access the system using FQDN."
Add to your /etc/hosts
192.168.200.4 engine
And connect to https://engine
here's my /etc/hosts, as indeed there may be multiple IPs or subnets for
engine:
[ykaul@ykaul ovirt-system-tests]$ cat /etc/hosts
127.0.0.1 localhost.localdomain localhost
::1 localhost6.localdomain6 localhost6
#192.168.201.3 engine
#192.168.203.3 engine
192.168.200.3 engine
#192.168.200.99 hosted-engine hosted-engine.lago.local
...
Dear Redhat employees and al., I sincerely respect your great patience
because I'm witnessing the huge complexity of this project, as I'm trying
to find my way out this mess^W wonderful project ;)
Anyway, I'm feeling I made one step further, so this is encouraging (I
have modest expectations and a few is making my day).
So about this last issue, please don't answer me that every Lago user is
using its own laptop with a graphical layer and running a direct browser
access to the web GUI?
--
Nicolas ECARNOT
_______________________________________________
lago-devel mailing list
lago-devel(a)ovirt.org
http://lists.ovirt.org/mailman/listinfo/lago-devel
9:36 a.m.
New subject: Lago - Installation help needed
On Wed, Sep 28, 2016 at 11:07 PM, Nicolas Ecarnot <nicolas(a)ecarnot.net> wrote:
Le 28/09/2016 à 20:47, Yaniv Kaul a écrit :
> Apart that, by connecting into the engine VM, I saw that the engine
> process was running, so I tried to access the web GUI, by running an SSH
> connection to the bare-metal host :
> ssh -L 8443:192.168.200.4:443 root(a)serv-hv-dev01.sdis.isere.fr
>
>
> Accessing https://localhost:8443/ is working, but when trying to access
> the login screen, I'm left with :
> "The client is not authorized to request an authorization. It's required
> to access the system using FQDN."
Add to your /etc/hosts
192.168.200.4 engine
And connect to https://engine
Yaniv,
If you mean : "Change the /etc/hosts of the bare-metal server which is
running Lago", I already tried that :
root@serv-hv-dev01:/etc# cat /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4
localhost4.localdomain4
::1 localhost localhost.localdomain localhost6
localhost6.localdomain6
192.168.200.4 engine lago-basic-suite-4-0-engine.lago.local
And of course, I adapted the "ssh -L" connection according to it :
ssh -L 8443:engine:443 root@serv-hv-dev01
or
ssh -L 8443:lago-basic-suite-4-0-engine.lago.local:443 root@serv-hv-dev01
If you mean to change the /etc/hosts of the computer I'm initiating the ssh
connection from, it does not seem relevant as it can not reach the internal
192.168.200/24 virtual subnet.
You can do something like this:
Add to your client's /etc/hosts:
127.0.3.1 engine
And then:
ssh -L engine:8443:lago-basic-suite-4-0-engine.lago.local:443 root@serv-hv-dev01
See also:
https://bugzilla.redhat.com/show_bug.cgi?id=1325746
I am not aware of lago support for this, patches are likely welcome :-)
Best,
That's enough HTML email formating for me this year
In the engine's /var/log/ovirt-engine/engine.log, I clearly see the
exception raised with the same error message :
2016-09-28 16:00:58,922 DEBUG [org.ovirt.engine.core.sso.utils.SsoUtils]
(default task-29) [] Parameter app_url not found request, using default
value
2016-09-28 16:00:58,923 ERROR [org.ovirt.engine.core.sso.utils.SsoUtils]
(default task-29) [] The client is not authorized to request an
authorization. It's required to access the system using FQDN.
2016-09-28 16:00:58,923 DEBUG [org.ovirt.engine.core.sso.utils.SsoUtils]
(default task-29) [] Exception:
org.ovirt.engine.core.sso.utils.OAuthException: The client is not authorized
to request an authorization. It's required to access the system using FQDN.
at
org.ovirt.engine.core.sso.utils.SsoUtils.validateClientRequest(SsoUtils.java:460)
[enginesso.jar:]
at
org.ovirt.engine.core.sso.servlets.OAuthAuthorizeServlet.service(OAuthAuthorizeServlet.java:51)
[enginesso.jar:]
at javax.servlet.http.HttpServlet.service(HttpServlet.java:790)
[jboss-servlet-api_3.1_spec-1.0.0.Final.jar:1.0.0.Final]
at
io.undertow.servlet.handlers.ServletHandler.handleRequest(ServletHandler.java:85)
[undertow-servlet-1.4.0.Final.jar:1.4.0.Final]
at
io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:129)
[undertow-servlet-1.4.0.Final.jar:1.4.0.Final]
and so on...
--
Nicolas ECARNOT
--
Didi
10:59 a.m.
New subject: Lago - Installation help needed
Le 29/09/2016 à 08:36, Yedidyah Bar David a écrit :
On Wed, Sep 28, 2016 at 11:07 PM, Nicolas Ecarnot
<nicolas(a)ecarnot.net> wrote:
> Le 28/09/2016 à 20:47, Yaniv Kaul a écrit :
>
>
>> Apart that, by connecting into the engine VM, I saw that the engine
>> process was running, so I tried to access the web GUI, by running an SSH
>> connection to the bare-metal host :
>> ssh -L 8443:192.168.200.4:443 root(a)serv-hv-dev01.sdis.isere.fr
>>
>>
>> Accessing https://localhost:8443/ is working, but when trying to access
>> the login screen, I'm left with :
>> "The client is not authorized to request an authorization. It's
required
>> to access the system using FQDN."
>
>
> Add to your /etc/hosts
> 192.168.200.4 engine
>
> And connect to https://engine
>
>
> Yaniv,
>
> If you mean : "Change the /etc/hosts of the bare-metal server which is
> running Lago", I already tried that :
>
> root@serv-hv-dev01:/etc# cat /etc/hosts
> 127.0.0.1 localhost localhost.localdomain localhost4
> localhost4.localdomain4
> ::1 localhost localhost.localdomain localhost6
> localhost6.localdomain6
> 192.168.200.4 engine lago-basic-suite-4-0-engine.lago.local
>
> And of course, I adapted the "ssh -L" connection according to it :
> ssh -L 8443:engine:443 root@serv-hv-dev01
> or
> ssh -L 8443:lago-basic-suite-4-0-engine.lago.local:443 root@serv-hv-dev01
>
> If you mean to change the /etc/hosts of the computer I'm initiating the ssh
> connection from, it does not seem relevant as it can not reach the internal
> 192.168.200/24 virtual subnet.
You can do something like this:
Add to your client's /etc/hosts:
127.0.3.1 engine
And then:
ssh -L engine:8443:lago-basic-suite-4-0-engine.lago.local:443 root@serv-hv-dev01
Hello,
Been there, tried that : to no avail.
In the engine log, I see :
2016-09-29 03:35:15,236 DEBUG [org.ovirt.engine.core.sso.utils.SsoUtils]
(default task-13) [] Parameter app_url not found request, using default
value
2016-09-29 03:35:15,236 ERROR [org.ovirt.engine.core.sso.utils.SsoUtils]
(default task-13) [] The client is not authorized to request an
authorization. It's required to access the system using FQDN.
2016-09-29 03:35:15,236 DEBUG [org.ovirt.engine.core.sso.utils.SsoUtils]
(default task-13) [] Exception:
org.ovirt.engine.core.sso.utils.OAuthException: The client is not
authorized to request an authorization. It's required to access the
system using FQDN.
at
org.ovirt.engine.core.sso.utils.SsoUtils.validateClientRequest(SsoUtils.java:460)
[enginesso.jar:]
at
org.ovirt.engine.core.sso.servlets.OAuthAuthorizeServlet.service(OAuthAuthorizeServlet.java:51)
[enginesso.jar:]
Moreover, reading https://www.ovirt.org/release/4.0.4/ , I see :
"it's required to access engine only using the same FQDN which was
specified during engine-setup invocation."
Isn't it the key of this issue?
Reading that, should I understand that from the moment this patch was
merged in, the "ssh -L" trick could not work anymore?
See also:
https://bugzilla.redhat.com/show_bug.cgi?id=1325746
I am not aware of lago support for this, patches are likely welcome :-)
I would be so glad to be skilled enough to contribute...
My skills are limited to testing and reporting.
--
Nicolas ECARNOT
11:28 a.m.
New subject: Lago - Installation help needed
On Thu, Sep 29, 2016 at 10:59 AM, Nicolas Ecarnot <nicolas(a)ecarnot.net> wrote:
Le 29/09/2016 à 08:36, Yedidyah Bar David a écrit :
>
> On Wed, Sep 28, 2016 at 11:07 PM, Nicolas Ecarnot <nicolas(a)ecarnot.net>
> wrote:
>>
>> Le 28/09/2016 à 20:47, Yaniv Kaul a écrit :
>>
>>
>>> Apart that, by connecting into the engine VM, I saw that the engine
>>> process was running, so I tried to access the web GUI, by running an SSH
>>> connection to the bare-metal host :
>>> ssh -L 8443:192.168.200.4:443 root(a)serv-hv-dev01.sdis.isere.fr
>>>
>>>
>>> Accessing https://localhost:8443/ is working, but when trying to access
>>> the login screen, I'm left with :
>>> "The client is not authorized to request an authorization. It's
required
>>> to access the system using FQDN."
>>
>>
>>
>> Add to your /etc/hosts
>> 192.168.200.4 engine
>>
>> And connect to https://engine
>>
>>
>> Yaniv,
>>
>> If you mean : "Change the /etc/hosts of the bare-metal server which is
>> running Lago", I already tried that :
>>
>> root@serv-hv-dev01:/etc# cat /etc/hosts
>> 127.0.0.1 localhost localhost.localdomain localhost4
>> localhost4.localdomain4
>> ::1 localhost localhost.localdomain localhost6
>> localhost6.localdomain6
>> 192.168.200.4 engine lago-basic-suite-4-0-engine.lago.local
>>
>> And of course, I adapted the "ssh -L" connection according to it :
>> ssh -L 8443:engine:443 root@serv-hv-dev01
>> or
>> ssh -L 8443:lago-basic-suite-4-0-engine.lago.local:443 root@serv-hv-dev01
>>
>> If you mean to change the /etc/hosts of the computer I'm initiating the
>> ssh
>> connection from, it does not seem relevant as it can not reach the
>> internal
>> 192.168.200/24 virtual subnet.
>
>
> You can do something like this:
>
> Add to your client's /etc/hosts:
>
> 127.0.3.1 engine
>
> And then:
>
> ssh -L engine:8443:lago-basic-suite-4-0-engine.lago.local:443
> root@serv-hv-dev01
Hello,
Been there, tried that : to no avail.
In the engine log, I see :
2016-09-29 03:35:15,236 DEBUG [org.ovirt.engine.core.sso.utils.SsoUtils]
(default task-13) [] Parameter app_url not found request, using default
value
2016-09-29 03:35:15,236 ERROR [org.ovirt.engine.core.sso.utils.SsoUtils]
(default task-13) [] The client is not authorized to request an
authorization. It's required to access the system using FQDN.
2016-09-29 03:35:15,236 DEBUG [org.ovirt.engine.core.sso.utils.SsoUtils]
(default task-13) [] Exception:
org.ovirt.engine.core.sso.utils.OAuthException: The client is not authorized
to request an authorization. It's required to access the system using FQDN.
at
org.ovirt.engine.core.sso.utils.SsoUtils.validateClientRequest(SsoUtils.java:460)
[enginesso.jar:]
at
org.ovirt.engine.core.sso.servlets.OAuthAuthorizeServlet.service(OAuthAuthorizeServlet.java:51)
[enginesso.jar:]
Moreover, reading https://www.ovirt.org/release/4.0.4/ , I see :
"it's required to access engine only using the same FQDN which was specified
during engine-setup invocation."
Isn't it the key of this issue?
Indeed.
Reading that, should I understand that from the moment this patch was
merged
in, the "ssh -L" trick could not work anymore?
I still do not understand why not. In your client's browser, just connect to
https://engine:8443. Does this fail?
>
> See also:
>
> https://bugzilla.redhat.com/show_bug.cgi?id=1325746
You can still try also this one. I didn't yet myself.
>
> I am not aware of lago support for this, patches are likely welcome :-)
I would be so glad to be skilled enough to contribute...
My skills are limited to testing and reporting.
That's much appreciated as well!
Best,
--
Didi
11:30 a.m.
New subject: Lago - Installation help needed
On Thu, Sep 29, 2016 at 11:28 AM, Yedidyah Bar David <didi(a)redhat.com> wrote:
On Thu, Sep 29, 2016 at 10:59 AM, Nicolas Ecarnot
<nicolas(a)ecarnot.net> wrote:
> Le 29/09/2016 à 08:36, Yedidyah Bar David a écrit :
>>
>> On Wed, Sep 28, 2016 at 11:07 PM, Nicolas Ecarnot <nicolas(a)ecarnot.net>
>> wrote:
>>>
>>> Le 28/09/2016 à 20:47, Yaniv Kaul a écrit :
>>>
>>>
>>>> Apart that, by connecting into the engine VM, I saw that the engine
>>>> process was running, so I tried to access the web GUI, by running an SSH
>>>> connection to the bare-metal host :
>>>> ssh -L 8443:192.168.200.4:443 root(a)serv-hv-dev01.sdis.isere.fr
>>>>
>>>>
>>>> Accessing https://localhost:8443/ is working, but when trying to access
>>>> the login screen, I'm left with :
>>>> "The client is not authorized to request an authorization. It's
required
>>>> to access the system using FQDN."
>>>
>>>
>>>
>>> Add to your /etc/hosts
>>> 192.168.200.4 engine
>>>
>>> And connect to https://engine
>>>
>>>
>>> Yaniv,
>>>
>>> If you mean : "Change the /etc/hosts of the bare-metal server which is
>>> running Lago", I already tried that :
>>>
>>> root@serv-hv-dev01:/etc# cat /etc/hosts
>>> 127.0.0.1 localhost localhost.localdomain localhost4
>>> localhost4.localdomain4
>>> ::1 localhost localhost.localdomain localhost6
>>> localhost6.localdomain6
>>> 192.168.200.4 engine lago-basic-suite-4-0-engine.lago.local
>>>
>>> And of course, I adapted the "ssh -L" connection according to it :
>>> ssh -L 8443:engine:443 root@serv-hv-dev01
>>> or
>>> ssh -L 8443:lago-basic-suite-4-0-engine.lago.local:443 root@serv-hv-dev01
>>>
>>> If you mean to change the /etc/hosts of the computer I'm initiating the
>>> ssh
>>> connection from, it does not seem relevant as it can not reach the
>>> internal
>>> 192.168.200/24 virtual subnet.
>>
>>
>> You can do something like this:
>>
>> Add to your client's /etc/hosts:
>>
>> 127.0.3.1 engine
>>
>> And then:
>>
>> ssh -L engine:8443:lago-basic-suite-4-0-engine.lago.local:443
>> root@serv-hv-dev01
>
>
> Hello,
>
> Been there, tried that : to no avail.
>
> In the engine log, I see :
>
> 2016-09-29 03:35:15,236 DEBUG [org.ovirt.engine.core.sso.utils.SsoUtils]
> (default task-13) [] Parameter app_url not found request, using default
> value
> 2016-09-29 03:35:15,236 ERROR [org.ovirt.engine.core.sso.utils.SsoUtils]
> (default task-13) [] The client is not authorized to request an
> authorization. It's required to access the system using FQDN.
> 2016-09-29 03:35:15,236 DEBUG [org.ovirt.engine.core.sso.utils.SsoUtils]
> (default task-13) [] Exception:
> org.ovirt.engine.core.sso.utils.OAuthException: The client is not authorized
> to request an authorization. It's required to access the system using FQDN.
> at
> org.ovirt.engine.core.sso.utils.SsoUtils.validateClientRequest(SsoUtils.java:460)
> [enginesso.jar:]
> at
>
org.ovirt.engine.core.sso.servlets.OAuthAuthorizeServlet.service(OAuthAuthorizeServlet.java:51)
> [enginesso.jar:]
>
>
>
> Moreover, reading https://www.ovirt.org/release/4.0.4/ , I see :
> "it's required to access engine only using the same FQDN which was
specified
> during engine-setup invocation."
>
> Isn't it the key of this issue?
Indeed.
> Reading that, should I understand that from the moment this patch was merged
> in, the "ssh -L" trick could not work anymore?
I still do not understand why not. In your client's browser, just connect to
https://engine:8443. Does this fail?
If it fails due to the port (no idea), you can try also listening on the
"real" 443 port. If you also have a local httpd already listening on 443,
you'll have to configure it to listen only on specific local addresses, so
that you can have your ssh listen on 443 on the address you use for tunneling.
>
>
>
>>
>> See also:
>>
>> https://bugzilla.redhat.com/show_bug.cgi?id=1325746
You can still try also this one. I didn't yet myself.
>>
>> I am not aware of lago support for this, patches are likely welcome :-)
>
>
> I would be so glad to be skilled enough to contribute...
>
> My skills are limited to testing and reporting.
That's much appreciated as well!
Best,
--
Didi
--
Didi
11:56 a.m.
New subject: Lago - Installation help needed
Le 29/09/2016 à 10:30, Yedidyah Bar David a écrit :
On Thu, Sep 29, 2016 at 11:28 AM, Yedidyah Bar David
<didi(a)redhat.com> wrote:
> On Thu, Sep 29, 2016 at 10:59 AM, Nicolas Ecarnot <nicolas(a)ecarnot.net> wrote:
>> Le 29/09/2016 à 08:36, Yedidyah Bar David a écrit :
>>>
>>> On Wed, Sep 28, 2016 at 11:07 PM, Nicolas Ecarnot
<nicolas(a)ecarnot.net>
>>> wrote:
>>>>
>>>> Le 28/09/2016 à 20:47, Yaniv Kaul a écrit :
>>>>
>>>>
>>>>> Apart that, by connecting into the engine VM, I saw that the engine
>>>>> process was running, so I tried to access the web GUI, by running an
SSH
>>>>> connection to the bare-metal host :
>>>>> ssh -L 8443:192.168.200.4:443 root(a)serv-hv-dev01.sdis.isere.fr
>>>>>
>>>>>
>>>>> Accessing https://localhost:8443/ is working, but when trying to
access
>>>>> the login screen, I'm left with :
>>>>> "The client is not authorized to request an authorization.
It's required
>>>>> to access the system using FQDN."
>>>>
>>>>
>>>>
>>>> Add to your /etc/hosts
>>>> 192.168.200.4 engine
>>>>
>>>> And connect to https://engine
>>>>
>>>>
>>>> Yaniv,
>>>>
>>>> If you mean : "Change the /etc/hosts of the bare-metal server which
is
>>>> running Lago", I already tried that :
>>>>
>>>> root@serv-hv-dev01:/etc# cat /etc/hosts
>>>> 127.0.0.1 localhost localhost.localdomain localhost4
>>>> localhost4.localdomain4
>>>> ::1 localhost localhost.localdomain localhost6
>>>> localhost6.localdomain6
>>>> 192.168.200.4 engine lago-basic-suite-4-0-engine.lago.local
>>>>
>>>> And of course, I adapted the "ssh -L" connection according to
it :
>>>> ssh -L 8443:engine:443 root@serv-hv-dev01
>>>> or
>>>> ssh -L 8443:lago-basic-suite-4-0-engine.lago.local:443
root@serv-hv-dev01
>>>>
>>>> If you mean to change the /etc/hosts of the computer I'm initiating
the
>>>> ssh
>>>> connection from, it does not seem relevant as it can not reach the
>>>> internal
>>>> 192.168.200/24 virtual subnet.
>>>
>>>
>>> You can do something like this:
>>>
>>> Add to your client's /etc/hosts:
>>>
>>> 127.0.3.1 engine
>>>
>>> And then:
>>>
>>> ssh -L engine:8443:lago-basic-suite-4-0-engine.lago.local:443
>>> root@serv-hv-dev01
>>
>>
>> Hello,
>>
>> Been there, tried that : to no avail.
>>
>> In the engine log, I see :
>>
>> 2016-09-29 03:35:15,236 DEBUG [org.ovirt.engine.core.sso.utils.SsoUtils]
>> (default task-13) [] Parameter app_url not found request, using default
>> value
>> 2016-09-29 03:35:15,236 ERROR [org.ovirt.engine.core.sso.utils.SsoUtils]
>> (default task-13) [] The client is not authorized to request an
>> authorization. It's required to access the system using FQDN.
>> 2016-09-29 03:35:15,236 DEBUG [org.ovirt.engine.core.sso.utils.SsoUtils]
>> (default task-13) [] Exception:
>> org.ovirt.engine.core.sso.utils.OAuthException: The client is not authorized
>> to request an authorization. It's required to access the system using FQDN.
>> at
>>
org.ovirt.engine.core.sso.utils.SsoUtils.validateClientRequest(SsoUtils.java:460)
>> [enginesso.jar:]
>> at
>>
org.ovirt.engine.core.sso.servlets.OAuthAuthorizeServlet.service(OAuthAuthorizeServlet.java:51)
>> [enginesso.jar:]
>>
>>
>>
>> Moreover, reading https://www.ovirt.org/release/4.0.4/ , I see :
>> "it's required to access engine only using the same FQDN which was
specified
>> during engine-setup invocation."
>>
>> Isn't it the key of this issue?
>
> Indeed.
>
>> Reading that, should I understand that from the moment this patch was merged
>> in, the "ssh -L" trick could not work anymore?
>
> I still do not understand why not. In your client's browser, just connect to
> https://engine:8443. Does this fail?
If it fails due to the port (no idea), you can try also listening on the
"real" 443 port.
Hallelujah! That was it! It seems the port was also part of the problem.
Thank you so much for your patience.
Thank you to Didi, Yaniv, Nadav, and everyone who contributed to Lago
and its doc.
But don't relax, as now that I'm able to access Lago based oVirt's
webGUI, I'm very likely to found new issues and keep bugging you for the
years to come :)
--
Nicolas ECARNOT
1:14 p.m.
New subject: Lago - Installation help needed
On Thu, Sep 29, 2016 at 11:56 AM, Nicolas Ecarnot <nicolas(a)ecarnot.net>
wrote:
Le 29/09/2016 à 10:30, Yedidyah Bar David a écrit :
> On Thu, Sep 29, 2016 at 11:28 AM, Yedidyah Bar David <didi(a)redhat.com>
> wrote:
>
>> On Thu, Sep 29, 2016 at 10:59 AM, Nicolas Ecarnot <nicolas(a)ecarnot.net>
>> wrote:
>>
>>> Le 29/09/2016 à 08:36, Yedidyah Bar David a écrit :
>>>
>>>>
>>>> On Wed, Sep 28, 2016 at 11:07 PM, Nicolas Ecarnot
<nicolas(a)ecarnot.net
>>>> >
>>>> wrote:
>>>>
>>>>>
>>>>> Le 28/09/2016 à 20:47, Yaniv Kaul a écrit :
>>>>>
>>>>>
>>>>> Apart that, by connecting into the engine VM, I saw that the engine
>>>>>> process was running, so I tried to access the web GUI, by running
an
>>>>>> SSH
>>>>>> connection to the bare-metal host :
>>>>>> ssh -L 8443:192.168.200.4:443 root(a)serv-hv-dev01.sdis.isere.fr
>>>>>>
>>>>>>
>>>>>> Accessing https://localhost:8443/ is working, but when trying to
>>>>>> access
>>>>>> the login screen, I'm left with :
>>>>>> "The client is not authorized to request an authorization.
It's
>>>>>> required
>>>>>> to access the system using FQDN."
>>>>>>
>>>>>
>>>>>
>>>>>
>>>>> Add to your /etc/hosts
>>>>> 192.168.200.4 engine
>>>>>
>>>>> And connect to https://engine
>>>>>
>>>>>
>>>>> Yaniv,
>>>>>
>>>>> If you mean : "Change the /etc/hosts of the bare-metal server
which
>>>>> is
>>>>> running Lago", I already tried that :
>>>>>
>>>>> root@serv-hv-dev01:/etc# cat /etc/hosts
>>>>> 127.0.0.1 localhost localhost.localdomain localhost4
>>>>> localhost4.localdomain4
>>>>> ::1 localhost localhost.localdomain localhost6
>>>>> localhost6.localdomain6
>>>>> 192.168.200.4 engine lago-basic-suite-4-0-engine.lago.local
>>>>>
>>>>> And of course, I adapted the "ssh -L" connection according
to it :
>>>>> ssh -L 8443:engine:443 root@serv-hv-dev01
>>>>> or
>>>>> ssh -L 8443:lago-basic-suite-4-0-engine.lago.local:443
>>>>> root@serv-hv-dev01
>>>>>
>>>>> If you mean to change the /etc/hosts of the computer I'm
initiating
>>>>> the
>>>>> ssh
>>>>> connection from, it does not seem relevant as it can not reach the
>>>>> internal
>>>>> 192.168.200/24 virtual subnet.
>>>>>
>>>>
>>>>
>>>> You can do something like this:
>>>>
>>>> Add to your client's /etc/hosts:
>>>>
>>>> 127.0.3.1 engine
>>>>
>>>> And then:
>>>>
>>>> ssh -L engine:8443:lago-basic-suite-4-0-engine.lago.local:443
>>>> root@serv-hv-dev01
>>>>
>>>
>>>
>>> Hello,
>>>
>>> Been there, tried that : to no avail.
>>>
>>> In the engine log, I see :
>>>
>>> 2016-09-29 03:35:15,236 DEBUG [org.ovirt.engine.core.sso.uti
>>> ls.SsoUtils]
>>> (default task-13) [] Parameter app_url not found request, using default
>>> value
>>> 2016-09-29 03:35:15,236 ERROR [org.ovirt.engine.core.sso.uti
>>> ls.SsoUtils]
>>> (default task-13) [] The client is not authorized to request an
>>> authorization. It's required to access the system using FQDN.
>>> 2016-09-29 03:35:15,236 DEBUG [org.ovirt.engine.core.sso.uti
>>> ls.SsoUtils]
>>> (default task-13) [] Exception:
>>> org.ovirt.engine.core.sso.utils.OAuthException: The client is not
>>> authorized
>>> to request an authorization. It's required to access the system using
>>> FQDN.
>>> at
>>> org.ovirt.engine.core.sso.utils.SsoUtils.validateClientReque
>>> st(SsoUtils.java:460)
>>> [enginesso.jar:]
>>> at
>>> org.ovirt.engine.core.sso.servlets.OAuthAuthorizeServlet.
>>> service(OAuthAuthorizeServlet.java:51)
>>> [enginesso.jar:]
>>>
>>>
>>>
>>> Moreover, reading https://www.ovirt.org/release/4.0.4/ , I see :
>>> "it's required to access engine only using the same FQDN which was
>>> specified
>>> during engine-setup invocation."
>>>
>>> Isn't it the key of this issue?
>>>
>>
>> Indeed.
>>
>> Reading that, should I understand that from the moment this patch was
>>> merged
>>> in, the "ssh -L" trick could not work anymore?
>>>
>>
>> I still do not understand why not. In your client's browser, just
>> connect to
>> https://engine:8443. Does this fail?
>>
>
> If it fails due to the port (no idea), you can try also listening on the
> "real" 443 port.
>
Hallelujah! That was it! It seems the port was also part of the problem.
You managed to get Lago with hosted-engine in a 4GB RAM host? That's a
Guinness world record! (shame, I managed in 8GB and thought I held that
record).
Nice!
Y.
Thank you so much for your patience.
Thank you to Didi, Yaniv, Nadav, and everyone who contributed to Lago and
its doc.
But don't relax, as now that I'm able to access Lago based oVirt's webGUI,
I'm very likely to found new issues and keep bugging you for the years to
come :)
--
Nicolas ECARNOT
1:51 p.m.
New subject: Lago - Installation help needed
Le 29/09/2016 à 12:14, Yaniv Kaul a écrit :
Hallelujah! That was it! It seems the port was also part of the
problem.
You managed to get Lago with hosted-engine in a 4GB RAM host? That's a
Guinness world record! (shame, I managed in 8GB and thought I held that
record).
Nice!
Y.
Well, though the engine and the 2 hosts are up and running, and the
navigation through the web gui is almost smooth, there are still many
things missing, but I'm not sure which :
- I see no storage domains, though mount points are OK in the engine,
and /etc/exports is correct
- Actually, I don't know what I should expect from a Lago deployment, so
I'm actively digging and reading through the scripts, the docs, the
logs, to see what scripts I can manually re-run and how.
- When I'll make some progress, I don't know if the script is to create
some final user VMs...
But hey, all I'm discovering is making me feel it is a real great project.
--
Nicolas ECARNOT
2:03 p.m.
New subject: Lago - Installation help needed
Le 29/09/2016 à 12:14, Yaniv Kaul a écrit :
Hallelujah! That was it! It seems the port was also part of the
problem.
You managed to get Lago with hosted-engine in a 4GB RAM host? That's a
Guinness world record! (shame, I managed in 8GB and thought I held
that record).
Nice!
Y.
Oops I read too fast : I did not run HE, but only basic_suite_4.0 ...
You're still holding the record.
Well, nested is some sort of HE in a way... :)
--
Nicolas ECARNOT
11:32 a.m.
New subject: Lago - Installation help needed
Le 29/09/2016 à 09:59, Nicolas Ecarnot a écrit :
Le 29/09/2016 à 08:36, Yedidyah Bar David a écrit :
> You can do something like this:
>
> Add to your client's /etc/hosts:
>
> 127.0.3.1 engine
>
> And then:
>
> ssh -L engine:8443:lago-basic-suite-4-0-engine.lago.local:443
> root@serv-hv-dev01
OK, I understand why you're suggesting that.
It's because :
# grep 'OVESETUP_ENGINE_CONFIG/fqdn'
/etc/ovirt-engine-setup.conf.d/20-setup-ovirt-post.conf
OVESETUP_ENGINE_CONFIG/fqdn=str:engine
So your suggestion *should* work.
I'll try to raise the debug level as suggested previously.
--
Nicolas ECARNOT
2976
days inactive
2977
days old
11 comments
3 participants
participants (3)
-
Nicolas Ecarnot -
Yaniv Kaul -
Yedidyah Bar David