[Users] Certificates and PKI seem to be broken after yum update
by Chris Smith
I have lost the ability to manage the hosts or VM's using ovirt
engine web interface after performing yum update on the ovirt-engine
host, and on one Fedora 17 host. The data center is offline, and I
can't place the hosts into maintenance mode. I don't think that there
are any actions I can perform in the web interface at all.
>From the logs it seems that PKI is broken between the engine and the hosts.
I am wondering how I can restore or re-generate all of the
certificates and get the hosts communicating with the ovirt-engine
again so that I can bring the data center back online.
I found this page which deals with changing the engine hostname, and
thus re-creating the certificates and keystore on the ovirt-engine
node, and was wondering if this could help. Could I follow this
process but keep the same hostname for the ovirt-engine node?
http://wiki.ovirt.org/How_to_change_engine_host_name
Currently I have 3 VM's running on two hosts. The VM's are up, but I
can't do anything with them in ovirt-engine.
Here's the latest activity from engine.log from the ovirt-engine node:
2013-04-06 21:58:47,472 ERROR
[org.ovirt.engine.core.engineencryptutils.EncryptionUtils]
(QuartzScheduler_Worker-61) Failed to
decryptjava.io.FileNotFoundException: /etc/pki/ovirt-engine/.keystore
(Permission denied)
2013-04-06 21:58:47,478 ERROR
[org.ovirt.engine.core.engineencryptutils.EncryptionUtils]
(QuartzScheduler_Worker-62) Can't load keystore from file
"/etc/pki/ovirt-engine/.keystore".: java.io.FileNotFoundException:
/etc/pki/ovirt-engine/.keystore (Permission denied)
at java.io.FileInputStream.open(Native Method) [rt.jar:1.7.0_09-icedtea]
at java.io.FileInputStream.<init>(FileInputStream.java:138)
[rt.jar:1.7.0_09-icedtea]
at org.ovirt.engine.core.engineencryptutils.EncryptionUtils.getKeyStore(EncryptionUtils.java:214)
[engine-encryptutils.jar:]
at org.ovirt.engine.core.engineencryptutils.EncryptionUtils.decrypt(EncryptionUtils.java:139)
[engine-encryptutils.jar:]
at org.ovirt.engine.core.dao.VdsStaticDAODbFacadeImpl.decryptPassword(VdsStaticDAODbFacadeImpl.java:139)
[engine-dal.jar:]
at org.ovirt.engine.core.dao.VdsDAODbFacadeImpl$VdsRowMapper.mapRow(VdsDAODbFacadeImpl.java:253)
[engine-dal.jar:]
at org.ovirt.engine.core.dao.VdsDAODbFacadeImpl$VdsRowMapper.mapRow(VdsDAODbFacadeImpl.java:169)
[engine-dal.jar:]
at org.springframework.jdbc.core.RowMapperResultSetExtractor.extractData(RowMapperResultSetExtractor.java:92)
[spring-jdbc-2.5.6.SEC02.jar:2.5.6.SEC02]
at org.springframework.jdbc.core.JdbcTemplate$1.doInPreparedStatement(JdbcTemplate.java:653)
[spring-jdbc-2.5.6.SEC02.jar:2.5.6.SEC02]
at org.springframework.jdbc.core.JdbcTemplate.execute(JdbcTemplate.java:591)
[spring-jdbc-2.5.6.SEC02.jar:2.5.6.SEC02]
at org.springframework.jdbc.core.JdbcTemplate.query(JdbcTemplate.java:641)
[spring-jdbc-2.5.6.SEC02.jar:2.5.6.SEC02]
at org.springframework.jdbc.core.JdbcTemplate.query(JdbcTemplate.java:670)
[spring-jdbc-2.5.6.SEC02.jar:2.5.6.SEC02]
at org.springframework.jdbc.core.JdbcTemplate.query(JdbcTemplate.java:702)
[spring-jdbc-2.5.6.SEC02.jar:2.5.6.SEC02]
at org.ovirt.engine.core.dal.dbbroker.PostgresDbEngineDialect$PostgresSimpleJdbcCall.executeCallInternal(PostgresDbEngineDialect.java:155)
[engine-dal.jar:]
at org.ovirt.engine.core.dal.dbbroker.PostgresDbEngineDialect$PostgresSimpleJdbcCall.doExecute(PostgresDbEngineDialect.java:121)
[engine-dal.jar:]
at org.springframework.jdbc.core.simple.SimpleJdbcCall.execute(SimpleJdbcCall.java:164)
[spring-jdbc-2.5.6.SEC02.jar:2.5.6.SEC02]
at org.ovirt.engine.core.dal.dbbroker.SimpleJdbcCallsHandler.executeImpl(SimpleJdbcCallsHandler.java:124)
[engine-dal.jar:]
at org.ovirt.engine.core.dal.dbbroker.SimpleJdbcCallsHandler.executeReadAndReturnMap(SimpleJdbcCallsHandler.java:75)
[engine-dal.jar:]
at org.ovirt.engine.core.dal.dbbroker.SimpleJdbcCallsHandler.executeReadList(SimpleJdbcCallsHandler.java:66)
[engine-dal.jar:]
at org.ovirt.engine.core.dal.dbbroker.SimpleJdbcCallsHandler.executeRead(SimpleJdbcCallsHandler.java:58)
[engine-dal.jar:]
at org.ovirt.engine.core.dao.VdsDAODbFacadeImpl.get(VdsDAODbFacadeImpl.java:36)
[engine-dal.jar:]
at org.ovirt.engine.core.dao.VdsDAODbFacadeImpl.get(VdsDAODbFacadeImpl.java:31)
[engine-dal.jar:]
at org.ovirt.engine.core.vdsbroker.VdsManager$1.runInTransaction(VdsManager.java:219)
[engine-vdsbroker.jar:]
at org.ovirt.engine.core.utils.transaction.TransactionSupport.executeInSuppressed(TransactionSupport.java:168)
[engine-utils.jar:]
at org.ovirt.engine.core.utils.transaction.TransactionSupport.executeInScope(TransactionSupport.java:107)
[engine-utils.jar:]
at org.ovirt.engine.core.vdsbroker.VdsManager.OnTimer(VdsManager.java:215)
[engine-vdsbroker.jar:]
at sun.reflect.GeneratedMethodAccessor13.invoke(Unknown
Source) [:1.7.0_09-icedtea]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
[rt.jar:1.7.0_09-icedtea]
at java.lang.reflect.Method.invoke(Method.java:601)
[rt.jar:1.7.0_09-icedtea]
at org.ovirt.engine.core.utils.timer.JobWrapper.execute(JobWrapper.java:64)
[engine-scheduler.jar:]
at org.quartz.core.JobRunShell.run(JobRunShell.java:213) [quartz.jar:]
at org.quartz.simpl.SimpleThreadPool$WorkerThread.run(SimpleThreadPool.java:557)
[quartz.jar:]
2013-04-06 21:58:47,576 ERROR
[org.ovirt.engine.core.vdsbroker.vdsbroker.VdsBrokerCommand]
(QuartzScheduler_Worker-61) XML RPC error in command
GetCapabilitiesVDS ( Vds: defiant ), the error was:
java.util.concurrent.ExecutionException:
java.lang.reflect.InvocationTargetException,
SSLPeerUnverifiedException: peer not authenticated
2013-04-06 21:58:47,606 ERROR
[org.ovirt.engine.core.engineencryptutils.EncryptionUtils]
(QuartzScheduler_Worker-62) Failed to
decryptjava.io.FileNotFoundException: /etc/pki/ovirt-engine/.keystore
(Permission denied)
2013-04-06 21:58:47,671 ERROR
[org.ovirt.engine.core.vdsbroker.vdsbroker.VdsBrokerCommand]
(QuartzScheduler_Worker-62) XML RPC error in command
GetCapabilitiesVDS ( Vds: transporter ), the error was:
java.util.concurrent.ExecutionException:
java.lang.reflect.InvocationTargetException,
SSLPeerUnverifiedException: peer not authenticated
Here's the message I seem to get over and over on the fedora 17 host in vdsm.log
SSLError: [Errno 1] _ssl.c:504: error:14094416:SSL
routines:SSL3_READ_BYTES:sslv3 alert certificate unknown
Thread-562520::ERROR::2013-04-06
22:08:44,268::SecureXMLRPCServer::73::root::(handle_error) client
('172.16.23.8', 36127)
Traceback (most recent call last):
File "/usr/lib64/python2.7/SocketServer.py", line 582, in
process_request_thread
self.finish_request(request, client_address)
File "/usr/lib/python2.7/site-packages/vdsm/SecureXMLRPCServer.py",
line 66, in finish_request
request.do_handshake()
File "/usr/lib64/python2.7/ssl.py", line 305, in do_handshake
self._sslobj.do_handshake()
I'm also wondering about the permission denied on the .keystore
directory. What should the permissions be? Here's what they are
currently.
[root@reliant pki]# ls -ldZ /etc/pki/ovirt-engine/.keystore
-rwxr-x---. root root unconfined_u:object_r:cert_t:s0
/etc/pki/ovirt-engine/.keystore
I also seem to have a backup of the ovirt-engine directory at the time
the update was performed, but replacing ovirt-engine with the backup
does no good.
I appreciate any assistance, and please let me know what other
information I can post to help with this.
Thanks
11 years, 7 months
[Users] Export domain was working... then... NFS, rpc.statd issues
by Nicolas Ecarnot
Hi,
[oVirt 3.1, F17]
My good old NFS export domain was OK, but getting too small for our needs.
Then I unmounted it, created another bigger one somewhere else, and
tried to mount the new one.
Long things short, the NFS is not mounted and the relevant error is here:
Thread-1422222::DEBUG::2013-04-16
10:08:25,973::__init__::1249::Storage.Misc.excCmd::(_log) '/usr/bin/sudo
-n /usr/bin/mount -t nfs -o soft,nosharecache,timeo=600,retrans=6
serv-vm-adm7.xxx:/data/vmex
/rhev/data-center/mnt/serv-vm-adm7.xxx:_data_vmex' (cwd None)
Thread-1422222::ERROR::2013-04-16
10:08:26,047::hsm::1932::Storage.HSM::(connectStorageServer) Could not
connect to storageServer
Traceback (most recent call last):
File "/usr/share/vdsm/storage/hsm.py", line 1929, in connectStorageServer
File "/usr/share/vdsm/storage/storageServer.py", line 256, in connect
File "/usr/share/vdsm/storage/storageServer.py", line 179, in connect
File "/usr/share/vdsm/storage/mount.py", line 190, in mount
File "/usr/share/vdsm/storage/mount.py", line 206, in _runcmd
MountError: (32, ";mount.nfs: rpc.statd is not running but is required
for remote locking.\nmount.nfs: Either use '-o nolock' to keep locks
local, or start statd.\nmount.nfs: an incorrect mount option was
specified\n")
I confirm trying to manually mount the same from the node, and using the
nolock option does work.
While googling, I checked the /etc/services : no problem.
I don't know what to change, what I did wrong, what to improve?
--
Nicolas Ecarnot
[Very rare msg from me using HTML and colors... I'm ready to wear a tie ;)]
11 years, 7 months
[Users] DNS reverse configuration
by Eduardo Ramos
This is a multi-part message in MIME format.
--------------030000020905080205090702
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Hi all!
I'm trying to connect my ovirt-engine in a samba4 server. Samba4 is
ActiveDirectory complaint. But when I use engine-manage-domains, it
returns me a strange message:
[root@ovirt-dir eduardo]# engine-manage-domains -action=add
-domain=gsr.inpe.br -provider=activeDirectory -user=Administrator
-interactive
Enter password:
Error: Authentication Failed. Error in DNS configuration. Please verify
the oVirt Engine host has a valid reverse DNS (PTR) record.. Problematic
domain is: getconnection: driver class
name=org.postgresql.xa.pgxadatasourcegetconnection:
url=jdbc:postgresql://localhost:5432/enginegetconnection: considering
encrypted passord. secdomain=encryptdbpasswordexecute: beginning
execution of action action_get.fetching key=domainname ver=general
Failure while applying Kerberos configuration. Details: Authentication
Failed. Error in DNS configuration. Please verify the oVirt Engine host
has a valid reverse DNS (PTR) record.
Using host command, I got the following results:
[root@ovirt-dir eduardo]# host ovirt-dir.gsr.inpe.br
ovirt-dir.gsr.inpe.br has address 150.163.80.125
[root@ovirt-dir eduardo]# host 150.163.80.125
125.80.163.150.in-addr.arpa domain name pointer ovirt-dir.gsr.inpe.br.
[root@ovirt-dir eduardo]# host -t srv _kerberos._tcp.gsr.inpe.br
_kerberos._tcp.gsr.inpe.br has SRV record 1 0 88 samba4.gsr.inpe.br.
[root@ovirt-dir eduardo]# host samba4.gsr.inpe.br
samba4.gsr.inpe.br has address 150.163.73.109
[root@ovirt-dir eduardo]# host 150.163.73.109
109.73.163.150.in-addr.arpa domain name pointer samba4.gsr.inpe.br.
As you can see, it is everything ok. No DNS problem.
Someone have any idea?
Thanks.
--------------030000020905080205090702
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
<html>
<head>
<meta http-equiv="content-type" content="text/html; charset=ISO-8859-1">
</head>
<body bgcolor="#FFFFFF" text="#000000">
Hi all!<br>
<br>
I'm trying to connect my ovirt-engine in a samba4 server. Samba4 is
ActiveDirectory complaint. But when I use engine-manage-domains, it
returns me a strange message:<br>
<br>
<small>[root@ovirt-dir eduardo]# engine-manage-domains -action=add
-domain=gsr.inpe.br -provider=activeDirectory -user=Administrator
-interactive<br>
Enter password:<br>
<br>
Error: Authentication Failed. Error in DNS configuration. Please
verify the oVirt Engine host has a valid reverse DNS (PTR)
record.. Problematic domain is: getconnection: driver class
name=org.postgresql.xa.pgxadatasourcegetconnection:
url=jdbc:postgresql://localhost:5432/enginegetconnection:
considering encrypted passord. secdomain=encryptdbpasswordexecute:
beginning execution of action action_get.fetching key=domainname
ver=general<br>
Failure while applying Kerberos configuration. Details:
Authentication Failed. Error in DNS configuration. Please verify
the oVirt Engine host has a valid reverse DNS (PTR) record.<br>
<br>
<big><big><small>Using host command, I got the following results:<br>
<small><br>
[root@ovirt-dir eduardo]# host ovirt-dir.gsr.inpe.br<br>
ovirt-dir.gsr.inpe.br has address 150.163.80.125<br>
<br>
[root@ovirt-dir eduardo]# host 150.163.80.125<br>
125.80.163.150.in-addr.arpa domain name pointer
ovirt-dir.gsr.inpe.br.<br>
<br>
[root@ovirt-dir eduardo]# host -t srv
_kerberos._tcp.gsr.inpe.br<br>
_kerberos._tcp.gsr.inpe.br has SRV record 1 0 88
samba4.gsr.inpe.br.<br>
<br>
[root@ovirt-dir eduardo]# host samba4.gsr.inpe.br<br>
samba4.gsr.inpe.br has address 150.163.73.109<br>
<br>
[root@ovirt-dir eduardo]# host 150.163.73.109<br>
109.73.163.150.in-addr.arpa domain name pointer
samba4.gsr.inpe.br.<br>
<br>
<big>As you can see, it is everything ok. No DNS problem.<br>
<br>
Someone have any idea?<br>
<br>
Thanks.<br>
</big></small></small></big></big></small>
</body>
</html>
--------------030000020905080205090702--
11 years, 7 months
[Users] oVirt Weekly Meeting Minutes -- 2013-04-10
by Mike Burns
Minutes:
http://ovirt.org/meetings/ovirt/2013/ovirt.2013-04-10-14.01.html
Minutes (text):
http://ovirt.org/meetings/ovirt/2013/ovirt.2013-04-10-14.01.txt
Log:
http://ovirt.org/meetings/ovirt/2013/ovirt.2013-04-10-14.01.log.html
=========================
#ovirt: oVirt Weekly Sync
=========================
Meeting started by mburns at 14:01:09 UTC. The full logs are available
at http://ovirt.org/meetings/ovirt/2013/ovirt.2013-04-10-14.01.log.html
.
Meeting summary
---------------
* Agenda and Roll Call (mburns, 14:01:17)
* Agenda (mburns, 14:01:26)
* release updates for 3.2 (mburns, 14:01:39)
* release updates for 3.3 (mburns, 14:01:41)
* conferences and workshops (mburns, 14:01:48)
* Sub Project Status (mburns, 14:02:00)
* Other Topics (mburns, 14:02:05)
* oVirt 3.2 Updates (mburns, 14:03:35)
* 3.2 EL6 packages are now available in the stable repositories (as of
this morning) (mburns, 14:03:54)
* 3.2.2 build should be available in the next couple weeks (mburns,
14:10:11)
* work for vms not running on el6 out of the box is underway (mburns,
14:10:28)
* oVirt 3.3 Updates (mburns, 14:13:03)
* LINK: http://www.ovirt.org/OVirt_3.3_release-management (mburns,
14:13:29)
* new features for Virt, SLA, Node, Gluster posted (mburns, 14:14:04)
* every feature has a feature page posted as well (mburns, 14:14:20)
* a couple more to be posted still -- novnc, spice html5, el6
machine-type bug (mburns, 14:15:10)
* reminder: feature freeze is May 31 (mburns, 14:16:23)
* direct host feature dropped -- determined to be not useful (mburns,
14:19:43)
* node features are primarily running on a different schedule,
targeting GA May 31 (mburns, 14:22:00)
* exception being the vdsm plugin for ovirt-node which will ship on
oVirt Project schedule (mburns, 14:22:27)
* Conferences and Workshops (mburns, 14:23:42)
* schedule is available http://www.ovirt.org/Intel_Workshop_May_2013
(mburns, 14:24:52)
* visa information going out shortly (mburns, 14:25:02)
* speakers with approved talks have been notified (mburns, 14:25:15)
* slides are due 22-April if your presentation was approved (mburns,
14:25:49)
* you should start booking flights and hotels now if you're attending
and haven't already (mburns, 14:26:40)
* please contack theron if you need visa letters (mburns, 14:28:41)
* visa letters should be going out today (mburns, 14:28:50)
* Marketing group (mburns, 14:31:23)
* the oVirt Marketing group kicked off last week (mburns, 14:31:37)
* planning an ovirt/cloud conf to occur in San Francisco in late
August (mburns, 14:31:57)
* venue secured, prospectus drafted (mburns, 14:32:18)
* prospectus to be sent later this week to all oVirt companies
(mburns, 14:32:34)
* there will be multiple tracks (3-4) (mburns, 14:34:20)
* need to get more papers submitted than for our past workshops
(mburns, 14:34:35)
* conference won't be pure oVirt, but need to make sure oVirt is
represented (mburns, 14:35:51)
* more info will be shared as the marketing group moves forward
(mburns, 14:36:52)
* Sub-project status (mburns, 14:38:33)
* Sub-project status -- Infra (mburns, 14:38:39)
* LINK:
http://resources.ovirt.org/meetings/ovirt/2013/ovirt.2013-04-08-14.04.html
(ewoud, 14:40:29)
* work is still in progress installing servers (mburns, 14:40:37)
* not much else to report (mburns, 14:40:43)
* issues installing at rackspace (mburns, 14:41:22)
* waiting on new IPs from alterway (mburns, 14:41:28)
* Other Topics (mburns, 14:42:45)
Meeting ended at 14:44:58 UTC.
Action Items
------------
Action Items, by person
-----------------------
* **UNASSIGNED**
* (none)
People Present (lines said)
---------------------------
* mburns (81)
* theron (21)
* oschreib (13)
* lvernia (5)
* ewoud (4)
* mskrivanek (3)
* ovirtbot (3)
* doron (1)
* ofri (1)
* fsimonce (1)
* dustins (1)
* dneary (0)
Generated by `MeetBot`_ 0.1.4
.. _`MeetBot`: http://wiki.debian.org/MeetBot
11 years, 7 months
[Users] Contribute to the project
by Candido Raphael
--Apple-Mail=_9C83B5F5-9F3E-45B2-A63F-D6407A28D53F
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain;
charset=us-ascii
Hi, I wonder how I can contribute to the project, I live in Brazil and I =
see here that the
project is not yet known and highly publicized, wish I could help in =
disseminating the same here
in my country.
I wonder if there is interest in releasing it here in Brazil.
Thank you.
I await return.
Sincerely,
Raphael Souza
Infrastructure Analyst
Be Free, use Linux!
--Apple-Mail=_9C83B5F5-9F3E-45B2-A63F-D6407A28D53F
Content-Transfer-Encoding: quoted-printable
Content-Type: text/html;
charset=us-ascii
<html><head></head><body style=3D"word-wrap: break-word; =
-webkit-nbsp-mode: space; -webkit-line-break: after-white-space; "><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 119px; text-indent: -119px; font: normal normal normal =
12px/normal Courier; color: rgb(76, 76, 76); "><br></div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 119px; text-indent: -119px; font: normal normal normal =
12px/normal Courier; color: rgb(76, 76, 76); "><br></div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 119px; text-indent: -119px; font: normal normal normal =
12px/normal Courier; color: rgb(76, 76, 76); ">Hi, I wonder how I can =
contribute to the project, I live in Brazil and I see here that =
the</div><div style=3D"margin-top: 0px; margin-right: 0px; =
margin-bottom: 0px; margin-left: 119px; text-indent: -119px; font: =
normal normal normal 12px/normal Courier; color: rgb(76, 76, 76); =
">project is not yet known and highly publicized, wish I could help =
in disseminating the same here</div><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 119px; text-indent: =
-119px; font: normal normal normal 12px/normal Courier; color: rgb(76, =
76, 76); ">in my country.</div><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 119px; text-indent: =
-119px; font: normal normal normal 12px/normal Courier; color: rgb(76, =
76, 76); "><br></div><div style=3D"margin-top: 0px; margin-right: 0px; =
margin-bottom: 0px; margin-left: 119px; text-indent: -119px; font: =
normal normal normal 12px/normal Courier; color: rgb(76, 76, 76); ">I =
wonder if there is interest in releasing it here in Brazil.</div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 119px; text-indent: -119px; font: normal normal normal =
12px/normal Courier; color: rgb(76, 76, 76); "><br></div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 119px; text-indent: -119px; font: normal normal normal =
12px/normal Courier; color: rgb(76, 76, 76); ">Thank you.</div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 119px; text-indent: -119px; font: normal normal normal =
12px/normal Courier; color: rgb(76, 76, 76); ">I await return.</div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 119px; text-indent: -119px; font: normal normal normal =
12px/normal Courier; color: rgb(76, 76, 76); "><br></div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 119px; text-indent: -119px; font: normal normal normal =
12px/normal Courier; color: rgb(76, 76, 76); "><br></div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 119px; text-indent: -119px; font: normal normal normal =
12px/normal Courier; color: rgb(76, 76, 76); ">Sincerely,</div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 119px; text-indent: -119px; font: normal normal normal =
12px/normal Courier; color: rgb(76, 76, 76); ">Raphael Souza</div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 119px; text-indent: -119px; font: normal normal normal =
12px/normal Courier; color: rgb(76, 76, 76); ">Infrastructure =
Analyst</div><div style=3D"margin-top: 0px; margin-right: 0px; =
margin-bottom: 0px; margin-left: 119px; text-indent: -119px; font: =
normal normal normal 12px/normal Courier; color: rgb(76, 76, 76); ">Be =
Free, use Linux!</div><div style=3D"margin-top: 0px; margin-right: 0px; =
margin-bottom: 0px; margin-left: 119px; text-indent: -119px; font: =
normal normal normal 12px/normal Courier; color: rgb(76, 76, 76); =
"><br></div><div style=3D"margin-top: 0px; margin-right: 0px; =
margin-bottom: 0px; margin-left: 119px; text-indent: -119px; font: =
normal normal normal 12px/normal Courier; color: rgb(76, 76, 76); =
"><br></div><div style=3D"margin-top: 0px; margin-right: 0px; =
margin-bottom: 0px; margin-left: 119px; text-indent: -119px; font: =
normal normal normal 12px/normal Courier; color: rgb(76, 76, 76); =
"><br></div><div style=3D"margin-top: 0px; margin-right: 0px; =
margin-bottom: 0px; margin-left: 119px; text-indent: -119px; font: =
normal normal normal 12px/normal Courier; color: rgb(76, 76, 76); =
"><br></div><div style=3D"margin-top: 0px; margin-right: 0px; =
margin-bottom: 0px; margin-left: 119px; text-indent: -119px; font: =
normal normal normal 12px/normal Courier; color: rgb(76, 76, 76); =
"><br></div></body></html>=
--Apple-Mail=_9C83B5F5-9F3E-45B2-A63F-D6407A28D53F--
11 years, 7 months
[Users] vdsm unresponsive with python exception
by Tony Feldmann
I am having a strange issue in my ovirt cluster. I have 2 hosts, 1 running
engine and added as a host and one other system added as a host. Both
systems are running gluster across local disks for shared storage.
Everything was working fine until last night, where my system that is also
running the engine when unresponsive in the admin page. All vms were still
running that were on the host. I shut down the vms that were on the host
from within the guest os as I was not able to do anything to the vm with
the host in unresponsive state. After getting the vms off and rebooting
the host, the vdsmd service says that it is running, but it continually
restarts the vdsm process and dumps out these messages: detected unhandled
Python exception in '/usr/share/vdsm/vdsm'. All services say they are up
and running but the host stays in unresponsive state and the vdsm process
keeps respawning. There is also no data in the vdsm.log. Can anyone shed
any light on this for me?
Thanks,
Tony
11 years, 7 months
[Users] Problem on boot after deleting last snaphot
by Gianluca Cecchi
Hello,
snapshot testing in 3.2.1 on f18 host with
http://gerrit.ovirt.org/#/c/13172/
(enable template from snapshot)
- create one vm named prova_snap from centos 6 template
and choose preallocated storage
- power on
- create test_snap1 with vm powered on
Snapshot test_snap1 creation for VM prova_snap has been completed.
I have now:
Current OK Active VM
2013-Apr-16, 14:09 OK test_snap1
- create some files
- shutdown VM
VM shutdown initiated by admin@internal on VM prova_snap (Host: f18ovn03).
VM prova_snap is down. Exit message: User shut down
- snapshots --> select "test_snap1" --> preview
Snapshot-Preview for VM prova_snap was initiated by admin@internal.
Snapshot-Preview for VM prova_snap has been completed.
And I have under "Description" field of snapshots view
test_snap1 (Preview Mode) (in coloured bold)
2013-Apr-16, 14:09 In Preview test_snap1 (Preview Mode)
- Power on VM
--> ok the files created after the snapshot are not there.
- Shutdown VM and undo the operation to come back (forward actually)
to the active state
Restoring VM prova_snap from snapshot started by user admin@internal.
VM prova_snap restoring from Snapshot has been completed.
- Power On VM
Ok, all files are there again.
- create test_snap2 with vm powered on
Snapshot test_snap2 creation for VM prova_snap was initiated by admin@internal.
Snapshot test_snap2 creation for VM prova_snap has been completed.
Now I have
Current OK Active VM
2013-Apr-16, 16:21 OK test_snap2
2013-Apr-16, 14:09 OK test_snap1
- create some files
/testfile_aftersnap2
- shutdown VM
- snapshots --> select again the first snapshot named "test_snap1" --> preview
Snapshot-Preview for VM prova_snap was initiated by admin@internal.
Snapshot-Preview for VM prova_snap has been completed.
Now I have:
2013-Apr-16, 16:25 OK Active VM before the preview
2013-Apr-16, 16:21 OK test_snap2
2013-Apr-16, 14:09 In Preview test_snap1 (Preview Mode)
- Power on VM
--> ok the files created after the snapshots are not there.
- Shutdown VM and commit so that subsequent snapshots (in my case
test_snap2) should be erased
Restoring VM prova_snap from snapshot started by user admin@internal.
VM prova_snap restoring from Snapshot has been completed.
Now I correctly have only this:
Current OK Active VM
2013-Apr-16, 14:09 OK test_snap1
- Power on VM
And now I should be in situation as right after test_snap1 creation if
I power on te VM
--> OK
Now I would like to delete the remaining snapshot (test_snap1) and
begin a new story...
So:
- Power off the VM
- Delete snapshot
Are you sure you want to delete snapshot from Tue Apr 16 14:09:10
GMT+200 2013 with description 'test_snap1'?
yes
during the process
Total DISK READ: 46660.26 K/s | Total DISK WRITE: 46468.59 K/s
PID PRIO USER DISK READ> DISK WRITE SWAPIN IO COMMAND
20610 idle vdsm 46036.93 K/s 46457.74 K/s 0.00 % 30.67 % qemu-img
convert -t n~cb-2eb88d4ede9a_MERGE
2457 be/4 sanlock 336.65 K/s 0.00 K/s 0.00 % 0.03 % sanlock
daemon -U sanlock -G sanlock
4173 be/3 vdsm 0.33 K/s 0.00 K/s 0.00 % 0.00 % python
/usr/share/vdsm~eFileHandler.pyc 43 40
2830 be/4 root 0.00 K/s 11.84 K/s 0.00 % 0.00 % libvirtd --listen
875 be/3 root 0.00 K/s 0.00 K/s 0.00 % 0.52 % [jbd2/dm-12-8]
3141 be/3 vdsm 0.00 K/s 1.32 K/s 0.00 % 0.00 % python
/usr/share/vdsm/vdsm
ps:
vdsm 20610 3141 7 16:43 ? 00:00:01 /usr/bin/qemu-img
convert -t none -f qcow2
/rhev/data-center/5849b030-626e-47cb-ad90-3ce782d831b3/3fb66ba1-cfcb-4341-8960-46f0e8cf6e83/images/78c29803-45d5-46fb-bdd6-39647c067c28/b1e4782f-ff51-4a25-94cb-2eb88d4ede9a
-O raw /rhev/data-center/5849b030-626e-47cb-ad90-3ce782d831b3/3fb66ba1-cfcb-4341-8960-46f0e8cf6e83/images/78c29803-45d5-46fb-bdd6-39647c067c28/b1e4782f-ff51-4a25-94cb-2eb88d4ede9a_MERGE
Snapshot test_snap1 deletion on VM prova_snap was initiated by admin@internal.
(in tasks:
executing
--> Merging snapshots of disk prova_snap_Disk1
)
Snapshot test_snap1 deletion on VM prova_snap has been completed.
(elapsed about 4 minutes)
Now in snapshots pane:
Current OK Active VM
But the VM doesn't boot, so it seems that the final operation
corrupted the MBR perhaps....
see this screenshot where there is console window and disks pane:
https://docs.google.com/file/d/0BwoPbcrMv8mvRDlLZEw1dmlvM0U/edit?usp=sharing
Any hint? Anyone can replicate and reproduce?
Thanks
Gianluca
11 years, 7 months
[Users] High Availability
by suporte@logicworks.pt
What should I need to configure to put HA working? I mean, when a host broke all the VM automatically move to another host.
Do I need to have Power management enabled?
Thanks
11 years, 7 months
Re: [Users] [Spice-devel] 3.2 final and status of spice console in ie
by Juan Jose
Yes, User portal works fine at the moment. I want to install
spice-guest-tools to improve the windows VM integration in client machine.
After that I will try to add a server user validation.
Many thanks,
Juanjo.
On Wed, Apr 10, 2013 at 6:46 AM, Karli Sjöberg <Karli.Sjoberg(a)slu.se> wrote:
> **
> tis 2013-04-09 klockan 17:11 +0200 skrev Juan Jose:
>
> Yes host or node, is my machine that has the hypervisor and yes I tried
> open console from Admin-Portal and It didn't work. Now both are working in
> a Win7 client with IE 9.
>
> Is the User-portal working as well?
>
>
>
>
>
> Many thanks again,
>
>
>
> Juanjo.
>
>
>
> On Tue, Apr 9, 2013 at 2:53 PM, Karli Sjöberg <Karli.Sjoberg(a)slu.se>
> wrote:
>
> tis 2013-04-09 klockan 13:49 +0200 skrev Juan Jose:
>
>
> Hello David,
>
>
> My problem was that I needed to add my host to
> \windows\system32\driver\etc\hosts file moreover to have virt-viewer
> installed in the Windows 7 client. Now I can open the console after that.
>
> When you say "host", I´m guessing you mean the hypervisor that is
> running the VM you want to access. Have you tried opening console through
> *Admin*-portal, *User*-portal, or both? And they all work?
>
> /Karli
>
>
>
> Many thanks,
>
>
> Juanjo.
>
>
>
>
> On Mon, Apr 8, 2013 at 4:23 PM, David Jaša <djasa(a)redhat.com> wrote:
>
> Hi Juan,
>
> Juan Jose píše v Po 08. 04. 2013 v 14:36 +0200:
> >
> > Hello evrybody,
> >
> >
> > I'm testing open console in a Windows 7 client with IE 9 and when I
> > try to click in console when I'm inside User Portal with wirt-viewer
> > installad, it is launched but and virt-viewer give me the message
> > "Unable to connect to graphic server" and It can't connect to my VM.
> > Any suggest?
>
>
> I've described the debugging steps on this list in the past, please look
> them up and go through spicex.log. If that isn't sufficient, please use
> debug-helper.exe (IIRC I described it in another mail here) to get
> remote-viewer debug output.
>
> HTH,
>
> David
>
> >
> >
> > Many thanks in avanced,
> >
> >
> > Juanjo.
> >
> >
> > On Thu, Mar 21, 2013 at 1:49 PM, Gianluca Cecchi
> > <gianluca.cecchi(a)gmail.com> wrote:
> > On Wed, Mar 20, 2013 at 10:43 PM, Jeff Bailey wrote:
> > > On 3/20/2013 5:20 AM, Christophe Fergeau wrote:
> > >>
> > >> On Tue, Mar 19, 2013 at 05:11:56PM -0400, Jeff Bailey
> > wrote:
> > >
> >
> > > Heh, heh, maybe it's a secret. :)
> > >
> > > Actually, I believe I got it from
> > http://elmarco.fedorapeople.org/spice.cab
> > > and it seems to be version 5.0.2.2.
> > >
> >
> >
> >
> > As already pointed in another mail of this same thread from
> > Michal
> > Skrivanek (about a month ago), the info is at
> >
> http://wiki.ovirt.org/How_to_Connect_to_SPICE_Console_With_Portal
> > and the page indeed contains the same link to spice.cab file
> > you are referring
> > so possibly difficult to find but not a secret... ;-)
> >
> > Gianluca
> > _______________________________________________
> > Users mailing list
> > Users(a)ovirt.org
> > http://lists.ovirt.org/mailman/listinfo/users
> >
> >
> >
> > _______________________________________________
> > Users mailing list
> > Users(a)ovirt.org
> > http://lists.ovirt.org/mailman/listinfo/users
>
>
> --
>
> David Jaša, RHCE
>
> SPICE QE based in Brno
> GPG Key: 22C33E24
> Fingerprint: 513A 060B D1B4 2A72 7F0D 0278 B125 CD00 22C3 3E24
>
>
>
>
>
>
>
> --
>
> Med Vänliga Hälsningar
>
> -------------------------------------------------------------------------------
> Karli Sjöberg
> Swedish University of Agricultural Sciences
> Box 7079 (Visiting Address Kronåsvägen 8)
> S-750 07 Uppsala, Sweden
> Phone: +46-(0)18-67 15 66
> karli.sjoberg(a)slu.se <karli.sjoberg(a)adm.slu.se>
>
>
>
>
> --
>
> Med Vänliga Hälsningar
>
> -------------------------------------------------------------------------------
> Karli Sjöberg
> Swedish University of Agricultural Sciences
> Box 7079 (Visiting Address Kronåsvägen 8)
> S-750 07 Uppsala, Sweden
> Phone: +46-(0)18-67 15 66
> karli.sjoberg(a)slu.se <karli.sjoberg(a)adm.slu.se>
>
11 years, 7 months
[Users] host goes to non-operational because interface down message
by Gianluca Cecchi
Hello,
I have a newly created datacenter in 3.2.1 with f18 host where
ovirtmgmt is set as vlan.
host is installed but after some minutes I get this messages:
Host management02 moved to Non-Operational state because interfaces
'em1.311' are down but are needed by networks 'ovirtmgmt' in the
current cluster
from an operating system point of view it seems that all is ok on the host
[root@management02 ~]# ip addr list
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
2: em1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP qlen 1000
link/ether 00:15:17:b4:99:3c brd ff:ff:ff:ff:ff:ff
3: em2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP qlen 1000
link/ether 00:15:17:b4:99:3d brd ff:ff:ff:ff:ff:ff
inet 213.205.41.202/26 brd 213.205.41.255 scope global em2
4: em1.311@em1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc
noqueue master ovirtmgmt state UP
link/ether 00:15:17:b4:99:3c brd ff:ff:ff:ff:ff:ff
5: ovirtmgmt: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP
link/ether 00:15:17:b4:99:3c brd ff:ff:ff:ff:ff:ff
inet 10.39.71.12/26 brd 10.39.71.63 scope global ovirtmgmt
7: ;vdsmdummy;: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN
link/ether 36:98:c3:39:5f:43 brd ff:ff:ff:ff:ff:ff
8: bond0: <BROADCAST,MULTICAST,MASTER> mtu 1500 qdisc noop state DOWN
link/ether 00:00:00:00:00:00 brd ff:ff:ff:ff:ff:ff
9: bond4: <BROADCAST,MULTICAST,MASTER> mtu 1500 qdisc noop state DOWN
link/ether 00:00:00:00:00:00 brd ff:ff:ff:ff:ff:ff
10: bond1: <BROADCAST,MULTICAST,MASTER> mtu 1500 qdisc noop state DOWN
link/ether 00:00:00:00:00:00 brd ff:ff:ff:ff:ff:ff
11: bond2: <BROADCAST,MULTICAST,MASTER> mtu 1500 qdisc noop state DOWN
link/ether 00:00:00:00:00:00 brd ff:ff:ff:ff:ff:ff
12: bond3: <BROADCAST,MULTICAST,MASTER> mtu 1500 qdisc noop state DOWN
link/ether 00:00:00:00:00:00 brd ff:ff:ff:ff:ff:ff
[root@management02 ~]# ethtool em1
Settings for em1:
Supported ports: [ FIBRE ]
Supported link modes: 1000baseT/Full
Supported pause frame use: No
Supports auto-negotiation: Yes
Advertised link modes: 1000baseT/Full
Advertised pause frame use: Symmetric
Advertised auto-negotiation: Yes
Speed: 1000Mb/s
Duplex: Full
Port: FIBRE
PHYAD: 0
Transceiver: internal
Auto-negotiation: on
Supports Wake-on: pumbg
Wake-on: g
Current message level: 0x00000007 (7)
drv probe link
Link detected: yes
[root@management02 ~]# ethtool em1.311
Settings for em1.311:
Supported ports: [ FIBRE ]
Supported link modes: 1000baseT/Full
Supported pause frame use: No
Supports auto-negotiation: Yes
Advertised link modes: 1000baseT/Full
Advertised pause frame use: Symmetric
Advertised auto-negotiation: Yes
Speed: 1000Mb/s
Duplex: Full
Port: FIBRE
PHYAD: 0
Transceiver: internal
Auto-negotiation: on
Link detected: yes
On engine
[root@management01 ~]# ip addr list
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
2: em1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP qlen 1000
link/ether 00:15:17:b1:1f:e8 brd ff:ff:ff:ff:ff:ff
3: em2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP qlen 1000
link/ether 00:15:17:b1:1f:e9 brd ff:ff:ff:ff:ff:ff
inet 213.205.41.201/26 brd 213.205.41.255 scope global em2
4: em1.192@em1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc
noqueue state UP
link/ether 00:15:17:b1:1f:e8 brd ff:ff:ff:ff:ff:ff
inet 192.168.230.1/24 brd 192.168.230.255 scope global em1.192
5: em1.311@em1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc
noqueue state UP
link/ether 00:15:17:b1:1f:e8 brd ff:ff:ff:ff:ff:ff
inet 10.39.71.11/26 brd 10.39.71.63 scope global em1.311
[root@management01 ~]# ethtool em1
Settings for em1:
Supported ports: [ FIBRE ]
Supported link modes: 1000baseT/Full
Supported pause frame use: No
Supports auto-negotiation: Yes
Advertised link modes: 1000baseT/Full
Advertised pause frame use: Symmetric
Advertised auto-negotiation: Yes
Speed: 1000Mb/s
Duplex: Full
Port: FIBRE
PHYAD: 0
Transceiver: internal
Auto-negotiation: on
Supports Wake-on: pumbg
Wake-on: g
Current message level: 0x00000007 (7)
drv probe link
Link detected: yes
[root@management01 ~]# ethtool em1.311
Settings for em1.311:
Supported ports: [ FIBRE ]
Supported link modes: 1000baseT/Full
Supported pause frame use: No
Supports auto-negotiation: Yes
Advertised link modes: 1000baseT/Full
Advertised pause frame use: Symmetric
Advertised auto-negotiation: Yes
Speed: 1000Mb/s
Duplex: Full
Port: FIBRE
PHYAD: 0
Transceiver: internal
Auto-negotiation: on
Link detected: yes
what can be the cause?
what is the check that runs and move the host to non-operational?
Thanks
Gianluca
11 years, 7 months
