Unable to remove system roles from Everyone group
by miguel.garcia@toshibagcs.com
I opened Everyone group and added system role UserRole and realized now that everybody can see all VMS which is not good. I tried to remove the role from the group but got the error "Error while executing action: It's not allowed to remove system permissions assigned to built-in Everyone group"
Looking into Ovirt forums I see that this change should be made through the engine database but I was not able to reach that part.
Can someone help me out how to remove the system role from Everyone group? or at least reset the group?
4 years, 6 months
Running Host on sudo user
by carl langlois
Hi,
I was wandering if it is possible to run ovirt node using a sudo user
instead of the root user?
Let says i want or need to disable root ssh login..
Thanks and regards.
Carl
4 years, 6 months
Can we agree on adding reference to version in help request email?
by Sandro Bonazzola
Hi,
I was looking in the past 2 weeks email landing on this mailing list and a
common thing I notice is that it's hard to understand which version of the
involved software they're referring too.
Can we agree on adding at the top of the message a couple of line like
output of
yum -q list installed centos-release ovirt-release\* ovirt-engine
redhat-release vdsm glusterfs
centos-release.x86_64 7-7.1908.0.el7.centos
glusterfs.x86_64 6.8-1.el7
ovirt-engine.noarch 4.3.9.4-1.el7
ovirt-release43.noarch 4.3.9-1.el7
It will help understanding if the help request is something that may be
already known, a regression, and so on.
--
Sandro Bonazzola
MANAGER, SOFTWARE ENGINEERING, EMEA R&D RHV
Red Hat EMEA <https://www.redhat.com/>
sbonazzo(a)redhat.com
<https://www.redhat.com/>*
<https://www.redhat.com/en/summit?sc_cid=7013a000002D2QxAAK>*
*Red Hat respects your work life balance. Therefore there is no need to
answer this email out of your office hours.*
4 years, 6 months
Add custom Network Filter to oVirt
by Hendrik Peyerl
Hello all,
can anyone give me a hint on where to find documentation on how to add custom created network filters through oVirt?
Thanks,
Hendrik
4 years, 6 months
Re: Move Hosted Engine VM to a different storage domain
by Yedidyah Bar David
On Wed, Apr 29, 2020 at 8:42 AM Anton Louw <Anton.Louw(a)voxtelecom.co.za>
wrote:
>
>
> Hi,
>
>
>
> Thank you for the reply. I am building another environment today, so I
> will run through the backup and restore again. I do recall one issue I had
> with the restore was that it gave an error that one of the storage domains
> were already in use. This was a new storage domain I added, with no VMs on.
>
>
>
> I just want to make sure, I probably cannot deploy the HE on a storage
> domain that is in maintenance, correct? I will try and create a new storage
> domain again, but remove it from the data center, and perhaps see if the HE
> will deploy to it.
>
hosted-engine deploy does not require an "empty storage domain" (in
maintenance or not), but one that "does not exist yet" - meaning, a path to
storage that will be used as a storage domain, but in which a storage
domain was not created yet. The deploy process itself will create the
domain there.
I hope this clarifies.
>
>
> The main goal was to have no downtime, but if it is going to be too
> complex, I think my next option will be to create a new HE, and attach the
> current storage domains. Obviously it is going to take a bit of planning,
> as I will need to configure all the networks etc. from scratch again.
>
Good luck and keep us updated!
Best regards,
>
>
> Thanks
>
>
>
> *Anton Louw*
> *Cloud Engineer: Storage and Virtualization* at *Vox*
> ------------------------------
> *T:* 087 805 0000 | *D:* 087 805 1572
> *M:* N/A
> *E:* anton.louw(a)voxtelecom.co.za
> *A:* Rutherford Estate, 1 Scott Street, Waverley, Johannesburg
> www.vox.co.za
>
> [image: F] <https://www.facebook.com/voxtelecomZA>
> [image: T] <https://www.twitter.com/voxtelecom>
> [image: I] <https://www.instagram.com/voxtelecomza/>
> [image: L] <https://www.linkedin.com/company/voxtelecom>
> [image: Y] <https://www.youtube.com/user/VoxTelecom>
>
> *From:* Strahil Nikolov <hunter86_bg(a)yahoo.com>
> *Sent:* 26 April 2020 08:55
> *To:* Yedidyah Bar David <didi(a)redhat.com>; Anton Louw <
> Anton.Louw(a)voxtelecom.co.za>
> *Cc:* users(a)ovirt.org
> *Subject:* Re: [ovirt-users] Re: Move Hosted Engine VM to a different
> storage domain
>
>
>
> On April 26, 2020 9:39:07 AM GMT+03:00, Yedidyah Bar David <
> didi(a)redhat.com> wrote:
> >On Fri, Apr 24, 2020 at 1:04 PM Anton Louw
> ><Anton.Louw(a)voxtelecom.co.za>
> >wrote:
> >
> >>
> >>
> >> Hi All,
> >>
> >>
> >>
> >> I know this question has been asked before, by myself included. I was
> >> hoping that someone has run through the exercise of moving the hosted
> >> engine VM to a different storage domain. I have tried many routes,
> >but the
> >> backup and restore does not work for me.
> >>
> >
> >The "standard answer" is backup and restore. Why does it not work?
> >
> >
> >>
> >>
> >> Is there anybody that can perhaps give me some guidelines or a
> >process I
> >> can follow?
> >>
> >
> >I didn't try that myself.
> >
> >The best guidelines I can give you are: Try first on at a test system.
> >Do
> >the backup on the real machine, create some isolated VM (isolated so
> >that
> >it does not interfere with your hosts/storage) somewhere to be used as
> >a
> >test host (or a physical machine if you have one), some storage
> >somewhere,
> >and restore on it. Make it work. Document what you needed to do. Ask
> >here
> >with specific questions if/when you have them. Then do on the
> >production
> >setup.
> >
> >Also clarify your needs. Do you need no-downtime for the VMs? If so,
> >that's
> >more complex. If you don't, it might be enough/simpler to deploy a new
> >setup and just import the existing storage. Do you have HA VMs? etc.
> >
> >
> >>
> >>
> >> The reason I need to move the HE VM is because we are decommissioning
> >the
> >> current storage array where the HE VM is located.
> >>
> >
> >Good luck!
> >
> >Best regards,
> >
> >
> >>
> >>
> >> Thank you very much
> >>
> >> *Anton Louw*
> >> *Cloud Engineer: Storage and Virtualization* at *Vox*
> >> ------------------------------
> >> *T:* 087 805 0000 | *D:* 087 805 1572
> >> *M:* N/A
> >> *E:* anton.louw(a)voxtelecom.co.za
> >> *A:* Rutherford Estate, 1 Scott Street, Waverley, Johannesburg
> >> www.vox.co.za
> >>
> >> [image: F] <https://www.facebook.com/voxtelecomZA>
> >> [image: T] <https://www.twitter.com/voxtelecom>
> >> [image: I] <https://www.instagram.com/voxtelecomza/>
> >> [image: L] <https://www.linkedin.com/company/voxtelecom>
> >> [image: Y] <https://www.youtube.com/user/VoxTelecom>
> >>
> >> [image: #VoxBrand]
> >> <https://www.vox.co.za/fibre/fibre-to-the-home/?prod=HOME>
> >> *Disclaimer*
> >>
> >> The contents of this email are confidential to the sender and the
> >intended
> >> recipient. Unless the contents are clearly and entirely of a personal
> >> nature, they are subject to copyright in favour of the holding
> >company of
> >> the Vox group of companies. Any recipient who receives this email in
> >error
> >> should immediately report the error to the sender and permanently
> >delete
> >> this email from all storage devices.
> >>
> >> This email has been scanned for viruses and malware, and may have
> >been
> >> automatically archived by *Mimecast Ltd*, an innovator in Software as
> >a
> >> Service (SaaS) for business. Providing a *safer* and *more useful*
> >place
> >> for your human generated data. Specializing in; Security, archiving
> >and
> >> compliance. To find out more Click Here
> >> <https://www.voxtelecom.co.za/security/mimecast/?prod=Enterprise>.
> >>
> >>
> >> _______________________________________________
> >> Users mailing list -- users(a)ovirt.org
> >> To unsubscribe send an email to users-leave(a)ovirt.org
> >> Privacy Statement: https://www.ovirt.org/privacy-policy.html
> >> oVirt Code of Conduct:
> >> https://www.ovirt.org/community/about/community-guidelines/
> >> List Archives:
> >>
> >
> https://lists.ovirt.org/archives/list/users@ovirt.org/message/V3PRBRZD7SL...
> >>
>
> If youchange the gluster volume you can use the 'hosted-engine' tool +
> migration of the data ?
>
> The example is for Gluster, but also
> hosted-engine --set-shared-config storage <server1>:/engine
>
> hosted-engine --set-shared-config mnt_options
> backup-volfile-servers=<server2>:<server3>
>
> Best Regards,
> Strahil Nikolov
>
>
--
Didi
4 years, 6 months
Failed to complete VM creation,help me!
by liug74@sina.com
Storage domain usage is as follows:
vgdisplay 3542ca36-747b-407c-aa5e-331510f81fd9
--- Volume group ---
VG Name 3542ca36-747b-407c-aa5e-331510f81fd9
System ID
Format lvm2
Metadata Areas 2
Metadata Sequence No 15998
VG Access read/write
VG Status resizable
MAX LV 0
Cur LV 1954
Open LV 0
Max PV 0
Cur PV 1
Act PV 1
VG Size 113.97 TiB
PE Size 128.00 MiB
Total PE 933647
Alloc PE / Size 64930 / <7.93 TiB
Free PE / Size 868717 / 106.04 TiB
VG UUID GiL1LL-ggO5-a6mX-62uc-q597-B3X9-6bzC93
__________________________________________________________
The following error occurred when I created the VM:
VDSM H5 command HSMGetAllTasksStatusesVDS failed: Error creating a new volume: (u"Volume creation 62220be2-2781-4771-9373-84af5cc18f01 failed: (28, 'Sanlock resource write failure', 'No space left on device')",)
Excuse me, what's the reason, thank you!
4 years, 6 months
ovrt node ng 4.4 different fs layout and error if changed
by Gianluca Cecchi
Hello,
In CentOS 7 default filesystem in anaconda was xfs, but in ovirt node ng
4.3.9 (based on CentOS 7) the default layout was set to ext4.
In CentOS 8 again the default is xfs and I see that ovirt node ng 4.4 beta4
(based on CentOS 8.1) has now xfs for all filesystems, excluded /boot that
is set to ext4.
In general I have a preference for ext4.
I notice that while in 4.3.9 I could somehow customize partition layout,
even if not recommended, in 4.4 I always get error if I don't accept
automatic partitioning.
What I sometimes do:
- select disk and custom layout
- click done and the storage page appears
- I click the button to create automatically and I get the automatic
partitioning layout
- and here I can change fs type and update settings button and/or change
size of some filesystems (eg for /var/log if using Gluster)
Even if I only set all filesystems automatically generated by installer to
ext4, without changing any size, in the final stage of installation I get
this error and installation aborts:
"
There was an error running the kickstart script at line 5. This is a fatal
error and installation will be aborted. The details of this error are:
2020-04-19 10:37:50,451 [INFO] (MainThread) Trying to create a manageable
base from '/'
2020-04-19 10:37:50,811 [ERROR] (MainThread) LVM Thin Provisioning
partitioning scheme is required.
For autoinstall via Kickstart with LVM Thin Provisioning check options:
--thinpool and --grow. Please consult documentation for details
Traceback (most recent call last):
File "/usr/lib64/python3.6/runpy.py", line 193, in _run_module_as_main
"__main__", mod_spec)
File "/usr/lib64/python3.6/runpy.py", line 85, in _run_code
exec(code, run_globals)
File "/usr/lib/python3.6/site-packages/imgbased/__main__.py", line 53, in
<module>
CliApplication()
File "/usr/lib/python3.6/site-packages/imgbased/__init__.py", line 82, in
CliApplication
app.hooks.emit("post-arg-parse", args)
File "/usr/lib/python3.6/site-packages/imgbased/hooks.py", line 120, in
emit
cb(self.context, *args)
File "/usr/lib/python3.6/site-packages/imgbased/plugins/core.py", line
171, in post_argparse
layout.initialize(args.source, args.init_nvr)
File "/usr/lib/python3.6/site-packages/imgbased/plugins/core.py", line
215, in initialize
self.app.imgbase.init_layout_from(source, init_nvr)
File "/usr/lib/python3.6/site-packages/imgbased/imgbase.py", line 293, in
init_layout_from
self.init_tags_on(existing_lv)
File "/usr/lib/python3.6/site-packages/imgbased/imgbase.py", line 271, in
init_tags_on
pool = lv.thinpool()
File "/usr/lib/python3.6/site-packages/imgbased/lvm.py", line 305, in
thinpool
raise MissingLvmThinPool()
imgbased.lvm.MissingLvmThinPool
"
If I change nothing and choose automatic partitioning the installation
completes.
Tried different times with same results.
Is it expected? In this case instead of specifying "recommended" it should
be written sort of "mandatory"...
Gianluca
4 years, 6 months
Problem with multiple IP addresses and AWX
by Bernhard Dick
Hi,
I've started to use awx shortly and I'd like to have an inventory based
on their RHEV/oVirt-Plugin. Basically that works fine, however on
machines that have multiple network interfaces or internal nets (like
Docker) the first address in the IP list of the vm (which is used as
ansible_host by AWX) is not an address that is reachable from the
machine's outside and so those host entries are failing in my jobs.
I found an issue at AWX, being like we won't fix first:
https://github.com/ansible/awx/issues/1191
It also seems that there where issues related to this on oVirt:
First this with a request for setting a primary IP:
https://bugzilla.redhat.com/show_bug.cgi?id=1437145
And this one mentioning a way to ignore interfaces on ovirt-guest-agent,
however it does no longer work due to the use of qemu-guest-agent:
https://bugzilla.redhat.com/show_bug.cgi?id=1437145
Do you have any ideas how to circumvent this or is there some
improvement alread in planning?
Best regards
Bernhard
4 years, 6 months
Re: User Groups
by Lucie Leistnerova
On 4/29/20 9:35 AM, Anton Louw wrote:
>
>
> Hi Paul,
>
> Thanks. Its just strange, because when I want to assign group
> permissions to a VM for instance, I get the below:
>
> But when I check, Administration, Users then select Groups, I only see
> the below:
>
These are the groups added to RHV manually (check button Add or
Administration - Configure - System Permissions - Add) and Everyone
(built-in group). So they can be used to assign permissions.
>
> Am I missing something?
>
> Thanks
>
>
> *Anton Louw*
> *Cloud Engineer: Storage and Virtualization* at *Vox*
> ------------------------------------------------------------------------
> *T:* 087 805 0000 | *D:* 087 805 1572
> *M:* N/A
> *E:* anton.louw(a)voxtelecom.co.za <mailto:anton.louw@voxtelecom.co.za>
> *A:* Rutherford Estate, 1 Scott Street, Waverley, Johannesburg
> www.vox.co.za <http://www.vox.co.za>
>
> F <https://www.facebook.com/voxtelecomZA>
>
>
> T <https://www.twitter.com/voxtelecom>
>
>
> I <https://www.instagram.com/voxtelecomza/>
>
>
> L <https://www.linkedin.com/company/voxtelecom>
>
>
> Y <https://www.youtube.com/user/VoxTelecom>
>
>
> *From:*Staniforth, Paul <P.Staniforth(a)leedsbeckett.ac.uk>
> *Sent:* 29 April 2020 09:28
> *To:* Anton Louw <Anton.Louw(a)voxtelecom.co.za>; users(a)ovirt.org
> *Subject:* Re: User Groups
>
> Hello Anton,
>
> In the Administration->Users there is a groups
> button.
>
> Regards,
>
> Paul S.
>
> ------------------------------------------------------------------------
>
> *From:*Anton Louw <Anton.Louw(a)voxtelecom.co.za
> <mailto:Anton.Louw@voxtelecom.co.za>>
> *Sent:* 29 April 2020 06:36
> *To:* users(a)ovirt.org <mailto:users@ovirt.org> <users(a)ovirt.org
> <mailto:users@ovirt.org>>
> *Subject:* [ovirt-users] User Groups
>
> *Caution External Mail:* Do not click any links or open any
> attachments unless you trust the sender and know that the content is safe.
>
> Hi Everybody,
>
> Is there a way to see My Groups through the Web UI? I have tried
> looking around, but cannot see anything. Can this only be seen via the
> backend in the HE?
>
> Thanks
>
> *Anton Louw*
>
> *Cloud Engineer: Storage and Virtualization*at *Vox*
>
> ------------------------------------------------------------------------
>
> *T:*087 805 0000 | *D:*087 805 1572
> *M:*N/A
> *E:*anton.louw@voxtelecom.co.za <mailto:anton.louw@voxtelecom.co.za>
> *A:*Rutherford Estate, 1 Scott Street, Waverley, Johannesburg
> www.vox.co.za
> <https://eur02.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.vox....>
>
> F
> <https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.fac...>
>
>
>
> T
> <https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.twi...>
>
>
>
> I
> <https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.ins...>
>
>
>
> L
> <https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.lin...>
>
>
>
> Y
> <https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.you...>
>
> #VoxBrand
> <https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.vox...>
>
>
> *Disclaimer*
>
> The contents of this email are confidential to the sender and the
> intended recipient. Unless the contents are clearly and entirely of a
> personal nature, they are subject to copyright in favour of the
> holding company of the Vox group of companies. Any recipient who
> receives this email in error should immediately report the error to
> the sender and permanently delete this email from all storage devices.
>
> This email has been scanned for viruses and malware, and may have been
> automatically archived by *Mimecast Ltd*, an innovator in Software as
> a Service (SaaS) for business. Providing a *safer* and *more useful*
> place for your human generated data. Specializing in; Security,
> archiving and compliance. To find out more Click Here
> <https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.vox...>.
>
> To view the terms under which this email is distributed, please go to:-
> http://leedsbeckett.ac.uk/disclaimer/email/
>
>
>
> _______________________________________________
> Users mailing list -- users(a)ovirt.org
> To unsubscribe send an email to users-leave(a)ovirt.org
> Privacy Statement: https://www.ovirt.org/privacy-policy.html
> oVirt Code of Conduct: https://www.ovirt.org/community/about/community-guidelines/
> List Archives: https://lists.ovirt.org/archives/list/users@ovirt.org/message/EOORL4GYWM5...
--
Lucie Leistnerova
Senior Quality Engineer, QE Cloud, RHVM
Red Hat EMEA
IRC: lleistne @ #rhev-qe
4 years, 6 months
Can't ping gluster interfaces for HCI setup
by Shareef Jalloq
Hi,
I'm in the process of trying to set up an HCI 3 node cluster in my homelab
to better understand the Gluster setup and have failed at the first hurdle.
I've set up the node interfaces on the built in NIC and am using a PCI NIC
for the Gluster traffic - at the moment this is 1Gb until I can upgrade -
and I've assigned a static IP to both interfaces and also have both entries
in my DNS.
From any of the three nodes, I can ping the gateway, the other nodes, any
external IP but I can't ping any of the Gluster NICs. What have I
forgotten to do? Here's the relevant output of 'ip addr show'. em1 is the
motherboard NIC and p1p1 is port 1 of an Intel NIC. The
/etc/sysconfig/network-scripts/ifcfg-<if> scripts are identical aside from
IPADDR, NAME, DEVICE and UUID fields.
Thanks, Shareef.
[root@ovirt-node-00 ~]# ip addr show
2: p1p1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group
default qlen 1000
link/ether a0:36:9f:1f:f9:78 brd ff:ff:ff:ff:ff:ff
inet 10.0.0.34/24 brd 10.0.0.255 scope global noprefixroute p1p1
valid_lft forever preferred_lft forever
inet6 fd4d:e9e3:6f5:1:a236:9fff:fe1f:f978/64 scope global mngtmpaddr
dynamic
valid_lft 7054sec preferred_lft 7054sec
inet6 fe80::a236:9fff:fe1f:f978/64 scope link
valid_lft forever preferred_lft forever
4: em1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state
UP group default qlen 1000
link/ether 98:90:96:a1:16:ad brd ff:ff:ff:ff:ff:ff
inet 10.0.0.31/24 brd 10.0.0.255 scope global noprefixroute em1
valid_lft forever preferred_lft forever
inet6 fd4d:e9e3:6f5:1:9a90:96ff:fea1:16ad/64 scope global mngtmpaddr
dynamic
valid_lft 7054sec preferred_lft 7054sec
inet6 fe80::9a90:96ff:fea1:16ad/64 scope link
valid_lft forever preferred_lft forever
4 years, 6 months
