June 2020 - Users - Ovirt List Archives

oVirt 4.4.0 HE deployment on GlusterFS fails during health check

by Oliver Leinfelder

Hi, I have the following two components: 1.) A freshly installed VM host (oVirt Node 4.4.0 release ISO) 2.) 3 storage hosts, also freshly installed from oVirt Node 4.4.0 release ISO The storage hosts have been successfully installed with Gluster (through Cockpit). They have two volumes, both of which I can mount and read/write from a client. On the VM host, I ran "hosted-engine --deploy" (no backups imported). When prompted for storage, I answered "glusterfs" and specified "storagehost1:/engine" as storage for the HE deployment. For mount options, I specified "backup-volfile-servers=storagehost2:/engine:storagehost3:/engine" (Not the real hostnames, but all of them are resolvable via internal DNS) Everything seems to works fine, I also see the "engine" volume become populated with data. At some point I could ping and SSH login to the HE. When the setup proceed to health check, it failed and the whole process was aborted :-( "hosted-engine --vm-status" reported "failed liveliness check" when it was reachable via SSH. At some point the engine went down and, to my surprise, shows a grub prompt after the restart when doing a "hosted-engine --console". [ INFO ] TASK [ovirt.hosted_engine_setup : Check engine VM health] [ ERROR ] fatal: [localhost]: FAILED! => {"attempts": 180, "changed": true, "cmd": ["hosted-engine", "--vm-status", "--json"], "delta": "0:00:00.160595", "end": "2020-06-12 17:50:05.675774", "rc": 0, "start": "2020-06-12 17:50:05.515179", "stderr": "", "stderr_lines": [], "stdout": "{\"1\": {\"host-id\": 1, \"host-ts\": 11528, \"score\": 3400, \"engine-status\": {\"vm\": \"up\", \"health\": \"bad\", \"detail\": \"Powering down\", \"reason\": \"failed liveliness check\"}, \"hostname\": \"vmhost\", \"maintenance\": false, \"stopped\": false, \"crc32\": \"2c447835\", \"conf_on_shared_storage\": true, \"local_conf_timestamp\": 11528, \"extra\": \"metadata_parse_version=1\\nmetadata_feature_version=1\\ntimestamp=11528 (Fri Jun 12 17:49:57 2020)\\nhost-id=1\\nscore=3400\\nvm_conf_refresh_time=11528 (Fri Jun 12 17:49:57 2020)\\nconf_on_shared_storage=True\\nmaintenance=False\\nstate=EngineStop\\nstopped=False\\ntimeout=Thu Jan 1 04:12:48 1970\\n\", \"live-data\": true}, \"global_maintenance\": false}", "stdout_lines": ["{\"1\": {\"host-id\": 1, \"host-ts\": 11528, \"score\": 3400, \"engine-status\": {\"vm\": \"up\", \"health\": \"bad\", \"detail\": \"Powering down\", \"reason\": \"failed liveliness check\"}, \"hostname\": \"vmhost\", \"maintenance\": false, \"stopped\": false, \"crc32\": \"2c447835\", \"conf_on_shared_storage\": true, \"local_conf_timestamp\": 11528, \"extra\": \"metadata_parse_version=1\\nmetadata_feature_version=1\\ntimestamp=11528 (Fri Jun 12 17:49:57 2020)\\nhost-id=1\\nscore=3400\\nvm_conf_refresh_time=11528 (Fri Jun 12 17:49:57 2020)\\nconf_on_shared_storage=True\\nmaintenance=False\\nstate=EngineStop\\nstopped=False\\ntimeout=Thu Jan 1 04:12:48 1970\\n\", \"live-data\": true}, \"global_maintenance\": false}"]} A second attempt failed at exactly the same stage. I can see the following in the setup log: ovirt-hosted-engine-setup-20200612151212-j9zwd2.log: 2020-06-12 17:33:18,314+0200 DEBUG otopi.ovirt_hosted_engine_setup.ansible_utils ansible_utils._process_output:103 {'msg': 'non-zero return code', 'cmd': ['hosted-engine', '--reinitialize-lockspace', '--force'], 'stdout': '', 'stderr': 'Traceback (most recent call last):\n File "/usr/lib64/python3.6/runpy.py", line 193, in _run_module_as_main\n "__main__", mod_spec)\n File "/usr/lib64/python3.6/runpy.py", line 85, in _run_code\n exec(code, run_globals)\n File "/usr/lib/python3.6/site-packages/ovirt_hosted_engine_setup/reinitialize_ lockspace.py", line 30, in <module>\n ha_cli.reset_lockspace(force)\n File "/usr/lib/python3.6/site-packages/ovirt_hosted_engine_ha/client/client.py", line 286, in reset_lockspace\n stats = broker.get_stats_from_storage()\n File "/usr/lib/python3.6/site-packages/ov irt_hosted_engine_ha/lib/brokerlink.py", line 148, in get_stats_from_storage\n result = self._proxy.get_stats()\n File "/usr/lib64/python3.6/xmlrpc/client.py", line 1112, in __call__\n return self.__send(self.__name, args)\n File "/usr/lib64/python3.6/xmlrpc/client .py", line 1452, in __request\n verbose=self.__verbose\n File "/usr/lib64/python3.6/xmlrpc/client.py", line 1154, in request\n return self.single_request(host, handler, request_body, verbose)\n File "/usr/lib64/python3.6/xmlrpc/client.py", line 1166, in single_requ est\n http_conn = self.send_request(host, handler, request_body, verbose)\n File "/usr/lib64/python3.6/xmlrpc/client.py", line 1279, in send_request\n self.send_content(connection, request_body)\n File "/usr/lib64/python3.6/xmlrpc/client.py", line 1309, in send_con tent\n connection.endheaders(request_body)\n File "/usr/lib64/python3.6/http/client.py", line 1249, in endheaders\n self._send_output(message_body, encode_chunked=encode_chunked)\n File "/usr/lib64/python3.6/http/client.py", line 1036, in _send_output\n self.sen d(msg)\n File "/usr/lib64/python3.6/http/client.py", line 974, in send\n self.connect()\n File "/usr/lib/python3.6/site-packages/ovirt_hosted_engine_ha/lib/unixrpc.py", line 74, in connect\n self.sock.connect(base64.b16decode(self.host))\nFileNotFoundError: [Errno 2] No such file or directory', 'rc': 1, 'start': '2020-06-12 17:33:17.982995', 'end': '2020-06-12 17:33:18.164197', 'delta': '0:00:00.181202', 'changed': True, 'invocation': {'module_args': {'_raw_params': 'hosted-engine --reinitialize-lockspace --force', 'warn': True, '_u ses_shell': False, 'stdin_add_newline': True, 'strip_empty_ends': True, 'argv': None, 'chdir': None, 'executable': None, 'creates': None, 'removes': None, 'stdin': None}}, 'stdout_lines': [], 'stderr_lines': ['Traceback (most recent call last):', ' File "/usr/lib64/python 3.6/runpy.py", line 193, in _run_module_as_main', ' "__main__", mod_spec)', ' File "/usr/lib64/python3.6/runpy.py", line 85, in _run_code', ' exec(code, run_globals)', ' File "/usr/lib/python3.6/site-packages/ovirt_hosted_engine_setup/reinitialize_lockspace.py", li ne 30, in <module>', ' ha_cli.reset_lockspace(force)', ' File "/usr/lib/python3.6/site-packages/ovirt_hosted_engine_ha/client/client.py", line 286, in reset_lockspace', ' stats = broker.get_stats_from_storage()', ' File "/usr/lib/python3.6/site-packages/ovirt_hoste d_engine_ha/lib/brokerlink.py", line 148, in get_stats_from_storage', ' result = self._proxy.get_stats()', ' File "/usr/lib64/python3.6/xmlrpc/client.py", line 1112, in __call__', ' return self.__send(self.__name, args)', ' File "/usr/lib64/python3.6/xmlrpc/client. py", line 1452, in __request', ' verbose=self.__verbose', ' File "/usr/lib64/python3.6/xmlrpc/client.py", line 1154, in request', ' return self.single_request(host, handler, request_body, verbose)', ' File "/usr/lib64/python3.6/xmlrpc/client.py", line 1166, in sing le_request', ' http_conn = self.send_request(host, handler, request_body, verbose)', ' File "/usr/lib64/python3.6/xmlrpc/client.py", line 1279, in send_request', ' self.send_content(connection, request_body)', ' File "/usr/lib64/python3.6/xmlrpc/client.py", line 13 09, in send_content', ' connection.endheaders(request_body)', ' File "/usr/lib64/python3.6/http/client.py", line 1249, in endheaders', ' self._send_output(message_body, encode_chunked=encode_chunked)', ' File "/usr/lib64/python3.6/http/client.py", line 1036, in _se nd_output', ' self.send(msg)', ' File "/usr/lib64/python3.6/http/client.py", line 974, in send', ' self.connect()', ' File "/usr/lib/python3.6/site-packages/ovirt_hosted_engine_ha/lib/unixrpc.py", line 74, in connect', ' self.sock.connect(base64.b16decode(self.h ost))', 'FileNotFoundError: [Errno 2] No such file or directory'], '_ansible_no_log': False, 'attempts': 5} Bonus question: I can see the following in the gluster volume log on the storage host: [2020-06-12 17:30:38.368773] E [MSGID: 113072] [posix-inode-fd-ops.c:1976:posix_writev] 0-engine-posix: write failed: offset 0, [Invalid argument] [2020-06-12 17:30:38.368832] E [MSGID: 115067] [server-rpc-fops_v2.c:1372:server4_writev_cbk] 0-engine-server: 190586: WRITEV 4 (baf5fbaa-0dc0-4ee4-bfd9-fa98f8853827), client: CTX_ID:be1aca7a-5ba7-453d-94fd-d24f8c33511e-GRAPH_ID:0-PID:121217-HOST:vmhost-PC_NAME:engine-client-0-RECON_NO:-0, error-xlator: engine-posix [Invalid argument] There are some entries every few minutes like this (not like 100s per minute). Since gluster is completely new for me, I'm still trying to find out whether this might be related. Thanks for any input! Best regards Oliver

4 years, 5 months

2
2
0 / 0

Skype for Bussines

by ozmen62＠hotmail.com

Hi, While using "skype for bussiness" on guest machine we've been getting sound and video problem. i've found a solution on https://docs.microsoft.com/en-us/skypeforbusiness/deploy/deploy-clients/d... web page. But this is only for windows client and nor for spice connection Does anyone has a solution for this problem? Thanks

4 years, 5 months

2
1
0 / 0

Re: oVirt noVNC

by Staniforth, Paul

Sorry Anton, I'm trying to get a lot of things sorted before the weekend. This seems the wrong way round, if you follow the documentation you shouldn't have the symbolic link on the working system unless you replaced the file it was pointing to. Do you have certificate bundles for both systems? Regards, Paul S. ________________________________ From: Anton Louw <Anton.Louw(a)voxtelecom.co.za> Sent: 12 June 2020 11:44 To: Staniforth, Paul <P.Staniforth(a)leedsbeckett.ac.uk>; users(a)ovirt.org <users(a)ovirt.org> Subject: RE: oVirt noVNC Caution External Mail: Do not click any links or open any attachments unless you trust the sender and know that the content is safe. Thanks Paul, So the symbolic link has then been removed, as per the below. Not quite sure where to go from here. Anton Louw Cloud Engineer: Storage and Virtualization at Vox ________________________________ T: 087 805 0000 | D: 087 805 1572 M: N/A E: anton.louw(a)voxtelecom.co.za<mailto:anton.louw@voxtelecom.co.za> A: Rutherford Estate, 1 Scott Street, Waverley, Johannesburg www.vox.co.za<https://eur02.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.vox....> [F]<https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.fac...> [T]<https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.twi...> [I]<https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.ins...> [L]<https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.lin...> [Y]<https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.you...> From: Staniforth, Paul <P.Staniforth(a)leedsbeckett.ac.uk> Sent: 12 June 2020 12:30 To: Anton Louw <Anton.Louw(a)voxtelecom.co.za>; users(a)ovirt.org Subject: Re: oVirt noVNC Yes Anton, I think it's in the documentation it's Steps 2 & 3 * * The Engine has been configured to use /etc/pki/ovirt-engine/apache-ca.pem, which is symbolically linked to /etc/pki/ovirt-engine/ca.pem. Remove the symbolic link. # rm /etc/pki/ovirt-engine/apache-ca.pem * Save your CA certificate as /etc/pki/ovirt-engine/apache-ca.pem. # cp /tmp/3rd-party-ca-cert.pem /etc/pki/ovirt-engine/apache-ca.pem Regards, Paul S. ________________________________ From: Anton Louw <Anton.Louw(a)voxtelecom.co.za<mailto:Anton.Louw@voxtelecom.co.za>> Sent: 12 June 2020 11:06 To: Staniforth, Paul <P.Staniforth(a)leedsbeckett.ac.uk<mailto:P.Staniforth@leedsbeckett.ac.uk>>; users(a)ovirt.org<mailto:users@ovirt.org> <users(a)ovirt.org<mailto:users@ovirt.org>> Subject: RE: oVirt noVNC Caution External Mail: Do not click any links or open any attachments unless you trust the sender and know that the content is safe. Hi Paul, Double checked the permissions as well. All seems to be fine. The only thing that does look different between the environments are the below: ENV1 (Not working) [cid:image001.png@01D640B7.2B69DFC0] ENV2 (Working) [cid:image007.png@01D640B7.2B69DFC0] It seems that on the working environment, there is a shortcut file (apached-ca.pem) which points to the ca.pem file, but on the environment that is not working, the apache-ca.pem file is not a shortcut. Could this perhaps be an issue? Thanks Anton Louw Cloud Engineer: Storage and Virtualization at Vox ________________________________ T: 087 805 0000 | D: 087 805 1572 M: N/A E: anton.louw(a)voxtelecom.co.za<mailto:anton.louw@voxtelecom.co.za> A: Rutherford Estate, 1 Scott Street, Waverley, Johannesburg www.vox.co.za<https://eur02.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.vox....> [F]<https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.fac...> [T]<https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.twi...> [I]<https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.ins...> [L]<https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.lin...> [Y]<https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.you...> From: Staniforth, Paul <P.Staniforth(a)leedsbeckett.ac.uk<mailto:P.Staniforth@leedsbeckett.ac.uk>> Sent: 12 June 2020 10:44 To: Anton Louw <Anton.Louw(a)voxtelecom.co.za<mailto:Anton.Louw@voxtelecom.co.za>>; users(a)ovirt.org<mailto:users@ovirt.org> Subject: Re: oVirt noVNC No worries, If all is pointing to the correct files I would check permissions. Regards, Paul S. ________________________________ From: Anton Louw <Anton.Louw(a)voxtelecom.co.za<mailto:Anton.Louw@voxtelecom.co.za>> Sent: 12 June 2020 09:34 To: Staniforth, Paul <P.Staniforth(a)leedsbeckett.ac.uk<mailto:P.Staniforth@leedsbeckett.ac.uk>>; users(a)ovirt.org<mailto:users@ovirt.org> <users(a)ovirt.org<mailto:users@ovirt.org>> Subject: RE: oVirt noVNC Caution External Mail: Do not click any links or open any attachments unless you trust the sender and know that the content is safe. Hi Paul, Thanks for the reply. Apologies, I should have added that I have installed our own certificates. The main problem I am facing is that the noVNC console just refuses to open, I get the attached error with any VM I try and access. I should have perhaps started with this issue in my first mail, apologies ?? Thanks Anton Louw Cloud Engineer: Storage and Virtualization at Vox ________________________________ T: 087 805 0000 | D: 087 805 1572 M: N/A E: anton.louw(a)voxtelecom.co.za<mailto:anton.louw@voxtelecom.co.za> A: Rutherford Estate, 1 Scott Street, Waverley, Johannesburg www.vox.co.za<https://eur02.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.vox....> [F]<https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.fac...> [T]<https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.twi...> [I]<https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.ins...> [L]<https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.lin...> [Y]<https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.you...> From: Staniforth, Paul <P.Staniforth(a)leedsbeckett.ac.uk<mailto:P.Staniforth@leedsbeckett.ac.uk>> Sent: 12 June 2020 10:29 To: users(a)ovirt.org<mailto:users@ovirt.org>; Anton Louw <Anton.Louw(a)voxtelecom.co.za<mailto:Anton.Louw@voxtelecom.co.za>> Subject: Re: oVirt noVNC Hello Anton, if your organisation has it's own CA you can install your own certificates or get certificates from a trusted CA. https://www.ovirt.org/documentation/admin-guide/appe-oVirt_and_SSL.html<https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.ovi...> Paul S. ________________________________ From: Anton Louw via Users <users(a)ovirt.org<mailto:users@ovirt.org>> Sent: 12 June 2020 08:56 To: users(a)ovirt.org<mailto:users@ovirt.org> <users(a)ovirt.org<mailto:users@ovirt.org>> Subject: [ovirt-users] oVirt noVNC Caution External Mail: Do not click any links or open any attachments unless you trust the sender and know that the content is safe. Hi Everybody, With regards to noVNC, is it a requirement to install the CA into your local browser? I would like users to access their VM console, but with no additional work from their side, ie. Downloading the CA and importing it. Thank you Anton Louw Cloud Engineer: Storage and Virtualization at Vox ________________________________ T: 087 805 0000 | D: 087 805 1572 M: N/A E: anton.louw(a)voxtelecom.co.za<mailto:anton.louw@voxtelecom.co.za> A: Rutherford Estate, 1 Scott Street, Waverley, Johannesburg www.vox.co.za<https://eur02.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.vox....> [F]<https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.fac...> [T]<https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.twi...> [I]<https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.ins...> [L]<https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.lin...> [Y]<https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.you...> [#VoxBrand]<https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.vox...> Disclaimer The contents of this email are confidential to the sender and the intended recipient. Unless the contents are clearly and entirely of a personal nature, they are subject to copyright in favour of the holding company of the Vox group of companies. Any recipient who receives this email in error should immediately report the error to the sender and permanently delete this email from all storage devices. This email has been scanned for viruses and malware, and may have been automatically archived by Mimecast Ltd, an innovator in Software as a Service (SaaS) for business. Providing a safer and more useful place for your human generated data. Specializing in; Security, archiving and compliance. To find out more Click Here<https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.vox...>. To view the terms under which this email is distributed, please go to:- http://leedsbeckett.ac.uk/disclaimer/email/ To view the terms under which this email is distributed, please go to:- http://leedsbeckett.ac.uk/disclaimer/email/ To view the terms under which this email is distributed, please go to:- http://leedsbeckett.ac.uk/disclaimer/email/ To view the terms under which this email is distributed, please go to:- http://leedsbeckett.ac.uk/disclaimer/email/

4 years, 5 months

1
0
0 / 0

Re: oVirt noVNC

by Anton Louw

Thanks Paul, So the symbolic link has then been removed, as per the below. Not quite sure where to go from here. Anton Louw Cloud Engineer: Storage and Virtualization ______________________________________ D: 087 805 1572 | M: N/A A: Rutherford Estate, 1 Scott Street, Waverley, Johannesburg anton.louw(a)voxtelecom.co.za www.vox.co.za From: Staniforth, Paul <P.Staniforth(a)leedsbeckett.ac.uk> Sent: 12 June 2020 12:30 To: Anton Louw <Anton.Louw(a)voxtelecom.co.za>; users(a)ovirt.org Subject: Re: oVirt noVNC Yes Anton, I think it's in the documentation it's Steps 2 & 3 • • The Engine has been configured to use /etc/pki/ovirt-engine/apache-ca.pem, which is symbolically linked to /etc/pki/ovirt-engine/ca.pem. Remove the symbolic link. # rm /etc/pki/ovirt-engine/apache-ca.pem • Save your CA certificate as /etc/pki/ovirt-engine/apache-ca.pem. # cp /tmp/3rd-party-ca-cert.pem /etc/pki/ovirt-engine/apache-ca.pem Regards, Paul S. ________________________________ From: Anton Louw <Anton.Louw(a)voxtelecom.co.za<mailto:Anton.Louw@voxtelecom.co.za>> Sent: 12 June 2020 11:06 To: Staniforth, Paul <P.Staniforth(a)leedsbeckett.ac.uk<mailto:P.Staniforth@leedsbeckett.ac.uk>>; users(a)ovirt.org<mailto:users@ovirt.org> <users(a)ovirt.org<mailto:users@ovirt.org>> Subject: RE: oVirt noVNC Caution External Mail: Do not click any links or open any attachments unless you trust the sender and know that the content is safe. Hi Paul, Double checked the permissions as well. All seems to be fine. The only thing that does look different between the environments are the below: ENV1 (Not working) [cid:image001.png@01D640B7.2B69DFC0] ENV2 (Working) [cid:image007.png@01D640B7.2B69DFC0] It seems that on the working environment, there is a shortcut file (apached-ca.pem) which points to the ca.pem file, but on the environment that is not working, the apache-ca.pem file is not a shortcut. Could this perhaps be an issue? Thanks Anton Louw Cloud Engineer: Storage and Virtualization at Vox ________________________________ T: 087 805 0000 | D: 087 805 1572 M: N/A E: anton.louw(a)voxtelecom.co.za<mailto:anton.louw@voxtelecom.co.za> A: Rutherford Estate, 1 Scott Street, Waverley, Johannesburg www.vox.co.za<https://eur02.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.vox....> [F]<https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.fac...> [T]<https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.twi...> [I]<https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.ins...> [L]<https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.lin...> [Y]<https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.you...> From: Staniforth, Paul <P.Staniforth(a)leedsbeckett.ac.uk<mailto:P.Staniforth@leedsbeckett.ac.uk>> Sent: 12 June 2020 10:44 To: Anton Louw <Anton.Louw(a)voxtelecom.co.za<mailto:Anton.Louw@voxtelecom.co.za>>; users(a)ovirt.org<mailto:users@ovirt.org> Subject: Re: oVirt noVNC No worries, If all is pointing to the correct files I would check permissions. Regards, Paul S. ________________________________ From: Anton Louw <Anton.Louw(a)voxtelecom.co.za<mailto:Anton.Louw@voxtelecom.co.za>> Sent: 12 June 2020 09:34 To: Staniforth, Paul <P.Staniforth(a)leedsbeckett.ac.uk<mailto:P.Staniforth@leedsbeckett.ac.uk>>; users(a)ovirt.org<mailto:users@ovirt.org> <users(a)ovirt.org<mailto:users@ovirt.org>> Subject: RE: oVirt noVNC Caution External Mail: Do not click any links or open any attachments unless you trust the sender and know that the content is safe. Hi Paul, Thanks for the reply. Apologies, I should have added that I have installed our own certificates. The main problem I am facing is that the noVNC console just refuses to open, I get the attached error with any VM I try and access. I should have perhaps started with this issue in my first mail, apologies 😊 Thanks Anton Louw Cloud Engineer: Storage and Virtualization at Vox ________________________________ T: 087 805 0000 | D: 087 805 1572 M: N/A E: anton.louw(a)voxtelecom.co.za<mailto:anton.louw@voxtelecom.co.za> A: Rutherford Estate, 1 Scott Street, Waverley, Johannesburg www.vox.co.za<https://eur02.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.vox....> [F]<https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.fac...> [T]<https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.twi...> [I]<https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.ins...> [L]<https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.lin...> [Y]<https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.you...> From: Staniforth, Paul <P.Staniforth(a)leedsbeckett.ac.uk<mailto:P.Staniforth@leedsbeckett.ac.uk>> Sent: 12 June 2020 10:29 To: users(a)ovirt.org<mailto:users@ovirt.org>; Anton Louw <Anton.Louw(a)voxtelecom.co.za<mailto:Anton.Louw@voxtelecom.co.za>> Subject: Re: oVirt noVNC Hello Anton, if your organisation has it's own CA you can install your own certificates or get certificates from a trusted CA. https://www.ovirt.org/documentation/admin-guide/appe-oVirt_and_SSL.html<https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.ovi...> Paul S. ________________________________ From: Anton Louw via Users <users(a)ovirt.org<mailto:users@ovirt.org>> Sent: 12 June 2020 08:56 To: users(a)ovirt.org<mailto:users@ovirt.org> <users(a)ovirt.org<mailto:users@ovirt.org>> Subject: [ovirt-users] oVirt noVNC Caution External Mail: Do not click any links or open any attachments unless you trust the sender and know that the content is safe. Hi Everybody, With regards to noVNC, is it a requirement to install the CA into your local browser? I would like users to access their VM console, but with no additional work from their side, ie. Downloading the CA and importing it. Thank you Anton Louw Cloud Engineer: Storage and Virtualization at Vox ________________________________ T: 087 805 0000 | D: 087 805 1572 M: N/A E: anton.louw(a)voxtelecom.co.za<mailto:anton.louw@voxtelecom.co.za> A: Rutherford Estate, 1 Scott Street, Waverley, Johannesburg www.vox.co.za<https://eur02.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.vox....> [F]<https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.fac...> [T]<https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.twi...> [I]<https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.ins...> [L]<https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.lin...> [Y]<https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.you...> [#VoxBrand]<https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.vox...> Disclaimer The contents of this email are confidential to the sender and the intended recipient. Unless the contents are clearly and entirely of a personal nature, they are subject to copyright in favour of the holding company of the Vox group of companies. Any recipient who receives this email in error should immediately report the error to the sender and permanently delete this email from all storage devices. This email has been scanned for viruses and malware, and may have been automatically archived by Mimecast Ltd, an innovator in Software as a Service (SaaS) for business. Providing a safer and more useful place for your human generated data. Specializing in; Security, archiving and compliance. To find out more Click Here<https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.vox...>. To view the terms under which this email is distributed, please go to:- http://leedsbeckett.ac.uk/disclaimer/email/<http://leedsbeckett.ac.uk/disclaimer/email/> To view the terms under which this email is distributed, please go to:- http://leedsbeckett.ac.uk/disclaimer/email/<http://leedsbeckett.ac.uk/disclaimer/email/> To view the terms under which this email is distributed, please go to:- http://leedsbeckett.ac.uk/disclaimer/email/<http://leedsbeckett.ac.uk/disclaimer/email/>

4 years, 5 months

1
0
0 / 0

Re: oVirt noVNC

by Staniforth, Paul

Yes Anton, I think it's in the documentation it's Steps 2 & 3 * * The Engine has been configured to use /etc/pki/ovirt-engine/apache-ca.pem, which is symbolically linked to /etc/pki/ovirt-engine/ca.pem. Remove the symbolic link. # rm /etc/pki/ovirt-engine/apache-ca.pem * Save your CA certificate as /etc/pki/ovirt-engine/apache-ca.pem. # cp /tmp/3rd-party-ca-cert.pem /etc/pki/ovirt-engine/apache-ca.pem Regards, Paul S. ________________________________ From: Anton Louw <Anton.Louw(a)voxtelecom.co.za> Sent: 12 June 2020 11:06 To: Staniforth, Paul <P.Staniforth(a)leedsbeckett.ac.uk>; users(a)ovirt.org <users(a)ovirt.org> Subject: RE: oVirt noVNC Caution External Mail: Do not click any links or open any attachments unless you trust the sender and know that the content is safe. Hi Paul, Double checked the permissions as well. All seems to be fine. The only thing that does look different between the environments are the below: ENV1 (Not working) [cid:image001.png@01D640B1.B1BEAA20] ENV2 (Working) [cid:image007.png@01D640B1.E97498D0] It seems that on the working environment, there is a shortcut file (apached-ca.pem) which points to the ca.pem file, but on the environment that is not working, the apache-ca.pem file is not a shortcut. Could this perhaps be an issue? Thanks Anton Louw Cloud Engineer: Storage and Virtualization at Vox ________________________________ T: 087 805 0000 | D: 087 805 1572 M: N/A E: anton.louw(a)voxtelecom.co.za<mailto:anton.louw@voxtelecom.co.za> A: Rutherford Estate, 1 Scott Street, Waverley, Johannesburg www.vox.co.za<https://eur02.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.vox....> [F]<https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.fac...> [T]<https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.twi...> [I]<https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.ins...> [L]<https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.lin...> [Y]<https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.you...> From: Staniforth, Paul <P.Staniforth(a)leedsbeckett.ac.uk> Sent: 12 June 2020 10:44 To: Anton Louw <Anton.Louw(a)voxtelecom.co.za>; users(a)ovirt.org Subject: Re: oVirt noVNC No worries, If all is pointing to the correct files I would check permissions. Regards, Paul S. ________________________________ From: Anton Louw <Anton.Louw(a)voxtelecom.co.za<mailto:Anton.Louw@voxtelecom.co.za>> Sent: 12 June 2020 09:34 To: Staniforth, Paul <P.Staniforth(a)leedsbeckett.ac.uk<mailto:P.Staniforth@leedsbeckett.ac.uk>>; users(a)ovirt.org<mailto:users@ovirt.org> <users(a)ovirt.org<mailto:users@ovirt.org>> Subject: RE: oVirt noVNC Caution External Mail: Do not click any links or open any attachments unless you trust the sender and know that the content is safe. Hi Paul, Thanks for the reply. Apologies, I should have added that I have installed our own certificates. The main problem I am facing is that the noVNC console just refuses to open, I get the attached error with any VM I try and access. I should have perhaps started with this issue in my first mail, apologies ? Thanks Anton Louw Cloud Engineer: Storage and Virtualization at Vox ________________________________ T: 087 805 0000 | D: 087 805 1572 M: N/A E: anton.louw(a)voxtelecom.co.za<mailto:anton.louw@voxtelecom.co.za> A: Rutherford Estate, 1 Scott Street, Waverley, Johannesburg www.vox.co.za<https://eur02.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.vox....> [F]<https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.fac...> [T]<https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.twi...> [I]<https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.ins...> [L]<https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.lin...> [Y]<https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.you...> From: Staniforth, Paul <P.Staniforth(a)leedsbeckett.ac.uk<mailto:P.Staniforth@leedsbeckett.ac.uk>> Sent: 12 June 2020 10:29 To: users(a)ovirt.org<mailto:users@ovirt.org>; Anton Louw <Anton.Louw(a)voxtelecom.co.za<mailto:Anton.Louw@voxtelecom.co.za>> Subject: Re: oVirt noVNC Hello Anton, if your organisation has it's own CA you can install your own certificates or get certificates from a trusted CA. https://www.ovirt.org/documentation/admin-guide/appe-oVirt_and_SSL.html<https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.ovi...> Paul S. ________________________________ From: Anton Louw via Users <users(a)ovirt.org<mailto:users@ovirt.org>> Sent: 12 June 2020 08:56 To: users(a)ovirt.org<mailto:users@ovirt.org> <users(a)ovirt.org<mailto:users@ovirt.org>> Subject: [ovirt-users] oVirt noVNC Caution External Mail: Do not click any links or open any attachments unless you trust the sender and know that the content is safe. Hi Everybody, With regards to noVNC, is it a requirement to install the CA into your local browser? I would like users to access their VM console, but with no additional work from their side, ie. Downloading the CA and importing it. Thank you Anton Louw Cloud Engineer: Storage and Virtualization at Vox ________________________________ T: 087 805 0000 | D: 087 805 1572 M: N/A E: anton.louw(a)voxtelecom.co.za<mailto:anton.louw@voxtelecom.co.za> A: Rutherford Estate, 1 Scott Street, Waverley, Johannesburg www.vox.co.za<https://eur02.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.vox....> [F]<https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.fac...> [T]<https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.twi...> [I]<https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.ins...> [L]<https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.lin...> [Y]<https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.you...> [#VoxBrand]<https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.vox...> Disclaimer The contents of this email are confidential to the sender and the intended recipient. Unless the contents are clearly and entirely of a personal nature, they are subject to copyright in favour of the holding company of the Vox group of companies. Any recipient who receives this email in error should immediately report the error to the sender and permanently delete this email from all storage devices. This email has been scanned for viruses and malware, and may have been automatically archived by Mimecast Ltd, an innovator in Software as a Service (SaaS) for business. Providing a safer and more useful place for your human generated data. Specializing in; Security, archiving and compliance. To find out more Click Here<https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.vox...>. To view the terms under which this email is distributed, please go to:- http://leedsbeckett.ac.uk/disclaimer/email/ To view the terms under which this email is distributed, please go to:- http://leedsbeckett.ac.uk/disclaimer/email/ To view the terms under which this email is distributed, please go to:- http://leedsbeckett.ac.uk/disclaimer/email/

4 years, 5 months

1
0
0 / 0

Re: oVirt noVNC

by Kim Kargaard

Yes, in the end, it was a permission on the one CA file, that was set to 700 and should have been 750 (if I remember correctly). From: Anton Louw <Anton.Louw(a)voxtelecom.co.za> Date: Friday, 12 June 2020 at 12:01 To: Kim Kargaard <Kim.Kargaard(a)noroff.no>, "Staniforth, Paul" <P.Staniforth(a)leedsbeckett.ac.uk>, "users(a)ovirt.org" <users(a)ovirt.org> Subject: RE: [ovirt-users] Re: oVirt noVNC Hi Kim, Hopefully 😊 I will still run through a couple of checks, I am sure it is something small I am missing. Was your issue due to owner and permissions? Yes, for some of our offerings we do use oVirt. Anton Louw Cloud Engineer: Storage and Virtualization at Vox ________________________________ T: 087 805 0000 | D: 087 805 1572 M: N/A E: anton.louw(a)voxtelecom.co.za<mailto:anton.louw@voxtelecom.co.za> A: Rutherford Estate, 1 Scott Street, Waverley, Johannesburg www.vox.co.za<http://www.vox.co.za> [F]<https://www.facebook.com/voxtelecomZA> [T]<https://www.twitter.com/voxtelecom> [I]<https://www.instagram.com/voxtelecomza/> [L]<https://www.linkedin.com/company/voxtelecom> [Y]<https://www.youtube.com/user/VoxTelecom> From: Kim Kargaard <Kim.Kargaard(a)noroff.no> Sent: 12 June 2020 11:43 To: Anton Louw <Anton.Louw(a)voxtelecom.co.za>; Staniforth, Paul <P.Staniforth(a)leedsbeckett.ac.uk>; users(a)ovirt.org Subject: Re: [ovirt-users] Re: oVirt noVNC Hi Anton, Don´t worry, it had me tearing out hair for a while. But, Paul managed to save my remaining hair, so hopefully he has a suggestion that will sort things out for you too 😊 By the way, is Vox using ovirt as their cloud system for customers? Just curious of course. Kind regards Kim From: Anton Louw <Anton.Louw(a)voxtelecom.co.za<mailto:Anton.Louw@voxtelecom.co.za>> Date: Friday, 12 June 2020 at 11:36 To: Kim Kargaard <Kim.Kargaard(a)noroff.no<mailto:Kim.Kargaard@noroff.no>>, "Staniforth, Paul" <P.Staniforth(a)leedsbeckett.ac.uk<mailto:P.Staniforth@leedsbeckett.ac.uk>>, "users(a)ovirt.org<mailto:users@ovirt.org>" <users(a)ovirt.org<mailto:users@ovirt.org>> Subject: RE: [ovirt-users] Re: oVirt noVNC Hi Kim, Thanks for the reply. I double checked the permissions on the cert files now, and they are exactly the same as my other environment. But, the other environment does not have a CA, these are the default certs from ovirt. The other environment is working as expected though. I have checked the websocket service and config, and it seems to be correct. The port is also open on the firewall. I can telnet to my FQDN on port 6100. This is breaking my spirit 😊 Anton Louw Cloud Engineer: Storage and Virtualization at Vox ________________________________ T: 087 805 0000 | D: 087 805 1572 M: N/A E: anton.louw(a)voxtelecom.co.za<mailto:anton.louw@voxtelecom.co.za> A: Rutherford Estate, 1 Scott Street, Waverley, Johannesburg www.vox.co.za<http://www.vox.co.za> [F]<https://www.facebook.com/voxtelecomZA> [T]<https://www.twitter.com/voxtelecom> [I]<https://www.instagram.com/voxtelecomza/> [L]<https://www.linkedin.com/company/voxtelecom> [Y]<https://www.youtube.com/user/VoxTelecom> From: Kim Kargaard <Kim.Kargaard(a)noroff.no<mailto:Kim.Kargaard@noroff.no>> Sent: 12 June 2020 10:51 To: Anton Louw <Anton.Louw(a)voxtelecom.co.za<mailto:Anton.Louw@voxtelecom.co.za>>; Staniforth, Paul <P.Staniforth(a)leedsbeckett.ac.uk<mailto:P.Staniforth@leedsbeckett.ac.uk>>; users(a)ovirt.org<mailto:users@ovirt.org> Subject: Re: [ovirt-users] Re: oVirt noVNC Have you checked that websocket proxy is configured and running? Is the port open on the firewall? And finally, have you checked the ownerships and permissions of the cert files on the engine server? The permissions was where we came unstuck for a while 😊 The individual users should not need to download the CA, the novnc browser option should just open the VM, if the settings are right. From: Anton Louw via Users <users(a)ovirt.org<mailto:users@ovirt.org>> Reply to: Anton Louw <Anton.Louw(a)voxtelecom.co.za<mailto:Anton.Louw@voxtelecom.co.za>> Date: Friday, 12 June 2020 at 10:48 To: "Staniforth, Paul" <P.Staniforth(a)leedsbeckett.ac.uk<mailto:P.Staniforth@leedsbeckett.ac.uk>>, "users(a)ovirt.org<mailto:users@ovirt.org>" <users(a)ovirt.org<mailto:users@ovirt.org>> Subject: [ovirt-users] Re: oVirt noVNC Hi Paul, Thanks for the reply. Apologies, I should have added that I have installed our own certificates. The main problem I am facing is that the noVNC console just refuses to open, I get the attached error with any VM I try and access. I should have perhaps started with this issue in my first mail, apologies 😊 Thanks Anton Louw Cloud Engineer: Storage and Virtualization at Vox ________________________________ T: 087 805 0000 | D: 087 805 1572 M: N/A E: anton.louw(a)voxtelecom.co.za<mailto:anton.louw@voxtelecom.co.za> A: Rutherford Estate, 1 Scott Street, Waverley, Johannesburg www.vox.co.za<http://www.vox.co.za> [F]<https://www.facebook.com/voxtelecomZA> [T]<https://www.twitter.com/voxtelecom> [I]<https://www.instagram.com/voxtelecomza/> [L]<https://www.linkedin.com/company/voxtelecom> [Y]<https://www.youtube.com/user/VoxTelecom> From: Staniforth, Paul <P.Staniforth(a)leedsbeckett.ac.uk<mailto:P.Staniforth@leedsbeckett.ac.uk>> Sent: 12 June 2020 10:29 To: users(a)ovirt.org<mailto:users@ovirt.org>; Anton Louw <Anton.Louw(a)voxtelecom.co.za<mailto:Anton.Louw@voxtelecom.co.za>> Subject: Re: oVirt noVNC Hello Anton, if your organisation has it's own CA you can install your own certificates or get certificates from a trusted CA. https://www.ovirt.org/documentation/admin-guide/appe-oVirt_and_SSL.html Paul S. ________________________________ From: Anton Louw via Users <users(a)ovirt.org<mailto:users@ovirt.org>> Sent: 12 June 2020 08:56 To: users(a)ovirt.org<mailto:users@ovirt.org> <users(a)ovirt.org<mailto:users@ovirt.org>> Subject: [ovirt-users] oVirt noVNC Caution External Mail: Do not click any links or open any attachments unless you trust the sender and know that the content is safe. Hi Everybody, With regards to noVNC, is it a requirement to install the CA into your local browser? I would like users to access their VM console, but with no additional work from their side, ie. Downloading the CA and importing it. Thank you Anton Louw Cloud Engineer: Storage and Virtualization at Vox ________________________________ T: 087 805 0000 | D: 087 805 1572 M: N/A E: anton.louw(a)voxtelecom.co.za<mailto:anton.louw@voxtelecom.co.za> A: Rutherford Estate, 1 Scott Street, Waverley, Johannesburg www.vox.co.za<https://eur02.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.vox....> [Image removed by sender. F]<https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.fac...> [Image removed by sender. T]<https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.twi...> [Image removed by sender. I]<https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.ins...> [Image removed by sender. L]<https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.lin...> [Image removed by sender. Y]<https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.you...> [Image removed by sender. #VoxBrand]<https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.vox...> Disclaimer The contents of this email are confidential to the sender and the intended recipient. Unless the contents are clearly and entirely of a personal nature, they are subject to copyright in favour of the holding company of the Vox group of companies. Any recipient who receives this email in error should immediately report the error to the sender and permanently delete this email from all storage devices. This email has been scanned for viruses and malware, and may have been automatically archived by Mimecast Ltd, an innovator in Software as a Service (SaaS) for business. Providing a safer and more useful place for your human generated data. Specializing in; Security, archiving and compliance. To find out more Click Here<https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.vox...>. To view the terms under which this email is distributed, please go to:- http://leedsbeckett.ac.uk/disclaimer/email/

4 years, 5 months

1
0
0 / 0

Re: oVirt noVNC

by Anton Louw

Hi Paul, Double checked the permissions as well. All seems to be fine. The only thing that does look different between the environments are the below: ENV1 (Not working) [cid:image001.png@01D640B1.B1BEAA20] ENV2 (Working) [cid:image007.png@01D640B1.E97498D0] It seems that on the working environment, there is a shortcut file (apached-ca.pem) which points to the ca.pem file, but on the environment that is not working, the apache-ca.pem file is not a shortcut. Could this perhaps be an issue? Thanks Anton Louw Cloud Engineer: Storage and Virtualization ______________________________________ D: 087 805 1572 | M: N/A A: Rutherford Estate, 1 Scott Street, Waverley, Johannesburg anton.louw(a)voxtelecom.co.za www.vox.co.za From: Staniforth, Paul <P.Staniforth(a)leedsbeckett.ac.uk> Sent: 12 June 2020 10:44 To: Anton Louw <Anton.Louw(a)voxtelecom.co.za>; users(a)ovirt.org Subject: Re: oVirt noVNC No worries, If all is pointing to the correct files I would check permissions. Regards, Paul S. ________________________________ From: Anton Louw <Anton.Louw(a)voxtelecom.co.za<mailto:Anton.Louw@voxtelecom.co.za>> Sent: 12 June 2020 09:34 To: Staniforth, Paul <P.Staniforth(a)leedsbeckett.ac.uk<mailto:P.Staniforth@leedsbeckett.ac.uk>>; users(a)ovirt.org<mailto:users@ovirt.org> <users(a)ovirt.org<mailto:users@ovirt.org>> Subject: RE: oVirt noVNC Caution External Mail: Do not click any links or open any attachments unless you trust the sender and know that the content is safe. Hi Paul, Thanks for the reply. Apologies, I should have added that I have installed our own certificates. The main problem I am facing is that the noVNC console just refuses to open, I get the attached error with any VM I try and access. I should have perhaps started with this issue in my first mail, apologies 😊 Thanks Anton Louw Cloud Engineer: Storage and Virtualization at Vox ________________________________ T: 087 805 0000 | D: 087 805 1572 M: N/A E: anton.louw(a)voxtelecom.co.za<mailto:anton.louw@voxtelecom.co.za> A: Rutherford Estate, 1 Scott Street, Waverley, Johannesburg www.vox.co.za<https://eur02.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.vox....> [F]<https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.fac...> [T]<https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.twi...> [I]<https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.ins...> [L]<https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.lin...> [Y]<https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.you...> From: Staniforth, Paul <P.Staniforth(a)leedsbeckett.ac.uk<mailto:P.Staniforth@leedsbeckett.ac.uk>> Sent: 12 June 2020 10:29 To: users(a)ovirt.org<mailto:users@ovirt.org>; Anton Louw <Anton.Louw(a)voxtelecom.co.za<mailto:Anton.Louw@voxtelecom.co.za>> Subject: Re: oVirt noVNC Hello Anton, if your organisation has it's own CA you can install your own certificates or get certificates from a trusted CA. https://www.ovirt.org/documentation/admin-guide/appe-oVirt_and_SSL.html<https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.ovi...> Paul S. ________________________________ From: Anton Louw via Users <users(a)ovirt.org<mailto:users@ovirt.org>> Sent: 12 June 2020 08:56 To: users(a)ovirt.org<mailto:users@ovirt.org> <users(a)ovirt.org<mailto:users@ovirt.org>> Subject: [ovirt-users] oVirt noVNC Caution External Mail: Do not click any links or open any attachments unless you trust the sender and know that the content is safe. Hi Everybody, With regards to noVNC, is it a requirement to install the CA into your local browser? I would like users to access their VM console, but with no additional work from their side, ie. Downloading the CA and importing it. Thank you Anton Louw Cloud Engineer: Storage and Virtualization at Vox ________________________________ T: 087 805 0000 | D: 087 805 1572 M: N/A E: anton.louw(a)voxtelecom.co.za<mailto:anton.louw@voxtelecom.co.za> A: Rutherford Estate, 1 Scott Street, Waverley, Johannesburg www.vox.co.za<https://eur02.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.vox....> [F]<https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.fac...> [T]<https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.twi...> [I]<https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.ins...> [L]<https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.lin...> [Y]<https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.you...> [#VoxBrand]<https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.vox...> Disclaimer The contents of this email are confidential to the sender and the intended recipient. Unless the contents are clearly and entirely of a personal nature, they are subject to copyright in favour of the holding company of the Vox group of companies. Any recipient who receives this email in error should immediately report the error to the sender and permanently delete this email from all storage devices. This email has been scanned for viruses and malware, and may have been automatically archived by Mimecast Ltd, an innovator in Software as a Service (SaaS) for business. Providing a safer and more useful place for your human generated data. Specializing in; Security, archiving and compliance. To find out more Click Here<https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.vox...>. To view the terms under which this email is distributed, please go to:- http://leedsbeckett.ac.uk/disclaimer/email/<http://leedsbeckett.ac.uk/disclaimer/email/> To view the terms under which this email is distributed, please go to:- http://leedsbeckett.ac.uk/disclaimer/email/<http://leedsbeckett.ac.uk/disclaimer/email/>

4 years, 5 months

1
0
0 / 0

Re: oVirt noVNC

by Kim Kargaard

Hi Anton, Don´t worry, it had me tearing out hair for a while. But, Paul managed to save my remaining hair, so hopefully he has a suggestion that will sort things out for you too 😊 By the way, is Vox using ovirt as their cloud system for customers? Just curious of course. Kind regards Kim From: Anton Louw <Anton.Louw(a)voxtelecom.co.za> Date: Friday, 12 June 2020 at 11:36 To: Kim Kargaard <Kim.Kargaard(a)noroff.no>, "Staniforth, Paul" <P.Staniforth(a)leedsbeckett.ac.uk>, "users(a)ovirt.org" <users(a)ovirt.org> Subject: RE: [ovirt-users] Re: oVirt noVNC Hi Kim, Thanks for the reply. I double checked the permissions on the cert files now, and they are exactly the same as my other environment. But, the other environment does not have a CA, these are the default certs from ovirt. The other environment is working as expected though. I have checked the websocket service and config, and it seems to be correct. The port is also open on the firewall. I can telnet to my FQDN on port 6100. This is breaking my spirit 😊 Anton Louw Cloud Engineer: Storage and Virtualization at Vox ________________________________ T: 087 805 0000 | D: 087 805 1572 M: N/A E: anton.louw(a)voxtelecom.co.za<mailto:anton.louw@voxtelecom.co.za> A: Rutherford Estate, 1 Scott Street, Waverley, Johannesburg www.vox.co.za<http://www.vox.co.za> [F]<https://www.facebook.com/voxtelecomZA> [T]<https://www.twitter.com/voxtelecom> [I]<https://www.instagram.com/voxtelecomza/> [L]<https://www.linkedin.com/company/voxtelecom> [Y]<https://www.youtube.com/user/VoxTelecom> From: Kim Kargaard <Kim.Kargaard(a)noroff.no> Sent: 12 June 2020 10:51 To: Anton Louw <Anton.Louw(a)voxtelecom.co.za>; Staniforth, Paul <P.Staniforth(a)leedsbeckett.ac.uk>; users(a)ovirt.org Subject: Re: [ovirt-users] Re: oVirt noVNC Have you checked that websocket proxy is configured and running? Is the port open on the firewall? And finally, have you checked the ownerships and permissions of the cert files on the engine server? The permissions was where we came unstuck for a while 😊 The individual users should not need to download the CA, the novnc browser option should just open the VM, if the settings are right. From: Anton Louw via Users <users(a)ovirt.org<mailto:users@ovirt.org>> Reply to: Anton Louw <Anton.Louw(a)voxtelecom.co.za<mailto:Anton.Louw@voxtelecom.co.za>> Date: Friday, 12 June 2020 at 10:48 To: "Staniforth, Paul" <P.Staniforth(a)leedsbeckett.ac.uk<mailto:P.Staniforth@leedsbeckett.ac.uk>>, "users(a)ovirt.org<mailto:users@ovirt.org>" <users(a)ovirt.org<mailto:users@ovirt.org>> Subject: [ovirt-users] Re: oVirt noVNC Hi Paul, Thanks for the reply. Apologies, I should have added that I have installed our own certificates. The main problem I am facing is that the noVNC console just refuses to open, I get the attached error with any VM I try and access. I should have perhaps started with this issue in my first mail, apologies 😊 Thanks Anton Louw Cloud Engineer: Storage and Virtualization at Vox ________________________________ T: 087 805 0000 | D: 087 805 1572 M: N/A E: anton.louw(a)voxtelecom.co.za<mailto:anton.louw@voxtelecom.co.za> A: Rutherford Estate, 1 Scott Street, Waverley, Johannesburg www.vox.co.za<http://www.vox.co.za> [F]<https://www.facebook.com/voxtelecomZA> [T]<https://www.twitter.com/voxtelecom> [I]<https://www.instagram.com/voxtelecomza/> [L]<https://www.linkedin.com/company/voxtelecom> [Y]<https://www.youtube.com/user/VoxTelecom> From: Staniforth, Paul <P.Staniforth(a)leedsbeckett.ac.uk<mailto:P.Staniforth@leedsbeckett.ac.uk>> Sent: 12 June 2020 10:29 To: users(a)ovirt.org<mailto:users@ovirt.org>; Anton Louw <Anton.Louw(a)voxtelecom.co.za<mailto:Anton.Louw@voxtelecom.co.za>> Subject: Re: oVirt noVNC Hello Anton, if your organisation has it's own CA you can install your own certificates or get certificates from a trusted CA. https://www.ovirt.org/documentation/admin-guide/appe-oVirt_and_SSL.html Paul S. ________________________________ From: Anton Louw via Users <users(a)ovirt.org<mailto:users@ovirt.org>> Sent: 12 June 2020 08:56 To: users(a)ovirt.org<mailto:users@ovirt.org> <users(a)ovirt.org<mailto:users@ovirt.org>> Subject: [ovirt-users] oVirt noVNC Caution External Mail: Do not click any links or open any attachments unless you trust the sender and know that the content is safe. Hi Everybody, With regards to noVNC, is it a requirement to install the CA into your local browser? I would like users to access their VM console, but with no additional work from their side, ie. Downloading the CA and importing it. Thank you Anton Louw Cloud Engineer: Storage and Virtualization at Vox ________________________________ T: 087 805 0000 | D: 087 805 1572 M: N/A E: anton.louw(a)voxtelecom.co.za<mailto:anton.louw@voxtelecom.co.za> A: Rutherford Estate, 1 Scott Street, Waverley, Johannesburg www.vox.co.za<https://eur02.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.vox....> [Image removed by sender. F]<https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.fac...> [Image removed by sender. T]<https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.twi...> [Image removed by sender. I]<https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.ins...> [Image removed by sender. L]<https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.lin...> [Image removed by sender. Y]<https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.you...> [Image removed by sender. #VoxBrand]<https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.vox...> Disclaimer The contents of this email are confidential to the sender and the intended recipient. Unless the contents are clearly and entirely of a personal nature, they are subject to copyright in favour of the holding company of the Vox group of companies. Any recipient who receives this email in error should immediately report the error to the sender and permanently delete this email from all storage devices. This email has been scanned for viruses and malware, and may have been automatically archived by Mimecast Ltd, an innovator in Software as a Service (SaaS) for business. Providing a safer and more useful place for your human generated data. Specializing in; Security, archiving and compliance. To find out more Click Here<https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.vox...>. To view the terms under which this email is distributed, please go to:- http://leedsbeckett.ac.uk/disclaimer/email/

4 years, 5 months

2
1
0 / 0

Re: oVirt noVNC

by Kim Kargaard

Have you checked that websocket proxy is configured and running? Is the port open on the firewall? And finally, have you checked the ownerships and permissions of the cert files on the engine server? The permissions was where we came unstuck for a while 😊 The individual users should not need to download the CA, the novnc browser option should just open the VM, if the settings are right. From: Anton Louw via Users <users(a)ovirt.org> Reply to: Anton Louw <Anton.Louw(a)voxtelecom.co.za> Date: Friday, 12 June 2020 at 10:48 To: "Staniforth, Paul" <P.Staniforth(a)leedsbeckett.ac.uk>, "users(a)ovirt.org" <users(a)ovirt.org> Subject: [ovirt-users] Re: oVirt noVNC Hi Paul, Thanks for the reply. Apologies, I should have added that I have installed our own certificates. The main problem I am facing is that the noVNC console just refuses to open, I get the attached error with any VM I try and access. I should have perhaps started with this issue in my first mail, apologies 😊 Thanks Anton Louw Cloud Engineer: Storage and Virtualization at Vox ________________________________ T: 087 805 0000 | D: 087 805 1572 M: N/A E: anton.louw(a)voxtelecom.co.za<mailto:anton.louw@voxtelecom.co.za> A: Rutherford Estate, 1 Scott Street, Waverley, Johannesburg www.vox.co.za<http://www.vox.co.za> [F]<https://www.facebook.com/voxtelecomZA> [T]<https://www.twitter.com/voxtelecom> [I]<https://www.instagram.com/voxtelecomza/> [L]<https://www.linkedin.com/company/voxtelecom> [Y]<https://www.youtube.com/user/VoxTelecom> From: Staniforth, Paul <P.Staniforth(a)leedsbeckett.ac.uk> Sent: 12 June 2020 10:29 To: users(a)ovirt.org; Anton Louw <Anton.Louw(a)voxtelecom.co.za> Subject: Re: oVirt noVNC Hello Anton, if your organisation has it's own CA you can install your own certificates or get certificates from a trusted CA. https://www.ovirt.org/documentation/admin-guide/appe-oVirt_and_SSL.html Paul S. ________________________________ From: Anton Louw via Users <users(a)ovirt.org<mailto:users@ovirt.org>> Sent: 12 June 2020 08:56 To: users(a)ovirt.org<mailto:users@ovirt.org> <users(a)ovirt.org<mailto:users@ovirt.org>> Subject: [ovirt-users] oVirt noVNC Caution External Mail: Do not click any links or open any attachments unless you trust the sender and know that the content is safe. Hi Everybody, With regards to noVNC, is it a requirement to install the CA into your local browser? I would like users to access their VM console, but with no additional work from their side, ie. Downloading the CA and importing it. Thank you Anton Louw Cloud Engineer: Storage and Virtualization at Vox ________________________________ T: 087 805 0000 | D: 087 805 1572 M: N/A E: anton.louw(a)voxtelecom.co.za<mailto:anton.louw@voxtelecom.co.za> A: Rutherford Estate, 1 Scott Street, Waverley, Johannesburg www.vox.co.za<https://eur02.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.vox....> [Image removed by sender. F]<https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.fac...> [Image removed by sender. T]<https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.twi...> [Image removed by sender. I]<https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.ins...> [Image removed by sender. L]<https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.lin...> [Image removed by sender. Y]<https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.you...> [Image removed by sender. #VoxBrand]<https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.vox...> Disclaimer The contents of this email are confidential to the sender and the intended recipient. Unless the contents are clearly and entirely of a personal nature, they are subject to copyright in favour of the holding company of the Vox group of companies. Any recipient who receives this email in error should immediately report the error to the sender and permanently delete this email from all storage devices. This email has been scanned for viruses and malware, and may have been automatically archived by Mimecast Ltd, an innovator in Software as a Service (SaaS) for business. Providing a safer and more useful place for your human generated data. Specializing in; Security, archiving and compliance. To find out more Click Here<https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.vox...>. To view the terms under which this email is distributed, please go to:- http://leedsbeckett.ac.uk/disclaimer/email/

4 years, 5 months

2
1
0 / 0

Re: oVirt noVNC

by Staniforth, Paul

No worries, If all is pointing to the correct files I would check permissions. Regards, Paul S. ________________________________ From: Anton Louw <Anton.Louw(a)voxtelecom.co.za> Sent: 12 June 2020 09:34 To: Staniforth, Paul <P.Staniforth(a)leedsbeckett.ac.uk>; users(a)ovirt.org <users(a)ovirt.org> Subject: RE: oVirt noVNC Caution External Mail: Do not click any links or open any attachments unless you trust the sender and know that the content is safe. Hi Paul, Thanks for the reply. Apologies, I should have added that I have installed our own certificates. The main problem I am facing is that the noVNC console just refuses to open, I get the attached error with any VM I try and access. I should have perhaps started with this issue in my first mail, apologies ? Thanks Anton Louw Cloud Engineer: Storage and Virtualization at Vox ________________________________ T: 087 805 0000 | D: 087 805 1572 M: N/A E: anton.louw(a)voxtelecom.co.za<mailto:anton.louw@voxtelecom.co.za> A: Rutherford Estate, 1 Scott Street, Waverley, Johannesburg www.vox.co.za<https://eur02.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.vox....> [F]<https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.fac...> [T]<https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.twi...> [I]<https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.ins...> [L]<https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.lin...> [Y]<https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.you...> From: Staniforth, Paul <P.Staniforth(a)leedsbeckett.ac.uk> Sent: 12 June 2020 10:29 To: users(a)ovirt.org; Anton Louw <Anton.Louw(a)voxtelecom.co.za> Subject: Re: oVirt noVNC Hello Anton, if your organisation has it's own CA you can install your own certificates or get certificates from a trusted CA. https://www.ovirt.org/documentation/admin-guide/appe-oVirt_and_SSL.html<https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.ovi...> Paul S. ________________________________ From: Anton Louw via Users <users(a)ovirt.org<mailto:users@ovirt.org>> Sent: 12 June 2020 08:56 To: users(a)ovirt.org<mailto:users@ovirt.org> <users(a)ovirt.org<mailto:users@ovirt.org>> Subject: [ovirt-users] oVirt noVNC Caution External Mail: Do not click any links or open any attachments unless you trust the sender and know that the content is safe. Hi Everybody, With regards to noVNC, is it a requirement to install the CA into your local browser? I would like users to access their VM console, but with no additional work from their side, ie. Downloading the CA and importing it. Thank you Anton Louw Cloud Engineer: Storage and Virtualization at Vox ________________________________ T: 087 805 0000 | D: 087 805 1572 M: N/A E: anton.louw(a)voxtelecom.co.za<mailto:anton.louw@voxtelecom.co.za> A: Rutherford Estate, 1 Scott Street, Waverley, Johannesburg www.vox.co.za<https://eur02.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.vox....> [F]<https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.fac...> [T]<https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.twi...> [I]<https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.ins...> [L]<https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.lin...> [Y]<https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.you...> [#VoxBrand]<https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.vox...> Disclaimer The contents of this email are confidential to the sender and the intended recipient. Unless the contents are clearly and entirely of a personal nature, they are subject to copyright in favour of the holding company of the Vox group of companies. Any recipient who receives this email in error should immediately report the error to the sender and permanently delete this email from all storage devices. This email has been scanned for viruses and malware, and may have been automatically archived by Mimecast Ltd, an innovator in Software as a Service (SaaS) for business. Providing a safer and more useful place for your human generated data. Specializing in; Security, archiving and compliance. To find out more Click Here<https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.vox...>. To view the terms under which this email is distributed, please go to:- http://leedsbeckett.ac.uk/disclaimer/email/ To view the terms under which this email is distributed, please go to:- http://leedsbeckett.ac.uk/disclaimer/email/

4 years, 5 months

1
0
0 / 0

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

Users June 2020