June 2020 - Users - Ovirt List Archives

by Anton Louw

Hi Paul, Thanks for the reply. Apologies, I should have added that I have installed our own certificates. The main problem I am facing is that the noVNC console just refuses to open, I get the attached error with any VM I try and access. I should have perhaps started with this issue in my first mail, apologies 😊 Thanks Anton Louw Cloud Engineer: Storage and Virtualization ______________________________________ D: 087 805 1572 | M: N/A A: Rutherford Estate, 1 Scott Street, Waverley, Johannesburg anton.louw(a)voxtelecom.co.za www.vox.co.za From: Staniforth, Paul <P.Staniforth(a)leedsbeckett.ac.uk> Sent: 12 June 2020 10:29 To: users(a)ovirt.org; Anton Louw <Anton.Louw(a)voxtelecom.co.za> Subject: Re: oVirt noVNC Hello Anton, if your organisation has it's own CA you can install your own certificates or get certificates from a trusted CA. https://www.ovirt.org/documentation/admin-guide/appe-oVirt_and_SSL.html<https://www.ovirt.org/documentation/admin-guide/appe-oVirt_and_SSL.html> Paul S. ________________________________ From: Anton Louw via Users <users(a)ovirt.org<mailto:users@ovirt.org>> Sent: 12 June 2020 08:56 To: users(a)ovirt.org<mailto:users@ovirt.org> <users(a)ovirt.org<mailto:users@ovirt.org>> Subject: [ovirt-users] oVirt noVNC Caution External Mail: Do not click any links or open any attachments unless you trust the sender and know that the content is safe. Hi Everybody, With regards to noVNC, is it a requirement to install the CA into your local browser? I would like users to access their VM console, but with no additional work from their side, ie. Downloading the CA and importing it. Thank you Anton Louw Cloud Engineer: Storage and Virtualization at Vox ________________________________ T: 087 805 0000 | D: 087 805 1572 M: N/A E: anton.louw(a)voxtelecom.co.za<mailto:anton.louw@voxtelecom.co.za> A: Rutherford Estate, 1 Scott Street, Waverley, Johannesburg www.vox.co.za<https://eur02.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.vox....> [F]<https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.fac...> [T]<https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.twi...> [I]<https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.ins...> [L]<https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.lin...> [Y]<https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.you...> [#VoxBrand]<https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.vox...> Disclaimer The contents of this email are confidential to the sender and the intended recipient. Unless the contents are clearly and entirely of a personal nature, they are subject to copyright in favour of the holding company of the Vox group of companies. Any recipient who receives this email in error should immediately report the error to the sender and permanently delete this email from all storage devices. This email has been scanned for viruses and malware, and may have been automatically archived by Mimecast Ltd, an innovator in Software as a Service (SaaS) for business. Providing a safer and more useful place for your human generated data. Specializing in; Security, archiving and compliance. To find out more Click Here<https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.vox...>. To view the terms under which this email is distributed, please go to:- http://leedsbeckett.ac.uk/disclaimer/email/<http://leedsbeckett.ac.uk/disclaimer/email/>

4 years, 5 months

1
0
0 / 0

Re: oVirt noVNC

by Staniforth, Paul

Hello Anton, if your organisation has it's own CA you can install your own certificates or get certificates from a trusted CA. https://www.ovirt.org/documentation/admin-guide/appe-oVirt_and_SSL.html Paul S. ________________________________ From: Anton Louw via Users <users(a)ovirt.org> Sent: 12 June 2020 08:56 To: users(a)ovirt.org <users(a)ovirt.org> Subject: [ovirt-users] oVirt noVNC Caution External Mail: Do not click any links or open any attachments unless you trust the sender and know that the content is safe. Hi Everybody, With regards to noVNC, is it a requirement to install the CA into your local browser? I would like users to access their VM console, but with no additional work from their side, ie. Downloading the CA and importing it. Thank you Anton Louw Cloud Engineer: Storage and Virtualization at Vox ________________________________ T: 087 805 0000 | D: 087 805 1572 M: N/A E: anton.louw(a)voxtelecom.co.za<mailto:anton.louw@voxtelecom.co.za> A: Rutherford Estate, 1 Scott Street, Waverley, Johannesburg www.vox.co.za<https://eur02.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.vox....> [F]<https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.fac...> [T]<https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.twi...> [I]<https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.ins...> [L]<https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.lin...> [Y]<https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.you...> [#VoxBrand]<https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.vox...> Disclaimer The contents of this email are confidential to the sender and the intended recipient. Unless the contents are clearly and entirely of a personal nature, they are subject to copyright in favour of the holding company of the Vox group of companies. Any recipient who receives this email in error should immediately report the error to the sender and permanently delete this email from all storage devices. This email has been scanned for viruses and malware, and may have been automatically archived by Mimecast Ltd, an innovator in Software as a Service (SaaS) for business. Providing a safer and more useful place for your human generated data. Specializing in; Security, archiving and compliance. To find out more Click Here<https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.vox...>. To view the terms under which this email is distributed, please go to:- http://leedsbeckett.ac.uk/disclaimer/email/

4 years, 5 months

1
0
0 / 0

oVirt noVNC

by Anton Louw

Hi Everybody, With regards to noVNC, is it a requirement to install the CA into your local browser? I would like users to access their VM console, but with no additional work from their side, ie. Downloading the CA and importing it. Thank you Anton Louw Cloud Engineer: Storage and Virtualization ______________________________________ D: 087 805 1572 | M: N/A A: Rutherford Estate, 1 Scott Street, Waverley, Johannesburg anton.louw(a)voxtelecom.co.za www.vox.co.za

4 years, 5 months

1
0
0 / 0

PKIX path error

by Stack Korora

Greetings, I have a running oVirt install that's been working for almost 2 years. I'm building a _completely_ new install. I mention it because it is useful for me to compare configurations when I run into issues like this one. Right now there are three physical hosts: 1x management where I run the engine and db 2x hypervisor nodes. I had it up and installed and running smooth this morning on 4.3.9.4-1.el7 on Scientific Linux 7.8 (fully patched). I copied over our 3rd party certs from the running system and restarted httpd. Perfect. SSL is running! /etc/pki/ovirt-engine/apache-ca.pem /etc/pki/ovirt-engine/certs/apache.cer /etc/pki/ovirt-engine/keys/apache.key.nopass Next I used ovirt-engine-extension-aaa-ldap-setup to point to our ldap server. I did the login and search test and both passed on the command line! Horray! Then I went to the web interface... sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target I'm digging through logs and I don't see anything close to this error except nearly the identical message in engine.log. ERROR [org.ovirt.engine.core.aaa.servlet.SslPostLoginServlet] (default task-2) [] server_error: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target I can't log in via the web at all, I only get that message (so I can't even test out the local admin). The aaa ldap configuration it generated is darn near perfectly identical (just a name change). The certs are the same. Even when I look in the keystore, the sha1 hashes are the same between the two environments! After over an hour poking at this, I'm completely stumped. Can someone please give me a pointer on what I should try next? Thanks! ~Stack~

4 years, 5 months

3
8
0 / 0

Gluster remount?

by Christoph Köhler

Hey, it happens in our ovirt 4.3.9 occasionally that after reboot one of the dedicated gluster nodes (replica3, arbiter 1) some client connections are missing on server side: # gluster volume status gluvol3 clients Client connections for volume gluvol3 ---------------------------------------------- Brick : glusrv01:/gluster/p1/brick1 Clients connected : 17 Hostname . . . -------------------------------------------- Brick : glusrv02:/gluster/p1/brick1 Clients connected : 15 <---- two connections missing Hostname . . . ---------------------------------------------- Brick : glusrv03:/gluster/p1/brick1 Clients connected : 17 Hostname . . . ---------------------------------------------- I don't know why it happes, the log files don't really help. Now: is there a possibility on the missing nodes to reinitiate the gluster mount like 'mount -o remount' or so? The only way I actually know is to set the concerned node to maintenance and reactivate it. But that is really long-moving with many VMs... Any ideas? Thanks Chris

4 years, 5 months

1
0
0 / 0

[ANN] oVirt 4.4.1 Fourth Release Candidate is now available for testing

by Sandro Bonazzola

oVirt 4.4.1 Fourth Release Candidate is now available for testing The oVirt Project is pleased to announce the availability of oVirt 4.4.1 Fourth Release Candidate for testing, as of June 11th, 2020. This update is the first in a series of stabilization updates to the 4.4 series. Important notes before you try it Please note this is a pre-release build. The oVirt Project makes no guarantees as to its suitability or usefulness. This pre-release must not be used in production. Some of the features included in oVirt 4.4.1 Release Candidate require content that will be available in CentOS Linux 8.2 but can’t be tested on RHEL 8.2 yet due to some incompatibility in openvswitch package shipped in CentOS Virt SIG which requires to rebuild openvswitch on top of CentOS 8.2. Installation instructions For the engine: either use appliance or: - Install CentOS Linux 8 minimal from http://centos.mirror.garr.it/centos/8.1.1911/isos/x86_64/CentOS-8.1.1911-... - dnf install https://resources.ovirt.org/pub/yum-repo/ovirt-release44-pre.rpm - dnf update (reboot if needed) - dnf module enable -y javapackages-tools pki-deps postgresql:12 - dnf install ovirt-engine - engine-setup For the nodes: Either use oVirt Node ISO or: - Install CentOS Linux 8 from http://centos.mirror.garr.it/centos/8.1.1911/isos/x86_64/CentOS-8.1.1911-... ; select minimal installation - dnf install https://resources.ovirt.org/pub/yum-repo/ovirt-release44-pre.rpm - dnf update (reboot if needed) - Attach the host to engine and let it be deployed. This release is available now on x86_64 architecture for: * Red Hat Enterprise Linux 8.1 or newer * CentOS Linux (or similar) 8.1 or newer This release supports Hypervisor Hosts on x86_64 and ppc64le architectures for: * Red Hat Enterprise Linux 8.1 or newer * CentOS Linux (or similar) 8.1 or newer * oVirt Node 4.4.1 based on CentOS Linux 8.1 (available for x86_64 only) See the release notes [1] for installation instructions and a list of new features and bugs fixed. Notes: - oVirt Appliance is already available for CentOS Linux 8 - oVirt Node NG is already available for CentOS Linux 8 Additional Resources: * Read more about the oVirt 4.4.1 release highlights: http://www.ovirt.org/release/4.4.1/ * Get more oVirt project updates on Twitter: https://twitter.com/ovirt * Check out the latest project news on the oVirt blog: http://www.ovirt.org/blog/ [1] http://www.ovirt.org/release/4.4.1/ [2] http://resources.ovirt.org/pub/ovirt-4.4-pre/iso/ -- Sandro Bonazzola MANAGER, SOFTWARE ENGINEERING, EMEA R&D RHV Red Hat EMEA <https://www.redhat.com/> sbonazzo(a)redhat.com <https://www.redhat.com/> *Red Hat respects your work life balance. Therefore there is no need to answer this email out of your office hours. <https://mojo.redhat.com/docs/DOC-1199578>*

4 years, 5 months

1
0
0 / 0

teaming vs bonding

by Diggy Mc

Does 4.4.x support adapter teaming? If yes, which is preferred, teaming or bonding?

4 years, 5 months

7
6
0 / 0

how to test incremental backup in 4.4

by Gianluca Cecchi

Hello, going to test incremental backup in 4.4. Is this page the updated one to use: https://www.ovirt.org/develop/release-management/features/storage/increme... ? Is there already any ansible module/role ongoing to support it? Thanks, Gianluca

4 years, 5 months

5
17
0 / 0

What happens when shared storage is down?

by Vinícius Ferrão

Hello, This is a pretty vague and difficult question to answer. But what happens if the shared storage holding the VMs is down or unavailable for a period of time? I’m aware that a longer timeout may put the VMs on pause state, but how this is handled? Is it a time limit? Requests limit? Who manages this? In an event of self recovery of the storage backend what happens next? Manual intervention is required? The VMs may be down or they just continue to run? It depends on the guest OS running like in XenServer where different scenarios may happen? I’ve looked here: https://www.ovirt.org/documentation/admin-guide/chap-Storage.html but there’s nothing that goes about this question. Thanks, Sent from my iPhone

4 years, 5 months

3
4
0 / 0

Ovirt Manager HA

by Vijay Sachdeva

Hi All, Is there a documentation on creating Ovirt-Manager in HA or is it possible to make the manager to run in HA environment. Since it seems to be a single point of failure..!! Thanks Vijay Sachdeva

4 years, 5 months

4
3
0 / 0

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

Users June 2020