ovirtmgmt Bridge - Which NIC? - Advice Please
by Matthew J Black
I need a quick piece of advice, please.
I'm at setting up the oVirt Engine VM (ie doing a "hosted-engine --deploy") stage.
The Host has 3 NICs.
NIC_1 and NIC_2 are bonded (bond1) and run 2 VLANs (on bond1.1 and bond1.2).
VLAN_1 is to be used as the "everyday connection VLAN for the VMs" (including the oVirt Engine VM - I think).
VLAN_2 is *only* to be used for data traffic to-and-from our Ceph Cluster (ie via the Ceph iSCSI Gateway Nodes).
NIC_3 (running VLAN_3) is to be used for oVirt-host-to-oVirt-host comms (including "local" Gluster traffic - yes, the (oVirt) hosts are running a couple of Gluster drives).
My question is: Which interface should we use for the "ovirtmgmt" Bridge?
I suspect it should be NIC_3 (VLAN_3), and I'm 99.999% sure it *shouldn't* be bond1.2 (VLAN_2), but it might be bond1.1 (VLAN_1), so I thought I'd better get peoples' input.
You see, I'm not sure what the purpose of the "ovirtmgmt" bridge is. Is it for humans to talk to the oVirt Engine, or is it for the oVirt Engine to talk to the VMs (and hosts), or is it for some other purpose, or is it for some combination of the these? (I have read the doco on the ovirtmgmt bridge, and I'm still somewhat confused.)
So, if someone wouldn't mind getting back to me about this, I'd appreciate it.
Cheers
Dulux-Oz
2 years, 1 month
No online ovirt conference this year?
by Nathanaël Blanchet
Hello ovirt community,
Will there be an upcoming ovirt conference this year? Last year it took place on mi- September.
Cheers,
2 years, 1 month
Manually Remove Snapshots
by Clint Boggio
I've got a VM with a pair of snapshots that won't delete and I'm needing a procedure to manually remove the snapshots. I don't need the VM and so while i'd prefer not to destroy it, it wouldn't be critical if I did damage the VM in the process. When I try to delete the snapshots that procedure fails, and when I try to delete the disk that procedure fails. Any pointers would be greatly appreciated.
2 years, 1 month
Hosted-Engine VM wont start after physical CPU change
by douglasddr8@gmail.com
I currently have a selfhosted engine with two cascadelake xeon silver 4208 cpu with 8 cores
I changed both to two skylake xeon platinum 8160 with 24cores
After initialization the vm hosted-engine wont start, I found in the logs that the cpu is not compatible because its not contain the avx512vnni flag
Is it possible to work around the problem or these processors cannot be used?
2 years, 2 months
Certificate expiration
by Joseph Gelinas
Hi,
The certificates on our oVirt stack recently expired, while all the VMs are still up, I can't put the cluster into global maintenance via ovirt-engine, or do anything via ovirt-engine for that matter. Just get event logs about cert validity.
VDSM ovirt-1.xxxxx.com command Get Host Capabilities failed: PKIX path validation failed: java.security.cert.CertPathValidatorException: validity check failed
VDSM ovirt-2.xxxxx.com command Get Host Capabilities failed: PKIX path validation failed: java.security.cert.CertPathValidatorException: validity check failed
VDSM ovirt-3.xxxxx.com command Get Host Capabilities failed: PKIX path validation failed: java.security.cert.CertPathValidatorException: validity check failed
Under Compute -> Hosts, all are status Unassigned. Default data center is status Non Responsive.
I have tried a couple of solutions to regenerate the certificates without much luck and have copied the originals back in place.
https://access.redhat.com/documentation/en-us/red_hat_virtualization/4.3/...
https://access.redhat.com/solutions/2409751
I have seen things saying running engine-setup will generate new certs, however engine doesn't think the cluster is in global maintenance so won't run that, I believe I can get around the check with `engine-setup --otopi-environment=OVESETUP_CONFIG/continueSetupOnHEVM=bool:True` but is that the right thing to do? Will it deploy the certs on to the hosts as well so things communicate properly? Looks like one is supposed to put a node into maintenance and reenroll it after doing the engine-setup, but will it even be able to put the nodes into maintenance given I can't do anything with them now?
Appreciate any ideas.
2 years, 2 months
QXL vs VGA
by Andrea Chierici
Dear all,
on latest 4.5, as many others have noticed, default is to use video type
VGA and VNC as graphics protocol.
Problem is, in my current environments, I can't seem to make this to work.
When the machine power ups I get the "usual" error from virt-viewer:
I found some docs on the web, like this from redhat:
https://access.redhat.com/solutions/5695951
but it does not seem to work. Indeed I reinstalled a host and forced the
creation of the vm on it, but the console is still unreachable.
Any hint how I can solve this? I am quite surprised I could not find
anything on standard documentation.
Thanks,
Andrea
--
Andrea Chierici - INFN-CNAF
Viale Berti Pichat 6/2, 40127 BOLOGNA
Office Tel: +39 051 2095463
SkypeID ataruz
--
2 years, 2 months
Failed to deploy ovirt engine with CLI
by Pablo Olivera
Hi community,
I'm trying to deploy the engine via CLI on an ovirt 4.5.2 (CentOS 8)
node over a clean install.
Previously I was trying to deploy it via cockpit but I got the following
error:
[ INFO ] TASK [ovirt.ovirt.hosted_engine_setup : Obtain SSO token using
username/password credentials]
[ ERROR ] ovirtsdk4.AuthError: Error during SSO authentication
access_denied : Cannot authenticate user Invalid user credentials.
[ ERROR ] fatal: [localhost]: FAILED! => {"attempts": 50, "changed":
false, "msg": "Error during SSO authentication access_denied : Cannot
authenticate user Invalid user credentials."}
After researching in different threads of this forum, I decided to setup
it via CLI by recommendation of different users, since it seems that
cockpit hosted-engine deployment is broken.
I attach the hosted-engine setup log but I am not sure where is the
problem now.
Can you help me?
Thanks in advance.
Pablo.
2 years, 2 months
oVirt bug reports to move from bugzilla to github issues in future
by Michal Skrivanek
Hi all,
as a final stage of out gerrit to github transition that started ~9 months ago we are planning to eliminate the use of bugzilla.redhat.com for all oVirt projects (bugs with Classification: "oVirt") and use the native issue tracking in github as well. We used to have integrations with gerrit and bugzilla that we moved to github actions instead, and the overhead (and notorious slowness) of bugzilla.redhat.com becomes the only "benefit" of using it these days.
There's about 50 bugs total left in oVirt bugzilla so it's not that much to move, the biggest change would be that the new bugs are to be filed elsewhere.
This is just a heads up for now, we haven't set a cut off date just yet, but you can expect this change in the coming weeks.
Thanks,
michal
2 years, 2 months
oVirt API access when using Keycloak
by jonas@rabe.ch
Hello all
I just recently installed a fresh oVirt appliance. Now I want to use the API to perform some actions but fail to provide the correct username. Can you help?
Here's my script:
import ovirtsdk4 as sdk
from getpass import getpass
dc_name = "Default"
clu_name = "Default"
connection = sdk.Connection(
url="https://ovirt-engine-test.admin.int.rabe.ch/ovirt-engine/api",
username="admin@ovirt",
password=getpass(),
# ca_file="/etc/pki/ovirt-engine/ca.pem",
insecure=True,
)
...
That's the error I get:
Traceback (most recent call last):
File "/home/user/ovirt_iso_script/./setup_networks.py", line 25, in <module>
dc = next(d for d in dcs_svc.list() if d.name == dc_name)
File "/usr/lib64/python3.10/site-packages/ovirtsdk4/services.py", line 6863, in list
return self._internal_get(headers, query, wait)
File "/usr/lib64/python3.10/site-packages/ovirtsdk4/service.py", line 202, in _internal_get
context = self._connection.send(request)
File "/usr/lib64/python3.10/site-packages/ovirtsdk4/__init__.py", line 371, in send
return self.__send(request)
File "/usr/lib64/python3.10/site-packages/ovirtsdk4/__init__.py", line 389, in __send
self.authenticate()
File "/usr/lib64/python3.10/site-packages/ovirtsdk4/__init__.py", line 382, in authenticate
self._sso_token = self._get_access_token()
File "/usr/lib64/python3.10/site-packages/ovirtsdk4/__init__.py", line 624, in _get_access_token
raise AuthError(
ovirtsdk4.AuthError: Error during SSO authentication access_denied : Cannot authenticate user No valid profile found in credentials..
2 years, 2 months
