Problem with ovirt-websocket-proxy updated certified.
by Kalil de A. Carvalho
Hello all.
In my company we have a oVit 4.5.4 that was worrying fine until today when
the Apache certified expereid. Looking for how I can updated ti, followed
here:
https://lists.ovirt.org/archives/list/users@ovirt.org/thread/ZI5WNU6OB6FZ...
I could access my engine.
A secunde problem apeready when me and my colleagues tried to access any VM
through noVNC
On the web tab show us this message:
"Something went wrong, connection is closed"
When I went on the engine discovery that Websocket-proxy certified was
expired too. I tried tha same procedure above but on the tab was the same
message but on /var/log/message show us this:
Feb 2 16:30:46 engine journal[5391]: 2024-02-02 16:30:46,072-0300
ovirt-websocket-proxy: INFO msg:601 handler exception: [SSL:
TLSV1_ALERT_UNKNOWN_C
A] tlsv1 alert unknown ca (_ssl.c:1129)
Feb 2 16:30:46 engine ovirt-websocket-proxy.py[5391]:
ovirt-websocket-proxy[5391] INFO msg:601 handler exception: [SSL:
TLSV1_ALERT_UNKNOWN_CA] tlsv
1 alert unknown ca (_ssl.c:1129)
I updated the CA-CERTIFITES, re-checked all paths to be sure that was
correct but nothing worked.
Has anyone passed through this problem?
Best regards,
--
Atenciosamente,
Kalil de A. Carvalho
9 months, 3 weeks
can hosted engine deploy use local repository mirrors instead of internet ones?
by iucounu@gmail.com
Hi,
hosted-engine --deploy is failing as it is trying to connect to mirrorlist.centos.org:
[ INFO ] TASK [ovirt.ovirt.engine_setup : Install required packages for oVirt Engine deployment]
[ INFO ] ok: [localhost]
[ INFO ] TASK [ovirt.ovirt.engine_setup : Install oVirt Engine package]
[ ERROR ] fatal: [localhost -> 192.168.1.187]: FAILED! => {"changed": false, "msg": "Failed to download metadata for repo 'centos-ceph-pacific': Cannot prepare internal mirrorlist: Curl error (7): Couldn't connect to server for http://mirrorlist.centos.org/?release=8-stream&arch=x86_64&repo=storage-c... [Failed to connect to mirrorlist.centos.org port 80: Connection refused]", "rc": 1, "results": []}
Opening up access to the internet is a bureaucratic procedure for us, as would be for adding all the URLs to the proxy. We have a lot of repos mirrored locally - is it possible to get hosted-engine to use the local ones? Is there a list? I had a search for files that might contain these repos in various places, but to no avail.
Thanks for any help!
Cam
9 months, 3 weeks
Nested Virtualization in AMD Ryzen
by LS CHENG
Hi all
I am running OLVM 4.5, this is a test setup which was running in my old
workstation with Intel CPU and is nested virtualization (with VMWare
Workstation), the host was running Windows 7 x64, I moved to AMD Ryzen
7950X3D a couple of days ago which runs Windows 11 x64 with 128GB memory
then moved OLVM VM's from the old workstation to this new workstation.
The problem I face now is the KVM hosts shows this error
*Host kvm1 moved to Non-Operational state as host CPU type is not supported
in this cluster compatibility version or is not supported at all*
I modified /etc/modprobe.d/kvm.conf and changed
options kvm_amd nested=0
to
options kvm_amd nested=1
reboot the kvm host but still getting same error, I verified the
modification and seems good
[root@kvm1 ~]# cat /sys/module/kvm_amd/parameters/nested
1
In Windows 11 I have hyper-v off and Memory Integrity is also off.
Am I missing any additional steps?
Thanks
9 months, 3 weeks
Upgrade from oVirt 4.5.4 to oVirt 4.5.5 - nothing provides selinux-policy >= 38.1.27-1.el9
by Devin A. Bougie
Hi, All. We're having trouble updating our 4.5.4 cluster to 4.5.5. We're running a self-hosted engine on fully updated AlmaLinux 9 hosts, and get the following errors when trying to upgrade to 4.5.5.
Any suggestions would be greatly appreciated.
Many thanks,
Devin
------
[root@lnxvirt01 ~]# dnf clean all
157 files removed
[root@lnxvirt01 ~]# dnf update
CLASSE Packages - x86_64 36 MB/s | 569 kB 00:00
CentOS-9-stream - Ceph Pacific 839 kB/s | 557 kB 00:00
CentOS-9-stream - Gluster 10 240 kB/s | 56 kB 00:00
CentOS-9 - RabbitMQ 38 354 kB/s | 104 kB 00:00
CentOS Stream 9 - NFV OpenvSwitch 923 kB/s | 154 kB 00:00
CentOS-9 - OpenStack yoga 5.7 MB/s | 3.0 MB 00:00
CentOS Stream 9 - OpsTools - collectd 228 kB/s | 51 kB 00:00
CentOS Stream 9 - oVirt 4.5 6.2 MB/s | 1.0 MB 00:00
oVirt upstream for CentOS Stream 9 - oVirt 4.5 1.0 kB/s | 7.5 kB 00:07
AlmaLinux 9 - AppStream 87 MB/s | 7.7 MB 00:00
AlmaLinux 9 - BaseOS 72 MB/s | 2.4 MB 00:00
AlmaLinux 9 - BaseOS - Debug 9.9 MB/s | 1.9 MB 00:00
AlmaLinux 9 - CRB 67 MB/s | 2.3 MB 00:00
AlmaLinux 9 - Extras 1.5 MB/s | 17 kB 00:00
AlmaLinux 9 - HighAvailability 29 MB/s | 434 kB 00:00
AlmaLinux 9 - NFV 56 MB/s | 1.0 MB 00:00
AlmaLinux 9 - Plus 2.5 MB/s | 22 kB 00:00
AlmaLinux 9 - ResilientStorage 30 MB/s | 446 kB 00:00
AlmaLinux 9 - RT 53 MB/s | 1.0 MB 00:00
AlmaLinux 9 - SAP 874 kB/s | 9.7 kB 00:00
AlmaLinux 9 - SAPHANA 1.3 MB/s | 13 kB 00:00
Error:
Problem 1: cannot install the best update candidate for package ovirt-vmconsole-1.0.9-1.el9.noarch
- nothing provides selinux-policy >= 38.1.27-1.el9 needed by ovirt-vmconsole-1.0.9-3.el9.noarch from centos-ovirt45
- nothing provides selinux-policy-base >= 38.1.27-1.el9 needed by ovirt-vmconsole-1.0.9-3.el9.noarch from centos-ovirt45
Problem 2: package ovirt-vmconsole-host-1.0.9-3.el9.noarch from centos-ovirt45 requires ovirt-vmconsole = 1.0.9-3.el9, but none of the providers can be installed
- cannot install the best update candidate for package ovirt-vmconsole-host-1.0.9-1.el9.noarch
- nothing provides selinux-policy >= 38.1.27-1.el9 needed by ovirt-vmconsole-1.0.9-3.el9.noarch from centos-ovirt45
- nothing provides selinux-policy-base >= 38.1.27-1.el9 needed by ovirt-vmconsole-1.0.9-3.el9.noarch from centos-ovirt45
(try to add '--skip-broken' to skip uninstallable packages or '--nobest' to use not only best candidate packages)
------
9 months, 3 weeks
oVirt 4.5.5 - Prb with qemu-kvm after upgrade
by Christophe GRENIER
Hello
I have a standalone oVirt Manager 4.5.5-1.el8 and two small clusters.
After upgrading ovir01001 in the "PreProd" cluster from AlmaLinux 8.8 to 8.9,
the host was successfully activated but failed to take any VM.
centos-release-ceph-pacific.noarch 1.0-2.el8 @cs8-extras
centos-release-gluster10.noarch 1.0-1.el8s @cs8-extras-common
centos-release-nfv-common.noarch 1-3.el8 @cs8-extras
centos-release-nfv-openvswitch.noarch 1-3.el8 @cs8-extras
centos-release-opstools.noarch 1-12.el8 @cs8-extras
centos-release-ovirt45.noarch 8.9-1.el8s @cs8-extras-common
centos-release-storage-common.noarch 2-2.el8 @cs8-extras
centos-release-stream.x86_64 8.1-1.1911.0.7.el8 @cs8-extras
centos-release-virt-common.noarch 1-2.el8 @cs8-extras
vdsm.x86_64 4.50.5.1-1.el8 @centos-ovirt45
The problem has been "solved" by downgrading all qemu-* packages to the version
in AlmaLinux 8.8
ie. qemu-kvm-6.2.0-40.module_el8.9.0+3681+41cbbcc0.1.alma.1 =>
qemu-kvm-6.2.0-33.module_el8.8.0+3612+f18d2b89.alma.1.x86_64
Please find the relevent log:
- engine_when_failed.log https://pastebin.com/7MG6fYGY
- engine_when_ok.log https://pastebin.com/MegqmMbg
- vdsm_when_failed.log https://pastebin.com/ae4w0pix
- vdsm_when_ok.log https://pastebin.com/d7P0BWDN
Has someone tried to update to 8.9 ?
Regards
--
,-~~-.___. ._.
/ | ' \ | |--------. Christophe GRENIER
( ) 0 | | | grenier(a)cgsecurity.org
\_/-, ,----' | | |
==== !_!-v---v--.
/ \-'~; .--------. TestDisk & PhotoRec
/ __/~| ._-""|| | Data Recovery
=( _____|_|____||________| https://www.cgsecurity.org
9 months, 3 weeks
Major screwup and now I can't bring anything up
by John Florian
I have a small home oVirt 4.5 deployment that was struggling a bit and I think I've only made things worse. I was seeing some SSL errors in various places but couldn't find any evidence of an expired cert though maybe I overlooked something. At present, it looks like the most immediate problem is that the engine.log is showing SyncNetworkProviderCommand fails saying EngineException: (Failed with error Unsupported or unrecognized SSL message and code 5050). For now, I'm only concerning myself to one Host that had been running VMs until I tried restarting everything from a power off. I take it that the sync failure prevents this Host from becoming active.
I had successfully been using this setup for many years. I do have my own web cert on the engine signed by my CA. While I was getting this same "code 5050" error before with things like ovirt-imageio (what prompted my initial digging), now I'm afraid I've only made things more complex. See, I was running FreeIPA on a pair of VMs. In the past, this pair of VMs would auto-start once the oVirt Engine and Hosts were going and I had no issue. But now I wonder to what extent OSCP being unreachable might affect the SSL errors.
What's the best/easiest/safest way out of this mess? Should I just wipe ovirt-engine of all the non-rpm provided files in /etc/pki/ovirt-engine/ and redo the engine-setup? I'm afraid of making things worse before I begin attempting that.
9 months, 3 weeks
Re: [ovirt-devel] Foreman needs a release of ovirt-engine-sdk-ruby
by Guillaume Pavese
We were just starting to depend on this workflow...
On Fri, Jan 26, 2024 at 2:02 PM Ewoud Kohl van Wijngaarden <
ewoud+ovirt(a)kohlvanwijngaarden.nl> wrote:
> Hello everyone,
>
> Foreman is a bit late in updating Ruby to a newer version. Looking ahead
> we're aiming at Ruby 3.1+ but ovirt-engine-sdk-ruby doesn't compile on
> it.
>
> https://github.com/oVirt/ovirt-engine-sdk-ruby/pull/3 was merged in
> September 2022 and a request to release it was opened a year ago:
> https://github.com/oVirt/ovirt-engine-sdk-ruby/issues/4
>
> The Foreman community is currently discussing dropping oVirt support:
> https://community.theforeman.org/t/proposal-to-drop-support-for-ovirt/36324
>
> Is there anyone who can still perform this release, or should we proceed
> with removal?
>
> Regards,
> Ewoud Kohl van Wijngaarden
> _______________________________________________
> Devel mailing list -- devel(a)ovirt.org
> To unsubscribe send an email to devel-leave(a)ovirt.org
> Privacy Statement: https://www.ovirt.org/privacy-policy.html
> oVirt Code of Conduct:
> https://www.ovirt.org/community/about/community-guidelines/
> List Archives:
> https://lists.ovirt.org/archives/list/devel@ovirt.org/message/ESA4LFSQ5JP...
>
--
Ce message et toutes les pièces jointes (ci-après le “message”) sont
établis à l’intention exclusive de ses destinataires et sont confidentiels.
Si vous recevez ce message par erreur, merci de le détruire et d’en avertir
immédiatement l’expéditeur. Toute utilisation de ce message non conforme a
sa destination, toute diffusion ou toute publication, totale ou partielle,
est interdite, sauf autorisation expresse. L’internet ne permettant pas
d’assurer l’intégrité de ce message . Interactiv-group (et ses filiales)
décline(nt) toute responsabilité au titre de ce message, dans l’hypothèse
ou il aurait été modifié. IT, ES, UK.
<https://interactiv-group.com/disclaimer.html>
9 months, 3 weeks
onn pv
by Michael Thomas
I think I may have just messed up my cluster.
I'm running an older 4.4.2.6 cluster on CentOS-8 with 4 nodes and a
self-hosted engine. I wanted to assemble the spare drives on 3 of the 4
nodes into a new gluster volume for extra VM storage.
Unfortunately, I did not look closely enough at one of the nodes before
running sfdisk+parted+pvcreate, and now it looks like I may have broken
my onn storage. pvs shows missing uuids:
# pvs
WARNING: Couldn't find device with uuid
RgTaWg-fR1T-J3Nv-uh03-ZTi5-jz9X-cjl1lo
.
WARNING: Couldn't find device with uuid
0l9CFI-Z7pP-x1P8-AJ78-gRoz-ql0e-2gzXsC
.
WARNING: Couldn't find device with uuid
fl73h2-ztyn-y9NY-4TF4-K2Pd-G2Ow-vH46yH
.
WARNING: VG onn_ovirt1 is missing PV
RgTaWg-fR1T-J3Nv-uh03-ZTi5-jz9X-cjl1lo (l
ast written to /dev/nvme0n1p3).
WARNING: VG onn_ovirt1 is missing PV
0l9CFI-Z7pP-x1P8-AJ78-gRoz-ql0e-2gzXsC (l
ast written to /dev/nvme1n1p1).
WARNING: VG onn_ovirt1 is missing PV
fl73h2-ztyn-y9NY-4TF4-K2Pd-G2Ow-vH46yH (l
ast written to /dev/nvme2n1p1).
PV VG Fmt Attr PSize PFree
/dev/md2 vg00 lvm2 a-- <928.80g 0
/dev/nvme2n1p1 gluster_vg_nvme2n1p1 lvm2 a-- 2.91t 0
/dev/nvme3n1p1 onn_ovirt1 lvm2 a-- 2.91t 0
[unknown] onn_ovirt1 lvm2 a-m 929.92g 100.00g
[unknown] onn_ovirt1 lvm2 a-m <931.51g 0
[unknown] onn_ovirt1 lvm2 a-m 2.91t 0
Here's what I don't understand:
* This onn volume group only existed on one of the 4 nodes. I expected
it would have been on all 4?
* lsblk and /etc/fstab don't show any reference to onn
* What is the ONN volume group used for, and how bad is it if it's now
missing? I note that my VMs all continue to run and I've been able to
migrate them off of this affected node with no apparent problems.
* Is it possible that this onn volume group was already broken before I
messed with the nvme3n1 disk? When ovirt was originally installed
several years ago, I went through the install process multiple times and
might not have cleaned up properly each time.
--Mike
9 months, 3 weeks
Shared and local storage, together
by duparchy@esrf.fr
HI,
We running some VMs from local storage.
These are VMs for managing and monitoring tools such as Dell Storage Manager.
So we don't want them to be stored in the shared storages they are managing and monitoring....
If something goes wrong on either the storage or the ISCSI network we want those VM to be up and running.
Any way to enable both shared storages and some local storage in a cluster ?
For the shake of using a host most efficiently and not for only a couple of VMs ?.
9 months, 3 weeks
