[ovirt-users] Re: Certificates expired...

I restarted vdsmd and libvirtd after the cert update on each host. Jason On 8/4/23 14:34, Derek Atkins wrote: > Did you restart vdsm after updating the certs? > -derek > > On Fri, August 4, 2023 2:12 pm, Jason P. Thomas wrote: >> I updated the VDSM certs on the hosts and the apache cert on the >> engine.  I'm guessing something is wrong with however the engine >> interacts with vdsm, I just don't know exactly what to do about it. >> >> Jason >> >> On 8/4/23 14:00, Derek Atkins wrote: >>> Sounds like the Host Certs need to be updated.. Or possibly even the >>> Engine CA Cert. >>> >>> -derek >>> >>> On Fri, August 4, 2023 1:45 pm, Jason P. Thomas wrote: >>>> Konstantin, >>>> Right after I sent the email I got the engine running. The >>>> libvirt-spice certs had incorrect ownership.  It still is not >>>> connecting >>>> to anything.  Error in Events on the Engine is now: "VDSM >>>> <hostname.fqdn> command Get Host Capabilities failed: General >>>> SSLEngine >>>> problem" >>>> >>>> So status right now is, all VMs are running.  Engine web ui is >>>> accessible.  Engine shows all hosts as unassigned or Connecting or >>>> NonResponsive with repeated entries of the above error in Events. >>>> >>>> Sincerely, >>>> Jason >>>> >>>> On 8/4/23 13:08, konstantin.volenbovskyi--- via Users wrote: >>>>>> Now the engine won't start at all and I'm afraid I'm one power >>>>>> outage >>>>>> away from complete disaster.  I need to keep the old location up >>>>>> and >>>>>> functioning for another 4-6 months, so any insights would be >>>>>> greatly >>>>>> appreciated. >>>>> Hi, >>>>> >>>>> 'engine won't start at all' can mean two things: >>>>> >>>>> 1) OS can't boot and thus you can't do SSH. Assuming that we are >>>>> talking >>>>> self-hosted engine, then you need to use command like below on host >>>>> that >>>>> runs ovengine VM (virsh -c >>>>> qemu:///system?authfile=/etc/ovirt-hosted-engine/virsh_auth.conf >>>>> list >>>>> and hosted-engine --vm-status might be helpful, VM should at least >>>>> start >>>>> to boot in order for you to achieve connectivity via console): >>>>> hosted-engine --add-console-password --password=somepassword >>>>> and then connect via VNC to IP that you will see in output and >>>>> password >>>>> that you used >>>>> >>>>> 2) ovirt-engine service can't start >>>>> In that case it is likely that you will find reason of that in >>>>>     journalctl -u ovirt-engine --no-pager >>>>> (/var/log/ovirt-engine/engine.log) >>>>> >>>>> BR, >>>>> Konstantin >>>>> _______________________________________________ >>>>> Users mailing list -- users(a)ovirt.org >>>>> To unsubscribe send an email to users-leave(a)ovirt.org >>>>> Privacy Statement: https://www.ovirt.org/privacy-policy.html >>>>> oVirt Code of Conduct: >>>>> https://www.ovirt.org/community/about/community-guidelines/ >>>>> List Archives: >>>>> https://lists.ovirt.org/archives/list/users@ovirt.org/message/PL4Q64G6IFU... >>>>> >>>> _______________________________________________ >>>> Users mailing list -- users(a)ovirt.org >>>> To unsubscribe send an email to users-leave(a)ovirt.org >>>> Privacy Statement: https://www.ovirt.org/privacy-policy.html >>>> oVirt Code of Conduct: >>>> https://www.ovirt.org/community/about/community-guidelines/ >>>> List Archives: >>>> https://lists.ovirt.org/archives/list/users@ovirt.org/message/H3M4O4TN67N... >>>> >>>> >> > _______________________________________________ Users mailing list -- users(a)ovirt.org To unsubscribe send an email to users-leave(a)ovirt.org Privacy Statement: https://www.ovirt.org/privacy-policy.html oVirt Code of Conduct: https://www.ovirt.org/community/about/community-guidelines/ List Archives: https://lists.ovirt.org/archives/list/users@ovirt.org/message/L3HNNMVKBOS...