4:27 a.m.
This is a multi-part message in MIME format.
--------------020700040008040105000200
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: quoted-printable
hi Yaniv,
When using http request, ovirt tells me " I Failed to communicate with=20
the external provider." and I get this on the foreman side:
| Started GET "/api/v2" for 192.168.52.116 at 2015-09-25 11:18:32 +0200
2015-09-25 11:18:32 [app] [I] Processing by=20
Api::V2::HomeController#index as JSON
2015-09-25 11:18:32 [app] [I] Parameters: {"apiv"=3D>"v2",
"home"=3D>{}=
}
2015-09-25 11:18:32 [app] [I] Redirected to https://euphorbe.v3.abes.fr/a=
pi
2015-09-25 11:18:32 [app] [I] Filter chain halted as=20
#<Proc:0x000000093503a0@/opt/rh/ruby193/root/usr/share/gems/gems/actionpa=
ck-3.2.8/lib/action_controller/metal/force_ssl.rb:28>=20
rendered or redirected
2015-09-25 11:18:32 [app] [I] Completed 301 Moved Permanently in 1ms=20
(ActiveRecord: 0.0ms)
But no log comes using https on the foreman side and I get "Test Failed=20
(unknown error)." with 5-09-25 11:25:31,181 ERROR=20
[org.ovirt.engine.core.bll.GetProviderCertificateChainQuery]=20
(ajp--127.0.0.1-8702-4) Error in encoding certificate. Error is {}=20
java.io.IOException: Keystore was tampered with, or password was incorrec=
t.
I've just updated to 3.5.4 and otopi asked me for renewing the=20
certificate. May it be the reason of the issue?
Le 25/09/2015 11:14, Yaniv Bronheim a =C3=A9crit :
<head <meta content=3D"text/html; charset=3Dutf-8"
http-equiv=3D"Content-Ty=
pe" </head <body bgcolor=3D"#FFFFFF"
text=3D"#000000" hi Yaniv,<br <br When
using http request, ovirt tells me " I Failed to communicate
with the external provider." and I get this on the foreman side:<br =C2=A0| Started GET "/api/v2" for 192.168.52.116
at 2015-09-25 11:18:=
32
+0200<br 2015-09-25 11:18:32 [app] [I]
Processing by
Api::V2::HomeController#index as JSON<br
2015-09-25 11:18:32 [app] [I]=C2=A0=C2=A0 Parameters: {"apiv"=3D>"=
v2",
"home"=3D>{}}<br
2015-09-25 11:18:32 [app] [I] Redirected to
<a class=3D"moz-txt-link-freetext"
href=3D"https://euphorbe.v3.abes.f=
r/api">https://euphorbe.v3.abes.fr/api</a><br 2015-09-25 11:18:32 [app] [I] Filter chain halted as
#<a class=3D"moz-txt-link-rfc2396E"
href=3D"mailto:Proc:0x00000009350=
3a0(a)/opt/rh/ruby193/root/usr/share/gems/gems/actionpack-3.2.8/lib/action_=
controller/metal/force_ssl.rb:28"><Proc:0x000000093503a0@/opt/rh/ruby1=
93/root/usr/share/gems/gems/actionpack-3.2.8/lib/action_controller/metal/=
force_ssl.rb:28></a rendered or redirected<br 2015-09-25 11:18:32 [app] [I] Completed 301 Moved
Permanently in 1ms
(ActiveRecord: 0.0ms)<br <br But no log comes using https on the foreman side and I get
"Test
Failed (unknown error)." with 5-09-25 11:25:31,181 ERROR
[org.ovirt.engine.core.bll.GetProviderCertificateChainQuery]
(ajp--127.0.0.1-8702-4) Error in encoding certificate. Error is {}
java.io.IOException: Keystore was tampered with, or password was
incorrect. <br I've just updated to 3.5.4
and otopi asked me for renewing the
certificate. May it be the reason of the issue?<br
<br <div class=3D"moz-cite-prefix">Le
25/09/2015 11:14, Yaniv Bronheim a
=C3=A9crit=C2=A0:<br </div <blockquote
cite=3D"mid:CANi4b2UqEh5LpbzJi7cYRZnTzNPCD1CAo870tsn+TJ4t5WkTBw@mail.gmai=
l.com"
type=3D"cite" <div
dir=3D"ltr" <div>Hi
Nathanael,</div <div><br </div
This error means that the restAPI request to foreman returned an
error. Most of the time it is a communication issue.. but we
can't know much from this report.
<div>Can you please share the production.log file from your
foreman host?=C2=A0</div
<div>Better to try to add the server as provider, get the error
and then check the production.log file - it will show us if
engine request got to foreman server, the internal fields and
why foreman returned 5050.</div
<div><br </div <div>Greeting,</div <div>Yaniv Bronhaim.</div </div
<div class=3D"gmail_extra"><br
<div class=3D"gmail_quote">On Wed, Sep 23, 2015 at 5:31 PM,
Nathana=C3=ABl Blanchet <span dir=3D"ltr"><<a
moz-do-not-send=3D"true"
href=3D"mailto:blanchet@abes.fr"
target=3D"_blank"><a
class=3D"moz-txt-link-abbreviated" hre=
f=3D"mailto:blanchet@abes.fr">blanchet@abes.fr</a></a>></span>
wrote:<=
br <blockquote class=3D"gmail_quote"
style=3D"margin:0 0 0
.8ex;border-left:1px #ccc solid;padding-left:1ex">Hello,<br <br
I have a working foreman 1.9.1 installed with katello 2.3.<br=
ruby193-rubygem-ovirt_provision_plugin-1.0.1-1.el7
is also
installed on the same host.<br
But the issue is the same as below when testing=C2=A0 in "add
external provider" from ovirt 3.5.4.<br
What can I do now?<br <br Le 06/11/2014 12:31, Oved Ourfali a =C3=A9crit
:<br <blockquote class=3D"gmail_quote"
style=3D"margin:0 0 0
.8ex;border-left:1px #ccc solid;padding-left:1ex" <br
----- Original Message -----<br
<blockquote class=3D"gmail_quote" style=3D"margin:0 0 0
.8ex;border-left:1px #ccc solid;padding-left:1ex" From: "Daniel Helgenberger"
<<a
moz-do-not-send=3D"true"
href=3D"mailto:daniel.helgenberger@m-box.de"
target=3D"_blank"><a
class=3D"moz-txt-link-abbreviated"=
href=3D"mailto:daniel.helgenberger@m-box.de">daniel.helgenberger@m-box.d=
e</a></a>><br
To: "Oved Ourfali" <<a moz-do-not-send=3D"true"
href=3D"mailto:oourfali@redhat.com"
target=3D"_blank">o=
ourfali(a)redhat.com</a>&gt;<br
Cc: <a moz-do-not-send=3D"true"
href=3D"mailto:users@ovirt.org"
target=3D"_blank">users=
@ovirt.org</a><br Sent: Thursday,
November 6, 2014 1:29:38 PM<br Subject: Re:
[ovirt-users] Foreman: Add external
provider (Failed with error PROVIDER_FAILURE and code
5050)<br <br <br
<br On 06.11.2014 05:47,
Oved Ourfali wrote:<br <blockquote
class=3D"gmail_quote" style=3D"margin:0 0 0
.8ex;border-left:1px #ccc solid;padding-left:1ex" These steps are also in the feature
page<br </blockquote Thanks Oved for pointing to the doc; my bad. I
was using
the foreman<br integration document
[1]. Maybe the pages should be
merged?<br <br </blockquote
Yaniv - you planned to merge them, right? That would be a
good time...<br <br <br
<blockquote class=3D"gmail_quote" style=3D"margin:0 0 0
.8ex;border-left:1px #ccc solid;padding-left:1ex" <blockquote class=3D"gmail_quote"
style=3D"margin:0 0 0
.8ex;border-left:1px #ccc solid;padding-left:1ex" , but it would be nice if you review them to
see
nothing is missing.<br
<br <a
moz-do-not-send=3D"true"
href=3D"http://www.ovirt.org/Features/AdvancedForeman=
Integration"
rel=3D"noreferrer"
target=3D"_blank">http://www.ovirt=
.org/Features/AdvancedForemanIntegration</a><br
</blockquote With foreman 1.6 (at
least) there is no need to enable
the nightly<br builds any more as
rb-ovirt is resolved by yum.<br <br Lastly, I think you need to enable
foreman_discovery
with the foreman<br
installer to work and download images:<br
<br # foreman-installer
--enable-foreman-plugin-discovery<br
--foreman-plugin-discovery-install-images=3Dtrue<br
<br You have that
already listed in the testing env setup;
but this needs to<br
be put in context with installing foreman-ovirt on the
foreman host.<br
</blockquote Yaniv - please add a
note there too.<br <br Daniel - thanks for the review and the
comments!<br <br Regards,<br
Oved<br <br <blockquote class=3D"gmail_quote"
style=3D"margin:0 0 0
.8ex;border-left:1px #ccc solid;padding-left:1ex" <blockquote class=3D"gmail_quote"
style=3D"margin:0 0 0
.8ex;border-left:1px #ccc solid;padding-left:1ex" Thanks<br
Oved<br <br </blockquote
[1] <a moz-do-not-send=3D"true"
href=3D"http://www.ovirt.org/Features/ForemanIntegratio=
n"
rel=3D"noreferrer"
target=3D"_blank">http://www.ovirt.o=
rg/Features/ForemanIntegration</a><br
<br <blockquote
class=3D"gmail_quote" style=3D"margin:0 0 0
.8ex;border-left:1px #ccc solid;padding-left:1ex" On Nov 6, 2014 12:40 AM, Daniel Helgenberger
<<a
moz-do-not-send=3D"true"
href=3D"mailto:daniel.helgenberger@m-box.de"
target=3D"_blank"><a
class=3D"moz-txt-link-abbreviate=
d"
href=3D"mailto:daniel.helgenberger@m-box.de">daniel.helgenberger@m-box=
.de</a></a>><br
wrote:<br <blockquote
class=3D"gmail_quote" style=3D"margin:0 0 0
.8ex;border-left:1px #ccc solid;padding-left:1ex" Answering my own question; and maybe a very
obvious
cause for the<br
failing provider: the missiAnswering my own
question; and maybe a very<br
obvious cause for the<br
</blockquote failing provider:
the missing provider plugin in
forman!<br So one needs to
do:<br <br yum install
ruby193-rubygem-ovirt_provision_plugin<br
<br on the foreman
host.<br <br After that, the connection test in the engine
comes up
positive. Sadly,<br
this is not documented anywhere; only on the GitHub
repo readme [1].<br
This is also a little bit outdated, as the rbovirt
dependency is<br
resolved now automatically.<br
<br Also, but I am not
sure, the porvider lugin needs the
foreman_discovery<br
plugin to work:<br <br yum install
ruby193-rubygem-foreman_discovery<br
<br [1]<br <a moz-do-not-send=3D"true"
href=3D"https://github.com/theforeman/ovirt_provision_plugin/blob/ma...
README.md"
rel=3D"noreferrer"
target=3D"_blank">https://github.c=
om/theforeman/ovirt_provision_plugin/blob/master/README.md</a><br <br
On 29.10.2014 00:36, Daniel Helgenberger wrote:<br
<blockquote class=3D"gmail_quote" style=3D"margin:0 0 0
.8ex;border-left:1px #ccc solid;padding-left:1ex" Hello,<br
<br did anyone
actually get this working in oVirt 3.5 /
EL6 - Engine? I am<br
trying this for two days now.<br
<br Setup:<br Engine; EL6.5<br Foreman; EL6.5<br <br
Foreman seems to do it's as I can use it to deploy
hosts and also smart<br
proxies are running fine.<br
<br I have opened a
BZ [1]; because this really can not
work out of the box<br
with EL6 plain vanilla packages. I wonder if this
was ever tested... ?<br
Java 7 used i n EL6 [4] does only support DH keys up
to 1024byte. This<br
is known issue in Foreman [2] as longer DH keys are
now used by default<br
in Foreman / PuppetCA.<br
A dirty fix confirmed working is adding default DH
parameters to the<br
foreman cert; effectively disabling it [3].<br
<br So I got SSL
working and I get beyond the
authentication (entering wrong<br
data gets me auth errors)- however, I am still not
able to add the<br
external provider. Pressing 'test' results in<br (Failed with error PROVIDER_FAILURE and
code 5050)<br=
<br
Sample engine.log<br 2014-10-28
23:49:40,860 ERROR<br
[org.ovirt.engine.core.bll.provider.TestProviderConnectivityCommand]<br (ajp--127.0.0.1-8702-1) [6a3da4e7]
Command<br
org.ovirt.engine.core.bll.provider.TestProviderConnec=
tivityCommand
throw<br Vdc Bll
exception. With error message
VdcBLLException: PROVIDER_FAILURE<br
(Failed with error PROVIDER_FAILURE and code 5050)<br=
<br
I can't find any more hints in oVirt; access logs in
Foreman are telling<br
me API queries by the engine. Did I miss a crucial
step in the foreman<br
setup? How can I debug this issue?<br
<br I am willing to
upgrade openjdk; provided this does
not break my engine...<br
<br
Thanks!<br <br [1] <a
moz-do-not-send=3D"true"
href=3D"https://bugzilla.redhat.com/show_bug.cgi?id=
=3D1157749"
rel=3D"noreferrer"
target=3D"_blank">https://bugzil=
la.redhat.com/show_bug.cgi?id=3D1157749</a><br
[2] <a moz-do-not-send=3D"true"
href=3D"https://tickets.puppetlabs.com/browse/SERVE=
R-17"
rel=3D"noreferrer"
target=3D"_blank">https://ticket=
s.puppetlabs.com/browse/SERVER-17</a><br
[3] <a moz-do-not-send=3D"true"
href=3D"http://httpd.apache.org/docs/current/ssl/ss=
l_faq.html#javadh"
rel=3D"noreferrer"
target=3D"_blank">http://httpd.a=
pache.org/docs/current/ssl/ssl_faq.html#javadh</a><br [4]
java-1.7.0-openjdk-1.7.0.65-2.5.1.2.el6_5.x86_64<=
br <br
</blockquote </blockquote --<br
Daniel Helgenberger<br m box bewegtbild
GmbH<br <br P: +49/30/2408781-22<br F: +49/30/2408781-10<br <br
ACKERSTR. 19<br D-10115
BERLIN<br <br <br
<a moz-do-not-send=3D"true" href=3D"http://www.m-box.de"
rel=3D"noreferrer"
target=3D"_blank">www.m-box.de</a>=C2=
=A0 <a
moz-do-not-send=3D"true" href=3D"http://www.monkeymen.t=
v"
rel=3D"noreferrer" target=3D"_blank"><a
class=3D"moz-tx=
t-link-abbreviated"
href=3D"http://www.monkeymen.tv">www.monkeymen.tv</a>=
</a><br <br Gesch=C3=A4ftsf=C3=BChrer: Martin
Retschitzegger / Michae=
la
G=C3=B6llner<br Handeslregister:
Amtsgericht Charlottenburg / HRB 112767<=
br <br
</blockquote
_______________________________________________<br
Users mailing list<br <a
moz-do-not-send=3D"true" href=3D"mailto:Users@ovirt.org"
target=3D"_blank">Users(a)ovirt.org</a><br <a moz-do-not-send=3D"true"
href=3D"http://lists.ovirt.org/mailman/listinfo/users"
rel=3D"noreferrer"
target=3D"_blank">http://lists.ovirt.o=
rg/mailman/listinfo/users</a><br
</blockquote <br -- <br
Nathana=C3=ABl Blanchet<br <br Supervision r=C3=A9seau<br P=C3=B4le Infrastrutures Informatiques<br 227 avenue Professeur-Jean-Louis-Viala<br 34193 MONTPELLIER CEDEX 5=C2=A0 =C2=A0 =C2=A0
=C2=A0<br T=C3=A9l. 33 (0)4 67 54
84 55<br Fax=C2=A0 33 (0)4 67 54
84 14<br <a
moz-do-not-send=3D"true" href=3D"mailto:blanchet@abes.fr"
target=3D"_blank">blanchet(a)abes.fr</a><br <br
_______________________________________________<br
Users mailing list<br <a
moz-do-not-send=3D"true" href=3D"mailto:Users@ovirt.org"
target=3D"_blank">Users(a)ovirt.org</a><br <a moz-do-not-send=3D"true"
href=3D"http://lists.ovirt.org/mailman/listinfo/users"
rel=3D"noreferrer"
target=3D"_blank">http://lists.ovirt.org=
/mailman/listinfo/users</a><br
</blockquote </div <br
<br clear=3D"all" <div><br </div
-- <br <div
class=3D"gmail_signature"
<div dir=3D"ltr" <div <div dir=3D"ltr" <div><span
style=3D"font-size:12.8px"><b>Yaniv Bronhaim.<=
/b></span><br </div </div
</div </div </div
</div </blockquote <br
<pre class=3D"moz-signature" cols=3D"72">--=20
Nathana=C3=ABl Blanchet
Supervision r=C3=A9seau
P=C3=B4le Infrastrutures Informatiques
227 avenue Professeur-Jean-Louis-Viala
34193 MONTPELLIER CEDEX 5 =09
T=C3=A9l. 33 (0)4 67 54 84 55
Fax 33 (0)4 67 54 84 14
<a class=3D"moz-txt-link-abbreviated"
href=3D"mailto:blanchet@abes.fr">bl=
anchet(a)abes.fr</a> </pre </body </html
--------------020700040008040105000200--
Hi Nathanael,
This error means that the restAPI request to foreman returned an=20
error. Most of the time it is a communication issue.. but we can't=20
know much from this report.
Can you please share the production.log file from your foreman host?
Better to try to add the server as provider, get the error and then=20
check the production.log file - it will show us if engine request got=20
to foreman server, the internal fields and why foreman returned 5050.
Greeting,
Yaniv Bronhaim.
On Wed, Sep 23, 2015 at 5:31 PM, Nathana=C3=ABl Blanchet <blanchet@abes=
.fr=20
<mailto:blanchet@abes.fr>> wrote:
Hello,
I have a working foreman 1.9.1 installed with katello 2.3.
ruby193-rubygem-ovirt_provision_plugin-1.0.1-1.el7 is also
installed on the same host.
But the issue is the same as below when testing in "add external
provider" from ovirt 3.5.4.
What can I do now?
Le 06/11/2014 12:31, Oved Ourfali a =C3=A9crit :
----- Original Message -----
From: "Daniel Helgenberger" <daniel.helgenberger(a)m-box.de
<mailto:daniel.helgenberger@m-box.de>
To: "Oved Ourfali" <oourfali(a)redhat.com
<mailto:oourfali@redhat.com>
Cc: users(a)ovirt.org <mailto:users@ovirt.org
Sent: Thursday, November 6, 2014 1:29:38 PM
Subject: Re: [ovirt-users] Foreman: Add external provider
(Failed with error PROVIDER_FAILURE and code 5050)
On 06.11.2014 05:47, Oved Ourfali wrote:
These steps are also in the feature page
Thanks Oved for pointing to the doc; my bad. I was using
the foreman
integration document [1]. Maybe the pages should be merged?
Yaniv - you planned to merge them, right? That would be a good
time...
, but it would be nice if you review them to see
nothing is missing.
http://www.ovirt.org/Features/AdvancedForemanIntegratio=
n
With foreman 1.6 (at least) there is no need to enable the
nightly
builds any more as rb-ovirt is resolved by yum.
Lastly, I think you need to enable foreman_discovery with
the foreman
installer to work and download images:
# foreman-installer --enable-foreman-plugin-discovery
--foreman-plugin-discovery-install-images=3Dtrue
You have that already listed in the testing env setup; but
this needs to
be put in context with installing foreman-ovirt on the
foreman host.
Yaniv - please add a note there too.
Daniel - thanks for the review and the comments!
Regards,
Oved
Thanks
Oved
[1] http://www.ovirt.org/Features/ForemanIntegration
On Nov 6, 2014 12:40 AM, Daniel Helgenberger
<daniel.helgenberger(a)m-box.de
<mailto:daniel.helgenberger@m-box.de>
wrote:
Answering my own question; and maybe a very
obvious cause for the
failing provider: the missiAnswering my own
question; and maybe a very
obvious cause for the
failing provider: the missing provider plugin in forman=
!
So one needs to do:
yum install ruby193-rubygem-ovirt_provision_plugin
on the foreman host.
After that, the connection test in the engine comes up
positive. Sadly,
this is not documented anywhere; only on the GitHub
repo readme [1].
This is also a little bit outdated, as the rbovirt
dependency is
resolved now automatically.
Also, but I am not sure, the porvider lugin needs the
foreman_discovery
plugin to work:
yum install ruby193-rubygem-foreman_discovery
[1]
https://github.com/theforeman/ovirt_provision_plugin/bl=
ob/master/README.md
On 29.10.2014 00:36, Daniel Helgenberger wrote:
Hello,
did anyone actually get this working in oVirt 3.5
/ EL6 - Engine? I am
trying this for two days now.
Setup:
Engine; EL6.5
Foreman; EL6.5
Foreman seems to do it's as I can use it to deploy
hosts and also smart
proxies are running fine.
I have opened a BZ [1]; because this really can
not work out of the box
with EL6 plain vanilla packages. I wonder if this
was ever tested... ?
Java 7 used i n EL6 [4] does only support DH keys
up to 1024byte. This
is known issue in Foreman [2] as longer DH keys
are now used by default
in Foreman / PuppetCA.
A dirty fix confirmed working is adding default DH
parameters to the
foreman cert; effectively disabling it [3].
So I got SSL working and I get beyond the
authentication (entering wrong
data gets me auth errors)- however, I am still not
able to add the
external provider. Pressing 'test' results in
(Failed with error PROVIDER_FAILURE and code 5050)
Sample engine.log
2014-10-28 23:49:40,860 ERROR
[org.ovirt.engine.core.bll.provider.TestProviderCon=
nectivityCommand]
(ajp--127.0.0.1-8702-1) [6a3da4e7] Command
org.ovirt.engine.core.bll.provider.TestProviderConn=
ectivityCommand
throw
Vdc Bll exception. With error message
VdcBLLException: PROVIDER_FAILURE
(Failed with error PROVIDER_FAILURE and code 5050)
I can't find any more hints in oVirt; access logs
in Foreman are telling
me API queries by the engine. Did I miss a crucial
step in the foreman
setup? How can I debug this issue?
I am willing to upgrade openjdk; provided this
does not break my engine...
Thanks!
[1]
https://bugzilla.redhat.com/show_bug.cgi?id=3D11577=
49
[2]
https://tickets.puppetlabs.com/browse/SERVER-17
[3]
http://httpd.apache.org/docs/current/ssl/ssl_faq.ht=
ml#javadh
[4]
java-1.7.0-openjdk-1.7.0.65-2.5.1.2.el6_5.x86_6=
4
--
Daniel Helgenberger
m box bewegtbild GmbH
P: +49/30/2408781-22
F: +49/30/2408781-10
ACKERSTR. 19
D-10115 BERLIN
www.m-box.de <http://www.m-box.de> www.monkeymen.tv
<http://www.monkeymen.tv
Gesch=C3=A4ftsf=C3=BChrer: Martin Retschitzegger / Michaela=
G=C3=B6llner
Handeslregister: Amtsgericht Charlottenburg / HRB 112767
_______________________________________________
Users mailing list
Users(a)ovirt.org <mailto:Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users
--=20
Nathana=C3=ABl Blanchet
Supervision r=C3=A9seau
P=C3=B4le Infrastrutures Informatiques
227 avenue Professeur-Jean-Louis-Viala
34193 MONTPELLIER CEDEX 5
T=C3=A9l. 33 (0)4 67 54 84 55
Fax 33 (0)4 67 54 84 14
blanchet(a)abes.fr <mailto:blanchet@abes.fr
_______________________________________________
Users mailing list
Users(a)ovirt.org <mailto:Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users
--=20
*Yaniv Bronhaim.*
--=20
Nathana=C3=ABl Blanchet
Supervision r=C3=A9seau
P=C3=B4le Infrastrutures Informatiques
227 avenue Professeur-Jean-Louis-Viala
34193 MONTPELLIER CEDEX 5 =09
T=C3=A9l. 33 (0)4 67 54 84 55
Fax 33 (0)4 67 54 84 14
blanchet(a)abes.fr
--------------020700040008040105000200
Content-Type: text/html; charset=utf-8
Content-Transfer-Encoding: quoted-printable
<html