How to change network card configuration under bridge on host?
by Derek Atkins
Hi,
I've got a single host running CentOS 7.3 + Ovirt 4.0.6 with hosted
engine. I'm having network issues (see previous email thread) and the
next thing I'm going to try is to add a new network card and use that
instead of the onboard ethernet on the mobo. However it looks like
/etc/sysconfig/network-scripts/ifcfg-* get replaced every time the host
restarts.
Right now it's configured with:
eno1, eno2 -> bond0 -> ovirtmgmt
I accomplished this by setting up the bond by hand on the host before I
installed the hosted engine, but then ovirt "took control" of the
configuration. I want to change this to replace eno1 and eno2 with the
two new devices when I add the new card tomorrow. What's the best way
to do this?
I suppose I can just add the new devices as bond0 slaves pretty easily
by creating new ifcfg-xxx files for the new devices (I'm assuming they
will be eno3 and eno4) that looks similar to the eno1 and eno2 files.
However I'd like to also remove eno1 and eno2 from bond0. Yet I suspect
if I change ifcfg-eno1 and ifcfg-eno2 by hand, they will just get
replaced at the next reboot by ovirt.
How do I convince ovirt to stop overwriting those files? Or how do I
tell ovirt about the new configuration?
Thanks,
-derek
--
Derek Atkins 617-623-3745
derek(a)ihtfp.com www.ihtfp.com
Computer and Internet Security Consultant
7 years, 2 months
Vdsm Fail after update
by carl langlois
Hi,
I have just update my Centos 7 and now vdsm is not starting:
i got this error :
Job vdsmd.service/start failed with result 'dependency'.
and in the libvirtd error also :
Oct 12 10:15:32 ovhost5 libvirtd[1434]: 2017-10-12 15:15:32.959+0000: 1434:
error : virNetSocketReadWire:1808 : End of file while reading data:
Input/output error
Oct 12 10:15:33 ovhost5 libvirtd[1434]: 2017-10-12 15:15:33.160+0000: 1492:
error : virNetSASLSessionListMechanisms:390 : internal error: cannot list
SASL mechanisms -4 (SASL(-4): no mechanism available: Internal Error -4 in
server.c near line 1757)
Oct 12 10:15:33 ovhost5 libvirtd[1434]: 2017-10-12 15:15:33.160+0000: 1492:
error : remoteDispatchAuthSaslInit:3411 : authentication failed:
authentication failed
Oct 12 10:15:33 ovhost5 libvirtd[1434]: 2017-10-12 15:15:33.160+0000: 1434:
error : virNetSocketReadWire:1808 : End of file while reading data:
Input/output error
Oct 12 10:15:33 ovhost5 libvirtd[1434]: 2017-10-12 15:15:33.361+0000: 1493:
error : virNetSASLSessionListMechanisms:390 : internal error: cannot list
SASL mechanisms -4 (SASL(-4): no mechanism available: Internal Error -4 in
server.c near line 1757)
any help would apreciated. Everything was working perfectly before the
update.
current version
CentOS Linux release 7.4.1708 (Core)
ovirt-release40
Regards.
Carl
7 years, 2 months
Update problem with one node in HC env. 4.1.5->4.1.6
by Jesper Andersson
Hi, we have a HC (ovirt node) environment with 3 nodes, where 2 of them
updated from ovirt 4.1.5 to 4.1.6 just fine but one node fails the update.
I talked to sbonazzo on IRC and was asked to mail the users(a)ovirt.org
with an sosreport.
The sosreport can be found here:
https://ufile.io/47jhs
Best regards
Jesper
7 years, 2 months
Issues with Windows 7 VM
by Marc Turner
Hello,
I'm a Systems Administrator at Wolfram Research, and we've been having an issue with a Windows 7 x64 VM. This is a new VM with a newly created Cinder VM image attached to it, which was working without issue last week. Earlier today I performed a Windows update and shutdown the VM. When trying to start it back up, it does nothing but fail with the message "Failed to start VM on host. We have several VM hosts set up, so it will bounce around between a few of them, failing each time before giving up entirely.
Myself and another SysAdmin have looked through the logs and have not been able to find any reason as to why this VM won't start. No other VM's are having problems, and Cinder is working correctly. If you would have any idea as to why this is happening, or where we could look to figure out what may be going on, it would be much appreciated.
Thank you,
Marc Turner
Systems Administrator
Wolfram Research
7 years, 2 months
Mouse USB passthrough not working
by Wesley Stewart
I have a windows guest that I use to use without issue, but since upgrading
from 4.1.4 to 4.1.6 I cannot get a mouse to pass through to the VM using
USB Passthrough.
Keyboard using USB passthrough and my GPU works without an issue. I have
tried multiple mice with the same issue, they just wont work.
Any ideas?
7 years, 2 months
Add FC domain failed - but reported as used
by Roberto Nunin
I've tried to add a second FC data domain to our oVirt remote infra, built
with 6 hosts in remote and 4 local, where hosted-engine is running.
Currently, we are using 4.0.1.1-1.el7.centos.
After FC storage setup (zoning/masking), tried to add the new volume to the
remote DC.
Process was failing with:
2017-10-11 12:57:31,174 ERROR
[org.ovirt.engine.core.dal.dbbroker.auditloghandling.AuditLogDirector]
(default task-5) [bfcbca2] Correlation ID: bfcbca2, Job ID:
0850b9ba-a898-472c-9dbd-3ae4f27b2992, Call Stack: null, Custom Event ID:
-1, Message: Failed to attach Storage Domain oVirt_datastore_2_NO to Data
Center CompanyDCoVirt4. (User: me(a)srv-ldap-new.company.com-authz).
on SPM, vdsm log report:
jsonrpc.Executor/0::ERROR::2017-10-11
12:57:26,503::sdc::140::Storage.StorageDomainCache::(_findDomain) looking
for unfetched domain 17d3d910-3f79-468e-9ffb-a7bd2bd174aa
jsonrpc.Executor/0::ERROR::2017-10-11
12:57:26,503::sdc::157::Storage.StorageDomainCache::(_findUnfetchedDomain)
looking for domain 17d3d910-3f79-468e-9ffb-a7bd2bd174aa
jsonrpc.Executor/0::ERROR::2017-10-11
12:57:26,505::sdc::146::Storage.StorageDomainCache::(_findDomain) domain
17d3d910-3f79-468e-9ffb-a7bd2bd174aa not found
After this attempt, I've double checket that all 6 hosts have identified
the new volume. All are ok.
Another attempt to add the volume to the remote DC, was failing blocking me
to chosse the volume ID into the GUI interface, because "the LUN is already
part of a Storage DOmain".
I think that something is still marking as used the new volume into the
host-engine DB, even if it isn't available into the GUI interface.
If this could be the reason, how to correctly manage this issue ? (apart
update the entire installation, planned :) )
Thanks in advance
--
Roberto
7 years, 2 months
ovirt 4.1 hosted engine: clear Task error: Operation is not allowed in this task state: ("can't clean in state running", )
by yayo (j)
Hi all,
ovirt 4.1 hosted engine on 2 node cluster and FC LUN Storage
I'm trying to clear some task pending from months using vdsClient but I
can't do anything. Below are the steps (on node 1, the SPM):
1. Show all tasks:
*# vdsClient -s 0 getAllTasksInfofd319af4-d160-48ce-b682-5a908333a5e1 :
verb = createVolume id =
fd319af4-d160-48ce-b682-5a908333a5e19bbc2bc4-3c73-4814-a785-6ea737904528 :
verb = prepareMerge id =
9bbc2bc4-3c73-4814-a785-6ea737904528e70feb21-964d-49d9-9b5a-8e3f70a92db1 :
verb = prepareMerge id =
e70feb21-964d-49d9-9b5a-8e3f70a92db1cf064461-f0ab-4e44-a68f-b2d58fa83a21 :
verb = prepareMerge id =
cf064461-f0ab-4e44-a68f-b2d58fa83a2185b7cf4e-d658-4785-94f0-391fe9616b41 :
verb = prepareMerge id =
85b7cf4e-d658-4785-94f0-391fe9616b417416627a-fe50-4353-b129-e01bba066a66 :
verb = prepareMerge id =
7416627a-fe50-4353-b129-e01bba066a66*
2. Stop all tasks (repeted for every task):
*# vdsClient -s 0 stopTask 7416627a-fe50-4353-b129-e01bba066a66 *
Task is aborted: u'7416627a-fe50-4353-b129-e01bba066a66' - code 411
3. Tring to clear tasks:
* # vdsClient -s 0 clearTask 7416627a-fe50-4353-b129-e01bba066a66*
*Operation is not allowed in this task state: ("can't clean in state
running",)*
*On Node 01 (the SPM) I have multiple errors in /var/log/vdsm/vdsm.log like
this:*
*2017-10-11 15:09:53,719+0200 INFO (jsonrpc/3) [storage.TaskManager.Task]
(Task='9519d4db-2960-4b88-82f2-e4c1094eac54') aborting: Task is aborted:
u'Operation is not allowed in this task state: ("can\'t clean in state
running",)' - code 100 (task:1175)*
*2017-10-11 15:09:53,719+0200 ERROR (jsonrpc/3) [storage.Dispatcher] FINISH
clearTask error=Operation is not allowed in this task state: ("can't clean
in state running",) (dispatcher:78)*
*2017-10-11 15:09:53,720+0200 INFO (jsonrpc/3) [jsonrpc.JsonRpcServer] RPC
call Task.clear failed (error 410) in 0.01 seconds (__init__:539)*
*2017-10-11 15:09:53,743+0200 INFO (jsonrpc/6) [vdsm.api] START
clearTask(taskID=u'7416627a-fe50-4353-b129-e01bba066a66', spUUID=None,
options=None) from=::ffff:192.168.0.226,36724, flow_id=7cd340ec (api:46)*
*2017-10-11 15:09:53,743+0200 INFO (jsonrpc/6) [vdsm.api] FINISH clearTask
error=Operation is not allowed in this task state: ("can't clean in state
running",) from=::ffff:192.168.0.226,36724, flow_id=7cd340ec (api:50)*
*2017-10-11 15:09:53,743+0200 ERROR (jsonrpc/6) [storage.TaskManager.Task]
(Task='0e12e052-2aca-480d-b50f-5de01ddebe35') Unexpected error (task:870)*
*Traceback (most recent call last):*
* File "/usr/share/vdsm/storage/task.py", line 877, in _run*
* return fn(*args, **kargs)*
* File "<string>", line 2, in clearTask*
* File "/usr/lib/python2.7/site-packages/vdsm/common/api.py", line 48, in
method*
* ret = func(*args, **kwargs)*
* File "/usr/share/vdsm/storage/hsm.py", line 2258, in clearTask*
* return self.taskMng.clearTask(taskID=taskID)*
* File "/usr/share/vdsm/storage/taskManager.py", line 175, in clearTask*
* t.clean()*
* File "/usr/share/vdsm/storage/task.py", line 1047, in clean*
* raise se.TaskStateError("can't clean in state %s" % self.state)*
*TaskStateError: Operation is not allowed in this task state: ("can't clean
in state running",)*
*On Node 02 (is a 2 node cluster) I have other errors (I don't know if are
related):*
*2017-10-11 15:11:57,083+0200 INFO (jsonrpc/7) [storage.LVM] Refreshing
lvs: vg=b50c1f5c-aa2c-4a53-9f89-83517fa70d3b lvs=['leases'] (lvm:1291)*
*2017-10-11 15:11:57,084+0200 INFO (jsonrpc/7) [storage.LVM] Refreshing
LVs (vg=b50c1f5c-aa2c-4a53-9f89-83517fa70d3b, lvs=['leases']) (lvm:1319)*
*2017-10-11 15:11:57,124+0200 INFO (jsonrpc/7) [storage.VolumeManifest]
b50c1f5c-aa2c-4a53-9f89-83517fa70d3b/d42f671e-1745-46c1-9e1c-2833245675fc/c86afaa5-6ca8-4fcb-a27e-ffbe0133fe23
info is {'status': 'OK', 'domain': 'b50c1f5c-aa2c-4a53-9f89-83517fa70d3b',
'voltype': 'LEAF', 'description': 'hosted-engine.metadata', 'parent':
'00000000-0000-0000-0000-000000000000', 'format': 'RAW', 'generation': 0,
'image': 'd42f671e-1745-46c1-9e1c-2833245675fc', 'ctime': '1499437345',
'disktype': '2', 'legality': 'LEGAL', 'mtime': '0', 'apparentsize':
'134217728', 'children': [], 'pool': '', 'capacity': '134217728', 'uuid':
u'c86afaa5-6ca8-4fcb-a27e-ffbe0133fe23', 'truesize': '134217728', 'type':
'PREALLOCATED', 'lease': {'owners': [], 'version': None}} (volume:272)*
*2017-10-11 15:11:57,125+0200 INFO (jsonrpc/7) [vdsm.api] FINISH
getVolumeInfo return={'info': {'status': 'OK', 'domain':
'b50c1f5c-aa2c-4a53-9f89-83517fa70d3b', 'voltype': 'LEAF', 'description':
'hosted-engine.metadata', 'parent': '00000000-0000-0000-0000-000000000000',
'format': 'RAW', 'generation': 0, 'image':
'd42f671e-1745-46c1-9e1c-2833245675fc', 'ctime': '1499437345', 'disktype':
'2', 'legality': 'LEGAL', 'mtime': '0', 'apparentsize': '134217728',
'children': [], 'pool': '', 'capacity': '134217728', 'uuid':
u'c86afaa5-6ca8-4fcb-a27e-ffbe0133fe23', 'truesize': '134217728', 'type':
'PREALLOCATED', 'lease': {'owners': [], 'version': None}}} from=::1,56906
(api:52)*
*2017-10-11 15:11:57,126+0200 INFO (jsonrpc/7) [jsonrpc.JsonRpcServer] RPC
call Volume.getInfo succeeded in 0.05 seconds (__init__:539)*
*2017-10-11 15:11:57,758+0200 INFO (Reactor thread)
[ProtocolDetector.AcceptorImpl] Accepted connection from ::1:56908
(protocoldetector:72)*
*2017-10-11 15:11:57,764+0200 INFO (Reactor thread)
[ProtocolDetector.Detector] Detected protocol stomp from ::1:56908
(protocoldetector:127)*
*2017-10-11 15:11:57,765+0200 INFO (Reactor thread) [Broker.StompAdapter]
Processing CONNECT request (stompreactor:103)*
*2017-10-11 15:11:57,765+0200 INFO (JsonRpc (StompReactor))
[Broker.StompAdapter] Subscribe command received (stompreactor:130)*
*2017-10-11 15:11:57,930+0200 INFO (jsonrpc/0) [jsonrpc.JsonRpcServer] RPC
call Host.getHardwareInfo succeeded in 0.01 seconds (__init__:539)*
*2017-10-11 15:11:57,933+0200 INFO (jsonrpc/1) [vdsm.api] START
repoStats(options=None) from=::1,56908 (api:46)*
*2017-10-11 15:11:57,933+0200 INFO (jsonrpc/1) [vdsm.api] FINISH repoStats
return={u'b50c1f5c-aa2c-4a53-9f89-83517fa70d3b': {'code': 0, 'actual':
True, 'version': 4, 'acquired': True, 'delay': '0.000138003', 'lastCheck':
'4.9', 'valid': True}, u'b6730d64-2cf8-42a3-8f08-24b8cc2c0cd8': {'code':
200, 'actual': True, 'version': -1, 'acquired': False, 'delay': '0',
'lastCheck': '9.7', 'valid': False},
u'c7d32f1b-f32c-4a21-995b-2e3b415aae4e': {'code': 0, 'actual': True,
'version': 0, 'acquired': True, 'delay': '0.000618471', 'lastCheck': '1.4',
'valid': True}, u'05ab1dd9-24bc-409b-80b8-6c5b00c52aa9': {'code': 0,
'actual': True, 'version': 4, 'acquired': True, 'delay': '0.00027591',
'lastCheck': '5.2', 'valid': True}} from=::1,56908 (api:52)*
*2017-10-11 15:11:57,998+0200 INFO (jsonrpc/1) [jsonrpc.JsonRpcServer] RPC
call Host.getStats succeeded in 0.06 seconds (__init__:539)*
*2017-10-11 15:11:58,253+0200 ERROR (monitor/b6730d6) [storage.Monitor]
Setting up monitor for b6730d64-2cf8-42a3-8f08-24b8cc2c0cd8 failed
(monitor:329)*
*Traceback (most recent call last):*
* File "/usr/share/vdsm/storage/monitor.py", line 326, in _setupLoop*
* self._setupMonitor()*
* File "/usr/share/vdsm/storage/monitor.py", line 349, in _setupMonitor*
* self._produceDomain()*
* File "/usr/lib/python2.7/site-packages/vdsm/utils.py", line 401, in
wrapper*
* value = meth(self, *a, **kw)*
* File "/usr/share/vdsm/storage/monitor.py", line 367, in _produceDomain*
* self.domain = sdCache.produce(self.sdUUID)*
* File "/usr/share/vdsm/storage/sdc.py", line 112, in produce*
* domain.getRealDomain()*
* File "/usr/share/vdsm/storage/sdc.py", line 53, in getRealDomain*
* return self._cache._realProduce(self._sdUUID)*
* File "/usr/share/vdsm/storage/sdc.py", line 136, in _realProduce*
* domain = self._findDomain(sdUUID)*
* File "/usr/share/vdsm/storage/sdc.py", line 153, in _findDomain*
* return findMethod(sdUUID)*
* File "/usr/share/vdsm/storage/nfsSD.py", line 126, in findDomain*
* return NfsStorageDomain(NfsStorageDomain.findDomainPath(sdUUID))*
* File "/usr/share/vdsm/storage/fileSD.py", line 359, in __init__*
* manifest = self.manifestClass(domainPath)*
* File "/usr/share/vdsm/storage/fileSD.py", line 171, in __init__*
* sd.StorageDomainManifest.__init__(self, sdUUID, domaindir, metadata)*
* File "/usr/share/vdsm/storage/sd.py", line 332, in __init__*
* self._domainLock = self._makeDomainLock()*
* File "/usr/share/vdsm/storage/sd.py", line 526, in _makeDomainLock*
* domVersion = self.getVersion()*
* File "/usr/share/vdsm/storage/sd.py", line 403, in getVersion*
* return self.getMetaParam(DMDK_VERSION)*
* File "/usr/share/vdsm/storage/sd.py", line 400, in getMetaParam*
* return self._metadata[key]*
* File "/usr/lib/python2.7/site-packages/vdsm/storage/persistent.py", line
91, in __getitem__*
* return dec(self._dict[key])*
* File "/usr/lib/python2.7/site-packages/vdsm/storage/persistent.py", line
203, in __getitem__*
* raise KeyError(key)*
*KeyError: 'VERSION'*
Can you help me?
Restart hosted engine don't solve the problem
Thank you
p.s. Related question: tasks above are the same/related reported by the
engine in the screenshot here? https://snag.gy/XDmoUt.jpg ... How Can I
clear also these tasks from engine?
7 years, 2 months
what does memory balloon optimize means in cluster?
by pengyixiang
------=_Part_250192_142863249.1507727625505
Content-Type: text/plain; charset=GBK
Content-Transfer-Encoding: base64
aGVsbG8sIGV2ZXJ5IQogICAgSSB3YW50IGtub3cgd2hhdCBkb2VzIG1lbW9yeSBiYWxsb29uIG9w
dGltaXplIG1lYW5zPyBhbmQgd2hhdCBzaG91bGQgaSBkbyB0byB0ZXN0IGl0J3MgZWZmZWN0aXZl
Pwo=
------=_Part_250192_142863249.1507727625505
Content-Type: text/html; charset=GBK
Content-Transfer-Encoding: base64
PGRpdiBzdHlsZT0ibGluZS1oZWlnaHQ6MS43O2NvbG9yOiMwMDAwMDA7Zm9udC1zaXplOjE0cHg7
Zm9udC1mYW1pbHk6QXJpYWwiPjxkaXY+aGVsbG8sIGV2ZXJ5ITwvZGl2PjxkaXY+Jm5ic3A7Jm5i
c3A7Jm5ic3A7IEkgd2FudCBrbm93IHdoYXQgZG9lcyBtZW1vcnkgYmFsbG9vbiBvcHRpbWl6ZSBt
ZWFucz8gYW5kIHdoYXQgc2hvdWxkIGkgZG8gdG8gdGVzdCBpdCdzIGVmZmVjdGl2ZT88YnI+PC9k
aXY+PC9kaXY+PGJyPjxicj48c3BhbiB0aXRsZT0ibmV0ZWFzZWZvb3RlciI+PGRpdiBpZD0ibmV0
ZWFzZV9tYWlsX2Zvb3RlciI+PGRpdiBzdHlsZT0iYm9yZGVyLXRvcDojQ0NDIDFweCBzb2xpZDtw
YWRkaW5nOjEwcHggNXB4O2ZvbnQtc2l6ZToxN3B4O2NvbG9yOiM3Nzc7bGluZS1oZWlnaHQ6MjJw
eCI+PGEgaHJlZj0iaHR0cDovL3lvdS4xNjMuY29tL2l0ZW0vZGV0YWlsP2lkPTExNjUwMTEmZnJv
bT13ZWJfZ2dfbWFpbF9qaWFvYmlhb185IiB0YXJnZXQ9Il9ibGFuayIgc3R5bGU9ImNvbG9yOiMz
MzY2RkY7dGV4dC1kZWNvcmF0aW9uOm5vbmUiPqG+zfjS19fU06p8MzDM7M7e08fNy7v1ob+99srb
zay/7rzbMS80o6FNVUpJ1sbU7MnMobAyMDE3x++2rMrmysq80r7Tzc/QrM+1wdChsc/eyrG99jM0
LjnUqiZndDsmZ3Q7ICZuYnNwOzwvYT4KICZuYnNwOyAmbmJzcDs8L2Rpdj48L2Rpdj48L3NwYW4+
------=_Part_250192_142863249.1507727625505--
7 years, 2 months
Fwd: ovirt-engine-extension-aaa-ldap active directory
by nicola gentile
2017-10-11 10:11 GMT+02:00 nicola gentile <nicola.gentile.to(a)gmail.com>:
> Hi Martin,
> I attach aaa.log you suggest
>
> Nick
>
> 2017-10-10 20:41 GMT+02:00 Martin Perina <mperina(a)redhat.com>:
>> Hi,
>>
>> most probably you are affected by [1], so could you please check
>> certificates on all your AD servers?
>> You can verify using following command:
>>
>> ovirt-engine-extensions-tool --log-level=FINEST aaa login-user
>> --user-name=<USERNAME> --profile=<PROFILE NAME>
>>
>>
>> Thanks
>>
>> Martin
>>
>> [1] https://bugzilla.redhat.com/show_bug.cgi?id=1465463
>>
>>
>> On Tue, Oct 10, 2017 at 6:13 PM, Luca 'remix_tj' Lorenzetto
>> <lorenzetto.luca(a)gmail.com> wrote:
>>>
>>> On Tue, Oct 10, 2017 at 4:41 PM, nicola gentile
>>> <nicola.gentile.to(a)gmail.com> wrote:
>>> > I run the command you suggest
>>> > ldapsearch -h domaincontroller.dom.it -b "dc=dom,dc=it" -D user(a)dom.it
>>> > -W -x sAMAccountName=user_to_search userPrincipalName | grep
>>> > userPrincipalName
>>> >
>>> > This is the result:
>>> >
>>> > Enter LDAP Password:
>>> > # requesting: userPrincipalName
>>> >
>>>
>>> Supposing you're using all the right parameters in ldapsearch command,
>>> it seems that the user you were looking up is not a valid user in that
>>> directory server.
>>>
>>> Please check with someone that can access to AD and verify the status
>>> of the user with ADSI Edit.
>>>
>>> Luca
>>>
>>>
>>> --
>>> "E' assurdo impiegare gli uomini di intelligenza eccellente per fare
>>> calcoli che potrebbero essere affidati a chiunque se si usassero delle
>>> macchine"
>>> Gottfried Wilhelm von Leibnitz, Filosofo e Matematico (1646-1716)
>>>
>>> "Internet è la più grande biblioteca del mondo.
>>> Ma il problema è che i libri sono tutti sparsi sul pavimento"
>>> John Allen Paulos, Matematico (1945-vivente)
>>>
>>> Luca 'remix_tj' Lorenzetto, http://www.remixtj.net ,
>>> <lorenzetto.luca(a)gmail.com>
>>> _______________________________________________
>>> Users mailing list
>>> Users(a)ovirt.org
>>> http://lists.ovirt.org/mailman/listinfo/users
>>
>>
7 years, 2 months
Help with SSL
by ~Stack~
This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
--7s08lKxr317U4f7S2uiLNhLgbhqI41l89
Content-Type: multipart/mixed; boundary="hSq7F28gapFg5m3iNcupps9DgFkLnpMkc";
protected-headers="v1"
From: ~Stack~ <i.am.stack(a)gmail.com>
To: users <users(a)ovirt.org>
Message-ID: <bdcd0a7d-84c7-b37c-e66e-b2c6ace3e31c(a)gmail.com>
Subject: Help with SSL
--hSq7F28gapFg5m3iNcupps9DgFkLnpMkc
Content-Type: text/plain; charset=utf-8
Content-Language: en-US
Content-Transfer-Encoding: quoted-printable
Greetings,
OS: Scientific Linux 7.3
Ovirt: 4.1.6.2-1.el7.centos
Foreman: 1.16.0-RC1
I updated my OVirt SSL cert from a self-signed to a purchased one using
the directions here:
https://www.ovirt.org/documentation/admin-guide/appe-oVirt_and_SSL/
Everything seems to work from the web interface.
Then I tried to add in Foreman. Thats where I get the error:
Unable to save
ERF56-1309 [Foreman::FingerprintException]: The remote system presented
a public key signed by an unidentified certificate authority. If you are
sure the remote system is authentic, go to the compute resource edit
page, press the 'Test Connection' or 'Load Datacenters' button and submit=
=2E
Everything I can find says that it *should* be resolved - From Red Hat,
to Foreman, to even the Ovirt list! Yet there it is!
Well after poking at it for a while, I realized that the cert Foreman
was auto-resolving was still the /OLD/ cert!
Step #2 in those ovirt directions says to break the symbolic link to
/etc/pki/ovirt-engine/ca.pem. But it doesn't say what to do with that
file. So I replaced it with my cert. Restarted ovirt and now Foreman
resolves the correct X509 cert! (I have no idea if that broke something
else.)
But I still get the error in foreman. :-(
I feel like I'm still missing something in the ovirt configs. Something
needs to be updated/replaced in ovirt that isn't in those docs.
Can anyone help me out please? I've been trying for hours and not making
progress.
Thanks!
~Stack~
--hSq7F28gapFg5m3iNcupps9DgFkLnpMkc--
--7s08lKxr317U4f7S2uiLNhLgbhqI41l89
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iQIcBAEBCAAGBQJZ3UApAAoJELkej+ysXJPmACEP/11wrxRd3rc3vOyR/4BKO+gg
KFdO2eOjuWBZlx6UV1sl61ivj2Pm3tXwz/v97vEtVtxFrmcdstJ1MEGTjsMV3QcB
J6j4zljuafGQheLI7atEuzoyi22yhzopbfvfTnMoe6QLdkxVLSFEDmiSf5foV+Rc
52MzSv1Xu8tXgubyam2CazpS/DKGPYU8jojWRlsTyZsF5AJ8su5m+1ZVr8UgdTMR
GBZlnZYuwb6bFjEPu0hkXwTPGTzVI6yaj0MfcCfO01merJWpv0QtOwgVAvdDgoyX
9X8HId0hjWqS4fM82CMgIvfmYb9AGzEWVz4deGXlYPLX76tlsi+cu/YkHVWiznPS
znReyqliTY2q621WgdcK9xNWW/Kqf2W/CiEbmVIv0k59Hg3FpTGtrjcaS+ny98qw
kZpHGRtQNoojCvcSrx86Fnt7e3Oqr8woOtnUJxtzPeN6I0CYCMOw2pt02a9npVSC
iKxj84LsFQphMNjVhqrsmrYW7NS9RtWCoiVweEQAwS/+bKfoLniqT4cj8xgpCkHJ
W/7qz9qTR8sMTuEr2WhLouZyCk7z5FD6A49B+0OCPpUYuFE7Cll7+7hxSHuNqy8I
M74aEPNVO7DdE0iT0yz5EkIxn5oht/gaPwyN8QYCJxjyglUEHOBK/+hAnpvfeLEF
y5hEnpvgwgt9iZtqrI4S
=qZrE
-----END PGP SIGNATURE-----
--7s08lKxr317U4f7S2uiLNhLgbhqI41l89--
7 years, 2 months