May 2018 - Users - oVirt List Archives

oVirt reports using Grafana
by Karli Sjöberg 15 Jul '18

15 Jul '18

Heya! I've been whishing for reports in oVirt ever since the old 'Jasper Reports' was removed. For an Enterprise, having pretty graphs to look at is a must. Searching the subject, I've found this[*] and have managed to get it installed OK but having issues trying to follow the guide setting it up. First of all, I think the guide should have at least mentioned that 'pg_hba.conf' needs to be edited for the read only user to be able to connect to the database, I scratched my head around that for a while before I got it. When I first type in the query example, I got syntax errors: 'pq: syntax error at or near "$"'. I continued anyways since I figured it would be solved at a later point, which turned out to be true, since the next step is to use the "Templating feature" to add variables. Unfortunately this doesn't go so well, even though I followed the instructions very carefully. After hitting save on the first variable I am rewarded with the error message: 'Template variables could not be initialized: pq: column "en_us" does not exist.' Are the queries stated in the guide still correct? This is for 'user_locale': "SELECT DISTINCT language_code from enum_translator" [*]:https://www.ovirt.org/blog/2018/01/ovirt-report-using-grafana/ TIA /K

5 8

Changing resolution of console on Mint guest running on Ovirt 4.2
by pascal＠butterflyit.com 09 Jul '18

09 Jul '18

I keep getting an error: Could not set configuration for CRTC 63. I checked that I have spice-agent and spice-agentd running. Also qemu-guest-agent. lspci shows that I have a QXL adapter. xrandr -q shows that I have many different config available. but none work. What am I missing? Screen 0: minimum 320 x 200, current 1024 x 768, maximum 8192 x 8192 Virtual-0 connected primary 1024x768+0+0 0mm x 0mm 1024x768 59.95*+ 1920x1200 59.95 1920x1080 60.00 1600x1200 59.95 1680x1050 60.00 1400x1050 60.00 1280x1024 59.95 1440x900 59.99 1280x960 59.99 1280x854 59.95 1280x800 59.96 1280x720 59.97 1152x768 59.95 800x600 59.96 848x480 59.94 720x480 59.94 640x480 59.94 Virtual-1 disconnected V

2 1

ovirt-node: freshly installed node: network interfaces not visible
by etienne.charlier＠reduspaceservices.eu 06 Jul '18

06 Jul '18

Hello, I'm deploying a test cluster to get used to the ovirt product. My ovirt ( 4.2.2) engine is deployed in a vmware virtual machine. I'm busy deploying 5 hosts using the ovirt-node iso. I have issue with the additional physical network interface ( used for vm trafic and iSCSI) In ovirt manager I can't see the physical network interfaces. It's thus not possible to assign logical network to physical interfaces and my hosts stays in "non operational" status. How should I configure the additional interfaces in the ovirt-node installer to have them recognized ? I somehow managed to configure one host and I can see a comment line in /etc/sysconfig/network-script/ifcfg-... saying vdsm has acquired the interface.... No Such line in the ifcfg-* file in non operational hosts.... Any idea ? Etienne

3 4

vGPU setup guide
by Callum Smith 24 Jun '18

24 Jun '18

Dear All, IS this the most current and useful example of implenting vGPUs in oVirt? I had understood that 4.2 had NVIDIA GRID support as a flagship feature, but this appears to be 4.1.4? It seems a very reasonable and decent guide, just don't want to go down this route if there's alternatives now available in 4.2.x. https://mpolednik.github.io/2017/09/13/vgpu-in-ovirt/ Regards, Callum -- Callum Smith Research Computing Core Wellcome Trust Centre for Human Genetics University of Oxford e. callum(a)well.ox.ac.uk<mailto:callum@well.ox.ac.uk>

3 7

Fwd: vGPU VM not starting
by Ales Musil 24 Jun '18

24 Jun '18

On Thu, May 17, 2018 at 12:01 AM, Callum Smith <callum(a)well.ox.ac.uk> wrote: > Dear All, > > Our vGPU installation is progressing, though the VM is failing to start. > > 2018-05-16 22:57:34,328+0100 ERROR (vm/1bc9dae8) [virt.vm] > (vmId='1bc9dae8-a0ea-44b3-9103-5805100648d0') The vm start process failed > (vm:943) > Traceback (most recent call last): > File "/usr/lib/python2.7/site-packages/vdsm/virt/vm.py", line 872, in > _startUnderlyingVm > self._run() > File "/usr/lib/python2.7/site-packages/vdsm/virt/vm.py", line 2872, in > _run > dom.createWithFlags(flags) > File "/usr/lib/python2.7/site-packages/vdsm/common/libvirtconnection.py", > line 130, in wrapper > ret = f(*args, **kwargs) > File "/usr/lib/python2.7/site-packages/vdsm/common/function.py", line > 92, in wrapper > return func(inst, *args, **kwargs) > File "/usr/lib64/python2.7/site-packages/libvirt.py", line 1099, in > createWithFlags > if ret == -1: raise libvirtError ('virDomainCreateWithFlags() failed', > dom=self) > libvirtError: Cannot get interface MTU on '': No such device > > That's the specific error, some other information. It seems the GPU > 'allocation' of uuid against the nvidia-xx mdev type is proceeding > correctly, and the device is being created by the VM instantiation but the > VM does not succeed in going up with this error. Any other logs or > information relevant to help diagnose? > > Regards, > Callum > > -- > > Callum Smith > Research Computing Core > Wellcome Trust Centre for Human Genetics > University of Oxford > e. callum(a)well.ox.ac.uk > > > _______________________________________________ > Users mailing list -- users(a)ovirt.org > To unsubscribe send an email to users-leave(a)ovirt.org > > Hi Callum, can you share your version of the setup? Also do you use OVS switch type in the cluster? Regards, Ales. -- ALES MUSIL INTERN - rhv network Red Hat EMEA <https://www.redhat.com/> amusil(a)redhat.com IM: amusil <https://red.ht/sig>

6 14

Unable to backend oVirt with Cinder
by Logan Kuhn 21 Jun '18

21 Jun '18

------=_Part_51316288_608143832.1472587678781 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit I've got Cinder configured and pointed at Ceph for it's back end storage. I can run ceph commands on the cinder machine and cinder is configured for noauth and I've also tried it with Keystone for auth. I can run various cinder commands and it'll return as expected. When I configure it in oVirt it'll add the external provider fine, but when I go to create a disk it doesn't populate the volume type field, it's just empty. The corresponding command for cinder: cinder type-list and cinder type-show <name> returns fine and it is public. Ovirt and Cinder are on the same host so it isn't a firewall issue. Cinder config: [DEFAULT] rpc_backend = rabbit #auth_strategy = keystone auth_strategy = noauth enabled_backends = ceph #glance_api_servers = http://10.128.7.252:9292 #glance_api_version = 2 #[keystone_authtoken] #auth_uri = http://10.128.7.252:5000/v3 #auth_url = http://10.128.7.252:35357/v3 #auth_type = password #memcached_servers = localhost:11211 #project_domain_name = default #user_domain_name = default #project_name = services #username = user #password = pass [ceph] volume_driver = cinder.volume.drivers.rbd.RBDDriver volume_backend_name = ceph rbd_pool = ovirt-images rbd_user = cinder rbd_secret_uuid = <secret> rbd_ceph_conf = /etc/ceph/ceph.conf rbd_flatten_volume_from_snapshot = true rbd_max_clone_depth = 5 rbd_store_chunk_size = 4 rados_connect_timeout = -1 #glance_api_version = 2 [database] connection = postgresql://user:pass@10.128.2.33/cinder [oslo_concurrency] lock_path = /var/lib/cinder/tmp [oslo_messaging_rabbit] rabbit_host = localhost rabbit_port = 5672 rabbit_userid = user rabbit_password = pass Regards, Logan ------=_Part_51316288_608143832.1472587678781 Content-Type: text/html; charset=utf-8 Content-Transfer-Encoding: quoted-printable <html><body><div style=3D"font-family: Arial; font-size: 12pt; color: #0000= 00"><div>I've got Cinder configured and pointed at Ceph for it's back end s= torage.  I can run ceph commands on the cinder machine and cinder is c= onfigured for noauth and I've also tried it with Keystone for auth.  I= can run various cinder commands and it'll return as expected. </= div><div><br data-mce-bogus=3D"1"></div><div>When I configure it in oVirt i= t'll add the external provider fine, but when I go to create a disk it does= n't populate the volume type field, it's just empty.  The correspondin= g command for cinder: cinder type-list and cinder type-show <name> re= turns fine and it is public. </div><div><br data-mce-bogus=3D"1"></div= ><div>Ovirt and Cinder are on the same host so it isn't a firewall issue.</= div><div><br data-mce-bogus=3D"1"></div><div>Cinder config:</div><div>[DEFA= ULT]<br>rpc_backend =3D rabbit<br>#auth_strategy =3D keystone<br>auth_strat= egy =3D noauth<br>enabled_backends =3D ceph<br>#glance_api_servers =3D http= ://10.128.7.252:9292<br>#glance_api_version =3D 2<br><br>#[keystone_authtok= en]<br>#auth_uri =3D http://10.128.7.252:5000/v3<br>#auth_url =3D http://10= .128.7.252:35357/v3<br>#auth_type =3D password<br>#memcached_servers =3D lo= calhost:11211<br>#project_domain_name =3D default<br>#user_domain_name =3D = default<br>#project_name =3D services<br>#username =3D user<br>#passwo= rd =3D pass<br><br>[ceph]<br>volume_driver =3D cinder.volume.drivers.rbd.RB= DDriver<br>volume_backend_name =3D ceph<br>rbd_pool =3D ovirt-images<br>rbd= _user =3D cinder<br>rbd_secret_uuid =3D <secret><br>rbd_ceph_con= f =3D /etc/ceph/ceph.conf<br>rbd_flatten_volume_from_snapshot =3D true<br>r= bd_max_clone_depth =3D 5<br>rbd_store_chunk_size =3D 4<br>rados_connect_tim= eout =3D -1<br>#glance_api_version =3D 2<br><br>[database]<br>connection = =3D postgresql://user:pass@10.128.2.33/cinder<br><br>[oslo_concurrency]<br>= lock_path =3D /var/lib/cinder/tmp<br><br>[oslo_messaging_rabbit]<br>rabbit_= host =3D localhost<br>rabbit_port =3D 5672<br>rabbit_userid =3D <span = style=3D"color: #000000; font-family: Arial; font-size: 16px; font-style: n= ormal; font-variant-ligatures: normal; font-variant-caps: normal; font-weig= ht: normal; letter-spacing: normal; line-height: normal; orphans: 2; text-a= lign: start; text-indent: 0px; text-transform: none; white-space: normal; w= idows: 2; word-spacing: 0px; -webkit-text-stroke-width: 0px; display: inlin= e !important; float: none; background-color: #ffffff;" data-mce-style=3D"co= lor: #000000; font-family: Arial; font-size: 16px; font-style: normal; font= -variant-ligatures: normal; font-variant-caps: normal; font-weight: normal;= letter-spacing: normal; line-height: normal; orphans: 2; text-align: start= ; text-indent: 0px; text-transform: none; white-space: normal; widows: 2; w= ord-spacing: 0px; -webkit-text-stroke-width: 0px; display: inline !importan= t; float: none; background-color: #ffffff;">user</span><br>rabbit_password = =3D <span style=3D"color: #000000; font-family: Arial; font-size: 16px= ; font-style: normal; font-variant-ligatures: normal; font-variant-caps: no= rmal; font-weight: normal; letter-spacing: normal; line-height: normal; orp= hans: 2; text-align: start; text-indent: 0px; text-transform: none; white-s= pace: normal; widows: 2; word-spacing: 0px; -webkit-text-stroke-width: 0px;= display: inline !important; float: none; background-color: #ffffff;" data-= mce-style=3D"color: #000000; font-family: Arial; font-size: 16px; font-styl= e: normal; font-variant-ligatures: normal; font-variant-caps: normal; font-= weight: normal; letter-spacing: normal; line-height: normal; orphans: 2; te= xt-align: start; text-indent: 0px; text-transform: none; white-space: norma= l; widows: 2; word-spacing: 0px; -webkit-text-stroke-width: 0px; display: i= nline !important; float: none; background-color: #ffffff;">pass</span></div= ><div><br></div><div data-marker=3D"__SIG_PRE__">Regards,<br>Logan</div></d= iv></body></html> ------=_Part_51316288_608143832.1472587678781--

4 4

Hardering oVirt Engine
by Punaatua PK 19 Jun '18

19 Jun '18

Hello, we are subject to PCI-DSS. I have some questions. We currently have setup oVirt in our environnement. We created 2 Datacenter. - one with a cluster with hosted engine on gluster (Hyperconverged env) which represents the "LAN" part - one with a cluster with gluster storage wich is the DMZ In PCI-DSS we have to secure communication (use HTTPs as much as possible). I did saw that ovirt-ha-agent (on hosted-engine capable host) check the status of the engine by sending GET request on the hosted-engine on port 80 (the same check that hosted-engine --vm-status did in fact). Since ovirt 4.2.2, with the introduction of gluster eventing, a new flow (HTTP post resquest) is needed from gluster nodes to the engine. (In my case, it's a flow from the DMZ to the LAN part in HTTP (non secure) Here is my question. Is it possible to "hardering" this part of the engine ? Another question out of PCI scope. Events like warning and error in the dashboard are clean each days. I tried to find which process did that (look into /etc/cron.daily, root crontab, etc) on the engine without succes. Is there any maintenance task that is run periodicaly ? Could we have the list of all the engine's task ? (regulary check the status of host, vm, storage) also the frequency ? I would appreciate the help. (Great great product ovirt !) Thank you for your jobs ! We did manage KVM hypervisor as standalone machine without all the power that libvirt provides. No need to spend lot of money into licencing product (VSphere and co)

2 3

Non-responsive vm's due to crashed host and hosted vm liveliness check fails
by clam2718＠gmail.com 15 Jun '18

15 Jun '18

Dear Community: The local drive on a host running ovirt-node-ng-4.1.9 in a three node cluster failed. I have production JIRA and Postres running on it at the time, not in HA, just simple vm's. Storage is via NFS on a Synology NAS. Hosted Engine was on a different host, but JIRA and Postgres vm's showed nonresponsive. I tried different things but then stupidly thought that upgrading my Hosted Engine would reinitialize the vm's that were on the failed host. Update of HE seemed to go well (output below) but now my Hosted Engine, while up, fails the liveliness check and the web management console is unavailable. I cannot console into the HE from the host it is running on. Below are the results of my attempts to console into the Hosted Engine. Please help! I have search forums, lists and Google but have not been able to fix this. My coworkers and manager are anxious. --- When I try "hosted-engine --console" after setting the console password I get The engine VM is running on this host Connected to domain HostedEngine Escape character is ^] _ The prompt is non-responsive except for the escape character key combo. --- "virsh -r list" gives ID 3, Name: HostedEngine, State: running "virsh -r console HostedEngine" gives Connected to domain HostedEngine Escape character is ^] error: operation forbidden: read only access prevents virDomainOpenConsole "virsh -r vncdisplay HostedEngine" gives "0:0" and returns me to prompt --- I am SSHed into the host running my Hosted Engine from a CentOS7 minimal install with packages xorg-x11-server-Xorg, xorg-x11-xauth and xorg-x11-apps installed. The result of "grep -i X11Forwarding /etc/ssh/sshd_config" shows it set to "Yes". I SSH into the host using "ssh -Y root(a)xxx.xxx.xxx.xxx" I am logged into the CentOS7 minimal install as root. I know root is poor practice but was trying to minimize anything that could be causing an issue. --- Below are the results of my attempt to update Hosted Engine (slightly redacted to remove personal info): --== CONFIGURATION PREVIEW ==-- Default SAN wipe after delete : False Firewall manager : firewalld Update Firewall : True Host FQDN : ovengineint.xdomainx.tld Upgrade packages : True Engine database secured connection : False Engine database user name : engine Engine database name : engine Engine database host : localhost Engine database port : 5432 Engine database host name validation : False Engine installation : True PKI organization : xdomainx.tld Set up ovirt-provider-ovn : True Configure WebSocket Proxy : True DWH installation : True DWH database secured connection : False DWH database host : localhost DWH database user name : ovirt_engine_history DWH database name : ovirt_engine_history DWH database port : 5432 DWH database host name validation : False Configure Image I/O Proxy : True Configure VMConsole Proxy : True --== SUMMARY ==-- [ INFO ] Restarting httpd Web access is enabled at: http://ovengineint.xdomainx.tld:80/ovirt-engine https://ovengineint.xdomainx.tld:443/ovirt-engine Internal CA XX:XX:XX:XX... SSH fingerprint: SHA256:xxxxxxxxxx... --== END OF SUMMARY ==-- [ INFO ] Stage: Clean up Log file is located at /var/log/ovirt-engine/setup/ovirt-engine-setup-20180502165652-88pkpi.log [ INFO ] Generating answer file '/var/lib/ovirt-engine/setup/answers/20180502170149-setup.conf' [ INFO ] Stage: Pre-termination [ INFO ] Stage: Termination [ INFO ] Execution of setup completed successfully Again, thank you so very much for any suggestions! I have found many answers on this mailing list archive to be of great insight and help. Respectfully, Charles

3 11

LDAP Authentication issues
by Callum Smith 12 Jun '18

12 Jun '18

Dear All, I'm having problems getting LDAP running, login works, but I'm getting "user is not authorised to perform login" - this is even if i specify the UserRole specifically to the LDAP group the user is in. 2018-05-25 08:56:16,212+01 INFO [org.ovirt.engine.core.sso.utils.AuthenticationUtils] (default task-23) [] User callum@Biomedical Research Computing successfully logged in with scopes: ovirt-app-admin ovirt-app-api ovirt-app-portal ovirt-ext=auth:sequence-priority=~ ovirt-ext=revoke:revoke-all ovirt-ext=token-info:authz-search ovirt-ext=token-info:public-authz-search ovirt-ext=token-info:validate ovirt-ext=token:password-access 2018-05-25 08:56:16,391+01 INFO [org.ovirt.engine.core.bll.aaa.CreateUserSessionCommand] (default task-25) [63e60fe9] Running command: CreateUserSessionCommand internal: false. 2018-05-25 08:56:16,430+01 ERROR [org.ovirt.engine.core.dal.dbbroker.auditloghandling.AuditLogDirector] (default task-25) [63e60fe9] EVENT_ID: USER_VDC_LOGIN_FAILED(114), User callum@Biomedical Research Computing connecting from '192.168.65.254' failed to log in<UNKNOWN>. 2018-05-25 08:56:16,430+01 ERROR [org.ovirt.engine.core.aaa.servlet.SsoPostLoginServlet] (default task-25) [] The user callum@Biomedical Research Computing is not authorized to perform login on a side note: is it possible to assign permissions to all members of an LDAP tree where they dont have a common group membership? Regards, Callum -- Callum Smith Research Computing Core Wellcome Trust Centre for Human Genetics University of Oxford e. callum(a)well.ox.ac.uk<mailto:callum@well.ox.ac.uk>

4 23

Hosted Engine w Gluster - increase number of hosts
by ovirt＠fateknollogee.com 11 Jun '18

11 Jun '18

Using this as reference: https://www.ovirt.org/blog/2018/02/up-and-running-with-ovirt-4-2-and-gluste… Assuming you want to increase the number of hosts from 3 to 5 or 9. How do you add more hosts? What is best practice & any gotcha's?

7 15