oVirt reports using Grafana
by Karli Sjöberg
Heya!
I've been whishing for reports in oVirt ever since the old 'Jasper
Reports' was removed. For an Enterprise, having pretty graphs to look
at is a must.
Searching the subject, I've found this[*] and have managed to get it
installed OK but having issues trying to follow the guide setting it
up.
First of all, I think the guide should have at least mentioned that
'pg_hba.conf' needs to be edited for the read only user to be able to
connect to the database, I scratched my head around that for a while
before I got it.
When I first type in the query example, I got syntax errors:
'pq: syntax error at or near "$"'. I continued anyways since I figured
it would be solved at a later point, which turned out to be true, since
the next step is to use the "Templating feature" to add variables.
Unfortunately this doesn't go so well, even though I followed the
instructions very carefully. After hitting save on the first variable I
am rewarded with the error message:
'Template variables could not be initialized: pq: column "en_us" does
not exist.'
Are the queries stated in the guide still correct? This is for
'user_locale':
"SELECT DISTINCT language_code from enum_translator"
[*]:https://www.ovirt.org/blog/2018/01/ovirt-report-using-grafana/
TIA
/K
6 years, 5 months
Changing resolution of console on Mint guest running on Ovirt 4.2
by pascal@butterflyit.com
I keep getting an error: Could not set configuration for CRTC 63.
I checked that I have spice-agent and spice-agentd running. Also qemu-guest-agent. lspci shows that I have a QXL adapter. xrandr -q shows that I have many different config available. but none work.
What am I missing?
Screen 0: minimum 320 x 200, current 1024 x 768, maximum 8192 x 8192
Virtual-0 connected primary 1024x768+0+0 0mm x 0mm
1024x768 59.95*+
1920x1200 59.95
1920x1080 60.00
1600x1200 59.95
1680x1050 60.00
1400x1050 60.00
1280x1024 59.95
1440x900 59.99
1280x960 59.99
1280x854 59.95
1280x800 59.96
1280x720 59.97
1152x768 59.95
800x600 59.96
848x480 59.94
720x480 59.94
640x480 59.94
Virtual-1 disconnected
V
6 years, 5 months
ovirt-node: freshly installed node: network interfaces not visible
by etienne.charlier@reduspaceservices.eu
Hello,
I'm deploying a test cluster to get used to the ovirt product.
My ovirt ( 4.2.2) engine is deployed in a vmware virtual machine.
I'm busy deploying 5 hosts using the ovirt-node iso.
I have issue with the additional physical network interface ( used for vm trafic and iSCSI)
In ovirt manager I can't see the physical network interfaces. It's thus not possible to assign logical network to physical interfaces and my hosts stays in "non operational" status.
How should I configure the additional interfaces in the ovirt-node installer to have them recognized ?
I somehow managed to configure one host and I can see a comment line in /etc/sysconfig/network-script/ifcfg-... saying vdsm has acquired the interface....
No Such line in the ifcfg-* file in non operational hosts....
Any idea ?
Etienne
6 years, 5 months
vGPU setup guide
by Callum Smith
Dear All,
IS this the most current and useful example of implenting vGPUs in oVirt? I had understood that 4.2 had NVIDIA GRID support as a flagship feature, but this appears to be 4.1.4? It seems a very reasonable and decent guide, just don't want to go down this route if there's alternatives now available in 4.2.x.
https://mpolednik.github.io/2017/09/13/vgpu-in-ovirt/
Regards,
Callum
--
Callum Smith
Research Computing Core
Wellcome Trust Centre for Human Genetics
University of Oxford
e. callum(a)well.ox.ac.uk<mailto:callum@well.ox.ac.uk>
6 years, 6 months
Fwd: vGPU VM not starting
by Ales Musil
On Thu, May 17, 2018 at 12:01 AM, Callum Smith <callum(a)well.ox.ac.uk> wrote:
> Dear All,
>
> Our vGPU installation is progressing, though the VM is failing to start.
>
> 2018-05-16 22:57:34,328+0100 ERROR (vm/1bc9dae8) [virt.vm]
> (vmId='1bc9dae8-a0ea-44b3-9103-5805100648d0') The vm start process failed
> (vm:943)
> Traceback (most recent call last):
> File "/usr/lib/python2.7/site-packages/vdsm/virt/vm.py", line 872, in
> _startUnderlyingVm
> self._run()
> File "/usr/lib/python2.7/site-packages/vdsm/virt/vm.py", line 2872, in
> _run
> dom.createWithFlags(flags)
> File "/usr/lib/python2.7/site-packages/vdsm/common/libvirtconnection.py",
> line 130, in wrapper
> ret = f(*args, **kwargs)
> File "/usr/lib/python2.7/site-packages/vdsm/common/function.py", line
> 92, in wrapper
> return func(inst, *args, **kwargs)
> File "/usr/lib64/python2.7/site-packages/libvirt.py", line 1099, in
> createWithFlags
> if ret == -1: raise libvirtError ('virDomainCreateWithFlags() failed',
> dom=self)
> libvirtError: Cannot get interface MTU on '': No such device
>
> That's the specific error, some other information. It seems the GPU
> 'allocation' of uuid against the nvidia-xx mdev type is proceeding
> correctly, and the device is being created by the VM instantiation but the
> VM does not succeed in going up with this error. Any other logs or
> information relevant to help diagnose?
>
> Regards,
> Callum
>
> --
>
> Callum Smith
> Research Computing Core
> Wellcome Trust Centre for Human Genetics
> University of Oxford
> e. callum(a)well.ox.ac.uk
>
>
> _______________________________________________
> Users mailing list -- users(a)ovirt.org
> To unsubscribe send an email to users-leave(a)ovirt.org
>
>
Hi Callum,
can you share your version of the setup?
Also do you use OVS switch type in the cluster?
Regards,
Ales.
--
ALES MUSIL
INTERN - rhv network
Red Hat EMEA <https://www.redhat.com/>
amusil(a)redhat.com IM: amusil
<https://red.ht/sig>
6 years, 6 months
Unable to backend oVirt with Cinder
by Logan Kuhn
------=_Part_51316288_608143832.1472587678781
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 7bit
I've got Cinder configured and pointed at Ceph for it's back end storage. I can run ceph commands on the cinder machine and cinder is configured for noauth and I've also tried it with Keystone for auth. I can run various cinder commands and it'll return as expected.
When I configure it in oVirt it'll add the external provider fine, but when I go to create a disk it doesn't populate the volume type field, it's just empty. The corresponding command for cinder: cinder type-list and cinder type-show <name> returns fine and it is public.
Ovirt and Cinder are on the same host so it isn't a firewall issue.
Cinder config:
[DEFAULT]
rpc_backend = rabbit
#auth_strategy = keystone
auth_strategy = noauth
enabled_backends = ceph
#glance_api_servers = http://10.128.7.252:9292
#glance_api_version = 2
#[keystone_authtoken]
#auth_uri = http://10.128.7.252:5000/v3
#auth_url = http://10.128.7.252:35357/v3
#auth_type = password
#memcached_servers = localhost:11211
#project_domain_name = default
#user_domain_name = default
#project_name = services
#username = user
#password = pass
[ceph]
volume_driver = cinder.volume.drivers.rbd.RBDDriver
volume_backend_name = ceph
rbd_pool = ovirt-images
rbd_user = cinder
rbd_secret_uuid = <secret>
rbd_ceph_conf = /etc/ceph/ceph.conf
rbd_flatten_volume_from_snapshot = true
rbd_max_clone_depth = 5
rbd_store_chunk_size = 4
rados_connect_timeout = -1
#glance_api_version = 2
[database]
connection = postgresql://user:pass@10.128.2.33/cinder
[oslo_concurrency]
lock_path = /var/lib/cinder/tmp
[oslo_messaging_rabbit]
rabbit_host = localhost
rabbit_port = 5672
rabbit_userid = user
rabbit_password = pass
Regards,
Logan
------=_Part_51316288_608143832.1472587678781
Content-Type: text/html; charset=utf-8
Content-Transfer-Encoding: quoted-printable
<html><body><div style=3D"font-family: Arial; font-size: 12pt; color: #0000=
00"><div>I've got Cinder configured and pointed at Ceph for it's back end s=
torage. I can run ceph commands on the cinder machine and cinder is c=
onfigured for noauth and I've also tried it with Keystone for auth. I=
can run various cinder commands and it'll return as expected. </=
div><div><br data-mce-bogus=3D"1"></div><div>When I configure it in oVirt i=
t'll add the external provider fine, but when I go to create a disk it does=
n't populate the volume type field, it's just empty. The correspondin=
g command for cinder: cinder type-list and cinder type-show <name> re=
turns fine and it is public. </div><div><br data-mce-bogus=3D"1"></div=
><div>Ovirt and Cinder are on the same host so it isn't a firewall issue.</=
div><div><br data-mce-bogus=3D"1"></div><div>Cinder config:</div><div>[DEFA=
ULT]<br>rpc_backend =3D rabbit<br>#auth_strategy =3D keystone<br>auth_strat=
egy =3D noauth<br>enabled_backends =3D ceph<br>#glance_api_servers =3D http=
://10.128.7.252:9292<br>#glance_api_version =3D 2<br><br>#[keystone_authtok=
en]<br>#auth_uri =3D http://10.128.7.252:5000/v3<br>#auth_url =3D http://10=
.128.7.252:35357/v3<br>#auth_type =3D password<br>#memcached_servers =3D lo=
calhost:11211<br>#project_domain_name =3D default<br>#user_domain_name =3D =
default<br>#project_name =3D services<br>#username =3D user<br>#passwo=
rd =3D pass<br><br>[ceph]<br>volume_driver =3D cinder.volume.drivers.rbd.RB=
DDriver<br>volume_backend_name =3D ceph<br>rbd_pool =3D ovirt-images<br>rbd=
_user =3D cinder<br>rbd_secret_uuid =3D <secret><br>rbd_ceph_con=
f =3D /etc/ceph/ceph.conf<br>rbd_flatten_volume_from_snapshot =3D true<br>r=
bd_max_clone_depth =3D 5<br>rbd_store_chunk_size =3D 4<br>rados_connect_tim=
eout =3D -1<br>#glance_api_version =3D 2<br><br>[database]<br>connection =
=3D postgresql://user:pass@10.128.2.33/cinder<br><br>[oslo_concurrency]<br>=
lock_path =3D /var/lib/cinder/tmp<br><br>[oslo_messaging_rabbit]<br>rabbit_=
host =3D localhost<br>rabbit_port =3D 5672<br>rabbit_userid =3D <span =
style=3D"color: #000000; font-family: Arial; font-size: 16px; font-style: n=
ormal; font-variant-ligatures: normal; font-variant-caps: normal; font-weig=
ht: normal; letter-spacing: normal; line-height: normal; orphans: 2; text-a=
lign: start; text-indent: 0px; text-transform: none; white-space: normal; w=
idows: 2; word-spacing: 0px; -webkit-text-stroke-width: 0px; display: inlin=
e !important; float: none; background-color: #ffffff;" data-mce-style=3D"co=
lor: #000000; font-family: Arial; font-size: 16px; font-style: normal; font=
-variant-ligatures: normal; font-variant-caps: normal; font-weight: normal;=
letter-spacing: normal; line-height: normal; orphans: 2; text-align: start=
; text-indent: 0px; text-transform: none; white-space: normal; widows: 2; w=
ord-spacing: 0px; -webkit-text-stroke-width: 0px; display: inline !importan=
t; float: none; background-color: #ffffff;">user</span><br>rabbit_password =
=3D <span style=3D"color: #000000; font-family: Arial; font-size: 16px=
; font-style: normal; font-variant-ligatures: normal; font-variant-caps: no=
rmal; font-weight: normal; letter-spacing: normal; line-height: normal; orp=
hans: 2; text-align: start; text-indent: 0px; text-transform: none; white-s=
pace: normal; widows: 2; word-spacing: 0px; -webkit-text-stroke-width: 0px;=
display: inline !important; float: none; background-color: #ffffff;" data-=
mce-style=3D"color: #000000; font-family: Arial; font-size: 16px; font-styl=
e: normal; font-variant-ligatures: normal; font-variant-caps: normal; font-=
weight: normal; letter-spacing: normal; line-height: normal; orphans: 2; te=
xt-align: start; text-indent: 0px; text-transform: none; white-space: norma=
l; widows: 2; word-spacing: 0px; -webkit-text-stroke-width: 0px; display: i=
nline !important; float: none; background-color: #ffffff;">pass</span></div=
><div><br></div><div data-marker=3D"__SIG_PRE__">Regards,<br>Logan</div></d=
iv></body></html>
------=_Part_51316288_608143832.1472587678781--
6 years, 6 months
Hardering oVirt Engine
by Punaatua PK
Hello,
we are subject to PCI-DSS. I have some questions. We currently have setup oVirt in our environnement.
We created 2 Datacenter.
- one with a cluster with hosted engine on gluster (Hyperconverged env) which represents the "LAN" part
- one with a cluster with gluster storage wich is the DMZ
In PCI-DSS we have to secure communication (use HTTPs as much as possible). I did saw that ovirt-ha-agent (on hosted-engine capable host) check the status of the engine by sending GET request on the hosted-engine on port 80 (the same check that hosted-engine --vm-status did in fact).
Since ovirt 4.2.2, with the introduction of gluster eventing, a new flow (HTTP post resquest) is needed from gluster nodes to the engine. (In my case, it's a flow from the DMZ to the LAN part in HTTP (non secure)
Here is my question. Is it possible to "hardering" this part of the engine ?
Another question out of PCI scope. Events like warning and error in the dashboard are clean each days. I tried to find which process did that (look into /etc/cron.daily, root crontab, etc) on the engine
without succes. Is there any maintenance task that is run periodicaly ? Could we have the list of all the engine's task ? (regulary check the status of host, vm, storage) also the frequency ?
I would appreciate the help. (Great great product ovirt !) Thank you for your jobs ! We did manage KVM hypervisor as standalone machine without all the power that libvirt provides. No need to spend lot of money into licencing product (VSphere and co)
6 years, 6 months
Non-responsive vm's due to crashed host and hosted vm liveliness check fails
by clam2718@gmail.com
Dear Community:
The local drive on a host running ovirt-node-ng-4.1.9 in a three node cluster failed. I have production JIRA and Postres running on it at the time, not in HA, just simple vm's. Storage is via NFS on a Synology NAS. Hosted Engine was on a different host, but JIRA and Postgres vm's showed nonresponsive. I tried different things but then stupidly thought that upgrading my Hosted Engine would reinitialize the vm's that were on the failed host. Update of HE seemed to go well (output below) but now my Hosted Engine, while up, fails the liveliness check and the web management console is unavailable. I cannot console into the HE from the host it is running on. Below are the results of my attempts to console into the Hosted Engine. Please help! I have search forums, lists and Google but have not been able to fix this. My coworkers and manager are anxious.
---
When I try "hosted-engine --console" after setting the console password I get
The engine VM is running on this host
Connected to domain HostedEngine
Escape character is ^]
_
The prompt is non-responsive except for the escape character key combo.
---
"virsh -r list" gives ID 3, Name: HostedEngine, State: running
"virsh -r console HostedEngine" gives
Connected to domain HostedEngine
Escape character is ^]
error: operation forbidden: read only access prevents virDomainOpenConsole
"virsh -r vncdisplay HostedEngine" gives "0:0" and returns me to prompt
---
I am SSHed into the host running my Hosted Engine from a CentOS7 minimal install with packages xorg-x11-server-Xorg, xorg-x11-xauth and xorg-x11-apps installed. The result of "grep -i X11Forwarding /etc/ssh/sshd_config" shows it set to "Yes".
I SSH into the host using "ssh -Y root(a)xxx.xxx.xxx.xxx" I am logged into the CentOS7 minimal install as root. I know root is poor practice but was trying to minimize anything that could be causing an issue.
---
Below are the results of my attempt to update Hosted Engine (slightly redacted to remove personal info):
--== CONFIGURATION PREVIEW ==--
Default SAN wipe after delete : False
Firewall manager : firewalld
Update Firewall : True
Host FQDN : ovengineint.xdomainx.tld
Upgrade packages : True
Engine database secured connection : False
Engine database user name : engine
Engine database name : engine
Engine database host : localhost
Engine database port : 5432
Engine database host name validation : False
Engine installation : True
PKI organization : xdomainx.tld
Set up ovirt-provider-ovn : True
Configure WebSocket Proxy : True
DWH installation : True
DWH database secured connection : False
DWH database host : localhost
DWH database user name : ovirt_engine_history
DWH database name : ovirt_engine_history
DWH database port : 5432
DWH database host name validation : False
Configure Image I/O Proxy : True
Configure VMConsole Proxy : True
--== SUMMARY ==--
[ INFO ] Restarting httpd
Web access is enabled at:
http://ovengineint.xdomainx.tld:80/ovirt-engine
https://ovengineint.xdomainx.tld:443/ovirt-engine
Internal CA XX:XX:XX:XX...
SSH fingerprint: SHA256:xxxxxxxxxx...
--== END OF SUMMARY ==--
[ INFO ] Stage: Clean up
Log file is located at /var/log/ovirt-engine/setup/ovirt-engine-setup-20180502165652-88pkpi.log
[ INFO ] Generating answer file '/var/lib/ovirt-engine/setup/answers/20180502170149-setup.conf'
[ INFO ] Stage: Pre-termination
[ INFO ] Stage: Termination
[ INFO ] Execution of setup completed successfully
Again, thank you so very much for any suggestions! I have found many answers on this mailing list archive to be of great insight and help.
Respectfully,
Charles
6 years, 6 months
LDAP Authentication issues
by Callum Smith
Dear All,
I'm having problems getting LDAP running, login works, but I'm getting "user is not authorised to perform login" - this is even if i specify the UserRole specifically to the LDAP group the user is in.
2018-05-25 08:56:16,212+01 INFO [org.ovirt.engine.core.sso.utils.AuthenticationUtils] (default task-23) [] User callum@Biomedical Research Computing successfully logged in with scopes: ovirt-app-admin ovirt-app-api ovirt-app-portal ovirt-ext=auth:sequence-priority=~ ovirt-ext=revoke:revoke-all ovirt-ext=token-info:authz-search ovirt-ext=token-info:public-authz-search ovirt-ext=token-info:validate ovirt-ext=token:password-access
2018-05-25 08:56:16,391+01 INFO [org.ovirt.engine.core.bll.aaa.CreateUserSessionCommand] (default task-25) [63e60fe9] Running command: CreateUserSessionCommand internal: false.
2018-05-25 08:56:16,430+01 ERROR [org.ovirt.engine.core.dal.dbbroker.auditloghandling.AuditLogDirector] (default task-25) [63e60fe9] EVENT_ID: USER_VDC_LOGIN_FAILED(114), User callum@Biomedical Research Computing connecting from '192.168.65.254' failed to log in<UNKNOWN>.
2018-05-25 08:56:16,430+01 ERROR [org.ovirt.engine.core.aaa.servlet.SsoPostLoginServlet] (default task-25) [] The user callum@Biomedical Research Computing is not authorized to perform login
on a side note: is it possible to assign permissions to all members of an LDAP tree where they dont have a common group membership?
Regards,
Callum
--
Callum Smith
Research Computing Core
Wellcome Trust Centre for Human Genetics
University of Oxford
e. callum(a)well.ox.ac.uk<mailto:callum@well.ox.ac.uk>
6 years, 6 months