Re: [PKI help] Renew vmconsole-proxy-helper.cer
by Richard Chan
running engine-setup should give you the
opportunity to update expired or expiring certificates.
>
> If you don't want to upgrade your system you can run it with the --offline
> option.
>
>
Thank you!
Richard Chan
2 years, 4 months
Cannot to update hosts, nothing provides libvirt-daemon-kvm >= 7.6.0-2 needed by vdsm-4.40.90.4-1.el8.x86_64
by Alexandr Mikhailov
Hi! Last time i has updated my host running ovirt 4.4 in september. Everything was normally.
After now in november i trying to update via UI but fave error that update failed. Checking over "dnf update" shows me that error in not resolved dependencies, and main is:
nothing provides libvirt-daemon-kvm >= 7.6.0-2 needed by vdsm-4.40.90.3-1.el8.x86_64
nothing provides libvirt-daemon-kvm >= 7.6.0-2 needed by vdsm-4.40.90.4-1.el8.x86_64
Hosts running Centos 8.4. I already try to use one with stream - same trouble. My opinion this is problem with libvirt-daemon-kvm package in centos repo. Maybe i mistakes. Please help.
2 years, 4 months
[PKI help] ovirt-vmconsole-proxy-keys HTTP Error 403
by Richard Chan
When checking SSH keys ovirt-vmconsole-proxy-keys is having the following
errors
ovirt-vmconsole[1583190]: 2021-11-18 17:21:42,503+0800
ovirt-vmconsole-list: ERROR main:265 Error: HTTP Error 403: Forbidden
ovirt-vmconsole-proxy-keys[1583186]: ERROR Key list execution failed rc=1
My Wildfly/vmconsole keystore may be bogus/expired:
2021-11-18 17:21:42,502+08 ERROR
[org.ovirt.engine.core.services.VMConsoleProxyServlet] (default task-269)
[] Error validating ticket: : sun.security.provider.ce
rtpath.SunCertPathBuilderException: unable to find valid certification path
to requested target
How can I troubleshoot this?
1. What keystore/truststore is Wildfly/ovirt-engine using?
2. Does vmconsole -> Wildfly present a client certificate - mutual TLS?
Where does it get this certificate/keypair from?
TIA
--
Richard Chan
2 years, 4 months
Creating VMs from templates with their own disks
by notify.sina@gmail.com
Hi All
Im very stumped on how to create VMs from templates I've made, but having them installed with their own disks.
Please can some one guide me on how to do this?
I have Ovirt running, with local storage hypervisors.
Anytime I try to use a template, the vm is created and booted with the template's disk.
I would especially appreciate how to do this with ansible.
Im trying to automate CentOS and Ubuntu VMs.
2 years, 4 months
ILLEGAL volume delete via vdsm-client
by francesco@shellrent.com
Hi all,
I'm trying to delete via vdsm-client toolan illegal volume that is not listed in the engine database. The volume ID is 5cb3fe58-3e01-4d32-bc7c-5907a4f858a8:
[root@ovirthost ~]# vdsm-tool dump-volume-chains e25db7d0-060a-4046-94b5-235f38097cd8
Images volume chains (base volume first)
image: 4d79c1da-34f0-44e3-8b92-c4bcb8524d83
Error: more than one volume pointing to the same parent volume e.g: (_BLANK_UUID<-a), (a<-b), (a<-c)
Unordered volumes and children:
- 00000000-0000-0000-0000-000000000000 <- 5aad30c7-96f0-433d-95c8-2317e5f80045
status: OK, voltype: INTERNAL, format: COW, legality: LEGAL, type: SPARSE, capacity: 214748364800, truesize: 165493616640
- 5aad30c7-96f0-433d-95c8-2317e5f80045 <- 5cb3fe58-3e01-4d32-bc7c-5907a4f858a8
status: OK, voltype: LEAF, format: COW, legality: ILLEGAL, type: SPARSE, capacity: 214748364800, truesize: 8759619584
- 5aad30c7-96f0-433d-95c8-2317e5f80045 <- 674e85d8-519a-461f-9dd6-aca44798e088
status: OK, voltype: LEAF, format: COW, legality: LEGAL, type: SPARSE, capacity: 214748364800, truesize: 200704
With the command vdsm-client Volume getInfo I can retrieve the info about the volume 5cb3fe58-3e01-4d32-bc7c-5907a4f858a8:
vdsm-client Volume getInfo storagepoolID=c0e7a0c5-8048-4f30-af08-cbd17d797e3b volumeID=5cb3fe58-3e01-4d32-bc7c-5907a4f858a8 storagedomainID=e25db7d0-060a-4046-94b5-235f38097cd8 imageID=4d79c1da-34f0-44e3-8b92-c4bcb8524d83
{
"apparentsize": "8759676160",
"capacity": "214748364800",
"children": [],
"ctime": "1634958924",
"description": "",
"disktype": "DATA",
"domain": "e25db7d0-060a-4046-94b5-235f38097cd8",
"format": "COW",
"generation": 0,
"image": "4d79c1da-34f0-44e3-8b92-c4bcb8524d83",
"lease": {
"offset": 0,
"owners": [],
"path": "/rhev/data-center/mnt/ovirthost.com:_data/e25db7d0-060a-4046-94b5-235f38097cd8/images/4d79c1da-34f0-44e3-8b92-c4bcb8524d83/5cb3fe58-3e01-4d32-bc7c-5907a4f858a8.lease",
"version": null
},
"legality": "ILLEGAL",
"mtime": "0",
"parent": "5aad30c7-96f0-433d-95c8-2317e5f80045",
"pool": "",
"status": "ILLEGAL",
"truesize": "8759619584",
"type": "SPARSE",
"uuid": "5cb3fe58-3e01-4d32-bc7c-5907a4f858a8",
"voltype": "LEAF"
}
I can't remove it due to the following error:
vdsm-client Volume delete storagepoolID=c0e7a0c5-8048-4f30-af08-cbd17d797e3b volumeID=5cb3fe58-3e01-4d32-bc7c-5907a4f858a8 storagedomainID=e25db7d0-060a-4046-94b5-235f38097cd8 imageID=4d79c1da-34f0-44e3-8b92-c4bcb8524d83 force=true
vdsm-client: Command Volume.delete with args {'storagepoolID': 'c0e7a0c5-8048-4f30-af08-cbd17d797e3b', 'volumeID': '5cb3fe58-3e01-4d32-bc7c-5907a4f858a8', 'storagedomainID': 'e25db7d0-060a-4046-94b5-235f38097cd8', 'imageID': '4d79c1da-34f0-44e3-8b92-c4bcb8524d83', 'force': 'true'} failed:
(code=309, message=Unknown pool id, pool not connected: ('c0e7a0c5-8048-4f30-af08-cbd17d797e3b',))
I'm performing the operation directly on the SPM. I searched for a while but I didn't find anything usefull. Any tips or doc that I missed?
2 years, 4 months
Unable to access Self Hosted Engine frome lan network on Ovirt 4.4
by amazirs@hotmail.com
Hello,
I have only on network like: 192.168.0.0/24 with DNS server on this network.
i install Ovirt node DHCP: 192.168.0.1/24
Ovirt hosted engine Manual network ip: 192.168.0.2/24
My other computer is 192.168.0.3/24
DNS: 192.168.0.4/24
NAS NFS storage: 192.168.0.5/24
From node, i can ping hosted engine
From hosted engine i can ping node
i can access and ping node from computer an DNS
BUT:
I can't ping or access from my computer or dns to the hosted engine
Any idea? All configuration is basic like the manual of ovirt hosted installation.
Tha is my 15 installation try's
2 years, 4 months
Re: Virt-sysprep --update --network
by Nathanaël Blanchet
Thank you for replying,
I'm familiar with virt-sysprep/virt-customze and I want to
systematically update packages of a fresh empty qcow2 image when making
a template.
Ovirt already allows to use virt-sysprep thanks to seal object.
I finally found the py script that deals with virt-sysprep:
/usr/lib/python3.6/site-packages/vdsm/virtsysprep.py
from vdsm.virt.utils import LibguestfsCommand
_VIRTSYSPREP = LibguestfsCommand("virt-sysprep",
"/usr/bin/virt-sysprep")
def sysprep(vm_id, vol_paths):
"""
Run virt-sysprep on the list of volumes
:param vol_paths: list of volume paths
"""
args = ['--network', '--update']
for vol_path in vol_paths:
args.extend(('-a', vol_path))
_VIRTSYSPREP.run(args, log_tag=vm_id)
Default script has no argument and just seal the vm, I simply added
args = ['--network', '--update'] to update package.
This modification implies to modify the script on all hosts and restart
vdsmd, and is not persistent on vdsm/node upgrade. So I wondered if
there was a way to make it persistent thanks to hooks.
Le 16/11/2021 à 13:25, Marcos Sungaila a écrit :
>
> Hi Nathanaël,
>
> With virt-sysprep, it is possible to install a package, update your
> template, activate a network connection, have SELinux relabel your
> system, and change other options.
>
> Also is highly recommended to boot your template to ensure every
> last-minute change is working fine.
>
> Before sealing the template, people use it to make all changes
> (update, package installation, user creation, network connections
> activation, etc…).
>
> On the other hand, you can modify those options with virt-sysprep and
> launch an instance based on the template to validate your changes.
>
> It is up to you to decide how to prepare your VM to seal/template it.
>
> Regards,
>
> Marcos
>
> *From:*Nathanaël Blanchet <blanchet(a)abes.fr>
> *Sent:* segunda-feira, 15 de novembro de 2021 17:19
> *To:* users(a)ovirt.org
> *Subject:* [External] : [ovirt-users] Virt-sysprep --update --network
>
> Hello,
>
> As It is currently possible to seal a VM when templating with Sysprep,
> is it possible to extend virt-sysprep with other options as "--update
> --network" to update a qcow2 image with any hook?
>
--
Nathanaël Blanchet
Supervision réseau
SIRE
227 avenue Professeur-Jean-Louis-Viala
34193 MONTPELLIER CEDEX 5
Tél. 33 (0)4 67 54 84 55
Fax 33 (0)4 67 54 84 14
blanchet(a)abes.fr
2 years, 4 months
create custom scheduling policy
by Hadiyansyah Hadiyansyah
hi all,
i have 4 host in the cluster, i wanna create custom schedulin policy for this cluster with condition.
- max vm guest on single host is 10 vms
- host with 70% cpu, vm guest cant migrate to this host
anyone can help me for explained this condition to create custom scheduling policy ?
thanks
hadi
2 years, 4 months