June 2022 - Users - Ovirt List Archives

failed to mount hosted engine gluster storage - how to debug?

by diego.ercolani＠ssis.sm

Hello, I have an issue probably related to my particular implementation but I think some controls are missing Here is the story. I have a cluster of two nodes 4.4.10.3 with an upgraded kernel as the cpu (Ryzen 5) suffer from an incompatibility issue with the kernel provided by 4.4.10.x series. On each node there are three glusterfs "partitions" in replica mode, one for the hosted_engine, the other two are for user usage. The third node was an old i3 workstation only used to provide the arbiter partition to the glusterfs cluster. I installed a new server (ryzen processor) with 4.5.0 and successfully installed glusterfs 10.1 and inserted the arbiter bricks implemented on glusterfs 10.1 while the replica bricks are 8.6 after removing the old i3 provided bricks. I successfully imported the new node in the ovirt engine (after updating the engine to 4.5) The problem is that the ovirt-ha-broker doesn't start complaining that is not possible to connect the storage. (I suppose the hosted_engine storage) so I did some digs that I'm going to show here: #### 1. The node seem to be correctly configured: [root@ovirt-node3 devices]# vdsm-tool validate-config SUCCESS: ssl configured to true. No conflicts [root@ovirt-node3 devices]# vdsm-tool configure Checking configuration status... libvirt is already configured for vdsm SUCCESS: ssl configured to true. No conflicts sanlock is configured for vdsm Managed volume database is already configured lvm is configured for vdsm Current revision of multipath.conf detected, preserving Running configure... Done configuring modules to VDSM. [root@ovirt-node3 devices]# vdsm-tool validate-config SUCCESS: ssl configured to true. No conflicts #### 2. the node refuses to mount via hosted-engine (same error in broker.log) [root@ovirt-node3 devices]# hosted-engine --connect-storage Traceback (most recent call last): File "/usr/lib64/python3.6/runpy.py", line 193, in _run_module_as_main "__main__", mod_spec) File "/usr/lib64/python3.6/runpy.py", line 85, in _run_code exec(code, run_globals) File "/usr/lib/python3.6/site-packages/ovirt_hosted_engine_setup/connect_storage_server.py", line 30, in <module> timeout=ohostedcons.Const.STORAGE_SERVER_TIMEOUT, File "/usr/lib/python3.6/site-packages/ovirt_hosted_engine_ha/client/client.py", line 312, in connect_storage_server sserver.connect_storage_server(timeout=timeout) File "/usr/lib/python3.6/site-packages/ovirt_hosted_engine_ha/lib/storage_server.py", line 451, in connect_storage_server 'Connection to storage server failed' RuntimeError: Connection to storage server failed ##### 3. manually mount of glusterfs work correctly [root@ovirt-node3 devices]# grep storage /etc/ovirt-hosted-engine/hosted-engine.conf storage=ovirt-node2.ovirt:/gveng # The following are used only for iSCSI storage [root@ovirt-node3 devices]# [root@ovirt-node3 devices]# mount -t glusterfs ovirt-node2.ovirt:/gveng /mnt/tmp/ [root@ovirt-node3 devices]# ls -l /mnt/tmp total 0 drwxr-xr-x. 6 vdsm kvm 64 Dec 15 19:04 7b8f1cc9-e3de-401f-b97f-8c281ca30482 What else should I control? Thank you and sorry for the long message Diego

2 years, 6 months

5
9
1 / 0

Virtual disk shareable checkbox is greyed out when using GlusterFS storage domains

by Ken Holmes

Is there a work around that will allow multiple VM's to share a disk with out using the network? I read Dave White's Thread but saw no resolution except maybe using NetApp. Thanks

2 years, 6 months

1
0
0 / 0

moVirt delisted from Google Play

by Filip Krepinsky

Hi all, Unfortunately, we decided to delist moVirt from Google Play. As you might have noticed, the app has not been maintained for some time and also the main repository https://github.com/oVirt/moVirt has been archived. It is not possible for us to maintain store presence due to new requirements for Google APIs (and thus our libraries that are obsolete at this point), app interoperability and in general to fulfill expectations of our users. For users who still wish to use moVirt, you can keep your current application installed or download an APK ( https://github.com/oVirt/moVirt/releases/tag/v2.1) and install moVirt manually. Just keep in mind that the app might not behave properly (mostly on newer versions of Android). I hope moVirt has been helpful with managing your envs :) Best regards, Filip

2 years, 6 months

1
0
0 / 0

Dedicated Migration Network

by Clint Boggio

Good Day All; I am in the process of assembling a new oVirt cluster and I am wondering if there is any benefit to having a dedicated set of nics solely dedicated to VM migration. If so, would those nics (bonded) be on their own vlan and subnet or would they share a subnet with gluster storage or the management network ? Right now i'm planning on the following architecture. 1. Management = 10G X2 Bond per hypervisor host (10.66.0.0/24) 2. Gluster/iSCSI Storage = 10G X2 Bond per hypervisor host (10.244.0.0/24) 3. VM Production Network(s) = 10G X2 Bond per hypervisor host (No IP Range) 4. ?? Possible Dedicated VM Migration Thank you very much as any input would be greatly appreciated

2 years, 6 months

4
6
2 / 0

"Retrieval of iSCSI targets failed" during hosted engine deployment on oVirt node 4.5

by pat＠patfruth.com

I have freshly installed ovirt node 4.5 from the iso download here; https://resources.ovirt.org/pub/ovirt-4.5/iso/ovirt-node-ng-installer/4.5... output from 'rpm -qa | grep ovirt' shows ovirt-hosted-engine-setup-2.6.3-1.el8.noarch ovirt-imageio-daemon-2.4.3-1.el8.x86_64 python38-ovirt-engine-sdk4-4.5.1-1.el8.x86_64 ovirt-imageio-common-2.4.3-1.el8.x86_64 ovirt-node-ng-image-update-placeholder-4.5.0.3-1.el8.noarch ovirt-openvswitch-2.15-3.el8.noarch python38-ovirt-imageio-client-2.4.3-1.el8.x86_64 ovirt-openvswitch-ipsec-2.15-3.el8.noarch ovirt-openvswitch-ovn-common-2.15-3.el8.noarch ovirt-openvswitch-ovn-host-2.15-3.el8.noarch centos-release-ovirt45-8.7-1.el8s.noarch ovirt-provider-ovn-driver-1.2.36-1.el8.noarch ovirt-host-dependencies-4.5.0-3.el8.x86_64 ovirt-release-host-node-4.5.0.3-1.el8.x86_64 ovirt-ansible-collection-2.0.3-1.el8.noarch ovirt-vmconsole-1.0.9-1.el8.noarch python3-ovirt-engine-sdk4-4.5.1-1.el8.x86_64 ovirt-node-ng-nodectl-4.4.2-1.el8.noarch ovirt-openvswitch-ovn-2.15-3.el8.noarch ovirt-hosted-engine-ha-2.5.0-1.el8.noarch ovirt-host-4.5.0-3.el8.x86_64 ovirt-engine-appliance-4.5-20220511122240.1.el8.x86_64 ovirt-vmconsole-host-1.0.9-1.el8.noarch ovirt-python-openvswitch-2.15-3.el8.noarch python38-ovirt-imageio-common-2.4.3-1.el8.x86_64 python3-ovirt-node-ng-nodectl-4.4.2-1.el8.noarch cockpit-ovirt-dashboard-0.16.0-1.el8.noarch python3-ovirt-setup-lib-1.3.3-1.el8.noarch ovirt-imageio-client-2.4.3-1.el8.x86_64 During the hosted engine deployment process, I get thru Step 3 ( the "Prepare VM" step) successfully. On Step 4 (Storage Settings), I set; - Storage type = iSCSI - Portal IP address = my ISCSI target's ip address - Accept the default Portal port number, which is already set to 3260 - Leave username & password blank (as I have no CHAP configured on the ISCSI target system) When I click the "Retrieve Target List" button there is a brief pause, followed by red error message which says "Retrieval of iSCSI targets failed" Upon reviewing the files in /var/log/ovirt-hosted-engine-setup on the ovirt node, I find a new log file named ovirt-hosted-engine-setup-ansible-iscsi_discover-20220614084053-in517x.log The message near the end of the log file are as follows; ------ snip ------ ..... 2022-06-14 08:41:03,510-0600 INFO ansible task start {'status': 'OK', 'ansible_type': 'task', 'ansible_playbook': '/usr/share/ovirt-hosted-engine-setup/ansible/trigger_role.yml', 'ansible_task': 'ovirt.ovirt.hosted_engine_setup : iSCSI discover'} 2022-06-14 08:41:03,511-0600 DEBUG ansible on_any args TASK: ovirt.ovirt.hosted_engine_setup : iSCSI discover kwargs is_conditional:False 2022-06-14 08:41:03,511-0600 DEBUG ansible on_any args localhost TASK: ovirt.ovirt.hosted_engine_setup : iSCSI discover kwargs 2022-06-14 08:41:06,430-0600 DEBUG var changed: host "localhost" var "ansible_play_hosts" type "<class 'list'>" value: "[]" 2022-06-14 08:41:06,430-0600 DEBUG var changed: host "localhost" var "ansible_play_batch" type "<class 'list'>" value: "[]" 2022-06-14 08:41:06,430-0600 DEBUG var changed: host "localhost" var "play_hosts" type "<class 'list'>" value: "[]" 2022-06-14 08:41:06,431-0600 ERROR ansible failed { "ansible_host": "localhost", "ansible_playbook": "/usr/share/ovirt-hosted-engine-setup/ansible/trigger_role.yml", "ansible_result": { "_ansible_no_log": false, "changed": false, "exception": "Traceback (most recent call last):\n File \"/tmp/ansible_ovirt_host_payload_ky4zlp1s/ansible_ovirt_host_payload.zip/ansible_collections/ovirt/ovirt/plugins/modules/ovirt_host.py\", line 638, in main\nTypeError: int() argument must be a string, a bytes-like object or a number, not 'NoneType'\n", "invocation": { "module_args": { "activate": true, "address": null, "check_upgrade": true, "cluster": null, "comment": null, "enroll_certificate": false, "fetch_nested": false, "force": false, "hosted_engine": null, "id": null, "iscsi": { "address": "192.168.1.2", "password": "", "port": null, "username": "" }, "kdump_integration": null, "kernel_params": null, "name": "ovirt-node01.internal.net", "nested_attributes": [], "override_display": null, "override_iptables": null, "password": null, "poll_interval": 3, "power_management_enabled": null, "public_key": false, "reboot_after_installation": null, "reboot_after_upgrade": true, "spm_priority": null, "ssh_port": null, "state": "iscsidiscover", "timeout": 600, "vgpu_placement": null, "wait": true } }, "msg": "int() argument must be a string, a bytes-like object or a number, not 'NoneType'" }, "ansible_task": "iSCSI discover", "ansible_type": "task", "status": "FAILED", "task_duration": 3 } 2022-06-14 08:41:06,431-0600 DEBUG ansible on_any args <ansible.executor.task_result.TaskResult object at 0x7f9c76744370> kwargs ignore_errors:None 2022-06-14 08:41:06,432-0600 INFO ansible stats { "ansible_playbook": "/usr/share/ovirt-hosted-engine-setup/ansible/trigger_role.yml", "ansible_playbook_duration": "00:11 Minutes", "ansible_result": "type: <class 'dict'>\nstr: {'localhost': {'ok': 5, 'failures': 1, 'unreachable': 0, 'changed': 0, 'skipped': 0, 'rescued': 0, 'ignored': 0}}", "ansible_type": "finish", "status": "FAILED" } 2022-06-14 08:41:06,432-0600 INFO SUMMARY: Duration Task Name -------- -------- [ < 1 sec ] Execute just a specific set of steps [ 00:01 ] Force facts gathering [ 00:03 ] Obtain SSO token using username/password credentials [ 00:03 ] Fetch host facts [ FAILED ] iSCSI discover 2022-06-14 08:41:06,432-0600 DEBUG ansible on_any args <ansible.executor.stats.AggregateStats object at 0x7f9c793444c0> kwargs ------ snip ------ The error suggest that the iSCSI portal port number (which is defaulted to 3260 in the UI) is not being properly passed into the python module ovirt/ovirt/plugins/modules/ovirt_host.py Looking at the code at line 638 of ovirt_host.py, found here; https://github.com/oVirt/ovirt-ansible-collection/blob/2.0.3-1/plugins/mo... I see; ..... elif state == 'iscsidiscover': host_id = get_id_by_name(hosts_service, module.params['name']) iscsi_param = module.params['iscsi'] iscsi_targets = hosts_service.service(host_id).discover_iscsi( iscsi=otypes.IscsiDetails( port=int(iscsi_param.get('port', 3260)), <---- line 638 username=iscsi_param.get('username'), password=iscsi_param.get('password'), address=iscsi_param.get('address'), portal=iscsi_param.get('portal'), ), ) ret = { 'changed': False, 'id': host_id, 'iscsi_targets': [iscsi.target for iscsi in iscsi_targets], 'iscsi_targets_struct': [get_dict_of_struct( struct=iscsi, connection=connection, fetch_nested=module.params.get('fetch_nested'), attributes=module.params.get('nested_attributes'), ) for iscsi in iscsi_targets], } ..... I'm not a Python expert, so I can't tell if this logic is correct or not. Looking at Git history on this code, it looks like the last time a change was made effecting ISCSI was in May of 2021; https://github.com/oVirt/ovirt-ansible-collection/commit/1c4c18d844a69b82... By Martin Necas - https://github.com/mnecas I gotta believe I'm not the first one to try setting up oVirt 4.5 hosted engine with ISCSI storage. Is anyone else out there using ISCSI storage with oVirt 4.5.0.3 yet? How did you get it working?

2 years, 6 months

2
2
0 / 0

Release announcement: go-ovirt-client 1.0.0, terraform-provider-ovirt 2.0.0

by Janos Bonic

Hey there folks, Just a quick announcement, we have released the first stable version of *go-ovirt-client*, an overlay for the go SDK which you can find here: https://github.com/ovirt/go-ovirt-client and the docs are available here: https://pkg.go.dev/github.com/ovirt/go-ovirt-client In parallel, we also released the first stable version of the *overhauled Terraform provider*, which is available on the Terraform registry: https://registry.terraform.io/providers/oVirt/ovirt/latest/docs Thank you to everyone who worked on this over the last year and made it possible. Contributors lists are here: https://github.com/oVirt/go-ovirt-client/graphs/contributors and here: https://github.com/oVirt/terraform-provider-ovirt/graphs/contributors If you run into problems, our GitHub issue box is always open. :) Cheers, Janos

2 years, 6 months

1
0
0 / 0

Issue adding host to ovirt 4.4 cluster

by David Johnson

Good morning all, I am attempting to add a host to my ovirt 4.4 cluster. The installation of the first host went smoothly, but the installation of the second host stalled. Currently, the second host is in Installing state, but doing nothing. The installation failed due to a failure to register the host certificate. I cannot change the state of the host or retry the installation to capture logs. Warnings from the host that are visible on the ovirt console are: - Power Management is not configured for this Host. Enable Power Management - Host has no default route. - The host CPU does not match the Cluster CPU Type and is running in a degraded mode. It is missing the following CPU flags: vmx, model_Cascadelake-Server-noTSX. Please update the host CPU microcode or change the Cluster CPU Type. The error message generated at the last attempt to install the host from the ovirt console is: - Failed to enroll certificate for host ovirt-host-04 (User: admin@internal-authz). Please advise

2 years, 6 months

1
1
0 / 0

Re: Dedicated Migration Network

by Clint Boggio

Thank you Abe, Angus, and Strahil. I appreciate your direction and input.

2 years, 6 months

1
0
1 / 0

Re: oVirt 4.4.x step-by-step procedure to renew expired oVirt certificates

by Nathanaël Blanchet

Hi, Le 17/06/2022 à 12:18, Marko Vrgotic a écrit : > > Dear Nathanael, > > Thank you very much for you reply. Regarding host expiration playbook > you wrote – my compliments – is it safe to run on host with expired > certificates, or its rather meant to be executed for renewal of certs > on hosts with still valid certs? > both are okay, in case of a host in "up" status, it will go down during the playbook execution, but vms will continue to run without any downtime. Host will recover and go up once certificates will be successfully renewed. This is an emergency procedure, the best solution to renew a certificate on a running host is to put the host into maintenance and renew certs via UI. > We have also found following script which should at least safely take > care of the renewal of certs on host with already expired certificates > - . > > https://github.com/tothf/renew_vdsm_cert/blob/main/renew_vdsm_cert.sh > > ----- > > kind regards/met vriendelijke groeten > > Marko Vrgotic > Sr. System Engineer @ System Administration > > > ActiveVideo > > *o: *+31 (35) 6774131 > > *m: +*31 (65) 5734174** > > *e:*m.vrgotic@activevideo.com <mailto:m.vrgotic@activevideo.com> > *w: *www.activevideo.com <http://www.activevideo.com> > > ActiveVideo Networks BV. Mediacentrum 3745 Joop van den Endeplein > 1.1217 WJ Hilversum, The Netherlands. The information contained in > this message may be legally privileged and confidential. It is > intended to be read only by the individual or entity to whom it is > addressed or by their designee. If the reader of this message is not > the intended recipient, you are on notice that any distribution of > this message, in any form, is strictly prohibited. If you have > received this message in error, please immediately notify the sender > and/or ActiveVideo Networks, LLC by telephone at +1 408.931.9200 and > delete or destroy any copy of this message. > > *From: *Nathanaël Blanchet <blanchet(a)abes.fr> > *Date: *Thursday, 16 June 2022 at 14:40 > *To: *Marko Vrgotic <M.Vrgotic(a)activevideo.com>, users(a)ovirt.org > <users(a)ovirt.org> > *Subject: *Re: [ovirt-users] oVirt 4.4.x step-by-step procedure to > renew expired oVirt certificates > > ***CAUTION: This email originated from outside of the organization. Do > not click links or open attachments unless you recognize the sender!!!*** > > Hello, > > If you refer to: > > 1. engine apache certificate expiration ("PKIX path building failed: > sun.security.provider.certpath.SunCertPathBuilderException:) to > access to ovirt console. > => engine-setup --offline > 2. hosts certificate expiration? > => https://access.redhat.com/solutions/3532921 > <https://nam10.safelinks.protection.outlook.com/?url=https%3A%2F%2Faccess....> > I also wrote a playbook to do so there: > https://galaxy.ansible.com/natman/ovirt_renew_certs > <https://nam10.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgalaxy....> > In this case, don't forget to renew certificate with UI (into > maintenance) when host is reponding, otherwise you may enconter > issues with console or live migration or other SSL related stuff. > > tested and approved. > > Le 16/06/2022 à 12:34, Marko Vrgotic a écrit : > > Dear oVirt, > > The oVirt SSL certificated were changed to one-year renewal and we > have a problem now. > > We are running 4.4.x version with SHE on local storage cluster and > we have four more local storage clusters. > > One the cluster running SHE, the engine and host certificates have > expired. We found the procedure for renewal prior to expiration, > but we do not have a mnual one, required once certificates have > expired. > > Would you be so kind to share the manual or steps needed to fix > our oVirt setup. > > Thank you in advance. > > ----- > > kind regards/met vriendelijke groeten > > Marko Vrgotic > Sr. System Engineer @ System Administration > > > ActiveVideo > > *o: *+31 (35) 6774131 > > *m: +*31 (65) 5734174 > > *e:*m.vrgotic@activevideo.com <mailto:m.vrgotic@activevideo.com> > *w: *www.activevideo.com <http://www.activevideo.com> > > ActiveVideo Networks BV. Mediacentrum 3745 Joop van den Endeplein > 1.1217 WJ Hilversum, The Netherlands. The information contained in > this message may be legally privileged and confidential. It is > intended to be read only by the individual or entity to whom it is > addressed or by their designee. If the reader of this message is > not the intended recipient, you are on notice that any > distribution of this message, in any form, is strictly > prohibited. If you have received this message in error, please > immediately notify the sender and/or ActiveVideo Networks, LLC by > telephone at +1 408.931.9200 and delete or destroy any copy of > this message. > > > > _______________________________________________ > > Users mailing list --users(a)ovirt.org > > To unsubscribe send an email tousers-leave(a)ovirt.org > > Privacy Statement:https://www.ovirt.org/privacy-policy.html <https://nam10.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.ovi...> > > oVirt Code of Conduct:https://www.ovirt.org/community/about/community-guidelines/ <https://nam10.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.ovi...> > > List Archives:https://lists.ovirt.org/archives/list/users@ovirt.org/message/5L... <https://nam10.safelinks.protection.outlook.com/?url=https%3A%2F%2Flists.o...> > > -- > Nathanaël Blanchet > Supervision réseau > SIRE > 227 avenue Professeur-Jean-Louis-Viala > 34193 MONTPELLIER CEDEX 5 > Tél. 33 (0)4 67 54 84 55 > Fax 33 (0)4 67 54 84 14 > blanchet(a)abes.fr -- Nathanaël Blanchet Supervision réseau SIRE 227 avenue Professeur-Jean-Louis-Viala 34193 MONTPELLIER CEDEX 5 Tél. 33 (0)4 67 54 84 55 Fax 33 (0)4 67 54 84 14 blanchet(a)abes.fr

2 years, 7 months

1
0
0 / 0

After attaching the Storage domain, the VMs are disappeared from the VM import

by aminur.rahman＠iongroup.com

Hi, We're noticing some weird issue while re-attaching the storage domain. After re-attach the storage domain, some VMs are completely missing from the VM Import. Before detaching the storage domain, all the VMs were shutdown gracefully. I also noticed some disks are exists with no Alias under the disk import on the storage domain and I can't import those disks. Its failed to register the disk with <UNKONOWN> error. We're using Ovirt 4.2 with multiple Dell hosts in the cluster and Compellent SAN with iSCSI volumes. Please kindly advise if I am missing anything before detach the storage domain. Thanks

2 years, 7 months

4
4
0 / 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

Users June 2022