Hi Martin, 

Few more data points.

1) I have the latest released ovirt-engine.

2) I also tried using the ovirt.infra ansible role and I get the exact same issue and behavior. 

Thanks, Sakari

dnf info ovirt-engine
Last metadata expiration check: 0:00:08 ago on Wed 06 May 2020 11:49:20 AM EEST.
Installed Packages
Name         : ovirt-engine
Version      : 4.4.0
Release      : 0.7.beta4.20200417092918.gitd2e0a32d1a6.el8
Architecture : noarch
Size         : 38 M
Source       : ovirt-engine-4.4.0-0.7.beta4.20200417092918.gitd2e0a32d1a6.el8.src.rpm
Repository   : @System
From repo    : ovirt-4.4-pre
Summary      : Management server for Open Virtualization
URL          : http://www.ovirt.org
License      : ASL 2.0
Description  : oVirt Engine is a feature-rich server virtualization management
             : system that provides advanced capabilities for managing the Open
             : virtualization infrastructure for Servers and Desktops.

On Wed, May 6, 2020 at 10:00 AM Sakari Poussa <spoussa@gmail.com> wrote:
Hi Martin,

Seems that I am running the correct versions. Can you elaborate what the issue is/was and where is the fix? I can then dive deeper with my debugging.

Thanks, Sakari

$ dnf info python3-ansible-runner ansible-runner-service
Last metadata expiration check: 0:02:12 ago on Wed 06 May 2020 09:51:37 AM EEST.
Installed Packages
Name         : ansible-runner-service
Version      : 1.0.2
Release      : 1.el8
Architecture : noarch
Size         : 252 k
Source       : ansible-runner-service-1.0.2-1.el8.src.rpm
Repository   : @System
From repo    : ovirt-4.4-centos-ovirt44
Summary      : RESTful API for ansible/ansible_runner execution
License      : ASL 2.0
Description  : This package provides the Ansible Runner Service source files. Ansible runner service exposes a REST API interface on top of the functionality provided by ansible and
             : ansible_runner.
             :
             : The Ansible Runner Service provided in this packages is intended to be used as uwgsi app exposed by Nginx in a Container.
             : Dependencies, and configuration tasks must be performed in the container.
             :
             : Ansible Runner Service listens on https://localhost:5001 by default for playbook or ansible inventory requests. For developers interested in using the API, all the available
             : endpoints are documented at https://localhost:5001/api.
             :
             : In addition to the API endpoints, the daemon also provides a /metrics endpoint for prometheus integration. A sample Grafana dashboard is provided within
             : /usr/share/doc/ansible-runner-service

Name         : python3-ansible-runner
Version      : 1.4.5
Release      : 1.el8
Architecture : noarch
Size         : 340 k
Source       : ansible-runner-1.4.5-1.el8.src.rpm
Repository   : @System
From repo    : ovirt-4.4-centos-ovirt44
Summary      : A tool and python library to interface with Ansible
URL          : https://github.com/ansible/ansible-runner
License      : ASL 2.0
Description  : Ansible Runner is a tool and python library that helps when interfacing with
             : Ansible from other systems whether through a container image interface, as a
             : standalone tool, or imported into a python project.


On Wed, May 6, 2020 at 9:27 AM Martin Perina <mperina@redhat.com> wrote:
Hi,

the issue has been fixed on master, it seems that you are using old ovirt-engine and/or old ansible-runner-service. Please upgrade to latest released ovirt-engine with ansible-runner-service-1.0.2 and python3-ansible-runner-1.4.5

Regards,
Martin


On Wed, May 6, 2020 at 6:50 AM Sakari Poussa <spoussa@gmail.com> wrote:
Hi,

I am using 4.4 beta4 and not able to add new hosts to the datacenter. Also "Enroll Certificate" fails.

On nodes, I get the following error message:

libvirtd[20399]: Unable to import CA certificate list /etc/pki/vdsm/certs/cacert.pem

The root cause is the malformed cert:

$ cat /etc/pki/vdsm/certs/cacert.pem
-----BEGIN CERTIFICATE-----\nMIID XXX

That, is the .pem file is just one long line with \n characters instead of real newlines. If I convert the \n to real newlines libvirtd starts but that is not the end solution since other issues surfaces. 

The malforming happens when the engine copies (via ansible) the CA cert to the node(s).

Any ideas what is going on?

Thanks, Sakari




_______________________________________________
Users mailing list -- users@ovirt.org
To unsubscribe send an email to users-leave@ovirt.org
Privacy Statement: https://www.ovirt.org/privacy-policy.html
oVirt Code of Conduct: https://www.ovirt.org/community/about/community-guidelines/
List Archives: https://lists.ovirt.org/archives/list/users@ovirt.org/message/TZ6EA3X257YGFYQTLFRILGGCQKQKTT2V/


--
Martin Perina
Manager, Software Engineering
Red Hat Czech s.r.o.


--
Sakari Poussa
040 348 2970


--
Sakari Poussa
040 348 2970