[ovirt-users] Re: oVirt hyperconverged via cockpit error

Is the host in the error the same host you are running cockpit from? Make sure you can ssh not to localhost by to the hostname from the host. I.e. on bq817storage.example.com try ssh'ing to root(a)bq817storage.example.com On Thu, Oct 25, 2018 at 9:06 AM Jarosław Prokopowski < jprokopowski(a)gmail.com&gt; wrote: > And because I sometimes ssh through the main (non-storage) network > interface i have local .ssh/config file on the root account with: > Host * > StrictHostKeyChecking no > > > On Thu, Oct 25, 2018 at 2:03 PM Jarosław Prokopowski < > jprokopowski(a)gmail.com&gt; wrote: > >> Hi, >> >> Yes ssh keys have been distributed and root remote login works each way. >> After I got the error I tested all connection manually and they work. >> On every host I can ssh to root@localhost and to other hosts without >> any problem. >> That's why the error is so strange to me. I event tested ansible from >> oVirt host to others and it works ok using ssh keys. >> >> >> W dniu czw., 25.10.2018 o 13:43 Jayme <jaymef(a)gmail.com&gt; napisał(a): >> >>> You should also make sure the host can ssh to itself and accept keys >>> >>> On Thu, Oct 25, 2018, 8:42 AM Jayme, <jaymef(a)gmail.com&gt; wrote: >>> >>>> Darn autocorrect, sshd config rather >>>> >>>> On Thu, Oct 25, 2018, 7:29 AM Jarosław Prokopowski, < >>>> jprokopowski(a)gmail.com&gt; wrote: >>>> >>>>> Hi, >>>>> >>>>> Please help! :-) I couldn't find any solution via google. >>>>> >>>>> I followed this document to create oVirt hyperconverged on 3 hosts >>>>> using cockpit wizard: >>>>> >>>>> >>>>> https://ovirt.org/blog/2018/02/up-and-running-with-ovirt-4-2-and-gluster-... >>>>> >>>>> System: CentOS Linux release 7.5.1804 >>>>> >>>>> All hosts can resolve each other names via DNS, ssh keys are >>>>> exchanged and working. >>>>> I added firewall rules based on oVirt installation guide. SSH is >>>>> possible between all hosts using keys. >>>>> >>>>> I cannot create the configuration and the error I get in the last >>>>> step is: >>>>> >>>>> >>>>> ------------------------------------------------------------------------------------------------------ >>>>> PLAY [gluster_servers] >>>>> ********************************************************* >>>>> >>>>> TASK [Run a shell script] >>>>> ****************************************************** >>>>> failed: [bq817storage.example.com] >>>>> (item=/usr/share/gdeploy/scripts/grafton-sanity-check.sh -d sdb -h >>>>> bq817storage.example.com, bq735storage.example.com, >>>>> bq813storage.example.com) => {"item": >>>>> "/usr/share/gdeploy/scripts/grafton-sanity-check.sh -d sdb -h >>>>> bq817storage.example.com, bq735storage.example.com, >>>>> bq813storage.example.com", "msg": "Failed to connect to the host via >>>>> ssh: Permission denied >>>>> (publickey,gssapi-keyex,gssapi-with-mic,password).\r\n", "unreachable": >>>>> true} >>>>> fatal: [bq817storage.example.com]: UNREACHABLE! => {"changed": >>>>> false, "msg": "All items completed", "results": [{"_ansible_ignore_errors": >>>>> null, "_ansible_item_label": >>>>> "/usr/share/gdeploy/scripts/grafton-sanity-check.sh -d sdb -h >>>>> bq817storage.example.com, bq735storage.example.com, >>>>> bq813storage.example.com", "_ansible_item_result": true, "item": >>>>> "/usr/share/gdeploy/scripts/grafton-sanity-check.sh -d sdb -h >>>>> bq817storage.example.com, bq735storage.example.com, >>>>> bq813storage.example.com", "msg": "Failed to connect to the host via >>>>> ssh: Permission denied >>>>> (publickey,gssapi-keyex,gssapi-with-mic,password).\r\n", "unreachable": >>>>> true}]} >>>>> to retry, use: --limit @/tmp/tmpYLHDCP/run-script.retry >>>>> >>>>> PLAY RECAP >>>>> ********************************************************************* >>>>> bq817storage.example.com : ok=0 changed=0 unreachable=1 >>>>> failed=0 >>>>> >>>>> >>>>> Firewall rules: >>>>> >>>>> oVirt engine host: >>>>> >>>>> #firewall-cmd --list-all >>>>> public (active) >>>>> target: default >>>>> icmp-block-inversion: no >>>>> interfaces: enp134s0f0 enp134s0f1 >>>>> sources: >>>>> services: ssh dhcpv6-client cockpit glusterfs http https dns >>>>> ports: 2222/tcp 6100/tcp 7410/udp 54323/tcp 2223/tcp 161/udp >>>>> 111/tcp 5900-6923/tcp 5989/tcp 9090/tcp 16514/tcp 49152-49216/tcp 54321/tcp >>>>> 54322/tcp 6081/udp >>>>> protocols: >>>>> masquerade: no >>>>> forward-ports: >>>>> source-ports: >>>>> icmp-blocks: >>>>> rich rules: >>>>> >>>>> oVirt nodes: >>>>> >>>>> #firewall-cmd --list-all >>>>> public (active) >>>>> target: default >>>>> icmp-block-inversion: no >>>>> interfaces: enp134s0f0 enp134s0f1 >>>>> sources: >>>>> services: ssh dhcpv6-client cockpit glusterfs dns >>>>> ports: 2223/tcp 161/udp 111/tcp 5900-6923/tcp 5989/tcp 9090/tcp >>>>> 16514/tcp 49152-49216/tcp 54321/tcp 54322/tcp 6081/udp >>>>> protocols: >>>>> masquerade: no >>>>> forward-ports: >>>>> source-ports: >>>>> icmp-blocks: >>>>> >>>>> --------------------------------------------------------------------------------- >>>>> >>>>> Thanks in advance >>>>> Jarson >>>>> _______________________________________________ >>>>> Users mailing list -- users(a)ovirt.org >>>>> To unsubscribe send an email to users-leave(a)ovirt.org >>>>> Privacy Statement: https://www.ovirt.org/site/privacy-policy/ >>>>> oVirt Code of Conduct: >>>>> https://www.ovirt.org/community/about/community-guidelines/ >>>>> List Archives: >>>>> https://lists.ovirt.org/archives/list/users@ovirt.org/message/4KKTG4VVPG7... >>>>> >>>>