I don't know how, but the only errors I saw in the WebUI were update related (failed to check updates on host).
That is not related to certificates errors used for engine <-> VDSM communication
There was an error in engine-setup, but at this stage it was far, far too late.
The warning/alerts mentioned above are stored in engine's audit log, which can be viewed within Events tab in webadmin, where you should see something like:
Host ${VdsName} certification is about to expire at
${ExpirationDate}. Please renew the host's certification.
or
Engine's certification is about to expire at ${ExpirationDate}.
Please renew the engine's certification.
Hello,
I just lost at least two more setups, while (slowly) upgrading it to -streams.
Zero warning on the UI (verified twice).
Zero warning in the vdsm log (verified before I started the upgrade).
Once I upgraded the hosted engine to streams (engine-setup --offline, distro sync, engine-setup), the VDSM's services stopped working on all hosts (sadly enough, at least two setups are single host setups).
Tried restarting the VDSM service, and now they are spewing SSL handshake errors.
E.g. ERROR ssl handshake: SSLError, address: ::ffff:127.0.0.1
So, given the fact that I have a working HE on all machines, how can I renew the vdsm certificates?
I assume I cannot simply restart the HE service and try to enroll new certificates?
- Gilboa