Reverting back to the original cert would take me past that error but would just continue to spam the message until timeout [ INFO ] Still waiting for VDSM host to become operational... [ INFO ] Still waiting for VDSM host to become operational... Logs seem to just repeat 2014-01-29 17:44:53 DEBUG otopi.plugins.ovirt_hosted_engine_setup.engine.add_host add_host._wait_host_ready:229 VDSM host in state 2014-01-29 17:44:54 DEBUG otopi.plugins.ovirt_hosted_engine_setup.engine.add_host add_host._wait_host_ready:213 Error fetching host state: 'NoneType' object has no attribute 'status' 2014-01-29 17:44:54 DEBUG otopi.plugins.ovirt_hosted_engine_setup.engine.add_host add_host._wait_host_ready:229 VDSM host in state 2014-01-29 17:44:55 DEBUG otopi.plugins.ovirt_hosted_engine_setup.engine.add_host add_host._wait_host_ready:213 Error fetching host state: 'NoneType' object has no attribute 'status' 2014-01-29 17:44:55 DEBUG otopi.plugins.ovirt_hosted_engine_setup.engine.add_host add_host._wait_host_ready:229 VDSM host in state 2014-01-29 17:44:56 DEBUG otopi.plugins.ovirt_hosted_engine_setup.engine.add_host add_host._wait_host_ready:213 Error fetching host state: 'NoneType' object has no attribute 'status' 2014-01-29 17:44:56 DEBUG otopi.plugins.ovirt_hosted_engine_setup.engine.add_host add_host._wait_host_ready:229 VDSM host in state On Wed, Jan 29, 2014 at 5:38 PM, Andrew Lau <andrew@andrewklau.com> wrote:
Hi,
After running through the new patch posted in BZ 1055153 I'm adding a second host to the hosted-engine cluster but it seems to fail right before the finish:
[ ERROR ] Failed to execute stage 'Closing up': [ERROR]::oVirt API connection failure, [Errno 1] _ssl.c:492: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
Couple Extra Notes: Engine has a custom SSL cert but the CA has been trusted by the new host. When I temporarily return the engine's SSL back to the default generated one the install will succeed.
Setup logs: http://www.fpaste.org/72624/13909770/
What confuses me is:
curl https://engine.example.net with the custom SSL cert will succeed but with the original self-signed gives the expected "insecure" message. What criteria need to be met so the install will pass?
Thanks, Andrew