------W8UEK94U7L2X0W96XO4VAKONZ7LXWP Content-Transfer-Encoding: 8bit Content-Type: text/plain; charset=UTF-8 Hi, To clarify my previous. When adding localhost at SSO_ALTERNATE_ENGINE_FQDNS="localhost", then i was able to access through port forwarding. I tried to add IP and localhost, comma separated SSO_ALTERNATE_ENGINE_FQDNS="10.0.0.10,localhost", and in this case i could not use localhost. Does this variable accepts comma separated values? Thanx for the socks proxy. Yes, thats my last tactic when facing issues with port forwarding, though i need to go through two hops and makes it a bit more complex. The first hop does not have direct access to destination network and I dont have direct SSH access to final hop. I will also add a custom config next to 11-setup-sso.conf file. Thanx for pointing it out. Alex On January 27, 2017 1:32:14 PM EET, "Juan Hernández" <jhernand@redhat.com> wrote:
On 01/27/2017 11:56 AM, Alex wrote:
Hi,
I added the IP address at 11-setup-sso.conf (found at /etc/ovirt-engine/engine.conf.d), at line SSO_ALTERNATE_ENGINE_FQDNS="IP". Then restarted engine. I can access now engine vm using IP, but I cannot when connecting remotely using localhost and port forwarding through ssh. I tried to add also localhost as alternate fqdn without any luck. Any idea?
Many thanx, Alex
Make sure to include also the port number that you are using. For example, if you are using port 10000 then you will need this:
SSO_ALTERNATE_ENGINE_FQDNS="localhost:10000"
I'd also suggest to avoid modifying the 11-setup-sso.conf file, as it will be overwritten if you run 'engine-setup' again, during an upgrade, for example. Instead of that try to create your own 99-my.conf file, for example.
Also, if you want this just for SSH, I'd suggest to use the SSH SOCKS proxy support instead. For example, I reach all my systems via SSH, using 'server.example.com' as the SSH gateway. I start SSH like this:
ssh -D 127.0.0.1:10000 server.example.com
And then I configure my browser to use 127.0.0.1:10000 as SOCKS proxy for *.example.com.
On January 27, 2017 1:10:33 AM GMT+02:00, Alex
<rightkicktech@gmail.com>
wrote:
Thank you Martin. I will check that.
On January 26, 2017 9:39:42 PM GMT+02:00, Martin Perina <mperina@redhat.com> wrote:
Hi,
please take a look at [1], since oVirt 4.0.4 you can defined alternate names (or IPs) to access engine.
Regards
Martin Perina
[1] https://bugzilla.redhat.com/show_bug.cgi?id=1325746
On Thu, Jan 26, 2017 at 6:59 PM, rightkicktech.gmail.com <http://rightkicktech.gmail.com> <rightkicktech@gmail.com <mailto:rightkicktech@gmail.com>> wrote:
Hi all,
Is there any way to bypass the FQDN access requirement on ovirt 4? On previous versions I was able to access ovirt engine using IP. It is impractical to access with FQDN when doing remote port forwarding.
Thanx, Alex -- Sent from my Android device with K-9 Mail. Please excuse my brevity. _______________________________________________ Users mailing list Users@ovirt.org <mailto:Users@ovirt.org> http://lists.ovirt.org/mailman/listinfo/users <http://lists.ovirt.org/mailman/listinfo/users>
-- Sent from my Android device with K-9 Mail. Please excuse my brevity.
_______________________________________________ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
-- Sent from my Android device with K-9 Mail. Please excuse my brevity. ------W8UEK94U7L2X0W96XO4VAKONZ7LXWP Content-Type: text/html; charset=utf-8 Content-Transfer-Encoding: 8bit <html><head></head><body>Hi,<br> <br> To clarify my previous. When adding localhost at SSO_ALTERNATE_ENGINE_FQDNS="localhost", then i was able to access through port forwarding. I tried to add IP and localhost, comma separated SSO_ALTERNATE_ENGINE_FQDNS="<a href="http://10.0.0.10">10.0.0.10</a>,localhost";, and in this case i could not use localhost. <br> Does this variable accepts comma separated values?<br> <br> Thanx for the socks proxy. Yes, thats my last tactic when facing issues with port forwarding, though i need to go through two hops and makes it a bit more complex. The first hop does not have direct access to destination network and I dont have direct SSH access to final hop.<br> <br> I will also add a custom config next to 11-setup-sso.conf file. Thanx for pointing it out.<br> <br> Alex<br> <br><br><div class="gmail_quote">On January 27, 2017 1:32:14 PM EET, "Juan Hernández" <jhernand@redhat.com> wrote:<blockquote class="gmail_quote" style="margin: 0pt 0pt 0pt 0.8ex; border-left: 1px solid rgb(204, 204, 204); padding-left: 1ex;"> <pre class="k9mail">On 01/27/2017 11:56 AM, Alex wrote:<br /><blockquote class="gmail_quote" style="margin: 0pt 0pt 1ex 0.8ex; border-left: 1px solid #729fcf; padding-left: 1ex;"> Hi,<br /> <br /> I added the IP address at 11-setup-sso.conf (found at<br /> /etc/ovirt-engine/engine.conf.d), at line SSO_ALTERNATE_ENGINE_FQDNS="IP".<br /> Then restarted engine.<br /> I can access now engine vm using IP, but I cannot when connecting<br /> remotely using localhost and port forwarding through ssh. I tried to add<br /> also localhost as alternate fqdn without any luck.<br /> Any idea?<br /> <br /> Many thanx,<br /> Alex<br /> <br /></blockquote><br />Make sure to include also the port number that you are using. For<br />example, if you are using port 10000 then you will need this:<br /><br /> SSO_ALTERNATE_ENGINE_FQDNS="localhost:10000"<br /><br />I'd also suggest to avoid modifying the 11-setup-sso.conf file, as it<br />will be overwritten if you run 'engine-setup' again, during an upgrade,<br />for example. Instead of that try to create your own 99-my.conf file, for<br />example.<br /><br />Also, if you want this just for SSH, I'd suggest to use the SSH SOCKS<br />proxy support instead. For example, I reach all my systems via SSH,<br />using '<a href="http://server.example.com">server.example.com</a>' as the SSH gateway. I start SSH like this:<br /><br /> ssh -D <a href="127.0.0.1:10000">127.0.0.1:10000</a> <a href="http://server.example.com">server.example.com</a><br /><br />And then I configure my browser to use <a href="127.0.0.1:10000">127.0.0.1:10000</a> as SOCKS proxy<br />for *.<a href="http://example.com">example.com</a>.<br /><br /><blockquote class="gmail_quote" style="margin: 0pt 0pt 1ex 0.8ex; border-left: 1px solid #729fcf; padding-left: 1ex;"> <br /> On January 27, 2017 1:10:33 AM GMT+02:00, Alex <rightkicktech@gmail.com><br /> wrote:<br /> <br /> Thank you Martin.<br /> I will check that.<br /> <br /> On January 26, 2017 9:39:42 PM GMT+02:00, Martin Perina<br /> <mperina@redhat.com> wrote:<br /> <br /> Hi,<br /> <br /> please take a look at [1], since oVirt 4.0.4 you can defined<br /> alternate names (or IPs) to access engine.<br /> <br /> Regards<br /> <br /> Martin Perina<br /> <br /> [1] <a href="https://bugzilla.redhat.com/show_bug.cgi?id=1325746">https://bugzilla.redhat.com/show_bug.cgi?id=1325746</a><br /> <br /> <br /> On Thu, Jan 26, 2017 at 6:59 PM, <a href="http://rightkicktech.gmail.com">rightkicktech.gmail.com</a><br /> <<a href="http://rightkicktech.gmail.com">http://rightkicktech.gmail.com</a>>; <rightkicktech@gmail.com<br /> <mailto:rightkicktech@gmail.com>> wrote:<br /> <br /> Hi all,<br /> <br /> Is there any way to bypass the FQDN access requirement on<br /> ovirt 4? On previous versions I was able to access ovirt<br /> engine using IP. It is impractical to access with FQDN when<br /> doing remote port forwarding.<br /> <br /> Thanx,<br /> Alex<br /> -- <br /> Sent from my Android device with K-9 Mail. Please excuse my<br /> brevity.<br /><hr /><br /> Users mailing list<br /> Users@ovirt.org <mailto:Users@ovirt.org><br /> <a href="http://lists.ovirt.org/mailman/listinfo/users">http://lists.ovirt.org/mailman/listinfo/users</a><br /> <<a href="http://lists.ovirt.org/mailman/listinfo/users">http://lists.ovirt.org/mailman/listinfo/users</a>><br /> <br /> <br /> <br /> <br /> -- <br /> Sent from my Android device with K-9 Mail. Please excuse my brevity.<br /> <br /> <br /><hr /><br /> Users mailing list<br /> Users@ovirt.org<br /> <a href="http://lists.ovirt.org/mailman/listinfo/users">http://lists.ovirt.org/mailman/listinfo/users</a><br /> <br /></blockquote><br /></pre></blockquote></div><br> -- <br> Sent from my Android device with K-9 Mail. Please excuse my brevity.</body></html> ------W8UEK94U7L2X0W96XO4VAKONZ7LXWP--