On 02/10/2014 08:00 PM, Gianluca Cecchi wrote:
On Mon, Feb 10, 2014 at 10:56 AM, Alon Bar-Lev <alonbl@redhat.com> wrote:
----- Original Message -----
From: "Dafna Ron" <dron@redhat.com> To: "Gianluca Cecchi" <gianluca.cecchi@gmail.com>, "Alon Bar-Lev" <alonbl@redhat.com> Cc: "users" <users@ovirt.org> Sent: Monday, February 10, 2014 11:31:33 AM Subject: Re: [Users] Unable to activate iSCSI domain after crash of host
adding Alon
On 02/08/2014 05:42 PM, Gianluca Cecchi wrote:
where can I find the function that encrypts iscsi chap password and put the encrypted value into storage_server_connections table? So that I can try to reinsert it and verify. You can just put plain password, it should work...
If you want to encrypt use:
echo -n 'PASSWORD' | openssl pkeyutl -encrypt -certin -inkey /etc/pki/ovirt-engine/certs/engine.cer | openssl enc -a | tr -d '\n'
But Dafna, isn't there a way at UI to re-specify password, so it be encrypted by the application?
the problem is that the storage already exists but non-operational and we cannot edit a storage in any status other than active. so if the password changed during a storage issue, the storage cannot recover to active state if the password had changed and the luns are not visible on the storage and we also cannot edit the password for the domain...
Thanks Gianluca
-- Dafna Ron
In my opinion when I first defined the ISCSI domain and input a wrong password there was something not correctly managed when I then used the correct one. In fact in my opinion it seems there is no correspondence between storage_domains table and storage_server_connections table.
If I take a glusterfs domain named gv01 I see this:
engine=# select * from storage_server_connections where id=(select storage from storage_domains where storage_name='gv01'); id | connection | user_name | password | iqn | port | portal | storage_type | mount_options | vfs_type | nfs_version | nfs_timeo | nfs_retrans --------------------------------------+---------------+-----------+----------+-----+------+--------+--------------+---------------+----------- +-------------+-----------+------------- 66663b6a-aff3-47fa-b7ca-8e809804cbe2 | ovnode01:gv01 | | | | | | 7 | | glusterfs | | | (1 row)
Instead for this ISCSI domain named OV01
engine=# select * from storage_server_connections where id=(select storage from storage_domains where storage_name='OV01'); id | connection | user_name | password | iqn | port | portal | storage_type | mount_options | vfs_type | nfs_version | nfs_timeo | nfs_retran s ----+------------+-----------+----------+-----+------+--------+--------------+---------------+----------+-------------+-----------+----------- -- (0 rows)
In particular:
engine=# select * from storage_domains where storage_name='OV01'; id | storage | storage_name | storage_description | storage_comment | storage_pool_id | available_disk_size | used_disk_size | commited_disk_size | actual_images_size | status | storage_pool_name | storage_type | storage_domain_type | storage_domain_format_type | last_time_used_as_master | storage_domain_shared_status | recoverable --------------------------------------+----------------------------------------+--------------+---------------------+-----------------+------- -------------------------------+---------------------+----------------+--------------------+--------------------+--------+-------------------+ --------------+---------------------+----------------------------+--------------------------+------------------------------+------------- f741671e-6480-4d7b-b357-8cf6e8d2c0f1 | uqe7UZ-PaBY-IiLj-XLAY-XoCZ-cmOk-cMJkeX | OV01 | | | 546cd2 9c-7249-4733-8fd5-317cff38ed71 | 44 | 5 | 10 | 1 | 4 | ISCSI | 3 | 0 | 3 | 0 | 2 | t (1 row)
engine=# select * from storage_pool where id='546cd29c-7249-4733-8fd5-317cff38ed71'; id | name | description | storage_pool_type | storage_pool_format_type | status | master_domain_version | spm_vds_id | compatibility_version | _create_date | _update_date | quota_enforcement_type | free_text_commen t --------------------------------------+-------+-------------+-------------------+--------------------------+--------+-----------------------+- -----------+-----------------------+-------------------------------+-------------------------------+------------------------+----------------- -- 546cd29c-7249-4733-8fd5-317cff38ed71 | ISCSI | | 3 | 3 | 4 | 2 | | 3.3 | 2014-02-05 11:46:50.797079+01 | 2014-02-05 23:53:18.864716+01 | 0 | (1 row)
engine=# select * from storage_server_connections where user_name='ovirt'; id | connection | user_name |
password
| iqn | port | portal | storage_type | mount_options | vfs_type | nfs_version | nfs_timeo | nfs_retrans --------------------------------------+-----------------+-----------+------------------------------------------------------------------------- ---------------------------------------------------------------------------------------------------------------------------------------------- -----------------------------------------------------------------------------------------------------------------------------------+---------- ---------------------------------------+------+--------+--------------+---------------+----------+-------------+-----------+------------- 6a5b159d-4c11-43cc-aa09-55c325de47b3 | 192.168.230.101 | ovirt | rMlQVigk7Ah3vJHWqE5jv24vDwZEWd14EExWKLjVowXGNa4ptPZ1O/8uf0ubK8zuQ9/i6qeF h6a7tSahr9yHXF80XEinpo0REZKfa78wUHYLbl8BMnMqYA9TA521Ef0ELBXwB5jmEmdnhew8RRRTjou7ihnnQOX/BMpcjxI0Q8K2Cex+Blk6eoRAtLbKdSdQwbW8W/hhUCmrf94mNHlHPM 9jv/HPApq3DU4iXCtbzQJMOXaQbMmYHORloILhAJnlTci59qj67sKkZm4BFUPEBS1K9QQZ0Lnkj/dkqenSeUyZ6MnFm20fI0qdJevqBq2Zl3kW5OZX6d+eIxRQTIYFUQ== | iqn.2013- 09.local.localdomain:c6iscsit.target11 | 3260 | 1 | 3 | | | | | (1 row)
If I run this update and then restart engine and vdsmd on host I can get ISCSI domain active again...
engine=# update storage_server_connections set id=(select storage from storage_domains where storage_name='OV01') where user_name='ovirt'; UPDATE 1
What do you think about it? Gianluca
-- Dafna Ron