So I think I have narrowed it down to the OVN settings. The only problem now is, is that when I want to update the OVN settings, it fails with “Failed to communicate with External Provider. See logs for details”

 

When checking the logs, I see an error stating the “root hostname does not match” (In the OVN settings via the WebUI, I see that it also points to the old hostname)

 

A bit of background on this, when the engine was initially built, it was configured with a different hostname, which was then changed, but somehow it is still referencing the old hostname. When I run the change hostname scripts (/usr/share/ovirt-engine/setup/bin/ovirt-engine-rename) it runs through everything, until it needs to modify the certs. (I have attached the screenshot)

 

I am really not sure where to go from here, and I believe that most of this has to do with the certs (And I am just grasping at straws here)

 

I am starting to think that it would just be easier to deploy everything from scratch, but if anybody has any ideas, I would appreciate it.

 

Thank you

 

Anton Louw

Cloud Engineer: Storage and Virtualization at Vox

T:  087 805 0000 | D: 087 805 1572 M: N/A E: anton.louw@voxtelecom.co.za A: Rutherford Estate, 1 Scott Street, Waverley, Johannesburg www.vox.co.za

 

 

Hi All,

 

A new issue 😊

 

We have configured oVirt to use KeyCloak for authentication. This all works, I can log into the WebUI etc, but as soon as I need to talk to the API, it gives me the “invalid scopes” error. I have double checked KeyCloak, and the scopes are added. I went through the logs, but there is nothing telling me exactly what the actual cause is.

 

I get the below when trying to get a token from the engine:

“{"error_code":"access_denied","error":"Cannot authenticate user Invalid scopes: ovirt-app-api ovirt-ext=token-info:authz-search ovirt-ext=token-info:public-authz-search ovirt-ext=token-info:validate ovirt-ext=token:password-access."}”

 

Does anybody have any idea where this is going wrong?

 

Thanks

 

Anton Louw

Cloud Engineer: Storage and Virtualization at Vox

T:  087 805 0000 | D: 087 805 1572 M: N/A E: anton.louw@voxtelecom.co.za A: Rutherford Estate, 1 Scott Street, Waverley, Johannesburg www.vox.co.za

 

Disclaimer

The contents of this email are confidential to the sender and the intended recipient. Unless the contents are clearly and entirely of a personal nature, they are subject to copyright in favour of the holding company of the Vox group of companies. Any recipient who receives this email in error should immediately report the error to the sender and permanently delete this email from all storage devices.

This email has been scanned for viruses and malware, and may have been automatically archived by Mimecast Ltd, an innovator in Software as a Service (SaaS) for business. Providing a safer and more useful place for your human generated data. Specializing in; Security, archiving and compliance. To find out more Click Here.