7:07 p.m.
OK, while I was debugging the other problem, the engine complained
about the internal engine cert expiring in three months. As I had to
completely shutdown the entire data center (all hosts including the
engine itself) at once, I figured I'd go ahead and renew the engine
cert so I wouldn't have to do it later.
First problem: engine-setup won't renew the engine certificate
(engine.cer / engine.p12) at three months out despite the scary
warnings in the notifications tab in the Admin WebUI. It can be forced
to by renaming the files however.
Second problem: After having renewed the engine certificate, the engine
can no longer update a host certificate nor (re-)install a host. Giving
me the following error in the Admin WebUI: "Error while executing
action InstallVds: Internal Engine Error"
I've attached the logs from the engine.
-Patrick Hibbs
1:02 p.m.
Patrick Hibbs <hibbsncc1701(a)gmail.com> writes:
Second problem: After having renewed the engine certificate, the
engine
can no longer update a host certificate nor (re-)install a host. Giving
me the following error in the Admin WebUI: "Error while executing
action InstallVds: Internal Engine Error"
I've attached the logs from the engine.
The attached log refers to another log
/var/log/ovirt-engine/host-deploy/ovirt-enroll-certs-ansible-20220603115134-virt02.codenet-1a0acee9-f33e-44e3-a863-cd2ee0a4289e.log
where the actual error should be visible.
Also, what's your Engine version?
Regards,
Milan
4:56 p.m.
My engine version at the time was ovirt-engine-4.5.0.8-1.el8.noarch.
Unfortunately I had to reinstall the engine over the weekend, so I'm
afraid the log is no longer available.
That being said, given that the engine only started doing that after I
force renewed the internal engine certificate via engine-setup (by
renaming /etc/pki/ovirt-engine/keys/engine.p12), I would assume that
engine-setup didn't update something correctly. Perhaps the error can
be traced to engine-setup's need for a specific time frame to renew the
cert?
Another user opened a bug for engine-setup not renewing the internal
engine cert despite the WebUI's complaints:
https://bugzilla.redhat.com/show_bug.cgi?id=2093954
-Patrick Hibbs
On Mon, 2022-06-06 at 12:02 +0200, Milan Zamazal wrote:
Patrick Hibbs <hibbsncc1701(a)gmail.com> writes:
> Second problem: After having renewed the engine certificate, the
> engine
> can no longer update a host certificate nor (re-)install a host.
> Giving
> me the following error in the Admin WebUI: "Error while executing
> action InstallVds: Internal Engine Error"
>
> I've attached the logs from the engine.
The attached log refers to another log
/var/log/ovirt-engine/host-deploy/ovirt-enroll-certs-ansible-
20220603115134-virt02.codenet-1a0acee9-f33e-44e3-a863-
cd2ee0a4289e.log
where the actual error should be visible.
Also, what's your Engine version?
Regards,
Milan
900
days inactive
903
days old
2 comments
2 participants
participants (2)
-
Milan Zamazal -
Patrick Hibbs