4:52 p.m.
On Mon, Jan 7, 2019 at 2:03 PM Vinícius Ferrão <ferrao(a)versatushpc.com.br>
wrote:
Hello Simone,
Sent from my iPhone
On 7 Jan 2019, at 07:11, Simone Tiraboschi <stirabos(a)redhat.com> wrote:
On Sun, Jan 6, 2019 at 5:31 PM <ferrao(a)versatushpc.com.br> wrote:
> Hello,
>
> I’ve a new oVirt installation using oVirt 4.2.7.1 Node and after
> deploying the hosted engine it does not show up on the interface even after
> adding the first storage.
>
> The Datacenter is up but the engine VM and the engine storage does not
> appear.
>
> I have the following message repeated constantly on /var/log/messages:
>
> Jan 4 20:17:30 ovirt1 journal: ovirt-ha-agent
> ovirt_hosted_engine_ha.agent.hosted_engine.HostedEngine.config.vm ERROR
> Unable to identify the OVF_STORE volume, falling back to initial vm.conf.
> Please ensure you already added your first data domain for regular VMs
>
> What’s wrong? Am I doing something different?
>
The import of external VM is broken in 4.2.7 as for
https://bugzilla.redhat.com/show_bug.cgi?id=1649615
It will be fixed with 4.2.8.
In the mean time I strongly suggest to use the regular flow for
hosted-engine deployment (simply skip --noansible option) since only the
vintage deprecated flow is affected by this issue.
Thanks for pointing the issue. I was unable the find this on bugzilla by
myself. The title isn’t helping either.
But on other hand, I only used the legacy mode because ansible mode fails.
Can you please attach a log of the issue?
I’m not sure why it fails. I can try it again, but I can ask in advance:
the management network is bonded, is this an issue? I think I’ve read
something about this on this list but I’m unsure.
No, but you should set bond mode 1, 2, 3, or 4.
Teaming is not supported.
Thanks,
>
> Additional infos:
>
> [root@ovirt1 ~]# vdsm-tool list-nets
> ovirtmgmt (default route)
> storage
>
> [root@ovirt1 ~]# ip a | grep "inet "
> inet 127.0.0.1/8 scope host lo
> inet 10.20.0.101/24 brd 10.20.0.255 scope global dynamic ovirtmgmt
> inet 192.168.10.1/29 brd 192.168.10.7 scope global storage
>
> [root@ovirt1 ~]# mount | grep -i nfs
> sunrpc on /var/lib/nfs/rpc_pipefs type rpc_pipefs (rw,relatime)
> 10.20.0.200:/mnt/pool0/ovirt/he on
/rhev/data-center/mnt/10.20.0.200:_mnt_pool0_ovirt_he
> type nfs4
>
(rw,relatime,vers=4.1,rsize=131072,wsize=131072,namlen=255,soft,nosharecache,proto=tcp,timeo=600,retrans=6,sec=sys,clientaddr=10.20.0.101,local_lock=none,addr=10.20.0.200)
>
> [root@ovirt1 ~]# hosted-engine --check-deployed
> Returns nothing!
>
> [root@ovirt1 ~]# hosted-engine --check-liveliness
> Hosted Engine is up!
>
> [root@ovirt1 ~]# hosted-engine --vm-status
>
> --== Host 1 status ==--
>
> conf_on_shared_storage : True
> Status up-to-date : True
> Hostname : ovirt1.local.versatushpc.com.br
> Host ID : 1
> Engine status : {"health": "good",
"vm": "up",
> "detail": "Up"}
> Score : 3400
> stopped : False
> Local maintenance : False
> crc32 : 1736a87d
> local_conf_timestamp : 7836
> Host timestamp : 7836
> Extra metadata (valid at timestamp):
> metadata_parse_version=1
> metadata_feature_version=1
> timestamp=7836 (Fri Jan 4 20:18:10 2019)
> host-id=1
> score=3400
> vm_conf_refresh_time=7836 (Fri Jan 4 20:18:10 2019)
> conf_on_shared_storage=True
> maintenance=False
> state=EngineUp
> stopped=False
>
>
> Thanks in advance,
>
> PS: Log files are available here:
> http://www.if.ufrj.br/~ferrao/ovirt/issues/he-not-showing/
> _______________________________________________
> Users mailing list -- users(a)ovirt.org
> To unsubscribe send an email to users-leave(a)ovirt.org
> Privacy Statement: https://www.ovirt.org/site/privacy-policy/
> oVirt Code of Conduct:
> https://www.ovirt.org/community/about/community-guidelines/
> List Archives:
>
https://lists.ovirt.org/archives/list/users@ovirt.org/message/IQHM6YQ7HVB...
>
_______________________________________________
Users mailing list -- users(a)ovirt.org
To unsubscribe send an email to users-leave(a)ovirt.org
Privacy Statement: https://www.ovirt.org/site/privacy-policy/
oVirt Code of Conduct:
https://www.ovirt.org/community/about/community-guidelines/
List Archives:
https://lists.ovirt.org/archives/list/users@ovirt.org/message/BPJAV4AVRN5...
7:22 p.m.
New subject: Hosted Engine VM and Storage not showing up
Hello,
On 7 Jan 2019, at 12:52, Simone Tiraboschi
<stirabos(a)redhat.com> wrote:
On Mon, Jan 7, 2019 at 2:03 PM Vinícius Ferrão <ferrao(a)versatushpc.com.br
<mailto:ferrao@versatushpc.com.br>> wrote:
Hello Simone,
Sent from my iPhone
On 7 Jan 2019, at 07:11, Simone Tiraboschi <stirabos(a)redhat.com
<mailto:stirabos@redhat.com>> wrote:
>
>
> On Sun, Jan 6, 2019 at 5:31 PM <ferrao(a)versatushpc.com.br
<mailto:ferrao@versatushpc.com.br>> wrote:
> Hello,
>
> I’ve a new oVirt installation using oVirt 4.2.7.1 Node and after deploying the hosted
engine it does not show up on the interface even after adding the first storage.
>
> The Datacenter is up but the engine VM and the engine storage does not appear.
>
> I have the following message repeated constantly on /var/log/messages:
>
> Jan 4 20:17:30 ovirt1 journal: ovirt-ha-agent
ovirt_hosted_engine_ha.agent.hosted_engine.HostedEngine.config.vm ERROR Unable to identify
the OVF_STORE volume, falling back to initial vm.conf. Please ensure you already added
your first data domain for regular VMs
>
> What’s wrong? Am I doing something different?
>
> The import of external VM is broken in 4.2.7 as for
https://bugzilla.redhat.com/show_bug.cgi?id=1649615
<https://bugzilla.redhat.com/show_bug.cgi?id=1649615>
> It will be fixed with 4.2.8.
>
> In the mean time I strongly suggest to use the regular flow for hosted-engine
deployment (simply skip --noansible option) since only the vintage deprecated flow is
affected by this issue.
>
Thanks for pointing the issue. I was unable the find this on bugzilla by myself. The
title isn’t helping either.
But on other hand, I only used the legacy mode because ansible mode fails.
Can you please attach a log of the issue?
For sure, logs on the link:
http://www.if.ufrj.br/~ferrao/ovirt/issues/ansible-storage-bypass
What happens is that Ansible just bypasses the storage configuration questions:
[ INFO ] Stage: Environment packages setup
[ INFO ] Stage: Programs detection
[ INFO ] Stage: Environment setup
[ INFO ] Stage: Environment customization
--== STORAGE CONFIGURATION ==--
--== HOST NETWORK CONFIGURATION ==--
Please indicate a pingable gateway IP address [10.20.0.1]:
[ INFO ] TASK [Gathering Facts]
[ INFO ] ok: [localhost]
[ INFO ] TASK [Detecting interface on existing management bridge]
[ INFO ] skipping: [localhost]
[ INFO ] TASK [Get all active network interfaces]
[ INFO ] TASK [Filter bonds with bad naming]
[ INFO ] TASK [Generate output list]
I’m not sure why it fails. I can try it again, but I can ask in advance: the management
network is bonded, is this an issue? I think I’ve read something about this on this list
but I’m unsure.
No, but you should set bond mode 1, 2, 3, or 4.
Teaming is not supported.
Thanks, since I’m using 802.3ad (LACP) - mode 4, I think I’m good.
Thanks,
>
>
> Additional infos:
>
> [root@ovirt1 ~]# vdsm-tool list-nets
> ovirtmgmt (default route)
> storage
>
> [root@ovirt1 ~]# ip a | grep "inet "
> inet 127.0.0.1/8 <http://127.0.0.1/8> scope host lo
> inet 10.20.0.101/24 <http://10.20.0.101/24> brd 10.20.0.255 scope global
dynamic ovirtmgmt
> inet 192.168.10.1/29 <http://192.168.10.1/29> brd 192.168.10.7 scope global
storage
>
> [root@ovirt1 ~]# mount | grep -i nfs
> sunrpc on /var/lib/nfs/rpc_pipefs type rpc_pipefs (rw,relatime)
> 10.20.0.200:/mnt/pool0/ovirt/he on /rhev/data-center/mnt/10.20.0.
<http://10.20.0.0/>200:_mnt_pool0_ovirt_he type nfs4
(rw,relatime,vers=4.1,rsize=131072,wsize=131072,namlen=255,soft,nosharecache,proto=tcp,timeo=600,retrans=6,sec=sys,clientaddr=10.20.0.101,local_lock=none,addr=10.20.0.200)
>
> [root@ovirt1 ~]# hosted-engine --check-deployed
> Returns nothing!
>
> [root@ovirt1 ~]# hosted-engine --check-liveliness
> Hosted Engine is up!
>
> [root@ovirt1 ~]# hosted-engine --vm-status
>
> --== Host 1 status ==--
>
> conf_on_shared_storage : True
> Status up-to-date : True
> Hostname : ovirt1.local.versatushpc.com.br
<http://ovirt1.local.versatushpc.com.br/>
> Host ID : 1
> Engine status : {"health": "good",
"vm": "up", "detail": "Up"}
> Score : 3400
> stopped : False
> Local maintenance : False
> crc32 : 1736a87d
> local_conf_timestamp : 7836
> Host timestamp : 7836
> Extra metadata (valid at timestamp):
> metadata_parse_version=1
> metadata_feature_version=1
> timestamp=7836 (Fri Jan 4 20:18:10 2019)
> host-id=1
> score=3400
> vm_conf_refresh_time=7836 (Fri Jan 4 20:18:10 2019)
> conf_on_shared_storage=True
> maintenance=False
> state=EngineUp
> stopped=False
>
>
> Thanks in advance,
>
> PS: Log files are available here:
http://www.if.ufrj.br/~ferrao/ovirt/issues/he-not-showing/
<http://www.if.ufrj.br/~ferrao/ovirt/issues/he-not-showing/>
> _______________________________________________
> Users mailing list -- users(a)ovirt.org <mailto:users@ovirt.org>
> To unsubscribe send an email to users-leave(a)ovirt.org
<mailto:users-leave@ovirt.org>
> Privacy Statement: https://www.ovirt.org/site/privacy-policy/
<https://www.ovirt.org/site/privacy-policy/>
> oVirt Code of Conduct: https://www.ovirt.org/community/about/community-guidelines/
<https://www.ovirt.org/community/about/community-guidelines/>
> List Archives:
https://lists.ovirt.org/archives/list/users@ovirt.org/message/IQHM6YQ7HVB...
<https://lists.ovirt.org/archives/list/users@ovirt.org/message/IQHM6YQ7HVB...
> _______________________________________________
> Users mailing list -- users(a)ovirt.org <mailto:users@ovirt.org>
> To unsubscribe send an email to users-leave(a)ovirt.org
<mailto:users-leave@ovirt.org>
> Privacy Statement: https://www.ovirt.org/site/privacy-policy/
<https://www.ovirt.org/site/privacy-policy/>
> oVirt Code of Conduct: https://www.ovirt.org/community/about/community-guidelines/
<https://www.ovirt.org/community/about/community-guidelines/>
> List Archives:
https://lists.ovirt.org/archives/list/users@ovirt.org/message/BPJAV4AVRN5...
<https://lists.ovirt.org/archives/list/users@ovirt.org/message/BPJAV4AVRN5...
_______________________________________________
Users mailing list -- users(a)ovirt.org <mailto:users@ovirt.org>
To unsubscribe send an email to users-leave(a)ovirt.org
<mailto:users-leave@ovirt.org>
Privacy Statement: https://www.ovirt.org/site/privacy-policy/
<https://www.ovirt.org/site/privacy-policy/>
oVirt Code of Conduct: https://www.ovirt.org/community/about/community-guidelines/
<https://www.ovirt.org/community/about/community-guidelines/>
List Archives:
https://lists.ovirt.org/archives/list/users@ovirt.org/message/NSOQQ5T6VLM...
<https://lists.ovirt.org/archives/list/users@ovirt.org/message/NSOQQ5T6VLM...
11:43 p.m.
New subject: Hosted Engine VM and Storage not showing up
Simone,
I have additional findings: Ansible was failing because I was defined the option
without-password on SSH root access. So it fails with an authentication failure error
during the deployment.
After allowing root access over SSH the hosted engine deployement with Ansible worked.
Now I will check if everything else is working fine.
Maybe I need to open a bug on Bugzilla on this issue?
Thanks,
On 7 Jan 2019, at 15:22, Vinícius Ferrão
<ferrao(a)versatushpc.com.br> wrote:
Hello,
> On 7 Jan 2019, at 12:52, Simone Tiraboschi <stirabos(a)redhat.com
<mailto:stirabos@redhat.com>> wrote:
>
>
>
> On Mon, Jan 7, 2019 at 2:03 PM Vinícius Ferrão <ferrao(a)versatushpc.com.br
<mailto:ferrao@versatushpc.com.br>> wrote:
> Hello Simone,
>
> Sent from my iPhone
>
> On 7 Jan 2019, at 07:11, Simone Tiraboschi <stirabos(a)redhat.com
<mailto:stirabos@redhat.com>> wrote:
>
>>
>>
>> On Sun, Jan 6, 2019 at 5:31 PM <ferrao(a)versatushpc.com.br
<mailto:ferrao@versatushpc.com.br>> wrote:
>> Hello,
>>
>> I’ve a new oVirt installation using oVirt 4.2.7.1 Node and after deploying the
hosted engine it does not show up on the interface even after adding the first storage.
>>
>> The Datacenter is up but the engine VM and the engine storage does not appear.
>>
>> I have the following message repeated constantly on /var/log/messages:
>>
>> Jan 4 20:17:30 ovirt1 journal: ovirt-ha-agent
ovirt_hosted_engine_ha.agent.hosted_engine.HostedEngine.config.vm ERROR Unable to identify
the OVF_STORE volume, falling back to initial vm.conf. Please ensure you already added
your first data domain for regular VMs
>>
>> What’s wrong? Am I doing something different?
>>
>> The import of external VM is broken in 4.2.7 as for
https://bugzilla.redhat.com/show_bug.cgi?id=1649615
<https://bugzilla.redhat.com/show_bug.cgi?id=1649615>
>> It will be fixed with 4.2.8.
>>
>> In the mean time I strongly suggest to use the regular flow for hosted-engine
deployment (simply skip --noansible option) since only the vintage deprecated flow is
affected by this issue.
>>
>
> Thanks for pointing the issue. I was unable the find this on bugzilla by myself. The
title isn’t helping either.
>
> But on other hand, I only used the legacy mode because ansible mode fails.
>
> Can you please attach a log of the issue?
For sure, logs on the link:
http://www.if.ufrj.br/~ferrao/ovirt/issues/ansible-storage-bypass
<http://www.if.ufrj.br/~ferrao/ovirt/issues/ansible-storage-bypass>
What happens is that Ansible just bypasses the storage configuration questions:
[ INFO ] Stage: Environment packages setup
[ INFO ] Stage: Programs detection
[ INFO ] Stage: Environment setup
[ INFO ] Stage: Environment customization
--== STORAGE CONFIGURATION ==--
--== HOST NETWORK CONFIGURATION ==--
Please indicate a pingable gateway IP address [10.20.0.1]:
[ INFO ] TASK [Gathering Facts]
[ INFO ] ok: [localhost]
[ INFO ] TASK [Detecting interface on existing management bridge]
[ INFO ] skipping: [localhost]
[ INFO ] TASK [Get all active network interfaces]
[ INFO ] TASK [Filter bonds with bad naming]
[ INFO ] TASK [Generate output list]
>
>
> I’m not sure why it fails. I can try it again, but I can ask in advance: the
management network is bonded, is this an issue? I think I’ve read something about this on
this list but I’m unsure.
>
> No, but you should set bond mode 1, 2, 3, or 4.
> Teaming is not supported.
Thanks, since I’m using 802.3ad (LACP) - mode 4, I think I’m good.
>
>
> Thanks,
>
>>
>>
>> Additional infos:
>>
>> [root@ovirt1 ~]# vdsm-tool list-nets
>> ovirtmgmt (default route)
>> storage
>>
>> [root@ovirt1 ~]# ip a | grep "inet "
>> inet 127.0.0.1/8 <http://127.0.0.1/8> scope host lo
>> inet 10.20.0.101/24 <http://10.20.0.101/24> brd 10.20.0.255 scope global
dynamic ovirtmgmt
>> inet 192.168.10.1/29 <http://192.168.10.1/29> brd 192.168.10.7 scope
global storage
>>
>> [root@ovirt1 ~]# mount | grep -i nfs
>> sunrpc on /var/lib/nfs/rpc_pipefs type rpc_pipefs (rw,relatime)
>> 10.20.0.200:/mnt/pool0/ovirt/he on /rhev/data-center/mnt/10.20.0.
<http://10.20.0.0/>200:_mnt_pool0_ovirt_he type nfs4
(rw,relatime,vers=4.1,rsize=131072,wsize=131072,namlen=255,soft,nosharecache,proto=tcp,timeo=600,retrans=6,sec=sys,clientaddr=10.20.0.101,local_lock=none,addr=10.20.0.200)
>>
>> [root@ovirt1 ~]# hosted-engine --check-deployed
>> Returns nothing!
>>
>> [root@ovirt1 ~]# hosted-engine --check-liveliness
>> Hosted Engine is up!
>>
>> [root@ovirt1 ~]# hosted-engine --vm-status
>>
>> --== Host 1 status ==--
>>
>> conf_on_shared_storage : True
>> Status up-to-date : True
>> Hostname : ovirt1.local.versatushpc.com.br
<http://ovirt1.local.versatushpc.com.br/>
>> Host ID : 1
>> Engine status : {"health": "good",
"vm": "up", "detail": "Up"}
>> Score : 3400
>> stopped : False
>> Local maintenance : False
>> crc32 : 1736a87d
>> local_conf_timestamp : 7836
>> Host timestamp : 7836
>> Extra metadata (valid at timestamp):
>> metadata_parse_version=1
>> metadata_feature_version=1
>> timestamp=7836 (Fri Jan 4 20:18:10 2019)
>> host-id=1
>> score=3400
>> vm_conf_refresh_time=7836 (Fri Jan 4 20:18:10 2019)
>> conf_on_shared_storage=True
>> maintenance=False
>> state=EngineUp
>> stopped=False
>>
>>
>> Thanks in advance,
>>
>> PS: Log files are available here:
http://www.if.ufrj.br/~ferrao/ovirt/issues/he-not-showing/
<http://www.if.ufrj.br/~ferrao/ovirt/issues/he-not-showing/>
>> _______________________________________________
>> Users mailing list -- users(a)ovirt.org <mailto:users@ovirt.org>
>> To unsubscribe send an email to users-leave(a)ovirt.org
<mailto:users-leave@ovirt.org>
>> Privacy Statement: https://www.ovirt.org/site/privacy-policy/
<https://www.ovirt.org/site/privacy-policy/>
>> oVirt Code of Conduct:
https://www.ovirt.org/community/about/community-guidelines/
<https://www.ovirt.org/community/about/community-guidelines/>
>> List Archives:
https://lists.ovirt.org/archives/list/users@ovirt.org/message/IQHM6YQ7HVB...
<https://lists.ovirt.org/archives/list/users@ovirt.org/message/IQHM6YQ7HVB...
>> _______________________________________________
>> Users mailing list -- users(a)ovirt.org <mailto:users@ovirt.org>
>> To unsubscribe send an email to users-leave(a)ovirt.org
<mailto:users-leave@ovirt.org>
>> Privacy Statement: https://www.ovirt.org/site/privacy-policy/
<https://www.ovirt.org/site/privacy-policy/>
>> oVirt Code of Conduct:
https://www.ovirt.org/community/about/community-guidelines/
<https://www.ovirt.org/community/about/community-guidelines/>
>> List Archives:
https://lists.ovirt.org/archives/list/users@ovirt.org/message/BPJAV4AVRN5...
<https://lists.ovirt.org/archives/list/users@ovirt.org/message/BPJAV4AVRN5...
> _______________________________________________
> Users mailing list -- users(a)ovirt.org <mailto:users@ovirt.org>
> To unsubscribe send an email to users-leave(a)ovirt.org
<mailto:users-leave@ovirt.org>
> Privacy Statement: https://www.ovirt.org/site/privacy-policy/
<https://www.ovirt.org/site/privacy-policy/>
> oVirt Code of Conduct: https://www.ovirt.org/community/about/community-guidelines/
<https://www.ovirt.org/community/about/community-guidelines/>
> List Archives:
https://lists.ovirt.org/archives/list/users@ovirt.org/message/NSOQQ5T6VLM...
<https://lists.ovirt.org/archives/list/users@ovirt.org/message/NSOQQ5T6VLM...
3:20 p.m.
New subject: Hosted Engine VM and Storage not showing up
On Mon, Jan 7, 2019 at 10:43 PM Vinícius Ferrão <ferrao(a)versatushpc.com.br>
wrote:
Simone,
I have additional findings: Ansible was failing because I was defined the
option without-password on SSH root access. So it fails with an
authentication failure error during the deployment.
After allowing root access over SSH the hosted engine deployement with
Ansible worked.
Now I will check if everything else is working fine.
Maybe I need to open a bug on Bugzilla on this issue?
Ok, from the logs I see that you set without-password and you correctly
entered a public ssh key when requested.
But then ansible failed to authenticate to the engine VM, as root, with
that password.
So, if you are sure that the correspondent private key was available in the
right place and with the right permissions, please open a bug.
Thanks,
On 7 Jan 2019, at 15:22, Vinícius Ferrão <ferrao(a)versatushpc.com.br>
wrote:
Hello,
On 7 Jan 2019, at 12:52, Simone Tiraboschi <stirabos(a)redhat.com> wrote:
On Mon, Jan 7, 2019 at 2:03 PM Vinícius Ferrão <ferrao(a)versatushpc.com.br>
wrote:
> Hello Simone,
>
> Sent from my iPhone
>
> On 7 Jan 2019, at 07:11, Simone Tiraboschi <stirabos(a)redhat.com> wrote:
>
>
>
> On Sun, Jan 6, 2019 at 5:31 PM <ferrao(a)versatushpc.com.br> wrote:
>
>> Hello,
>>
>> I’ve a new oVirt installation using oVirt 4.2.7.1 Node and after
>> deploying the hosted engine it does not show up on the interface even after
>> adding the first storage.
>>
>> The Datacenter is up but the engine VM and the engine storage does not
>> appear.
>>
>> I have the following message repeated constantly on /var/log/messages:
>>
>> Jan 4 20:17:30 ovirt1 journal: ovirt-ha-agent
>> ovirt_hosted_engine_ha.agent.hosted_engine.HostedEngine.config.vm ERROR
>> Unable to identify the OVF_STORE volume, falling back to initial vm.conf.
>> Please ensure you already added your first data domain for regular VMs
>>
>> What’s wrong? Am I doing something different?
>>
>
> The import of external VM is broken in 4.2.7 as for
> https://bugzilla.redhat.com/show_bug.cgi?id=1649615
> It will be fixed with 4.2.8.
>
> In the mean time I strongly suggest to use the regular flow for
> hosted-engine deployment (simply skip --noansible option) since only the
> vintage deprecated flow is affected by this issue.
>
>
>
> Thanks for pointing the issue. I was unable the find this on bugzilla by
> myself. The title isn’t helping either.
>
> But on other hand, I only used the legacy mode because ansible mode fails.
>
Can you please attach a log of the issue?
For sure, logs on the link:
http://www.if.ufrj.br/~ferrao/ovirt/issues/ansible-storage-bypass
What happens is that Ansible just bypasses the storage configuration
questions:
[ INFO ] Stage: Environment packages setup
[ INFO ] Stage: Programs detection
[ INFO ] Stage: Environment setup
[ INFO ] Stage: Environment customization
--== STORAGE CONFIGURATION ==--
--== HOST NETWORK CONFIGURATION ==--
Please indicate a pingable gateway IP address [10.20.0.1]:
[ INFO ] TASK [Gathering Facts]
[ INFO ] ok: [localhost]
[ INFO ] TASK [Detecting interface on existing management bridge]
[ INFO ] skipping: [localhost]
[ INFO ] TASK [Get all active network interfaces]
[ INFO ] TASK [Filter bonds with bad naming]
[ INFO ] TASK [Generate output list]
>
> I’m not sure why it fails. I can try it again, but I can ask in advance:
> the management network is bonded, is this an issue? I think I’ve read
> something about this on this list but I’m unsure.
>
No, but you should set bond mode 1, 2, 3, or 4.
Teaming is not supported.
Thanks, since I’m using 802.3ad (LACP) - mode 4, I think I’m good.
>
> Thanks,
>
>
>>
>> Additional infos:
>>
>> [root@ovirt1 ~]# vdsm-tool list-nets
>> ovirtmgmt (default route)
>> storage
>>
>> [root@ovirt1 ~]# ip a | grep "inet "
>> inet 127.0.0.1/8 scope host lo
>> inet 10.20.0.101/24 brd 10.20.0.255 scope global dynamic ovirtmgmt
>> inet 192.168.10.1/29 brd 192.168.10.7 scope global storage
>>
>> [root@ovirt1 ~]# mount | grep -i nfs
>> sunrpc on /var/lib/nfs/rpc_pipefs type rpc_pipefs (rw,relatime)
>> 10.20.0.200:/mnt/pool0/ovirt/he on /rhev/data-center/mnt/10.20.0.
>> <http://10.20.0.0/>200:_mnt_pool0_ovirt_he type nfs4
>>
(rw,relatime,vers=4.1,rsize=131072,wsize=131072,namlen=255,soft,nosharecache,proto=tcp,timeo=600,retrans=6,sec=sys,clientaddr=10.20.0.101,local_lock=none,addr=10.20.0.200)
>>
>> [root@ovirt1 ~]# hosted-engine --check-deployed
>> Returns nothing!
>>
>> [root@ovirt1 ~]# hosted-engine --check-liveliness
>> Hosted Engine is up!
>>
>> [root@ovirt1 ~]# hosted-engine --vm-status
>>
>> --== Host 1 status ==--
>>
>> conf_on_shared_storage : True
>> Status up-to-date : True
>> Hostname : ovirt1.local.versatushpc.com.br
>> Host ID : 1
>> Engine status : {"health": "good",
"vm": "up",
>> "detail": "Up"}
>> Score : 3400
>> stopped : False
>> Local maintenance : False
>> crc32 : 1736a87d
>> local_conf_timestamp : 7836
>> Host timestamp : 7836
>> Extra metadata (valid at timestamp):
>> metadata_parse_version=1
>> metadata_feature_version=1
>> timestamp=7836 (Fri Jan 4 20:18:10 2019)
>> host-id=1
>> score=3400
>> vm_conf_refresh_time=7836 (Fri Jan 4 20:18:10 2019)
>> conf_on_shared_storage=True
>> maintenance=False
>> state=EngineUp
>> stopped=False
>>
>>
>> Thanks in advance,
>>
>> PS: Log files are available here:
>> http://www.if.ufrj.br/~ferrao/ovirt/issues/he-not-showing/
>> _______________________________________________
>> Users mailing list -- users(a)ovirt.org
>> To unsubscribe send an email to users-leave(a)ovirt.org
>> Privacy Statement: https://www.ovirt.org/site/privacy-policy/
>> oVirt Code of Conduct:
>> https://www.ovirt.org/community/about/community-guidelines/
>> List Archives:
>>
https://lists.ovirt.org/archives/list/users@ovirt.org/message/IQHM6YQ7HVB...
>>
> _______________________________________________
> Users mailing list -- users(a)ovirt.org
> To unsubscribe send an email to users-leave(a)ovirt.org
> Privacy Statement: https://www.ovirt.org/site/privacy-policy/
> oVirt Code of Conduct:
> https://www.ovirt.org/community/about/community-guidelines/
> List Archives:
>
https://lists.ovirt.org/archives/list/users@ovirt.org/message/BPJAV4AVRN5...
>
> _______________________________________________
Users mailing list -- users(a)ovirt.org
To unsubscribe send an email to users-leave(a)ovirt.org
Privacy Statement: https://www.ovirt.org/site/privacy-policy/
oVirt Code of Conduct:
https://www.ovirt.org/community/about/community-guidelines/
List Archives:
https://lists.ovirt.org/archives/list/users@ovirt.org/message/NSOQQ5T6VLM...
6:31 p.m.
New subject: Hosted Engine VM and Storage not showing up
Hello,
On 8 Jan 2019, at 11:20, Simone Tiraboschi
<stirabos(a)redhat.com> wrote:
On Mon, Jan 7, 2019 at 10:43 PM Vinícius Ferrão <ferrao(a)versatushpc.com.br
<mailto:ferrao@versatushpc.com.br>> wrote:
Simone,
I have additional findings: Ansible was failing because I was defined the option
without-password on SSH root access. So it fails with an authentication failure error
during the deployment.
After allowing root access over SSH the hosted engine deployement with Ansible worked.
Now I will check if everything else is working fine.
Maybe I need to open a bug on Bugzilla on this issue?
Ok, from the logs I see that you set without-password and you correctly entered a public
ssh key when requested.
But then ansible failed to authenticate to the engine VM, as root, with that password.
So, if you are sure that the correspondent private key was available in the right place
and with the right permissions, please open a bug.
Hello Simone, just to be sure. The private key was always on my personal computer. It was
never on the oVirt Node.
For years I’ve deployed oVirt this way and it worked as expected.
So if the new behaviour demands a private key on the hypervisor this makes the deployment
different.
The purpose of the key and enabling root ssh without-password is to enforce the security
of the hosted engine, right? Not the security between the hypervisor and hosted engine
during the deployment phase. So the setting without-password should be set at the end of
hosted engine deployment.
If this assumptions are correct I will proceed to the ticket on bugzilla.
Thanks,
Thanks,
> On 7 Jan 2019, at 15:22, Vinícius Ferrão <ferrao(a)versatushpc.com.br
<mailto:ferrao@versatushpc.com.br>> wrote:
>
> Hello,
>
>> On 7 Jan 2019, at 12:52, Simone Tiraboschi <stirabos(a)redhat.com
<mailto:stirabos@redhat.com>> wrote:
>>
>>
>>
>> On Mon, Jan 7, 2019 at 2:03 PM Vinícius Ferrão <ferrao(a)versatushpc.com.br
<mailto:ferrao@versatushpc.com.br>> wrote:
>> Hello Simone,
>>
>> Sent from my iPhone
>>
>> On 7 Jan 2019, at 07:11, Simone Tiraboschi <stirabos(a)redhat.com
<mailto:stirabos@redhat.com>> wrote:
>>
>>>
>>>
>>> On Sun, Jan 6, 2019 at 5:31 PM <ferrao(a)versatushpc.com.br
<mailto:ferrao@versatushpc.com.br>> wrote:
>>> Hello,
>>>
>>> I’ve a new oVirt installation using oVirt 4.2.7.1 Node and after deploying
the hosted engine it does not show up on the interface even after adding the first
storage.
>>>
>>> The Datacenter is up but the engine VM and the engine storage does not
appear.
>>>
>>> I have the following message repeated constantly on /var/log/messages:
>>>
>>> Jan 4 20:17:30 ovirt1 journal: ovirt-ha-agent
ovirt_hosted_engine_ha.agent.hosted_engine.HostedEngine.config.vm ERROR Unable to identify
the OVF_STORE volume, falling back to initial vm.conf. Please ensure you already added
your first data domain for regular VMs
>>>
>>> What’s wrong? Am I doing something different?
>>>
>>> The import of external VM is broken in 4.2.7 as for
https://bugzilla.redhat.com/show_bug.cgi?id=1649615
<https://bugzilla.redhat.com/show_bug.cgi?id=1649615>
>>> It will be fixed with 4.2.8.
>>>
>>> In the mean time I strongly suggest to use the regular flow for hosted-engine
deployment (simply skip --noansible option) since only the vintage deprecated flow is
affected by this issue.
>>>
>>
>> Thanks for pointing the issue. I was unable the find this on bugzilla by myself.
The title isn’t helping either.
>>
>> But on other hand, I only used the legacy mode because ansible mode fails.
>>
>> Can you please attach a log of the issue?
>
> For sure, logs on the link:
> http://www.if.ufrj.br/~ferrao/ovirt/issues/ansible-storage-bypass
<http://www.if.ufrj.br/~ferrao/ovirt/issues/ansible-storage-bypass>
>
> What happens is that Ansible just bypasses the storage configuration questions:
>
> [ INFO ] Stage: Environment packages setup
> [ INFO ] Stage: Programs detection
> [ INFO ] Stage: Environment setup
> [ INFO ] Stage: Environment customization
>
> --== STORAGE CONFIGURATION ==--
>
>
> --== HOST NETWORK CONFIGURATION ==--
>
> Please indicate a pingable gateway IP address [10.20.0.1]:
> [ INFO ] TASK [Gathering Facts]
> [ INFO ] ok: [localhost]
> [ INFO ] TASK [Detecting interface on existing management bridge]
> [ INFO ] skipping: [localhost]
> [ INFO ] TASK [Get all active network interfaces]
> [ INFO ] TASK [Filter bonds with bad naming]
> [ INFO ] TASK [Generate output list]
>
>
>>
>>
>> I’m not sure why it fails. I can try it again, but I can ask in advance: the
management network is bonded, is this an issue? I think I’ve read something about this on
this list but I’m unsure.
>>
>> No, but you should set bond mode 1, 2, 3, or 4.
>> Teaming is not supported.
>
> Thanks, since I’m using 802.3ad (LACP) - mode 4, I think I’m good.
>
>>
>>
>> Thanks,
>>
>>>
>>>
>>> Additional infos:
>>>
>>> [root@ovirt1 ~]# vdsm-tool list-nets
>>> ovirtmgmt (default route)
>>> storage
>>>
>>> [root@ovirt1 ~]# ip a | grep "inet "
>>> inet 127.0.0.1/8 <http://127.0.0.1/8> scope host lo
>>> inet 10.20.0.101/24 <http://10.20.0.101/24> brd 10.20.0.255 scope
global dynamic ovirtmgmt
>>> inet 192.168.10.1/29 <http://192.168.10.1/29> brd 192.168.10.7 scope
global storage
>>>
>>> [root@ovirt1 ~]# mount | grep -i nfs
>>> sunrpc on /var/lib/nfs/rpc_pipefs type rpc_pipefs (rw,relatime)
>>> 10.20.0.200:/mnt/pool0/ovirt/he on /rhev/data-center/mnt/10.20.0.
<http://10.20.0.0/>200:_mnt_pool0_ovirt_he type nfs4
(rw,relatime,vers=4.1,rsize=131072,wsize=131072,namlen=255,soft,nosharecache,proto=tcp,timeo=600,retrans=6,sec=sys,clientaddr=10.20.0.101,local_lock=none,addr=10.20.0.200)
>>>
>>> [root@ovirt1 ~]# hosted-engine --check-deployed
>>> Returns nothing!
>>>
>>> [root@ovirt1 ~]# hosted-engine --check-liveliness
>>> Hosted Engine is up!
>>>
>>> [root@ovirt1 ~]# hosted-engine --vm-status
>>>
>>> --== Host 1 status ==--
>>>
>>> conf_on_shared_storage : True
>>> Status up-to-date : True
>>> Hostname : ovirt1.local.versatushpc.com.br
<http://ovirt1.local.versatushpc.com.br/>
>>> Host ID : 1
>>> Engine status : {"health": "good",
"vm": "up", "detail": "Up"}
>>> Score : 3400
>>> stopped : False
>>> Local maintenance : False
>>> crc32 : 1736a87d
>>> local_conf_timestamp : 7836
>>> Host timestamp : 7836
>>> Extra metadata (valid at timestamp):
>>> metadata_parse_version=1
>>> metadata_feature_version=1
>>> timestamp=7836 (Fri Jan 4 20:18:10 2019)
>>> host-id=1
>>> score=3400
>>> vm_conf_refresh_time=7836 (Fri Jan 4 20:18:10 2019)
>>> conf_on_shared_storage=True
>>> maintenance=False
>>> state=EngineUp
>>> stopped=False
>>>
>>>
>>> Thanks in advance,
>>>
>>> PS: Log files are available here:
http://www.if.ufrj.br/~ferrao/ovirt/issues/he-not-showing/
<http://www.if.ufrj.br/~ferrao/ovirt/issues/he-not-showing/>
>>> _______________________________________________
>>> Users mailing list -- users(a)ovirt.org <mailto:users@ovirt.org>
>>> To unsubscribe send an email to users-leave(a)ovirt.org
<mailto:users-leave@ovirt.org>
>>> Privacy Statement: https://www.ovirt.org/site/privacy-policy/
<https://www.ovirt.org/site/privacy-policy/>
>>> oVirt Code of Conduct:
https://www.ovirt.org/community/about/community-guidelines/
<https://www.ovirt.org/community/about/community-guidelines/>
>>> List Archives:
https://lists.ovirt.org/archives/list/users@ovirt.org/message/IQHM6YQ7HVB...
<https://lists.ovirt.org/archives/list/users@ovirt.org/message/IQHM6YQ7HVB...
>>> _______________________________________________
>>> Users mailing list -- users(a)ovirt.org <mailto:users@ovirt.org>
>>> To unsubscribe send an email to users-leave(a)ovirt.org
<mailto:users-leave@ovirt.org>
>>> Privacy Statement: https://www.ovirt.org/site/privacy-policy/
<https://www.ovirt.org/site/privacy-policy/>
>>> oVirt Code of Conduct:
https://www.ovirt.org/community/about/community-guidelines/
<https://www.ovirt.org/community/about/community-guidelines/>
>>> List Archives:
https://lists.ovirt.org/archives/list/users@ovirt.org/message/BPJAV4AVRN5...
<https://lists.ovirt.org/archives/list/users@ovirt.org/message/BPJAV4AVRN5...
>> _______________________________________________
>> Users mailing list -- users(a)ovirt.org <mailto:users@ovirt.org>
>> To unsubscribe send an email to users-leave(a)ovirt.org
<mailto:users-leave@ovirt.org>
>> Privacy Statement: https://www.ovirt.org/site/privacy-policy/
<https://www.ovirt.org/site/privacy-policy/>
>> oVirt Code of Conduct:
https://www.ovirt.org/community/about/community-guidelines/
<https://www.ovirt.org/community/about/community-guidelines/>
>> List Archives:
https://lists.ovirt.org/archives/list/users@ovirt.org/message/NSOQQ5T6VLM...
<https://lists.ovirt.org/archives/list/users@ovirt.org/message/NSOQQ5T6VLM...
6:49 p.m.
New subject: Hosted Engine VM and Storage not showing up
On Tue, Jan 8, 2019 at 5:31 PM Vinícius Ferrão <ferrao(a)versatushpc.com.br>
wrote:
Hello,
On 8 Jan 2019, at 11:20, Simone Tiraboschi <stirabos(a)redhat.com> wrote:
On Mon, Jan 7, 2019 at 10:43 PM Vinícius Ferrão <ferrao(a)versatushpc.com.br>
wrote:
> Simone,
>
> I have additional findings: Ansible was failing because I was defined the
> option without-password on SSH root access. So it fails with an
> authentication failure error during the deployment.
>
> After allowing root access over SSH the hosted engine deployement with
> Ansible worked.
>
> Now I will check if everything else is working fine.
>
> Maybe I need to open a bug on Bugzilla on this issue?
>
Ok, from the logs I see that you set without-password and you correctly
entered a public ssh key when requested.
But then ansible failed to authenticate to the engine VM, as root, with
that password.
So, if you are sure that the correspondent private key was available in
the right place and with the right permissions, please open a bug.
Hello Simone, just to be sure. The private key was always on my personal
computer. It was never on the oVirt Node.
For years I’ve deployed oVirt this way and it worked as expected.
So if the new behaviour demands a private key on the hypervisor this makes
the deployment different.
The purpose of the key and enabling root ssh without-password is to
enforce the security of the hosted engine, right? Not the security between
the hypervisor and hosted engine during the deployment phase. So the
setting without-password should be set at the end of hosted engine
deployment.
If this assumptions are correct I will proceed to the ticket on bugzilla.
Now the whole flow, including engine-setup on the engine VM to create the
DB and so on, is executed with ansible and this requires ansible, executed
on the first host, to be able to authenticate to the engine VM over ssh.
Currently the setup is configuring the root password and/or the root ssh
pub key on the first boot with cloud-init and so this implicitly requires
the user to enable password authentication or to configure the host to be
able to access the engine VM with an ssh key.
What you are proposing requires the setup to inject a temporary key
generated on the fly and remove it at the end or configure without-password
only after the deployment.
It makes sense to me but on my opinion it's more an RFE than a real bug.
Feel free to file it.
Thanks,
>
> Thanks,
>
> On 7 Jan 2019, at 15:22, Vinícius Ferrão <ferrao(a)versatushpc.com.br>
> wrote:
>
> Hello,
>
> On 7 Jan 2019, at 12:52, Simone Tiraboschi <stirabos(a)redhat.com> wrote:
>
>
>
> On Mon, Jan 7, 2019 at 2:03 PM Vinícius Ferrão <ferrao(a)versatushpc.com.br>
> wrote:
>
>> Hello Simone,
>>
>> Sent from my iPhone
>>
>> On 7 Jan 2019, at 07:11, Simone Tiraboschi <stirabos(a)redhat.com> wrote:
>>
>>
>>
>> On Sun, Jan 6, 2019 at 5:31 PM <ferrao(a)versatushpc.com.br> wrote:
>>
>>> Hello,
>>>
>>> I’ve a new oVirt installation using oVirt 4.2.7.1 Node and after
>>> deploying the hosted engine it does not show up on the interface even after
>>> adding the first storage.
>>>
>>> The Datacenter is up but the engine VM and the engine storage does not
>>> appear.
>>>
>>> I have the following message repeated constantly on /var/log/messages:
>>>
>>> Jan 4 20:17:30 ovirt1 journal: ovirt-ha-agent
>>> ovirt_hosted_engine_ha.agent.hosted_engine.HostedEngine.config.vm ERROR
>>> Unable to identify the OVF_STORE volume, falling back to initial vm.conf.
>>> Please ensure you already added your first data domain for regular VMs
>>>
>>> What’s wrong? Am I doing something different?
>>>
>>
>> The import of external VM is broken in 4.2.7 as for
>> https://bugzilla.redhat.com/show_bug.cgi?id=1649615
>> It will be fixed with 4.2.8.
>>
>> In the mean time I strongly suggest to use the regular flow for
>> hosted-engine deployment (simply skip --noansible option) since only the
>> vintage deprecated flow is affected by this issue.
>>
>>
>>
>> Thanks for pointing the issue. I was unable the find this on bugzilla by
>> myself. The title isn’t helping either.
>>
>> But on other hand, I only used the legacy mode because ansible mode
>> fails.
>>
>
> Can you please attach a log of the issue?
>
>
> For sure, logs on the link:
> http://www.if.ufrj.br/~ferrao/ovirt/issues/ansible-storage-bypass
>
> What happens is that Ansible just bypasses the storage configuration
> questions:
>
> [ INFO ] Stage: Environment packages setup
> [ INFO ] Stage: Programs detection
> [ INFO ] Stage: Environment setup
> [ INFO ] Stage: Environment customization
>
> --== STORAGE CONFIGURATION ==--
>
>
> --== HOST NETWORK CONFIGURATION ==--
>
> Please indicate a pingable gateway IP address [10.20.0.1]:
> [ INFO ] TASK [Gathering Facts]
> [ INFO ] ok: [localhost]
> [ INFO ] TASK [Detecting interface on existing management bridge]
> [ INFO ] skipping: [localhost]
> [ INFO ] TASK [Get all active network interfaces]
> [ INFO ] TASK [Filter bonds with bad naming]
> [ INFO ] TASK [Generate output list]
>
>
>
>
>>
>> I’m not sure why it fails. I can try it again, but I can ask in advance:
>> the management network is bonded, is this an issue? I think I’ve read
>> something about this on this list but I’m unsure.
>>
>
> No, but you should set bond mode 1, 2, 3, or 4.
> Teaming is not supported.
>
>
> Thanks, since I’m using 802.3ad (LACP) - mode 4, I think I’m good.
>
>
>
>>
>> Thanks,
>>
>>
>>>
>>> Additional infos:
>>>
>>> [root@ovirt1 ~]# vdsm-tool list-nets
>>> ovirtmgmt (default route)
>>> storage
>>>
>>> [root@ovirt1 ~]# ip a | grep "inet "
>>> inet 127.0.0.1/8 scope host lo
>>> inet 10.20.0.101/24 brd 10.20.0.255 scope global dynamic ovirtmgmt
>>> inet 192.168.10.1/29 brd 192.168.10.7 scope global storage
>>>
>>> [root@ovirt1 ~]# mount | grep -i nfs
>>> sunrpc on /var/lib/nfs/rpc_pipefs type rpc_pipefs (rw,relatime)
>>> 10.20.0.200:/mnt/pool0/ovirt/he on /rhev/data-center/mnt/10.20.0.
>>> <http://10.20.0.0/>200:_mnt_pool0_ovirt_he type nfs4
>>>
(rw,relatime,vers=4.1,rsize=131072,wsize=131072,namlen=255,soft,nosharecache,proto=tcp,timeo=600,retrans=6,sec=sys,clientaddr=10.20.0.101,local_lock=none,addr=10.20.0.200)
>>>
>>> [root@ovirt1 ~]# hosted-engine --check-deployed
>>> Returns nothing!
>>>
>>> [root@ovirt1 ~]# hosted-engine --check-liveliness
>>> Hosted Engine is up!
>>>
>>> [root@ovirt1 ~]# hosted-engine --vm-status
>>>
>>> --== Host 1 status ==--
>>>
>>> conf_on_shared_storage : True
>>> Status up-to-date : True
>>> Hostname : ovirt1.local.versatushpc.com.br
>>> Host ID : 1
>>> Engine status : {"health": "good",
"vm": "up",
>>> "detail": "Up"}
>>> Score : 3400
>>> stopped : False
>>> Local maintenance : False
>>> crc32 : 1736a87d
>>> local_conf_timestamp : 7836
>>> Host timestamp : 7836
>>> Extra metadata (valid at timestamp):
>>> metadata_parse_version=1
>>> metadata_feature_version=1
>>> timestamp=7836 (Fri Jan 4 20:18:10 2019)
>>> host-id=1
>>> score=3400
>>> vm_conf_refresh_time=7836 (Fri Jan 4 20:18:10 2019)
>>> conf_on_shared_storage=True
>>> maintenance=False
>>> state=EngineUp
>>> stopped=False
>>>
>>>
>>> Thanks in advance,
>>>
>>> PS: Log files are available here:
>>> http://www.if.ufrj.br/~ferrao/ovirt/issues/he-not-showing/
>>> _______________________________________________
>>> Users mailing list -- users(a)ovirt.org
>>> To unsubscribe send an email to users-leave(a)ovirt.org
>>> Privacy Statement: https://www.ovirt.org/site/privacy-policy/
>>> oVirt Code of Conduct:
>>> https://www.ovirt.org/community/about/community-guidelines/
>>> List Archives:
>>>
https://lists.ovirt.org/archives/list/users@ovirt.org/message/IQHM6YQ7HVB...
>>>
>> _______________________________________________
>> Users mailing list -- users(a)ovirt.org
>> To unsubscribe send an email to users-leave(a)ovirt.org
>> Privacy Statement: https://www.ovirt.org/site/privacy-policy/
>> oVirt Code of Conduct:
>> https://www.ovirt.org/community/about/community-guidelines/
>> List Archives:
>>
https://lists.ovirt.org/archives/list/users@ovirt.org/message/BPJAV4AVRN5...
>>
>> _______________________________________________
> Users mailing list -- users(a)ovirt.org
> To unsubscribe send an email to users-leave(a)ovirt.org
> Privacy Statement: https://www.ovirt.org/site/privacy-policy/
> oVirt Code of Conduct:
> https://www.ovirt.org/community/about/community-guidelines/
> List Archives:
>
https://lists.ovirt.org/archives/list/users@ovirt.org/message/NSOQQ5T6VLM...
>
>
>
6:27 p.m.
New subject: Hosted Engine VM and Storage not showing up
Simone, may I up this thread.
I will request the RFE on bugzilla. I just need some time to do this.
But I have another question on this issue. In a case of an already deployed oVirt
installation with this bug. There’s a way to fix it? Production VMs are running and I
would like to know if this can be fixed without interrupting the VMs.
I was thinking on getting a backup of the bugged SHE VM with hosted-engine command and
then trying to restore it with ovirt-hosted-engine-setup with the Ansible backend. But I’m
not sure if this will work.
If not, there’s a way to at least keep the VMs running and redeploy the engine from the
ground without restoring the backup?
Thanks!
Sent from my iPhone
On 8 Jan 2019, at 14:49, Simone Tiraboschi
<stirabos(a)redhat.com> wrote:
> On Tue, Jan 8, 2019 at 5:31 PM Vinícius Ferrão <ferrao(a)versatushpc.com.br>
wrote:
> Hello,
>
>> On 8 Jan 2019, at 11:20, Simone Tiraboschi <stirabos(a)redhat.com> wrote:
>>
>>
>>
>> On Mon, Jan 7, 2019 at 10:43 PM Vinícius Ferrão <ferrao(a)versatushpc.com.br>
wrote:
>>> Simone,
>>>
>>> I have additional findings: Ansible was failing because I was defined the
option without-password on SSH root access. So it fails with an authentication failure
error during the deployment.
>>>
>>> After allowing root access over SSH the hosted engine deployement with
Ansible worked.
>>>
>>> Now I will check if everything else is working fine.
>>>
>>> Maybe I need to open a bug on Bugzilla on this issue?
>>
>> Ok, from the logs I see that you set without-password and you correctly entered a
public ssh key when requested.
>> But then ansible failed to authenticate to the engine VM, as root, with that
password.
>> So, if you are sure that the correspondent private key was available in the right
place and with the right permissions, please open a bug.
>
> Hello Simone, just to be sure. The private key was always on my personal computer. It
was never on the oVirt Node.
>
> For years I’ve deployed oVirt this way and it worked as expected.
>
> So if the new behaviour demands a private key on the hypervisor this makes the
deployment different.
>
> The purpose of the key and enabling root ssh without-password is to enforce the
security of the hosted engine, right? Not the security between the hypervisor and hosted
engine during the deployment phase. So the setting without-password should be set at the
end of hosted engine deployment.
>
> If this assumptions are correct I will proceed to the ticket on bugzilla.
Now the whole flow, including engine-setup on the engine VM to create the DB and so on,
is executed with ansible and this requires ansible, executed on the first host, to be able
to authenticate to the engine VM over ssh.
Currently the setup is configuring the root password and/or the root ssh pub key on the
first boot with cloud-init and so this implicitly requires the user to enable password
authentication or to configure the host to be able to access the engine VM with an ssh
key.
What you are proposing requires the setup to inject a temporary key generated on the fly
and remove it at the end or configure without-password only after the deployment.
It makes sense to me but on my opinion it's more an RFE than a real bug.
Feel free to file it.
>
> Thanks,
>
>>
>>
>>>
>>> Thanks,
>>>
>>>> On 7 Jan 2019, at 15:22, Vinícius Ferrão
<ferrao(a)versatushpc.com.br> wrote:
>>>>
>>>> Hello,
>>>>
>>>>> On 7 Jan 2019, at 12:52, Simone Tiraboschi
<stirabos(a)redhat.com> wrote:
>>>>>
>>>>>
>>>>>
>>>>> On Mon, Jan 7, 2019 at 2:03 PM Vinícius Ferrão
<ferrao(a)versatushpc.com.br> wrote:
>>>>>> Hello Simone,
>>>>>>
>>>>>> Sent from my iPhone
>>>>>>
>>>>>>> On 7 Jan 2019, at 07:11, Simone Tiraboschi
<stirabos(a)redhat.com> wrote:
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>> On Sun, Jan 6, 2019 at 5:31 PM
<ferrao(a)versatushpc.com.br> wrote:
>>>>>>>> Hello,
>>>>>>>>
>>>>>>>> I’ve a new oVirt installation using oVirt 4.2.7.1 Node
and after deploying the hosted engine it does not show up on the interface even after
adding the first storage.
>>>>>>>>
>>>>>>>> The Datacenter is up but the engine VM and the engine
storage does not appear.
>>>>>>>>
>>>>>>>> I have the following message repeated constantly on
/var/log/messages:
>>>>>>>>
>>>>>>>> Jan 4 20:17:30 ovirt1 journal: ovirt-ha-agent
ovirt_hosted_engine_ha.agent.hosted_engine.HostedEngine.config.vm ERROR Unable to identify
the OVF_STORE volume, falling back to initial vm.conf. Please ensure you already added
your first data domain for regular VMs
>>>>>>>>
>>>>>>>> What’s wrong? Am I doing something different?
>>>>>>>
>>>>>>> The import of external VM is broken in 4.2.7 as for
https://bugzilla.redhat.com/show_bug.cgi?id=1649615
>>>>>>> It will be fixed with 4.2.8.
>>>>>>>
>>>>>>> In the mean time I strongly suggest to use the regular flow
for hosted-engine deployment (simply skip --noansible option) since only the vintage
deprecated flow is affected by this issue.
>>>>>>>
>>>>>>
>>>>>> Thanks for pointing the issue. I was unable the find this on
bugzilla by myself. The title isn’t helping either.
>>>>>>
>>>>>> But on other hand, I only used the legacy mode because ansible
mode fails.
>>>>>
>>>>> Can you please attach a log of the issue?
>>>>
>>>> For sure, logs on the link:
>>>> http://www.if.ufrj.br/~ferrao/ovirt/issues/ansible-storage-bypass
>>>>
>>>> What happens is that Ansible just bypasses the storage configuration
questions:
>>>>
>>>> [ INFO ] Stage: Environment packages setup
>>>> [ INFO ] Stage: Programs detection
>>>> [ INFO ] Stage: Environment setup
>>>> [ INFO ] Stage: Environment customization
>>>>
>>>> --== STORAGE CONFIGURATION ==--
>>>>
>>>>
>>>> --== HOST NETWORK CONFIGURATION ==--
>>>>
>>>> Please indicate a pingable gateway IP address [10.20.0.1]:
>>>> [ INFO ] TASK [Gathering Facts]
>>>> [ INFO ] ok: [localhost]
>>>> [ INFO ] TASK [Detecting interface on existing management bridge]
>>>> [ INFO ] skipping: [localhost]
>>>> [ INFO ] TASK [Get all active network interfaces]
>>>> [ INFO ] TASK [Filter bonds with bad naming]
>>>> [ INFO ] TASK [Generate output list]
>>>>
>>>>
>>>>>
>>>>>>
>>>>>> I’m not sure why it fails. I can try it again, but I can ask in
advance: the management network is bonded, is this an issue? I think I’ve read something
about this on this list but I’m unsure.
>>>>>
>>>>> No, but you should set bond mode 1, 2, 3, or 4.
>>>>> Teaming is not supported.
>>>>
>>>> Thanks, since I’m using 802.3ad (LACP) - mode 4, I think I’m good.
>>>>
>>>>>
>>>>>>
>>>>>> Thanks,
>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> Additional infos:
>>>>>>>>
>>>>>>>> [root@ovirt1 ~]# vdsm-tool list-nets
>>>>>>>> ovirtmgmt (default route)
>>>>>>>> storage
>>>>>>>>
>>>>>>>> [root@ovirt1 ~]# ip a | grep "inet "
>>>>>>>> inet 127.0.0.1/8 scope host lo
>>>>>>>> inet 10.20.0.101/24 brd 10.20.0.255 scope global
dynamic ovirtmgmt
>>>>>>>> inet 192.168.10.1/29 brd 192.168.10.7 scope global
storage
>>>>>>>>
>>>>>>>> [root@ovirt1 ~]# mount | grep -i nfs
>>>>>>>> sunrpc on /var/lib/nfs/rpc_pipefs type rpc_pipefs
(rw,relatime)
>>>>>>>> 10.20.0.200:/mnt/pool0/ovirt/he on
/rhev/data-center/mnt/10.20.0.200:_mnt_pool0_ovirt_he type nfs4
(rw,relatime,vers=4.1,rsize=131072,wsize=131072,namlen=255,soft,nosharecache,proto=tcp,timeo=600,retrans=6,sec=sys,clientaddr=10.20.0.101,local_lock=none,addr=10.20.0.200)
>>>>>>>>
>>>>>>>> [root@ovirt1 ~]# hosted-engine --check-deployed
>>>>>>>> Returns nothing!
>>>>>>>>
>>>>>>>> [root@ovirt1 ~]# hosted-engine --check-liveliness
>>>>>>>> Hosted Engine is up!
>>>>>>>>
>>>>>>>> [root@ovirt1 ~]# hosted-engine --vm-status
>>>>>>>>
>>>>>>>> --== Host 1 status ==--
>>>>>>>>
>>>>>>>> conf_on_shared_storage : True
>>>>>>>> Status up-to-date : True
>>>>>>>> Hostname :
ovirt1.local.versatushpc.com.br
>>>>>>>> Host ID : 1
>>>>>>>> Engine status : {"health":
"good", "vm": "up", "detail": "Up"}
>>>>>>>> Score : 3400
>>>>>>>> stopped : False
>>>>>>>> Local maintenance : False
>>>>>>>> crc32 : 1736a87d
>>>>>>>> local_conf_timestamp : 7836
>>>>>>>> Host timestamp : 7836
>>>>>>>> Extra metadata (valid at timestamp):
>>>>>>>> metadata_parse_version=1
>>>>>>>> metadata_feature_version=1
>>>>>>>> timestamp=7836 (Fri Jan 4 20:18:10 2019)
>>>>>>>> host-id=1
>>>>>>>> score=3400
>>>>>>>> vm_conf_refresh_time=7836 (Fri Jan 4 20:18:10
2019)
>>>>>>>> conf_on_shared_storage=True
>>>>>>>> maintenance=False
>>>>>>>> state=EngineUp
>>>>>>>> stopped=False
>>>>>>>>
>>>>>>>>
>>>>>>>> Thanks in advance,
>>>>>>>>
>>>>>>>> PS: Log files are available here:
http://www.if.ufrj.br/~ferrao/ovirt/issues/he-not-showing/
>>>>>>>> _______________________________________________
>>>>>>>> Users mailing list -- users(a)ovirt.org
>>>>>>>> To unsubscribe send an email to users-leave(a)ovirt.org
>>>>>>>> Privacy Statement:
https://www.ovirt.org/site/privacy-policy/
>>>>>>>> oVirt Code of Conduct:
https://www.ovirt.org/community/about/community-guidelines/
>>>>>>>> List Archives:
https://lists.ovirt.org/archives/list/users@ovirt.org/message/IQHM6YQ7HVB...
>>>>>>> _______________________________________________
>>>>>>> Users mailing list -- users(a)ovirt.org
>>>>>>> To unsubscribe send an email to users-leave(a)ovirt.org
>>>>>>> Privacy Statement:
https://www.ovirt.org/site/privacy-policy/
>>>>>>> oVirt Code of Conduct:
https://www.ovirt.org/community/about/community-guidelines/
>>>>>>> List Archives:
https://lists.ovirt.org/archives/list/users@ovirt.org/message/BPJAV4AVRN5...
>>>>> _______________________________________________
>>>>> Users mailing list -- users(a)ovirt.org
>>>>> To unsubscribe send an email to users-leave(a)ovirt.org
>>>>> Privacy Statement: https://www.ovirt.org/site/privacy-policy/
>>>>> oVirt Code of Conduct:
https://www.ovirt.org/community/about/community-guidelines/
>>>>> List Archives:
https://lists.ovirt.org/archives/list/users@ovirt.org/message/NSOQQ5T6VLM...
>>>
>
6:33 p.m.
New subject: Hosted Engine VM and Storage not showing up
On Wed, Jan 23, 2019 at 5:27 PM Vinícius Ferrão <ferrao(a)versatushpc.com.br>
wrote:
Simone, may I up this thread.
I will request the RFE on bugzilla. I just need some time to do this.
But I have another question on this issue. In a case of an already
deployed oVirt installation with this bug. There’s a way to fix it?
Production VMs are running and I would like to know if this can be fixed
without interrupting the VMs.
I was thinking on getting a backup of the bugged SHE VM with hosted-engine
command and then trying to restore it with ovirt-hosted-engine-setup with
the Ansible backend. But I’m not sure if this will work.
Yes, it will.
You can also use that tool to migrate from bare metal to hosted-engine and
so on.
If not, there’s a way to at least keep the VMs running and redeploy the
engine from the ground without restoring the backup?
Thanks!
Sent from my iPhone
On 8 Jan 2019, at 14:49, Simone Tiraboschi <stirabos(a)redhat.com> wrote:
On Tue, Jan 8, 2019 at 5:31 PM Vinícius Ferrão <ferrao(a)versatushpc.com.br>
wrote:
> Hello,
>
> On 8 Jan 2019, at 11:20, Simone Tiraboschi <stirabos(a)redhat.com> wrote:
>
>
>
> On Mon, Jan 7, 2019 at 10:43 PM Vinícius Ferrão <
> ferrao(a)versatushpc.com.br> wrote:
>
>> Simone,
>>
>> I have additional findings: Ansible was failing because I was defined
>> the option without-password on SSH root access. So it fails with an
>> authentication failure error during the deployment.
>>
>> After allowing root access over SSH the hosted engine deployement with
>> Ansible worked.
>>
>> Now I will check if everything else is working fine.
>>
>> Maybe I need to open a bug on Bugzilla on this issue?
>>
>
> Ok, from the logs I see that you set without-password and you correctly
> entered a public ssh key when requested.
> But then ansible failed to authenticate to the engine VM, as root, with
> that password.
> So, if you are sure that the correspondent private key was available in
> the right place and with the right permissions, please open a bug.
>
>
> Hello Simone, just to be sure. The private key was always on my personal
> computer. It was never on the oVirt Node.
>
> For years I’ve deployed oVirt this way and it worked as expected.
>
> So if the new behaviour demands a private key on the hypervisor this
> makes the deployment different.
>
> The purpose of the key and enabling root ssh without-password is to
> enforce the security of the hosted engine, right? Not the security between
> the hypervisor and hosted engine during the deployment phase. So the
> setting without-password should be set at the end of hosted engine
> deployment.
>
> If this assumptions are correct I will proceed to the ticket on bugzilla.
>
Now the whole flow, including engine-setup on the engine VM to create the
DB and so on, is executed with ansible and this requires ansible, executed
on the first host, to be able to authenticate to the engine VM over ssh.
Currently the setup is configuring the root password and/or the root ssh
pub key on the first boot with cloud-init and so this implicitly requires
the user to enable password authentication or to configure the host to be
able to access the engine VM with an ssh key.
What you are proposing requires the setup to inject a temporary key
generated on the fly and remove it at the end or configure without-password
only after the deployment.
It makes sense to me but on my opinion it's more an RFE than a real bug.
Feel free to file it.
>
> Thanks,
>
>
>
>
>>
>> Thanks,
>>
>> On 7 Jan 2019, at 15:22, Vinícius Ferrão <ferrao(a)versatushpc.com.br>
>> wrote:
>>
>> Hello,
>>
>> On 7 Jan 2019, at 12:52, Simone Tiraboschi <stirabos(a)redhat.com> wrote:
>>
>>
>>
>> On Mon, Jan 7, 2019 at 2:03 PM Vinícius Ferrão <
>> ferrao(a)versatushpc.com.br> wrote:
>>
>>> Hello Simone,
>>>
>>> Sent from my iPhone
>>>
>>> On 7 Jan 2019, at 07:11, Simone Tiraboschi <stirabos(a)redhat.com>
wrote:
>>>
>>>
>>>
>>> On Sun, Jan 6, 2019 at 5:31 PM <ferrao(a)versatushpc.com.br> wrote:
>>>
>>>> Hello,
>>>>
>>>> I’ve a new oVirt installation using oVirt 4.2.7.1 Node and after
>>>> deploying the hosted engine it does not show up on the interface even
after
>>>> adding the first storage.
>>>>
>>>> The Datacenter is up but the engine VM and the engine storage does not
>>>> appear.
>>>>
>>>> I have the following message repeated constantly on /var/log/messages:
>>>>
>>>> Jan 4 20:17:30 ovirt1 journal: ovirt-ha-agent
>>>> ovirt_hosted_engine_ha.agent.hosted_engine.HostedEngine.config.vm ERROR
>>>> Unable to identify the OVF_STORE volume, falling back to initial
vm.conf.
>>>> Please ensure you already added your first data domain for regular VMs
>>>>
>>>> What’s wrong? Am I doing something different?
>>>>
>>>
>>> The import of external VM is broken in 4.2.7 as for
>>> https://bugzilla.redhat.com/show_bug.cgi?id=1649615
>>> It will be fixed with 4.2.8.
>>>
>>> In the mean time I strongly suggest to use the regular flow for
>>> hosted-engine deployment (simply skip --noansible option) since only the
>>> vintage deprecated flow is affected by this issue.
>>>
>>>
>>>
>>> Thanks for pointing the issue. I was unable the find this on bugzilla
>>> by myself. The title isn’t helping either.
>>>
>>> But on other hand, I only used the legacy mode because ansible mode
>>> fails.
>>>
>>
>> Can you please attach a log of the issue?
>>
>>
>> For sure, logs on the link:
>> http://www.if.ufrj.br/~ferrao/ovirt/issues/ansible-storage-bypass
>>
>> What happens is that Ansible just bypasses the storage configuration
>> questions:
>>
>> [ INFO ] Stage: Environment packages setup
>> [ INFO ] Stage: Programs detection
>> [ INFO ] Stage: Environment setup
>> [ INFO ] Stage: Environment customization
>>
>> --== STORAGE CONFIGURATION ==--
>>
>>
>> --== HOST NETWORK CONFIGURATION ==--
>>
>> Please indicate a pingable gateway IP address [10.20.0.1]:
>> [ INFO ] TASK [Gathering Facts]
>> [ INFO ] ok: [localhost]
>> [ INFO ] TASK [Detecting interface on existing management bridge]
>> [ INFO ] skipping: [localhost]
>> [ INFO ] TASK [Get all active network interfaces]
>> [ INFO ] TASK [Filter bonds with bad naming]
>> [ INFO ] TASK [Generate output list]
>>
>>
>>
>>
>>>
>>> I’m not sure why it fails. I can try it again, but I can ask in
>>> advance: the management network is bonded, is this an issue? I think I’ve
>>> read something about this on this list but I’m unsure.
>>>
>>
>> No, but you should set bond mode 1, 2, 3, or 4.
>> Teaming is not supported.
>>
>>
>> Thanks, since I’m using 802.3ad (LACP) - mode 4, I think I’m good.
>>
>>
>>
>>>
>>> Thanks,
>>>
>>>
>>>>
>>>> Additional infos:
>>>>
>>>> [root@ovirt1 ~]# vdsm-tool list-nets
>>>> ovirtmgmt (default route)
>>>> storage
>>>>
>>>> [root@ovirt1 ~]# ip a | grep "inet "
>>>> inet 127.0.0.1/8 scope host lo
>>>> inet 10.20.0.101/24 brd 10.20.0.255 scope global dynamic ovirtmgmt
>>>> inet 192.168.10.1/29 brd 192.168.10.7 scope global storage
>>>>
>>>> [root@ovirt1 ~]# mount | grep -i nfs
>>>> sunrpc on /var/lib/nfs/rpc_pipefs type rpc_pipefs (rw,relatime)
>>>> 10.20.0.200:/mnt/pool0/ovirt/he on /rhev/data-center/mnt/10.20.0.
>>>> <http://10.20.0.0/>200:_mnt_pool0_ovirt_he type nfs4
>>>>
(rw,relatime,vers=4.1,rsize=131072,wsize=131072,namlen=255,soft,nosharecache,proto=tcp,timeo=600,retrans=6,sec=sys,clientaddr=10.20.0.101,local_lock=none,addr=10.20.0.200)
>>>>
>>>> [root@ovirt1 ~]# hosted-engine --check-deployed
>>>> Returns nothing!
>>>>
>>>> [root@ovirt1 ~]# hosted-engine --check-liveliness
>>>> Hosted Engine is up!
>>>>
>>>> [root@ovirt1 ~]# hosted-engine --vm-status
>>>>
>>>> --== Host 1 status ==--
>>>>
>>>> conf_on_shared_storage : True
>>>> Status up-to-date : True
>>>> Hostname : ovirt1.local.versatushpc.com.br
>>>> Host ID : 1
>>>> Engine status : {"health":
"good", "vm": "up",
>>>> "detail": "Up"}
>>>> Score : 3400
>>>> stopped : False
>>>> Local maintenance : False
>>>> crc32 : 1736a87d
>>>> local_conf_timestamp : 7836
>>>> Host timestamp : 7836
>>>> Extra metadata (valid at timestamp):
>>>> metadata_parse_version=1
>>>> metadata_feature_version=1
>>>> timestamp=7836 (Fri Jan 4 20:18:10 2019)
>>>> host-id=1
>>>> score=3400
>>>> vm_conf_refresh_time=7836 (Fri Jan 4 20:18:10 2019)
>>>> conf_on_shared_storage=True
>>>> maintenance=False
>>>> state=EngineUp
>>>> stopped=False
>>>>
>>>>
>>>> Thanks in advance,
>>>>
>>>> PS: Log files are available here:
>>>> http://www.if.ufrj.br/~ferrao/ovirt/issues/he-not-showing/
>>>> _______________________________________________
>>>> Users mailing list -- users(a)ovirt.org
>>>> To unsubscribe send an email to users-leave(a)ovirt.org
>>>> Privacy Statement: https://www.ovirt.org/site/privacy-policy/
>>>> oVirt Code of Conduct:
>>>> https://www.ovirt.org/community/about/community-guidelines/
>>>> List Archives:
>>>>
https://lists.ovirt.org/archives/list/users@ovirt.org/message/IQHM6YQ7HVB...
>>>>
>>> _______________________________________________
>>> Users mailing list -- users(a)ovirt.org
>>> To unsubscribe send an email to users-leave(a)ovirt.org
>>> Privacy Statement: https://www.ovirt.org/site/privacy-policy/
>>> oVirt Code of Conduct:
>>> https://www.ovirt.org/community/about/community-guidelines/
>>> List Archives:
>>>
https://lists.ovirt.org/archives/list/users@ovirt.org/message/BPJAV4AVRN5...
>>>
>>> _______________________________________________
>> Users mailing list -- users(a)ovirt.org
>> To unsubscribe send an email to users-leave(a)ovirt.org
>> Privacy Statement: https://www.ovirt.org/site/privacy-policy/
>> oVirt Code of Conduct:
>> https://www.ovirt.org/community/about/community-guidelines/
>> List Archives:
>>
https://lists.ovirt.org/archives/list/users@ovirt.org/message/NSOQQ5T6VLM...
>>
>>
>>
>
6:38 p.m.
New subject: Hosted Engine VM and Storage not showing up
On 23 Jan 2019, at 14:33, Simone Tiraboschi
<stirabos(a)redhat.com> wrote:
On Wed, Jan 23, 2019 at 5:27 PM Vinícius Ferrão <ferrao(a)versatushpc.com.br
<mailto:ferrao@versatushpc.com.br>> wrote:
Simone, may I up this thread.
I will request the RFE on bugzilla. I just need some time to do this.
But I have another question on this issue. In a case of an already deployed oVirt
installation with this bug. There’s a way to fix it? Production VMs are running and I
would like to know if this can be fixed without interrupting the VMs.
I was thinking on getting a backup of the bugged SHE VM with hosted-engine command and
then trying to restore it with ovirt-hosted-engine-setup with the Ansible backend. But I’m
not sure if this will work.
Yes, it will.
You can also use that tool to migrate from bare metal to hosted-engine and so on.
Thank you Simone!!!
So I will get the backup from the broken HE and then redeploy it using the backup with the
Ansible backend. Rewriting just to be sure.
If not, there’s a way to at least keep the VMs running and redeploy the engine from the
ground without restoring the backup?
Thanks!
Sent from my iPhone
On 8 Jan 2019, at 14:49, Simone Tiraboschi <stirabos(a)redhat.com
<mailto:stirabos@redhat.com>> wrote:
>
>
> On Tue, Jan 8, 2019 at 5:31 PM Vinícius Ferrão <ferrao(a)versatushpc.com.br
<mailto:ferrao@versatushpc.com.br>> wrote:
> Hello,
>
>> On 8 Jan 2019, at 11:20, Simone Tiraboschi <stirabos(a)redhat.com
<mailto:stirabos@redhat.com>> wrote:
>>
>>
>>
>> On Mon, Jan 7, 2019 at 10:43 PM Vinícius Ferrão <ferrao(a)versatushpc.com.br
<mailto:ferrao@versatushpc.com.br>> wrote:
>> Simone,
>>
>> I have additional findings: Ansible was failing because I was defined the option
without-password on SSH root access. So it fails with an authentication failure error
during the deployment.
>>
>> After allowing root access over SSH the hosted engine deployement with Ansible
worked.
>>
>> Now I will check if everything else is working fine.
>>
>> Maybe I need to open a bug on Bugzilla on this issue?
>>
>> Ok, from the logs I see that you set without-password and you correctly entered a
public ssh key when requested.
>> But then ansible failed to authenticate to the engine VM, as root, with that
password.
>> So, if you are sure that the correspondent private key was available in the right
place and with the right permissions, please open a bug.
>
> Hello Simone, just to be sure. The private key was always on my personal computer. It
was never on the oVirt Node.
>
> For years I’ve deployed oVirt this way and it worked as expected.
>
> So if the new behaviour demands a private key on the hypervisor this makes the
deployment different.
>
> The purpose of the key and enabling root ssh without-password is to enforce the
security of the hosted engine, right? Not the security between the hypervisor and hosted
engine during the deployment phase. So the setting without-password should be set at the
end of hosted engine deployment.
>
> If this assumptions are correct I will proceed to the ticket on bugzilla.
>
> Now the whole flow, including engine-setup on the engine VM to create the DB and so
on, is executed with ansible and this requires ansible, executed on the first host, to be
able to authenticate to the engine VM over ssh.
> Currently the setup is configuring the root password and/or the root ssh pub key on
the first boot with cloud-init and so this implicitly requires the user to enable password
authentication or to configure the host to be able to access the engine VM with an ssh
key.
>
> What you are proposing requires the setup to inject a temporary key generated on the
fly and remove it at the end or configure without-password only after the deployment.
> It makes sense to me but on my opinion it's more an RFE than a real bug.
> Feel free to file it.
>
>
>
> Thanks,
>
>>
>>
>>
>> Thanks,
>>
>>> On 7 Jan 2019, at 15:22, Vinícius Ferrão <ferrao(a)versatushpc.com.br
<mailto:ferrao@versatushpc.com.br>> wrote:
>>>
>>> Hello,
>>>
>>>> On 7 Jan 2019, at 12:52, Simone Tiraboschi <stirabos(a)redhat.com
<mailto:stirabos@redhat.com>> wrote:
>>>>
>>>>
>>>>
>>>> On Mon, Jan 7, 2019 at 2:03 PM Vinícius Ferrão
<ferrao(a)versatushpc.com.br <mailto:ferrao@versatushpc.com.br>> wrote:
>>>> Hello Simone,
>>>>
>>>> Sent from my iPhone
>>>>
>>>> On 7 Jan 2019, at 07:11, Simone Tiraboschi <stirabos(a)redhat.com
<mailto:stirabos@redhat.com>> wrote:
>>>>
>>>>>
>>>>>
>>>>> On Sun, Jan 6, 2019 at 5:31 PM <ferrao(a)versatushpc.com.br
<mailto:ferrao@versatushpc.com.br>> wrote:
>>>>> Hello,
>>>>>
>>>>> I’ve a new oVirt installation using oVirt 4.2.7.1 Node and after
deploying the hosted engine it does not show up on the interface even after adding the
first storage.
>>>>>
>>>>> The Datacenter is up but the engine VM and the engine storage does
not appear.
>>>>>
>>>>> I have the following message repeated constantly on
/var/log/messages:
>>>>>
>>>>> Jan 4 20:17:30 ovirt1 journal: ovirt-ha-agent
ovirt_hosted_engine_ha.agent.hosted_engine.HostedEngine.config.vm ERROR Unable to identify
the OVF_STORE volume, falling back to initial vm.conf. Please ensure you already added
your first data domain for regular VMs
>>>>>
>>>>> What’s wrong? Am I doing something different?
>>>>>
>>>>> The import of external VM is broken in 4.2.7 as for
https://bugzilla.redhat.com/show_bug.cgi?id=1649615
<https://bugzilla.redhat.com/show_bug.cgi?id=1649615>
>>>>> It will be fixed with 4.2.8.
>>>>>
>>>>> In the mean time I strongly suggest to use the regular flow for
hosted-engine deployment (simply skip --noansible option) since only the vintage
deprecated flow is affected by this issue.
>>>>>
>>>>
>>>> Thanks for pointing the issue. I was unable the find this on bugzilla by
myself. The title isn’t helping either.
>>>>
>>>> But on other hand, I only used the legacy mode because ansible mode
fails.
>>>>
>>>> Can you please attach a log of the issue?
>>>
>>> For sure, logs on the link:
>>> http://www.if.ufrj.br/~ferrao/ovirt/issues/ansible-storage-bypass
<http://www.if.ufrj.br/~ferrao/ovirt/issues/ansible-storage-bypass>
>>>
>>> What happens is that Ansible just bypasses the storage configuration
questions:
>>>
>>> [ INFO ] Stage: Environment packages setup
>>> [ INFO ] Stage: Programs detection
>>> [ INFO ] Stage: Environment setup
>>> [ INFO ] Stage: Environment customization
>>>
>>> --== STORAGE CONFIGURATION ==--
>>>
>>>
>>> --== HOST NETWORK CONFIGURATION ==--
>>>
>>> Please indicate a pingable gateway IP address [10.20.0.1]:
>>> [ INFO ] TASK [Gathering Facts]
>>> [ INFO ] ok: [localhost]
>>> [ INFO ] TASK [Detecting interface on existing management bridge]
>>> [ INFO ] skipping: [localhost]
>>> [ INFO ] TASK [Get all active network interfaces]
>>> [ INFO ] TASK [Filter bonds with bad naming]
>>> [ INFO ] TASK [Generate output list]
>>>
>>>
>>>>
>>>>
>>>> I’m not sure why it fails. I can try it again, but I can ask in advance:
the management network is bonded, is this an issue? I think I’ve read something about this
on this list but I’m unsure.
>>>>
>>>> No, but you should set bond mode 1, 2, 3, or 4.
>>>> Teaming is not supported.
>>>
>>> Thanks, since I’m using 802.3ad (LACP) - mode 4, I think I’m good.
>>>
>>>>
>>>>
>>>> Thanks,
>>>>
>>>>>
>>>>>
>>>>> Additional infos:
>>>>>
>>>>> [root@ovirt1 ~]# vdsm-tool list-nets
>>>>> ovirtmgmt (default route)
>>>>> storage
>>>>>
>>>>> [root@ovirt1 ~]# ip a | grep "inet "
>>>>> inet 127.0.0.1/8 <http://127.0.0.1/8> scope host lo
>>>>> inet 10.20.0.101/24 <http://10.20.0.101/24> brd 10.20.0.255
scope global dynamic ovirtmgmt
>>>>> inet 192.168.10.1/29 <http://192.168.10.1/29> brd
192.168.10.7 scope global storage
>>>>>
>>>>> [root@ovirt1 ~]# mount | grep -i nfs
>>>>> sunrpc on /var/lib/nfs/rpc_pipefs type rpc_pipefs (rw,relatime)
>>>>> 10.20.0.200:/mnt/pool0/ovirt/he on /rhev/data-center/mnt/10.20.0.
<http://10.20.0.0/>200:_mnt_pool0_ovirt_he type nfs4
(rw,relatime,vers=4.1,rsize=131072,wsize=131072,namlen=255,soft,nosharecache,proto=tcp,timeo=600,retrans=6,sec=sys,clientaddr=10.20.0.101,local_lock=none,addr=10.20.0.200)
>>>>>
>>>>> [root@ovirt1 ~]# hosted-engine --check-deployed
>>>>> Returns nothing!
>>>>>
>>>>> [root@ovirt1 ~]# hosted-engine --check-liveliness
>>>>> Hosted Engine is up!
>>>>>
>>>>> [root@ovirt1 ~]# hosted-engine --vm-status
>>>>>
>>>>> --== Host 1 status ==--
>>>>>
>>>>> conf_on_shared_storage : True
>>>>> Status up-to-date : True
>>>>> Hostname : ovirt1.local.versatushpc.com.br
<http://ovirt1.local.versatushpc.com.br/>
>>>>> Host ID : 1
>>>>> Engine status : {"health":
"good", "vm": "up", "detail": "Up"}
>>>>> Score : 3400
>>>>> stopped : False
>>>>> Local maintenance : False
>>>>> crc32 : 1736a87d
>>>>> local_conf_timestamp : 7836
>>>>> Host timestamp : 7836
>>>>> Extra metadata (valid at timestamp):
>>>>> metadata_parse_version=1
>>>>> metadata_feature_version=1
>>>>> timestamp=7836 (Fri Jan 4 20:18:10 2019)
>>>>> host-id=1
>>>>> score=3400
>>>>> vm_conf_refresh_time=7836 (Fri Jan 4 20:18:10 2019)
>>>>> conf_on_shared_storage=True
>>>>> maintenance=False
>>>>> state=EngineUp
>>>>> stopped=False
>>>>>
>>>>>
>>>>> Thanks in advance,
>>>>>
>>>>> PS: Log files are available here:
http://www.if.ufrj.br/~ferrao/ovirt/issues/he-not-showing/
<http://www.if.ufrj.br/~ferrao/ovirt/issues/he-not-showing/>
>>>>> _______________________________________________
>>>>> Users mailing list -- users(a)ovirt.org <mailto:users@ovirt.org>
>>>>> To unsubscribe send an email to users-leave(a)ovirt.org
<mailto:users-leave@ovirt.org>
>>>>> Privacy Statement: https://www.ovirt.org/site/privacy-policy/
<https://www.ovirt.org/site/privacy-policy/>
>>>>> oVirt Code of Conduct:
https://www.ovirt.org/community/about/community-guidelines/
<https://www.ovirt.org/community/about/community-guidelines/>
>>>>> List Archives:
https://lists.ovirt.org/archives/list/users@ovirt.org/message/IQHM6YQ7HVB...
<https://lists.ovirt.org/archives/list/users@ovirt.org/message/IQHM6YQ7HVB...
>>>>> _______________________________________________
>>>>> Users mailing list -- users(a)ovirt.org <mailto:users@ovirt.org>
>>>>> To unsubscribe send an email to users-leave(a)ovirt.org
<mailto:users-leave@ovirt.org>
>>>>> Privacy Statement: https://www.ovirt.org/site/privacy-policy/
<https://www.ovirt.org/site/privacy-policy/>
>>>>> oVirt Code of Conduct:
https://www.ovirt.org/community/about/community-guidelines/
<https://www.ovirt.org/community/about/community-guidelines/>
>>>>> List Archives:
https://lists.ovirt.org/archives/list/users@ovirt.org/message/BPJAV4AVRN5...
<https://lists.ovirt.org/archives/list/users@ovirt.org/message/BPJAV4AVRN5...
>>>> _______________________________________________
>>>> Users mailing list -- users(a)ovirt.org <mailto:users@ovirt.org>
>>>> To unsubscribe send an email to users-leave(a)ovirt.org
<mailto:users-leave@ovirt.org>
>>>> Privacy Statement: https://www.ovirt.org/site/privacy-policy/
<https://www.ovirt.org/site/privacy-policy/>
>>>> oVirt Code of Conduct:
https://www.ovirt.org/community/about/community-guidelines/
<https://www.ovirt.org/community/about/community-guidelines/>
>>>> List Archives:
https://lists.ovirt.org/archives/list/users@ovirt.org/message/NSOQQ5T6VLM...
<https://lists.ovirt.org/archives/list/users@ovirt.org/message/NSOQQ5T6VLM...
>
6:51 p.m.
New subject: Hosted Engine VM and Storage not showing up
On Wed, Jan 23, 2019 at 5:38 PM Vinícius Ferrão <ferrao(a)versatushpc.com.br>
wrote:
On 23 Jan 2019, at 14:33, Simone Tiraboschi <stirabos(a)redhat.com> wrote:
On Wed, Jan 23, 2019 at 5:27 PM Vinícius Ferrão <ferrao(a)versatushpc.com.br>
wrote:
> Simone, may I up this thread.
>
> I will request the RFE on bugzilla. I just need some time to do this.
>
> But I have another question on this issue. In a case of an already
> deployed oVirt installation with this bug. There’s a way to fix it?
> Production VMs are running and I would like to know if this can be fixed
> without interrupting the VMs.
>
> I was thinking on getting a backup of the bugged SHE VM with
> hosted-engine command and then trying to restore it with
> ovirt-hosted-engine-setup with the Ansible backend. But I’m not sure if
> this will work.
>
Yes, it will.
You can also use that tool to migrate from bare metal to hosted-engine and
so on.
Thank you Simone!!!
So I will get the backup from the broken HE and then redeploy it using the
backup with the Ansible backend. Rewriting just to be sure.
Yes, it sounds like a good plan.
>
> If not, there’s a way to at least keep the VMs running and redeploy the
> engine from the ground without restoring the backup?
>
> Thanks!
>
> Sent from my iPhone
>
> On 8 Jan 2019, at 14:49, Simone Tiraboschi <stirabos(a)redhat.com> wrote:
>
>
>
> On Tue, Jan 8, 2019 at 5:31 PM Vinícius Ferrão <ferrao(a)versatushpc.com.br>
> wrote:
>
>> Hello,
>>
>> On 8 Jan 2019, at 11:20, Simone Tiraboschi <stirabos(a)redhat.com> wrote:
>>
>>
>>
>> On Mon, Jan 7, 2019 at 10:43 PM Vinícius Ferrão <
>> ferrao(a)versatushpc.com.br> wrote:
>>
>>> Simone,
>>>
>>> I have additional findings: Ansible was failing because I was defined
>>> the option without-password on SSH root access. So it fails with an
>>> authentication failure error during the deployment.
>>>
>>> After allowing root access over SSH the hosted engine deployement with
>>> Ansible worked.
>>>
>>> Now I will check if everything else is working fine.
>>>
>>> Maybe I need to open a bug on Bugzilla on this issue?
>>>
>>
>> Ok, from the logs I see that you set without-password and you correctly
>> entered a public ssh key when requested.
>> But then ansible failed to authenticate to the engine VM, as root, with
>> that password.
>> So, if you are sure that the correspondent private key was available in
>> the right place and with the right permissions, please open a bug.
>>
>>
>> Hello Simone, just to be sure. The private key was always on my personal
>> computer. It was never on the oVirt Node.
>>
>> For years I’ve deployed oVirt this way and it worked as expected.
>>
>> So if the new behaviour demands a private key on the hypervisor this
>> makes the deployment different.
>>
>> The purpose of the key and enabling root ssh without-password is to
>> enforce the security of the hosted engine, right? Not the security between
>> the hypervisor and hosted engine during the deployment phase. So the
>> setting without-password should be set at the end of hosted engine
>> deployment.
>>
>> If this assumptions are correct I will proceed to the ticket on bugzilla.
>>
>
> Now the whole flow, including engine-setup on the engine VM to create the
> DB and so on, is executed with ansible and this requires ansible, executed
> on the first host, to be able to authenticate to the engine VM over ssh.
> Currently the setup is configuring the root password and/or the root ssh
> pub key on the first boot with cloud-init and so this implicitly requires
> the user to enable password authentication or to configure the host to be
> able to access the engine VM with an ssh key.
>
> What you are proposing requires the setup to inject a temporary key
> generated on the fly and remove it at the end or configure without-password
> only after the deployment.
> It makes sense to me but on my opinion it's more an RFE than a real bug.
> Feel free to file it.
>
>
>
>>
>> Thanks,
>>
>>
>>
>>
>>>
>>> Thanks,
>>>
>>> On 7 Jan 2019, at 15:22, Vinícius Ferrão <ferrao(a)versatushpc.com.br>
>>> wrote:
>>>
>>> Hello,
>>>
>>> On 7 Jan 2019, at 12:52, Simone Tiraboschi <stirabos(a)redhat.com>
wrote:
>>>
>>>
>>>
>>> On Mon, Jan 7, 2019 at 2:03 PM Vinícius Ferrão <
>>> ferrao(a)versatushpc.com.br> wrote:
>>>
>>>> Hello Simone,
>>>>
>>>> Sent from my iPhone
>>>>
>>>> On 7 Jan 2019, at 07:11, Simone Tiraboschi <stirabos(a)redhat.com>
>>>> wrote:
>>>>
>>>>
>>>>
>>>> On Sun, Jan 6, 2019 at 5:31 PM <ferrao(a)versatushpc.com.br> wrote:
>>>>
>>>>> Hello,
>>>>>
>>>>> I’ve a new oVirt installation using oVirt 4.2.7.1 Node and after
>>>>> deploying the hosted engine it does not show up on the interface even
after
>>>>> adding the first storage.
>>>>>
>>>>> The Datacenter is up but the engine VM and the engine storage does
>>>>> not appear.
>>>>>
>>>>> I have the following message repeated constantly on
/var/log/messages:
>>>>>
>>>>> Jan 4 20:17:30 ovirt1 journal: ovirt-ha-agent
>>>>> ovirt_hosted_engine_ha.agent.hosted_engine.HostedEngine.config.vm
ERROR
>>>>> Unable to identify the OVF_STORE volume, falling back to initial
vm.conf.
>>>>> Please ensure you already added your first data domain for regular
VMs
>>>>>
>>>>> What’s wrong? Am I doing something different?
>>>>>
>>>>
>>>> The import of external VM is broken in 4.2.7 as for
>>>> https://bugzilla.redhat.com/show_bug.cgi?id=1649615
>>>> It will be fixed with 4.2.8.
>>>>
>>>> In the mean time I strongly suggest to use the regular flow for
>>>> hosted-engine deployment (simply skip --noansible option) since only the
>>>> vintage deprecated flow is affected by this issue.
>>>>
>>>>
>>>>
>>>> Thanks for pointing the issue. I was unable the find this on bugzilla
>>>> by myself. The title isn’t helping either.
>>>>
>>>> But on other hand, I only used the legacy mode because ansible mode
>>>> fails.
>>>>
>>>
>>> Can you please attach a log of the issue?
>>>
>>>
>>> For sure, logs on the link:
>>> http://www.if.ufrj.br/~ferrao/ovirt/issues/ansible-storage-bypass
>>>
>>> What happens is that Ansible just bypasses the storage configuration
>>> questions:
>>>
>>> [ INFO ] Stage: Environment packages setup
>>> [ INFO ] Stage: Programs detection
>>> [ INFO ] Stage: Environment setup
>>> [ INFO ] Stage: Environment customization
>>>
>>> --== STORAGE CONFIGURATION ==--
>>>
>>>
>>> --== HOST NETWORK CONFIGURATION ==--
>>>
>>> Please indicate a pingable gateway IP address [10.20.0.1]:
>>> [ INFO ] TASK [Gathering Facts]
>>> [ INFO ] ok: [localhost]
>>> [ INFO ] TASK [Detecting interface on existing management bridge]
>>> [ INFO ] skipping: [localhost]
>>> [ INFO ] TASK [Get all active network interfaces]
>>> [ INFO ] TASK [Filter bonds with bad naming]
>>> [ INFO ] TASK [Generate output list]
>>>
>>>
>>>
>>>
>>>>
>>>> I’m not sure why it fails. I can try it again, but I can ask in
>>>> advance: the management network is bonded, is this an issue? I think
I’ve
>>>> read something about this on this list but I’m unsure.
>>>>
>>>
>>> No, but you should set bond mode 1, 2, 3, or 4.
>>> Teaming is not supported.
>>>
>>>
>>> Thanks, since I’m using 802.3ad (LACP) - mode 4, I think I’m good.
>>>
>>>
>>>
>>>>
>>>> Thanks,
>>>>
>>>>
>>>>>
>>>>> Additional infos:
>>>>>
>>>>> [root@ovirt1 ~]# vdsm-tool list-nets
>>>>> ovirtmgmt (default route)
>>>>> storage
>>>>>
>>>>> [root@ovirt1 ~]# ip a | grep "inet "
>>>>> inet 127.0.0.1/8 scope host lo
>>>>> inet 10.20.0.101/24 brd 10.20.0.255 scope global dynamic
ovirtmgmt
>>>>> inet 192.168.10.1/29 brd 192.168.10.7 scope global storage
>>>>>
>>>>> [root@ovirt1 ~]# mount | grep -i nfs
>>>>> sunrpc on /var/lib/nfs/rpc_pipefs type rpc_pipefs (rw,relatime)
>>>>> 10.20.0.200:/mnt/pool0/ovirt/he on /rhev/data-center/mnt/10.20.0.
>>>>> <http://10.20.0.0/>200:_mnt_pool0_ovirt_he type nfs4
>>>>>
(rw,relatime,vers=4.1,rsize=131072,wsize=131072,namlen=255,soft,nosharecache,proto=tcp,timeo=600,retrans=6,sec=sys,clientaddr=10.20.0.101,local_lock=none,addr=10.20.0.200)
>>>>>
>>>>> [root@ovirt1 ~]# hosted-engine --check-deployed
>>>>> Returns nothing!
>>>>>
>>>>> [root@ovirt1 ~]# hosted-engine --check-liveliness
>>>>> Hosted Engine is up!
>>>>>
>>>>> [root@ovirt1 ~]# hosted-engine --vm-status
>>>>>
>>>>> --== Host 1 status ==--
>>>>>
>>>>> conf_on_shared_storage : True
>>>>> Status up-to-date : True
>>>>> Hostname : ovirt1.local.versatushpc.com.br
>>>>> Host ID : 1
>>>>> Engine status : {"health":
"good", "vm": "up",
>>>>> "detail": "Up"}
>>>>> Score : 3400
>>>>> stopped : False
>>>>> Local maintenance : False
>>>>> crc32 : 1736a87d
>>>>> local_conf_timestamp : 7836
>>>>> Host timestamp : 7836
>>>>> Extra metadata (valid at timestamp):
>>>>> metadata_parse_version=1
>>>>> metadata_feature_version=1
>>>>> timestamp=7836 (Fri Jan 4 20:18:10 2019)
>>>>> host-id=1
>>>>> score=3400
>>>>> vm_conf_refresh_time=7836 (Fri Jan 4 20:18:10 2019)
>>>>> conf_on_shared_storage=True
>>>>> maintenance=False
>>>>> state=EngineUp
>>>>> stopped=False
>>>>>
>>>>>
>>>>> Thanks in advance,
>>>>>
>>>>> PS: Log files are available here:
>>>>> http://www.if.ufrj.br/~ferrao/ovirt/issues/he-not-showing/
>>>>> _______________________________________________
>>>>> Users mailing list -- users(a)ovirt.org
>>>>> To unsubscribe send an email to users-leave(a)ovirt.org
>>>>> Privacy Statement: https://www.ovirt.org/site/privacy-policy/
>>>>> oVirt Code of Conduct:
>>>>> https://www.ovirt.org/community/about/community-guidelines/
>>>>> List Archives:
>>>>>
https://lists.ovirt.org/archives/list/users@ovirt.org/message/IQHM6YQ7HVB...
>>>>>
>>>> _______________________________________________
>>>> Users mailing list -- users(a)ovirt.org
>>>> To unsubscribe send an email to users-leave(a)ovirt.org
>>>> Privacy Statement: https://www.ovirt.org/site/privacy-policy/
>>>> oVirt Code of Conduct:
>>>> https://www.ovirt.org/community/about/community-guidelines/
>>>> List Archives:
>>>>
https://lists.ovirt.org/archives/list/users@ovirt.org/message/BPJAV4AVRN5...
>>>>
>>>> _______________________________________________
>>> Users mailing list -- users(a)ovirt.org
>>> To unsubscribe send an email to users-leave(a)ovirt.org
>>> Privacy Statement: https://www.ovirt.org/site/privacy-policy/
>>> oVirt Code of Conduct:
>>> https://www.ovirt.org/community/about/community-guidelines/
>>> List Archives:
>>>
https://lists.ovirt.org/archives/list/users@ovirt.org/message/NSOQQ5T6VLM...
>>>
>>>
>>>
>>
2126
days inactive
2142
days old
9 comments
2 participants
participants (2)
-
Simone Tiraboschi -
Vinícius Ferrão