Stuck in Manager upgrade. Can't set Cluster to maintenance mode.
Hi Folks, like many others, the ovirt hosted engine certificates expired on my installation. We tried to follow this knowledge base article: https://access.redhat.com/solutions/6865861 I set the host which runs the hosted engine via the "hosted-engine --set-maintenance --mode=global" command into the global maintenance mode. Then i try to execute the "engine-setup --offline" command. There we anwser all questions and the script recognizes the expired certificates. But when we try to execute the last step it aborts with following error message. Output of engine-setup --offline: [WARNING] Failed to read or parse '/etc/pki/ovirt-engine/keys/apache.p12' Perhaps it was changed since last Setup. Error was: Mac verify error: invalid password? One or more of the certificates should be renewed, because they expire soon, or include an invalid expiry date, or they were created with validity period longer than 398 days, or do not include the subjectAltName extension, which can cause them to be rejected by recent browsers and up to date hosts. See https://www.ovirt.org/develop/release-management/features/infra/pki-renew/ for more details. Renew certificates? (Yes, No) [No]: Yes --== APACHE CONFIGURATION ==-- --== SYSTEM CONFIGURATION ==-- --== MISC CONFIGURATION ==-- --== END OF CONFIGURATION ==-- [ INFO ] Stage: Setup validation During execution engine service will be stopped (OK, Cancel) [OK]: Ok [ ERROR ] It seems that you are running your engine inside of the hosted-engine VM and are not in "Global Maintenance" mode. In that case you should put the system into the "Global Maintenance" mode before running engine-setup, or the hosted-engine HA agent might kill the machine, which might corrupt your data. [ ERROR ] Failed to execute stage 'Setup validation': Hosted Engine setup detected, but Global Maintenance is not set. [ INFO ] Stage: Clean up Log file is located at /var/log/ovirt-engine/setup/ovirt-engine-setup-20220701205812-yu1osl.log [ INFO ] Generating answer file '/var/lib/ovirt-engine/setup/answers/20220701205843-setup.conf' [ INFO ] Stage: Pre-termination [ INFO ] Stage: Termination [ ERROR ] Execution of setup failed Any ideas how to get the hosted engine into global maintenance mode? Thanks for your help in advance! Best Regard J. Lutz
Can anybody help me? Or is the solution to build a new hosted engine and try recreating it from a backup? What do i have to do to get the Hosted Engine in Global Maintenance Mode when "hosted-engine --set-maintenance --mode=global" does not work ... Its very frustrating ... Best Regards J.Lutz
On 7/13/22 12:44, Johannes Lutz wrote:
Can anybody help me? Or is the solution to build a new hosted engine and try recreating it from a backup?
What do i have to do to get the Hosted Engine in Global Maintenance Mode when "hosted-engine --set-maintenance --mode=global" does not work ...
Its very frustrating ...
Yes, it is. Certificate refreshing should be automagic job on background... If I understand it right, your hosted engine is running? hosted-engine --vm-status on any hosts state that cluster is in global maintenance mode? You should see this line at the end of output !! Cluster is in GLOBAL MAINTENANCE mode !! Cheers, Jiri
Best Regards J.Lutz _______________________________________________ Users mailing list -- users@ovirt.org To unsubscribe send an email to users-leave@ovirt.org Privacy Statement: https://www.ovirt.org/privacy-policy.html oVirt Code of Conduct: https://www.ovirt.org/community/about/community-guidelines/ List Archives: https://lists.ovirt.org/archives/list/users@ovirt.org/message/AUCHVGS5EZ3YZ5...
Hi Jiri, had to wait for the weekend due to maintenance windows, because its a production environment retried the whole steps from the ovirt manual: https://www.ovirt.org/documentation/administration_guide/#chap-Renewing_cert... hosted-engine --vm-status output: --== Host hostname.domain.tld (id: 4) status ==-- Host ID : 4 Host timestamp : 16410366 Score : 3400 Engine status : {"vm": "up", "health": "good", "detail": "Up"} Hostname : hostname.domain.tld Local maintenance : False stopped : False crc32 : b40d4217 conf_on_shared_storage : True local_conf_timestamp : 16410366 Status up-to-date : True Extra metadata (valid at timestamp): metadata_parse_version=1 metadata_feature_version=1 timestamp=16410366 (Sat Jul 16 15:32:45 2022) host-id=4 score=3400 vm_conf_refresh_time=16410366 (Sat Jul 16 15:32:45 2022) conf_on_shared_storage=True maintenance=False state=GlobalMaintenance stopped=False !! Cluster is in GLOBAL MAINTENANCE mode !! Then we executed "engine-setup --offline" on the hosted engine, with all the questions. Output (interesting part): --== PKI CONFIGURATION ==-- One or more of the certificates should be renewed, because they expire soon, or include an invalid expiry date, or they were created with validity period longer than 398 days, or do not include the subjectAltName extension, which can cause them to be rejected by recent browsers and up to date hosts. See https://www.ovirt.org/develop/release-management/features/infra/pki-renew/ for more details. Renew certificates? (Yes, No) [No]: yes --== APACHE CONFIGURATION ==-- --== SYSTEM CONFIGURATION ==-- --== MISC CONFIGURATION ==-- --== END OF CONFIGURATION ==-- [ INFO ] Stage: Setup validation During execution engine service will be stopped (OK, Cancel) [OK]: ok [ ERROR ] It seems that you are running your engine inside of the hosted-engine VM and are not in "Global Maintenance" mode. In that case you should put the system into the "Global Maintenance" mode before running engine-setup, or the hosted-engine HA agent might kill the machine, which might corrupt your data. [ ERROR ] Failed to execute stage 'Setup validation': Hosted Engine setup detected, but Global Maintenance is not set. [ INFO ] Stage: Clean up Log file is located at /var/log/ovirt-engine/setup/ovirt-engine-setup-20220716133117-2zf214.log [ INFO ] Generating answer file '/var/lib/ovirt-engine/setup/answers/20220716133134-setup.conf' [ INFO ] Stage: Pre-termination [ INFO ] Stage: Termination [ ERROR ] Execution of setup failed so we are stuck with a non working hosted engine. no step back and no step forward. I also tried to connect to three partners on https://www.ovirt.org/community/user-stories/users-and-providers.html site, and asked for paid help. But no one was answering till today. Does anybody knows and recommend some professional ovirt supporters, which we can ask to help? Is there anything else we can do? (Do we have to reset something in the postgres db?) Kind Regards J.Lutz
participants (3)
-
Jiří Sléžka -
Johannes Lutz -
johannes.lutz@diamontech.de