[Users] Hosted Engine adding host SSL Failure (w/ engine custom cert)
Hi, After running through the new patch posted in BZ 1055153 I'm adding a second host to the hosted-engine cluster but it seems to fail right before the finish: [ ERROR ] Failed to execute stage 'Closing up': [ERROR]::oVirt API connection failure, [Errno 1] _ssl.c:492: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed Couple Extra Notes: Engine has a custom SSL cert but the CA has been trusted by the new host. When I temporarily return the engine's SSL back to the default generated one the install will succeed. Setup logs: http://www.fpaste.org/72624/13909770/ What confuses me is: curl https://engine.example.net with the custom SSL cert will succeed but with the original self-signed gives the expected "insecure" message. What criteria need to be met so the install will pass? Thanks, Andrew
Reverting back to the original cert would take me past that error but would just continue to spam the message until timeout [ INFO ] Still waiting for VDSM host to become operational... [ INFO ] Still waiting for VDSM host to become operational... Logs seem to just repeat 2014-01-29 17:44:53 DEBUG otopi.plugins.ovirt_hosted_engine_setup.engine.add_host add_host._wait_host_ready:229 VDSM host in state 2014-01-29 17:44:54 DEBUG otopi.plugins.ovirt_hosted_engine_setup.engine.add_host add_host._wait_host_ready:213 Error fetching host state: 'NoneType' object has no attribute 'status' 2014-01-29 17:44:54 DEBUG otopi.plugins.ovirt_hosted_engine_setup.engine.add_host add_host._wait_host_ready:229 VDSM host in state 2014-01-29 17:44:55 DEBUG otopi.plugins.ovirt_hosted_engine_setup.engine.add_host add_host._wait_host_ready:213 Error fetching host state: 'NoneType' object has no attribute 'status' 2014-01-29 17:44:55 DEBUG otopi.plugins.ovirt_hosted_engine_setup.engine.add_host add_host._wait_host_ready:229 VDSM host in state 2014-01-29 17:44:56 DEBUG otopi.plugins.ovirt_hosted_engine_setup.engine.add_host add_host._wait_host_ready:213 Error fetching host state: 'NoneType' object has no attribute 'status' 2014-01-29 17:44:56 DEBUG otopi.plugins.ovirt_hosted_engine_setup.engine.add_host add_host._wait_host_ready:229 VDSM host in state On Wed, Jan 29, 2014 at 5:38 PM, Andrew Lau <andrew@andrewklau.com> wrote:
Hi,
After running through the new patch posted in BZ 1055153 I'm adding a second host to the hosted-engine cluster but it seems to fail right before the finish:
[ ERROR ] Failed to execute stage 'Closing up': [ERROR]::oVirt API connection failure, [Errno 1] _ssl.c:492: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
Couple Extra Notes: Engine has a custom SSL cert but the CA has been trusted by the new host. When I temporarily return the engine's SSL back to the default generated one the install will succeed.
Setup logs: http://www.fpaste.org/72624/13909770/
What confuses me is:
curl https://engine.example.net with the custom SSL cert will succeed but with the original self-signed gives the expected "insecure" message. What criteria need to be met so the install will pass?
Thanks, Andrew
------=_Part_10314328_384438770.1390979239172 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit
From: "Andrew Lau" <andrew@andrewklau.com> To: "users" <users@ovirt.org> Sent: Wednesday, January 29, 2014 8:48:42 AM Subject: Re: [Users] Hosted Engine adding host SSL Failure (w/ engine custom cert)
Reverting back to the original cert would take me past that error but would just continue to spam the message until timeout [ INFO ] Still waiting for VDSM host to become operational... [ INFO ] Still waiting for VDSM host to become operational...
Logs seem to just repeat 2014-01-29 17:44:53 DEBUG otopi.plugins.ovirt_hosted_engine_setup.engine.add_host add_host._wait_host_ready:229 VDSM host in state 2014-01-29 17:44:54 DEBUG otopi.plugins.ovirt_hosted_engine_setup.engine.add_host add_host._wait_host_ready:213 Error fetching host state: 'NoneType' object has no attribute 'status' 2014-01-29 17:44:54 DEBUG otopi.plugins.ovirt_hosted_engine_setup.engine.add_host add_host._wait_host_ready:229 VDSM host in state 2014-01-29 17:44:55 DEBUG otopi.plugins.ovirt_hosted_engine_setup.engine.add_host add_host._wait_host_ready:213 Error fetching host state: 'NoneType' object has no attribute 'status' 2014-01-29 17:44:55 DEBUG otopi.plugins.ovirt_hosted_engine_setup.engine.add_host add_host._wait_host_ready:229 VDSM host in state 2014-01-29 17:44:56 DEBUG otopi.plugins.ovirt_hosted_engine_setup.engine.add_host add_host._wait_host_ready:213 Error fetching host state: 'NoneType' object has no attribute 'status' 2014-01-29 17:44:56 DEBUG otopi.plugins.ovirt_hosted_engine_setup.engine.add_host add_host._wait_host_ready:229 VDSM host in state
Wednesday, January 29, 2014 8:48:42 AM<br><b>Subject: </b>Re: [Users] Host= ed Engine adding host SSL Failure (w/ engine custom = cert)<br><div><br></div><div dir=3D"ltr"><div class= =3D"gmail_default" style=3D"font-family:tahoma,sans-serif">Reverting back t= o the original cert would take me past that error but would just continue t= o spam the message until timeout</div><div class=3D"gmail_default"><div cla= ss=3D"gmail_default"><span face=3D"tahoma, sans-serif" data-mce-style=3D"fo= nt-family: tahoma, sans-serif;" style=3D"font-family: tahoma, sans-serif;">= [ INFO ] Still waiting for VDSM host to become operational...</span><= /div><div class=3D"gmail_default"><span face=3D"tahoma, sans-serif" data-mc= e-style=3D"font-family: tahoma, sans-serif;" style=3D"font-family: tahoma, = sans-serif;">[ INFO ] Still waiting for VDSM host to become operation= al...</span></div><div style=3D"font-family:tahoma,sans-serif"><br></div></=
2014-01-29 17:44:54 DEBUG otopi.plugins.ovirt_hosted_engine_setup.engine.a=
Can you please post vdsm logs? Thanks. -- Didi ------=_Part_10314328_384438770.1390979239172 Content-Type: text/html; charset=utf-8 Content-Transfer-Encoding: quoted-printable <html><body><div style=3D"font-family: times new roman, new york, times, se= rif; font-size: 12pt; color: #000000"><div></div><blockquote style=3D"borde= r-left:2px solid #1010FF;margin-left:5px;padding-left:5px;color:#000;font-w= eight:normal;font-style:normal;text-decoration:none;font-family:Helvetica,A= rial,sans-serif;font-size:12pt;"><b>From: </b>"Andrew Lau" <andrew@andre= wklau.com><br><b>To: </b>"users" <users@ovirt.org><br><b>Sent: </b= div><div class=3D"gmail_default" style=3D"font-family:tahoma,sans-serif"><b= r></div><div class=3D"gmail_default" style=3D"font-family:tahoma,sans-serif= ">Logs seem to just repeat</div><div class=3D"gmail_default"><div class=3D"= gmail_default"><span face=3D"tahoma, sans-serif" data-mce-style=3D"font-fam= ily: tahoma, sans-serif;" style=3D"font-family: tahoma, sans-serif;">2014-0= 1-29 17:44:53 DEBUG otopi.plugins.ovirt_hosted_engine_setup.engine.add_host= add_host._wait_host_ready:229 VDSM host in state</span></div><div cl= ass=3D"gmail_default"><span face=3D"tahoma, sans-serif" data-mce-style=3D"f= ont-family: tahoma, sans-serif;" style=3D"font-family: tahoma, sans-serif;"= dd_host add_host._wait_host_ready:213 Error fetching host state: 'NoneType'= object has no attribute 'status'</span></div><div class=3D"gmail_default">= <span face=3D"tahoma, sans-serif" data-mce-style=3D"font-family: tahoma, sa= ns-serif;" style=3D"font-family: tahoma, sans-serif;">2014-01-29 17:44:54 D= EBUG otopi.plugins.ovirt_hosted_engine_setup.engine.add_host add_host._wait= _host_ready:229 VDSM host in state</span></div><div class=3D"gmail_de= fault"><span face=3D"tahoma, sans-serif" data-mce-style=3D"font-family: tah= oma, sans-serif;" style=3D"font-family: tahoma, sans-serif;">2014-01-29 17:= 44:55 DEBUG otopi.plugins.ovirt_hosted_engine_setup.engine.add_host add_hos= t._wait_host_ready:213 Error fetching host state: 'NoneType' object has no = attribute 'status'</span></div><div class=3D"gmail_default"><span face=3D"t= ahoma, sans-serif" data-mce-style=3D"font-family: tahoma, sans-serif;" styl= e=3D"font-family: tahoma, sans-serif;">2014-01-29 17:44:55 DEBUG otopi.plug= ins.ovirt_hosted_engine_setup.engine.add_host add_host._wait_host_ready:229= VDSM host in state</span></div><div class=3D"gmail_default"><span fa= ce=3D"tahoma, sans-serif" data-mce-style=3D"font-family: tahoma, sans-serif= ;" style=3D"font-family: tahoma, sans-serif;">2014-01-29 17:44:56 DEBUG oto= pi.plugins.ovirt_hosted_engine_setup.engine.add_host add_host._wait_host_re= ady:213 Error fetching host state: 'NoneType' object has no attribute 'stat= us'</span></div><div class=3D"gmail_default"><span face=3D"tahoma, sans-ser= if" data-mce-style=3D"font-family: tahoma, sans-serif;" style=3D"font-famil= y: tahoma, sans-serif;">2014-01-29 17:44:56 DEBUG otopi.plugins.ovirt_hoste= d_engine_setup.engine.add_host add_host._wait_host_ready:229 VDSM host in &= nbsp;state</span></div></div></div></blockquote><div><br></div><div>Can you= please post vdsm logs? Thanks.</div><div>-- <br></div><div><span name=3D"x= "></span>Didi<span name=3D"x"></span><br></div><div><br></div></div></body>= </html> ------=_Part_10314328_384438770.1390979239172--
------=_Part_10313197_1475201063.1390979106292 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit
From: "Andrew Lau" <andrew@andrewklau.com> To: "users" <users@ovirt.org> Sent: Wednesday, January 29, 2014 8:38:33 AM Subject: [Users] Hosted Engine adding host SSL Failure (w/ engine custom cert)
Hi,
After running through the new patch posted in BZ 1055153 I'm adding a second host to the hosted-engine cluster but it seems to fail right before the finish:
[ ERROR ] Failed to execute stage 'Closing up': [ERROR]::oVirt API connection failure, [Errno 1] _ssl.c:492: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
Couple Extra Notes: Engine has a custom SSL cert but the CA has been trusted by the new host. When I temporarily return the engine's SSL back to the default generated one the install will succeed.
Setup logs: http://www.fpaste.org/72624/13909770/
What confuses me is:
curl https://engine.example.net with the custom SSL cert will succeed but with the original self-signed gives the expected "insecure" message. What criteria need to be met so the install will pass?
Wednesday, January 29, 2014 8:38:33 AM<br><b>Subject: </b>[Users] Hosted E= ngine adding host SSL Failure (w/ engine custom &nbs=
</blockquote><div><br></div><div>Seems like a bug (or a missing feature) -= hosted-engine only supports the self-signed cert. Can you please open a bu= g for this?</div><div><br></div><div>You might manage to make it work by re=
Seems like a bug (or a missing feature) - hosted-engine only supports the self-signed cert. Can you please open a bug for this? You might manage to make it work by replacing /etc/pki/ovirt-engine/ca.pem with the certificate of your ca, but this will prevent adding hosts (because it's needed to create a certificate for them). Perhaps other things will break too, I didn't try that. -- Didi ------=_Part_10313197_1475201063.1390979106292 Content-Type: text/html; charset=utf-8 Content-Transfer-Encoding: quoted-printable <html><body><div style=3D"font-family: times new roman, new york, times, se= rif; font-size: 12pt; color: #000000"><div></div><blockquote style=3D"borde= r-left:2px solid #1010FF;margin-left:5px;padding-left:5px;color:#000;font-w= eight:normal;font-style:normal;text-decoration:none;font-family:Helvetica,A= rial,sans-serif;font-size:12pt;"><b>From: </b>"Andrew Lau" <andrew@andre= wklau.com><br><b>To: </b>"users" <users@ovirt.org><br><b>Sent: </b= p; cert)<br><div><br></div><div dir=3D"ltr"><div class=3D"= gmail_default" style=3D"font-family:tahoma,sans-serif">Hi,</div><div class= =3D"gmail_default" style=3D"font-family:tahoma,sans-serif"><br></div><div c= lass=3D"gmail_default" style=3D"font-family:tahoma,sans-serif"> After running through the new patch posted in BZ 1055153 I'm adding a = second host to the hosted-engine cluster but it seems to fail right before = the finish:</div><div class=3D"gmail_default" style=3D"font-family:tahoma,s= ans-serif"><br></div><div class=3D"gmail_default"><div class=3D"gmail_defau= lt"><span face=3D"tahoma, sans-serif" data-mce-style=3D"font-family: tahoma= , sans-serif;" style=3D"font-family: tahoma, sans-serif;">[ ERROR ] Failed = to execute stage 'Closing up': [ERROR]::oVirt API connection failure, [Errn= o 1] _ssl.c:492: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:ce= rtificate verify failed</span></div><div style=3D"font-family:tahoma,sans-s= erif"><br></div><div style=3D"font-family:tahoma,sans-serif">Couple Extra N= otes:</div><div style=3D"font-family:tahoma,sans-serif">Engine has a custom= SSL cert but the CA has been trusted by the new host. When I temporarily r= eturn the engine's SSL back to the default generated one the install will s= ucceed.</div><div style=3D"font-family:tahoma,sans-serif"><br></div><div st= yle=3D"font-family:tahoma,sans-serif">Setup logs: <a href=3D"http://ww= w.fpaste.org/72624/13909770/" target=3D"_blank">http://www.fpaste.org/72624= /13909770/</a><br></div><div style=3D"font-family:tahoma,sans-serif"><br></= div><div style=3D"font-family:tahoma,sans-serif">What confuses me is:</div>= <div style=3D"font-family:tahoma,sans-serif"><br></div><div style=3D"font-f= amily:tahoma,sans-serif">curl <a href=3D"https://engine.example.net" target= =3D"_blank">https://engine.example.net</a> with the custom SSL cert will su= cceed but with the original self-signed gives the expected "insecure" messa= ge. What criteria need to be met so the install will pass?</div></div></div= placing /etc/pki/ovirt-engine/ca.pem with the certificate of your ca, = but this will prevent adding hosts (because it's needed to create a certifi= cate for them). Perhaps other things will break too, I didn't try that.</di= v><div>-- <br></div><div><span name=3D"x"></span>Didi<span name=3D"x"></spa= n><br></div><div><br></div></div></body></html> ------=_Part_10313197_1475201063.1390979106292--
------=_Part_10315973_1426242418.1390979518044 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit
From: "Yedidyah Bar David" <didi@redhat.com> To: "Andrew Lau" <andrew@andrewklau.com> Cc: "users" <users@ovirt.org> Sent: Wednesday, January 29, 2014 9:05:06 AM Subject: Re: [Users] Hosted Engine adding host SSL Failure (w/ engine custom cert)
From: "Andrew Lau" <andrew@andrewklau.com>
To: "users" <users@ovirt.org>
Sent: Wednesday, January 29, 2014 8:38:33 AM
Subject: [Users] Hosted Engine adding host SSL Failure (w/ engine custom cert)
Hi,
After running through the new patch posted in BZ 1055153 I'm adding a second host to the hosted-engine cluster but it seems to fail right before the finish:
[ ERROR ] Failed to execute stage 'Closing up': [ERROR]::oVirt API connection failure, [Errno 1] _ssl.c:492: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
Couple Extra Notes:
Engine has a custom SSL cert but the CA has been trusted by the new host. When I temporarily return the engine's SSL back to the default generated one the install will succeed.
Setup logs: http://www.fpaste.org/72624/13909770/
What confuses me is:
curl https://engine.example.net with the custom SSL cert will succeed but with the original self-signed gives the expected "insecure" message. What criteria need to be met so the install will pass?
Seems like a bug (or a missing feature) - hosted-engine only supports the self-signed cert. Can you please open a bug for this?
You might manage to make it work by replacing /etc/pki/ovirt-engine/ca.pem with the certificate of your ca, but this will prevent adding hosts (because it's needed to create a certificate for them). Perhaps other things will break too, I didn't try that.
<b>Cc: </b>"users" <users@ovirt.org><br><b>Sent: </b>Wednesday, Janu= ary 29, 2014 9:05:06 AM<br><b>Subject: </b>Re: [Users] Hosted Engine adding= host SSL Failure (w/ engine = ;custom cert)<br><div><br></=
On a second thought, I don't think it will work. The engine will still sign certs for hosts with its private key, but the hosts will try to verify that with the ca.pem you put there and fail. -- Didi ------=_Part_10315973_1426242418.1390979518044 Content-Type: text/html; charset=utf-8 Content-Transfer-Encoding: quoted-printable <html><body><div style=3D"font-family: times new roman, new york, times, se= rif; font-size: 12pt; color: #000000"><div></div><blockquote style=3D"borde= r-left:2px solid #1010FF;margin-left:5px;padding-left:5px;color:#000;font-w= eight:normal;font-style:normal;text-decoration:none;font-family:Helvetica,A= rial,sans-serif;font-size:12pt;"><b>From: </b>"Yedidyah Bar David" <didi= @redhat.com><br><b>To: </b>"Andrew Lau" <andrew@andrewklau.com><br= div><div style=3D"font-family: times new roman, new york, times, serif; fon= t-size: 12pt; color: #000000"><blockquote style=3D"border-left:2px solid #1= 010FF;margin-left:5px;padding-left:5px;color:#000;font-weight:normal;font-s= tyle:normal;text-decoration:none;font-family:Helvetica,Arial,sans-serif;fon= t-size:12pt;"><b>From: </b>"Andrew Lau" <andrew@andrewklau.com><br><b=
To: </b>"users" <users@ovirt.org><br><b>Sent: </b>Wednesday, January= 29, 2014 8:38:33 AM<br><b>Subject: </b>[Users] Hosted Engine adding host S= SL Failure (w/ engine custom = ;cert)<br><div><br></div><div dir=3D"ltr"><div class=3D"gmail_default" styl= e=3D"font-family:tahoma,sans-serif">Hi,</div><div class=3D"gmail_default" s= tyle=3D"font-family:tahoma,sans-serif"><br></div><div class=3D"gmail_defaul= t" style=3D"font-family:tahoma,sans-serif">
<br></div><div style=3D"font-family:tahoma,sans-serif">Couple Extra Notes:= </div><div style=3D"font-family:tahoma,sans-serif">Engine has a custom SSL = cert but the CA has been trusted by the new host. When I temporarily return=
<div style=3D"font-family:tahoma,sans-serif">What confuses me is:</div><di= v style=3D"font-family:tahoma,sans-serif"><br></div><div style=3D"font-fami= ly:tahoma,sans-serif">curl <a href=3D"https://engine.example.net" target=3D= "_blank">https://engine.example.net</a> with the custom SSL cert will succe= ed but with the original self-signed gives the expected "insecure" message.= What criteria need to be met so the install will pass?</div></div></div></=
After running through the new patch posted in BZ 1055153 I'm adding a = second host to the hosted-engine cluster but it seems to fail right before = the finish:</div><div class=3D"gmail_default" style=3D"font-family:tahoma,s= ans-serif"><br></div><div class=3D"gmail_default"><div class=3D"gmail_defau= lt"><span style=3D"font-family: tahoma, sans-serif;">[ ERROR ] Failed to ex= ecute stage 'Closing up': [ERROR]::oVirt API connection failure, [Errno 1] = _ssl.c:492: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certifi= cate verify failed</span></div><div style=3D"font-family:tahoma,sans-serif"= the engine's SSL back to the default generated one the install will succee= d.</div><div style=3D"font-family:tahoma,sans-serif"><br></div><div style= =3D"font-family:tahoma,sans-serif">Setup logs: <a href=3D"http://www.f= paste.org/72624/13909770/" target=3D"_blank">http://www.fpaste.org/72624/13= 909770/</a><br></div><div style=3D"font-family:tahoma,sans-serif"><br></div= blockquote><div><br></div><div>Seems like a bug (or a missing feature) - ho= sted-engine only supports the self-signed cert. Can you please open a bug f= or this?</div><div><br></div><div>You might manage to make it work by repla= cing /etc/pki/ovirt-engine/ca.pem with the certificate of your ca, but= this will prevent adding hosts (because it's needed to create a certificat= e for them). Perhaps other things will break too, I didn't try that.</div><= /div></blockquote><div><br></div><div>On a second thought, I don't think it= will work. The engine will still sign certs for hosts with its private key= , but the hosts will try to verify that with the ca.pem you put there and f= ail.</div><div><span style=3D"font-size: 12pt;">-- </span></div><div><= span name=3D"x"></span>Didi<span name=3D"x"></span><br></div><div><br></div=
</div></body></html> ------=_Part_10315973_1426242418.1390979518044--
Shame about the way the CA works, may be worth putting a reverse proxy in front as unsigned SSL can be a deal breaker. Anyway, my vdsm.log is here http://www.fpaste.org/72643/98338713/ When it's "Still waiting for VDSM host to become operational.." there is no output in vdsm.log On Wed, Jan 29, 2014 at 6:11 PM, Yedidyah Bar David <didi@redhat.com> wrote:
*From: *"Yedidyah Bar David" <didi@redhat.com> *To: *"Andrew Lau" <andrew@andrewklau.com> *Cc: *"users" <users@ovirt.org> *Sent: *Wednesday, January 29, 2014 9:05:06 AM *Subject: *Re: [Users] Hosted Engine adding host SSL Failure (w/ engine custom cert)
*From: *"Andrew Lau" <andrew@andrewklau.com> *To: *"users" <users@ovirt.org> *Sent: *Wednesday, January 29, 2014 8:38:33 AM *Subject: *[Users] Hosted Engine adding host SSL Failure (w/ engine custom cert)
Hi,
After running through the new patch posted in BZ 1055153 I'm adding a second host to the hosted-engine cluster but it seems to fail right before the finish:
[ ERROR ] Failed to execute stage 'Closing up': [ERROR]::oVirt API connection failure, [Errno 1] _ssl.c:492: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
Couple Extra Notes: Engine has a custom SSL cert but the CA has been trusted by the new host. When I temporarily return the engine's SSL back to the default generated one the install will succeed.
Setup logs: http://www.fpaste.org/72624/13909770/
What confuses me is:
curl https://engine.example.net with the custom SSL cert will succeed but with the original self-signed gives the expected "insecure" message. What criteria need to be met so the install will pass?
Seems like a bug (or a missing feature) - hosted-engine only supports the self-signed cert. Can you please open a bug for this?
You might manage to make it work by replacing /etc/pki/ovirt-engine/ca.pem with the certificate of your ca, but this will prevent adding hosts (because it's needed to create a certificate for them). Perhaps other things will break too, I didn't try that.
On a second thought, I don't think it will work. The engine will still sign certs for hosts with its private key, but the hosts will try to verify that with the ca.pem you put there and fail. -- Didi
------=_Part_10419106_1400942072.1390989467106 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit
From: "Andrew Lau" <andrew@andrewklau.com> To: "Yedidyah Bar David" <didi@redhat.com> Cc: "users" <users@ovirt.org> Sent: Wednesday, January 29, 2014 10:17:21 AM Subject: Re: [Users] Hosted Engine adding host SSL Failure (w/ engine custom cert)
Shame about the way the CA works, may be worth putting a reverse proxy in front as unsigned SSL can be a deal breaker.
Perhaps. Would you like to open a bug?
Anyway, my vdsm.log is here http://www.fpaste.org/72643/98338713/
When it's "Still waiting for VDSM host to become operational.." there is no output in vdsm.log
Sorry, didn't follow. What this refers to? The ssl issue or something else? Thanks! -- Didi ------=_Part_10419106_1400942072.1390989467106 Content-Type: text/html; charset=utf-8 Content-Transfer-Encoding: quoted-printable <html><body><div style=3D"font-family: times new roman, new york, times, se= rif; font-size: 12pt; color: #000000"><div></div><blockquote style=3D"borde= r-left:2px solid #1010FF;margin-left:5px;padding-left:5px;color:#000;font-w= eight:normal;font-style:normal;text-decoration:none;font-family:Helvetica,A= rial,sans-serif;font-size:12pt;"><b>From: </b>"Andrew Lau" <andrew@andre= wklau.com><br><b>To: </b>"Yedidyah Bar David" <didi@redhat.com><br=
<b>Cc: </b>"users" <users@ovirt.org><br><b>Sent: </b>Wednesday, Janu= ary 29, 2014 10:17:21 AM<br><b>Subject: </b>Re: [Users] Hosted Engine addin= g host SSL Failure (w/ engine custom cert)<br><div><br></div><div dir=3D"lt= r"><div class=3D"gmail_default" style=3D"font-family:tahoma,sans-serif">Sha= me about the way the CA works, may be worth putting a reverse proxy in fron= t as unsigned SSL can be a deal breaker. </div></div></blockquote><div= <br></div><div>Perhaps. Would you like to open a bug?</div><div><br></div>= <blockquote style=3D"border-left:2px solid #1010FF;margin-left:5px;padding-= left:5px;color:#000;font-weight:normal;font-style:normal;text-decoration:no= ne;font-family:Helvetica,Arial,sans-serif;font-size:12pt;"><div dir=3D"ltr"= <div class=3D"gmail_default" style=3D"font-family:tahoma,sans-serif"><br><= /div><div class=3D"gmail_default" style=3D"font-family:tahoma,sans-serif">A= nyway, my vdsm.log is here <a href=3D"http://www.fpaste.org/72643/9833= 8713/" target=3D"_blank">http://www.fpaste.org/72643/98338713/</a></div><di= v class=3D"gmail_default" style=3D"font-family:tahoma,sans-serif"><br></div= <div class=3D"gmail_default" style=3D"font-family:tahoma,sans-serif">When = it's "Still waiting for VDSM host to become operational.." there is no outp= ut in vdsm.log </div></div></blockquote><div><br></div><div>Sorry, did= n't follow. What this refers to? The ssl issue or something else?</div><div= <br></div><div>Thanks!</div><div><span style=3D"font-size: 12pt;">-- = </span></div><div><span name=3D"x"></span>Didi<span name=3D"x"></span><br><= /div><div><br></div></div></body></html> ------=_Part_10419106_1400942072.1390989467106--
On Wed, Jan 29, 2014 at 8:57 PM, Yedidyah Bar David <didi@redhat.com> wrote:
*From: *"Andrew Lau" <andrew@andrewklau.com> *To: *"Yedidyah Bar David" <didi@redhat.com> *Cc: *"users" <users@ovirt.org> *Sent: *Wednesday, January 29, 2014 10:17:21 AM
*Subject: *Re: [Users] Hosted Engine adding host SSL Failure (w/ engine custom cert)
Shame about the way the CA works, may be worth putting a reverse proxy in front as unsigned SSL can be a deal breaker.
Perhaps. Would you like to open a bug?
Anyway, my vdsm.log is here http://www.fpaste.org/72643/98338713/
When it's "Still waiting for VDSM host to become operational.." there is no output in vdsm.log
Sorry, didn't follow. What this refers to? The ssl issue or something else?
So the output of the install process is like this: [ INFO ] Engine replied: DB Up!Welcome to Health Status! [ ERROR ] Cannot automatically add the host to the Default cluster: Entity not found: Cluster: name=Default [ INFO ] Waiting for the host to become operational in the engine. This may take several minutes... [ INFO ] Still waiting for VDSM host to become operational... [ INFO ] Still waiting for VDSM host to become operational... [ INFO ] Still waiting for VDSM host to become operational... [ INFO ] Still waiting for VDSM host to become operational... [ INFO ] Still waiting for VDSM host to become operational... [ INFO ] Still waiting for VDSM host to become operational... [ INFO ] Still waiting for VDSM host to become operational... [ INFO ] Still waiting for VDSM host to become operational... [ INFO ] Still waiting for VDSM host to become operational... [ INFO ] Still waiting for VDSM host to become operational... [ INFO ] Still waiting for VDSM host to become operational... [ INFO ] Still waiting for VDSM host to become operational... [ INFO ] Still waiting for VDSM host to become operational... [ INFO ] Still waiting for VDSM host to become operational... [ INFO ] Still waiting for VDSM host to become operational... [ INFO ] Still waiting for VDSM host to become operational... [ INFO ] Still waiting for VDSM host to become operational... [ INFO ] Still waiting for VDSM host to become operational... [ INFO ] Still waiting for VDSM host to become operational... [ INFO ] Still waiting for VDSM host to become operational... [ ERROR ] Timed out while waiting for host to start. Please check the logs. [ ERROR ] Unable to add HV02 to the manager [ INFO ] Enabling and starting HA services Hosted Engine successfully set up [ INFO ] Stage: Clean up [ INFO ] Stage: Pre-termination [ INFO ] Stage: Termination During that whole "Still waiting for VDSM host to become operational..." The vdsm.log doesn't report anything at all not until the timeout
Thanks! -- Didi
------=_Part_10454409_1132619568.1390992649993 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit
From: "Andrew Lau" <andrew@andrewklau.com> To: "Yedidyah Bar David" <didi@redhat.com> Cc: "users" <users@ovirt.org> Sent: Wednesday, January 29, 2014 12:19:56 PM Subject: Re: [Users] Hosted Engine adding host SSL Failure (w/ engine custom cert)
On Wed, Jan 29, 2014 at 8:57 PM, Yedidyah Bar David < didi@redhat.com > wrote:
From: "Andrew Lau" < andrew@andrewklau.com >
To: "Yedidyah Bar David" < didi@redhat.com >
Cc: "users" < users@ovirt.org >
Sent: Wednesday, January 29, 2014 10:17:21 AM
Subject: Re: [Users] Hosted Engine adding host SSL Failure (w/ engine custom cert)
Shame about the way the CA works, may be worth putting a reverse proxy in front as unsigned SSL can be a deal breaker.
Perhaps. Would you like to open a bug?
Anyway, my vdsm.log is here http://www.fpaste.org/72643/98338713/
When it's "Still waiting for VDSM host to become operational.." there is no output in vdsm.log
Sorry, didn't follow. What this refers to? The ssl issue or something else?
So the output of the install process is like this:
[ INFO ] Engine replied: DB Up!Welcome to Health Status! [ ERROR ] Cannot automatically add the host to the Default cluster: Entity not found: Cluster: name=Default [ INFO ] Waiting for the host to become operational in the engine. This may take several minutes... [ INFO ] Still waiting for VDSM host to become operational... [ INFO ] Still waiting for VDSM host to become operational... [ INFO ] Still waiting for VDSM host to become operational... [ INFO ] Still waiting for VDSM host to become operational... [ INFO ] Still waiting for VDSM host to become operational... [ INFO ] Still waiting for VDSM host to become operational... [ INFO ] Still waiting for VDSM host to become operational... [ INFO ] Still waiting for VDSM host to become operational... [ INFO ] Still waiting for VDSM host to become operational... [ INFO ] Still waiting for VDSM host to become operational... [ INFO ] Still waiting for VDSM host to become operational... [ INFO ] Still waiting for VDSM host to become operational... [ INFO ] Still waiting for VDSM host to become operational... [ INFO ] Still waiting for VDSM host to become operational... [ INFO ] Still waiting for VDSM host to become operational... [ INFO ] Still waiting for VDSM host to become operational... [ INFO ] Still waiting for VDSM host to become operational... [ INFO ] Still waiting for VDSM host to become operational... [ INFO ] Still waiting for VDSM host to become operational... [ INFO ] Still waiting for VDSM host to become operational... [ ERROR ] Timed out while waiting for host to start. Please check the logs. [ ERROR ] Unable to add HV02 to the manager [ INFO ] Enabling and starting HA services Hosted Engine successfully set up [ INFO ] Stage: Clean up [ INFO ] Stage: Pre-termination [ INFO ] Stage: Termination
During that whole "Still waiting for VDSM host to become operational..." The vdsm.log doesn't report anything at all not until the timeout
<b>Cc: </b>"users" <users@ovirt.org><br><b>Sent: </b>Wednesday, Janu= ary 29, 2014 12:19:56 PM<br><b>Subject: </b>Re: [Users] Hosted Engine addin= g host SSL Failure (w/ engine custom cert)<br><div><br></div><div dir=3D"lt= r"><div class=3D"gmail_default" style=3D"font-family:tahoma,sans-serif"><br= </div><div class=3D"gmail_extra"><div class=3D"gmail_quote">On Wed, Jan 29= , 2014 at 8:57 PM, Yedidyah Bar David <span dir=3D"ltr"><<a href=3D"mail= to:didi@redhat.com" target=3D"_blank">didi@redhat.com</a>></span> wrote:= <br><blockquote class=3D"gmail_quote" style=3D"margin:0px 0px 0px 0.8ex;bor= der-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:sol= id;padding-left:1ex"><div><div style=3D"font-size:12pt;font-family:'times n= ew roman','new york',times,serif"><blockquote style=3D"padding-left:5px;fon= t-size:12pt;font-style:normal;margin-left:5px;font-family:Helvetica,Arial,s= ans-serif;text-decoration:none;font-weight:normal;border-left-width:2px;bor= der-left-style:solid;border-left-color:rgb(16,16,255)"><b>From: </b>"Andrew= Lau" <<a href=3D"mailto:andrew@andrewklau.com" target=3D"_blank">andrew= @andrewklau.com</a>><br><b>To: </b>"Yedidyah Bar David" <<a href=3D"m= ailto:didi@redhat.com" target=3D"_blank">didi@redhat.com</a>><br><b>Cc: = </b>"users" <<a href=3D"mailto:users@ovirt.org" target=3D"_blank">users@= ovirt.org</a>><br><b>Sent: </b>Wednesday, January 29, 2014 10:17:21 AM<d= iv class=3D"im"><br><b>Subject: </b>Re: [Users] Hosted Engine adding host S= SL Failure (w/ engine custom cert)<br><div><br></div></div><div class=3D"im= "><div dir=3D"ltr"><div style=3D"font-family:tahoma,sans-serif">Shame about=
<div><br></div><blockquote style=3D"padding-left:5px;font-size:12pt;font-s= tyle:normal;margin-left:5px;font-family:Helvetica,Arial,sans-serif;text-dec= oration:none;font-weight:normal;border-left-width:2px;border-left-style:sol= id;border-left-color:rgb(16,16,255)"><div dir=3D"ltr"><div style=3D"font-fa= mily:tahoma,sans-serif"><br></div><div style=3D"font-family:tahoma,sans-ser= if">Anyway, my vdsm.log is here <a href=3D"http://www.fpaste.org/72643= /98338713/" target=3D"_blank">http://www.fpaste.org/72643/98338713/</a></di= v><div style=3D"font-family:tahoma,sans-serif"><br></div><div style=3D"font= -family:tahoma,sans-serif">When it's "Still waiting for VDSM host to become= operational.." there is no output in vdsm.log </div></div></blockquot= e><div><br></div></div><div>Sorry, didn't follow. What this refers to? The = ssl issue or something else?</div><div><br></div></div></div></blockquote><=
[ ERROR ] Cannot automatically add the host to the Default cluster: Entity= not found: Cluster: name=3DDefault </span></div><div class=3D"gmail_d= efault"><span face=3D"tahoma, sans-serif" data-mce-style=3D"font-family: ta= homa, sans-serif;" style=3D"font-family: tahoma, sans-serif;">[ INFO = ] Waiting for the host to become operational in the engine. This may take s= everal minutes...</span></div><div class=3D"gmail_default"><span face=3D"ta= homa, sans-serif" data-mce-style=3D"font-family: tahoma, sans-serif;" style= =3D"font-family: tahoma, sans-serif;">[ INFO ] Still waiting for VDSM= host to become operational...</span></div><div class=3D"gmail_default"><sp= an face=3D"tahoma, sans-serif" data-mce-style=3D"font-family: tahoma, sans-= serif;" style=3D"font-family: tahoma, sans-serif;">[ INFO ] Still wai= ting for VDSM host to become operational...</span></div><div class=3D"gmail= _default"><span face=3D"tahoma, sans-serif" data-mce-style=3D"font-family: = tahoma, sans-serif;" style=3D"font-family: tahoma, sans-serif;">[ INFO &nbs=
</div><div class=3D"gmail_default"><span face=3D"tahoma, sans-serif" data-= mce-style=3D"font-family: tahoma, sans-serif;" style=3D"font-family: tahoma= , sans-serif;">[ INFO ] Still waiting for VDSM host to become operati= onal...</span></div><div class=3D"gmail_default"><span face=3D"tahoma, sans= -serif" data-mce-style=3D"font-family: tahoma, sans-serif;" style=3D"font-f= amily: tahoma, sans-serif;">[ INFO ] Still waiting for VDSM host to b= ecome operational...</span></div><div class=3D"gmail_default"><span face=3D= "tahoma, sans-serif" data-mce-style=3D"font-family: tahoma, sans-serif;" st= yle=3D"font-family: tahoma, sans-serif;">[ INFO ] Still waiting for V= DSM host to become operational...</span></div><div class=3D"gmail_default">= <span face=3D"tahoma, sans-serif" data-mce-style=3D"font-family: tahoma, sa= ns-serif;" style=3D"font-family: tahoma, sans-serif;">[ INFO ] Still = waiting for VDSM host to become operational...</span></div><div class=3D"gm= ail_default"><span face=3D"tahoma, sans-serif" data-mce-style=3D"font-famil= y: tahoma, sans-serif;" style=3D"font-family: tahoma, sans-serif;">[ INFO &= nbsp;] Still waiting for VDSM host to become operational...</span></div><di= v class=3D"gmail_default"><span face=3D"tahoma, sans-serif" data-mce-style= =3D"font-family: tahoma, sans-serif;" style=3D"font-family: tahoma, sans-se= rif;">[ INFO ] Still waiting for VDSM host to become operational...</= span></div><div class=3D"gmail_default"><span face=3D"tahoma, sans-serif" d= ata-mce-style=3D"font-family: tahoma, sans-serif;" style=3D"font-family: ta= homa, sans-serif;">[ INFO ] Still waiting for VDSM host to become ope= rational...</span></div><div class=3D"gmail_default"><span face=3D"tahoma, = sans-serif" data-mce-style=3D"font-family: tahoma, sans-serif;" style=3D"fo= nt-family: tahoma, sans-serif;">[ INFO ] Still waiting for VDSM host = to become operational...</span></div><div class=3D"gmail_default"><span fac= e=3D"tahoma, sans-serif" data-mce-style=3D"font-family: tahoma, sans-serif;= " style=3D"font-family: tahoma, sans-serif;">[ INFO ] Still waiting f= or VDSM host to become operational...</span></div><div class=3D"gmail_defau= lt"><span face=3D"tahoma, sans-serif" data-mce-style=3D"font-family: tahoma= , sans-serif;" style=3D"font-family: tahoma, sans-serif;">[ INFO ] St= ill waiting for VDSM host to become operational...</span></div><div class= =3D"gmail_default"><span face=3D"tahoma, sans-serif" data-mce-style=3D"font= -family: tahoma, sans-serif;" style=3D"font-family: tahoma, sans-serif;">[ = INFO ] Still waiting for VDSM host to become operational...</span></d= iv><div class=3D"gmail_default"><span face=3D"tahoma, sans-serif" data-mce-=
Can you please post full logs of hosted-engine-setup, vdsm, and hosted-engine-ha? I looked at previous posts and only found setup logs with the external ca cert. Your http://www.fpaste.org/72643/98338713/ starts at 19:03:31 where the problem might be much earlier. Thanks a lot, -- Didi ------=_Part_10454409_1132619568.1390992649993 Content-Type: text/html; charset=utf-8 Content-Transfer-Encoding: quoted-printable <html><body><div style=3D"font-family: times new roman, new york, times, se= rif; font-size: 12pt; color: #000000"><div></div><blockquote style=3D"borde= r-left:2px solid #1010FF;margin-left:5px;padding-left:5px;color:#000;font-w= eight:normal;font-style:normal;text-decoration:none;font-family:Helvetica,A= rial,sans-serif;font-size:12pt;"><b>From: </b>"Andrew Lau" <andrew@andre= wklau.com><br><b>To: </b>"Yedidyah Bar David" <didi@redhat.com><br= the way the CA works, may be worth putting a reverse proxy in front as uns= igned SSL can be a deal breaker. </div></div></div></blockquote><div><= br></div><div>Perhaps. Would you like to open a bug?</div><div class=3D"im"= div><br></div><div><div class=3D"gmail_default" style=3D"font-family:tahoma= ,sans-serif"> So the output of the install process is like this:</div><div class=3D"gmail= _default" style=3D"font-family:tahoma,sans-serif"><br></div><div class=3D"g= mail_default"><span face=3D"tahoma, sans-serif" data-mce-style=3D"font-fami= ly: tahoma, sans-serif;" style=3D"font-family: tahoma, sans-serif;">[ INFO = ] Engine replied: DB Up!Welcome to Health Status!</span></div><div cl= ass=3D"gmail_default"><span face=3D"tahoma, sans-serif" data-mce-style=3D"f= ont-family: tahoma, sans-serif;" style=3D"font-family: tahoma, sans-serif;"= p;] Still waiting for VDSM host to become operational...</span></div><div c= lass=3D"gmail_default"><span face=3D"tahoma, sans-serif" data-mce-style=3D"= font-family: tahoma, sans-serif;" style=3D"font-family: tahoma, sans-serif;= ">[ INFO ] Still waiting for VDSM host to become operational...</span= style=3D"font-family: tahoma, sans-serif;" style=3D"font-family: tahoma, sa= ns-serif;">[ INFO ] Still waiting for VDSM host to become operational= ...</span></div><div class=3D"gmail_default"><span face=3D"tahoma, sans-ser= if" data-mce-style=3D"font-family: tahoma, sans-serif;" style=3D"font-famil= y: tahoma, sans-serif;">[ INFO ] Still waiting for VDSM host to becom= e operational...</span></div><div class=3D"gmail_default"><span face=3D"tah= oma, sans-serif" data-mce-style=3D"font-family: tahoma, sans-serif;" style= =3D"font-family: tahoma, sans-serif;">[ INFO ] Still waiting for VDSM= host to become operational...</span></div><div class=3D"gmail_default"><sp= an face=3D"tahoma, sans-serif" data-mce-style=3D"font-family: tahoma, sans-= serif;" style=3D"font-family: tahoma, sans-serif;">[ INFO ] Still wai= ting for VDSM host to become operational...</span></div><div class=3D"gmail= _default"><span face=3D"tahoma, sans-serif" data-mce-style=3D"font-family: = tahoma, sans-serif;" style=3D"font-family: tahoma, sans-serif;">[ INFO &nbs= p;] Still waiting for VDSM host to become operational...</span></div><div c= lass=3D"gmail_default"><span face=3D"tahoma, sans-serif" data-mce-style=3D"= font-family: tahoma, sans-serif;" style=3D"font-family: tahoma, sans-serif;= ">[ ERROR ] Timed out while waiting for host to start. Please check the log= s.</span></div><div class=3D"gmail_default"><span face=3D"tahoma, sans-seri= f" data-mce-style=3D"font-family: tahoma, sans-serif;" style=3D"font-family= : tahoma, sans-serif;">[ ERROR ] Unable to add HV02 to the manager</span></= div><div class=3D"gmail_default"><span face=3D"tahoma, sans-serif" data-mce= -style=3D"font-family: tahoma, sans-serif;" style=3D"font-family: tahoma, s= ans-serif;">[ INFO ] Enabling and starting HA services</span></div><d= iv class=3D"gmail_default"><span face=3D"tahoma, sans-serif" data-mce-style= =3D"font-family: tahoma, sans-serif;" style=3D"font-family: tahoma, sans-se= rif;"> Hosted Engine successfully set up<= /span></div><div class=3D"gmail_default"><span face=3D"tahoma, sans-serif" = data-mce-style=3D"font-family: tahoma, sans-serif;" style=3D"font-family: t= ahoma, sans-serif;">[ INFO ] Stage: Clean up</span></div><div class= =3D"gmail_default"><span face=3D"tahoma, sans-serif" data-mce-style=3D"font= -family: tahoma, sans-serif;" style=3D"font-family: tahoma, sans-serif;">[ = INFO ] Stage: Pre-termination</span></div><div class=3D"gmail_default= "><span face=3D"tahoma, sans-serif" data-mce-style=3D"font-family: tahoma, = sans-serif;" style=3D"font-family: tahoma, sans-serif;">[ INFO ] Stag= e: Termination</span></div><div class=3D"gmail_default" style=3D"font-famil= y:tahoma,sans-serif"><br></div><div class=3D"gmail_default" style=3D"font-f= amily:tahoma,sans-serif"><br></div><div class=3D"gmail_default" style=3D"fo= nt-family:tahoma,sans-serif">During that whole "Still waiting for VDSM host= to become operational..." </div><div class=3D"gmail_default" style=3D= "font-family:tahoma,sans-serif">The vdsm.log doesn't report anything at all= not until the timeout</div></div></div></div></div></blockquote><div><br><= /div><div>Can you please post full logs of hosted-engine-setup, vdsm, and h= osted-engine-ha?</div><div><br></div><div>I looked at previous posts and on= ly found setup logs with the external ca cert. Your</div><div><a href=3D"ht= tp://www.fpaste.org/72643/98338713/" data-mce-href=3D"http://www.fpaste.org= /72643/98338713/">http://www.fpaste.org/72643/98338713/</a> starts at = <span style=3D"font-family: monospace; font-size: 12px; line-height: 14.390= 625px; background-color: #ffffff;" data-mce-style=3D"font-family: monospace= ; font-size: 12px; line-height: 14.390625px; background-color: #ffffff;">19= :03:31 </span>where the problem might</div><div>be much earlier.</div>= <div><br></div><div>Thanks a lot,</div><div>-- <br></div><div><span name=3D= "x"></span>Didi<span name=3D"x"></span><br></div><div><br></div></div></bod= y></html> ------=_Part_10454409_1132619568.1390992649993--
On Wed, Jan 29, 2014 at 9:50 PM, Yedidyah Bar David <didi@redhat.com> wrote:
*From: *"Andrew Lau" <andrew@andrewklau.com> *To: *"Yedidyah Bar David" <didi@redhat.com> *Cc: *"users" <users@ovirt.org> *Sent: *Wednesday, January 29, 2014 12:19:56 PM
*Subject: *Re: [Users] Hosted Engine adding host SSL Failure (w/ engine custom cert)
On Wed, Jan 29, 2014 at 8:57 PM, Yedidyah Bar David <didi@redhat.com>wrote:
*From: *"Andrew Lau" <andrew@andrewklau.com> *To: *"Yedidyah Bar David" <didi@redhat.com> *Cc: *"users" <users@ovirt.org> *Sent: *Wednesday, January 29, 2014 10:17:21 AM
*Subject: *Re: [Users] Hosted Engine adding host SSL Failure (w/ engine custom cert)
Shame about the way the CA works, may be worth putting a reverse proxy in front as unsigned SSL can be a deal breaker.
Perhaps. Would you like to open a bug?
Anyway, my vdsm.log is here http://www.fpaste.org/72643/98338713/
When it's "Still waiting for VDSM host to become operational.." there is no output in vdsm.log
Sorry, didn't follow. What this refers to? The ssl issue or something else?
So the output of the install process is like this:
[ INFO ] Engine replied: DB Up!Welcome to Health Status! [ ERROR ] Cannot automatically add the host to the Default cluster: Entity not found: Cluster: name=Default [ INFO ] Waiting for the host to become operational in the engine. This may take several minutes... [ INFO ] Still waiting for VDSM host to become operational... [ INFO ] Still waiting for VDSM host to become operational... [ INFO ] Still waiting for VDSM host to become operational... [ INFO ] Still waiting for VDSM host to become operational... [ INFO ] Still waiting for VDSM host to become operational... [ INFO ] Still waiting for VDSM host to become operational... [ INFO ] Still waiting for VDSM host to become operational... [ INFO ] Still waiting for VDSM host to become operational... [ INFO ] Still waiting for VDSM host to become operational... [ INFO ] Still waiting for VDSM host to become operational... [ INFO ] Still waiting for VDSM host to become operational... [ INFO ] Still waiting for VDSM host to become operational... [ INFO ] Still waiting for VDSM host to become operational... [ INFO ] Still waiting for VDSM host to become operational... [ INFO ] Still waiting for VDSM host to become operational... [ INFO ] Still waiting for VDSM host to become operational... [ INFO ] Still waiting for VDSM host to become operational... [ INFO ] Still waiting for VDSM host to become operational... [ INFO ] Still waiting for VDSM host to become operational... [ INFO ] Still waiting for VDSM host to become operational... [ ERROR ] Timed out while waiting for host to start. Please check the logs. [ ERROR ] Unable to add HV02 to the manager [ INFO ] Enabling and starting HA services Hosted Engine successfully set up [ INFO ] Stage: Clean up [ INFO ] Stage: Pre-termination [ INFO ] Stage: Termination
During that whole "Still waiting for VDSM host to become operational..." The vdsm.log doesn't report anything at all not until the timeout
Can you please post full logs of hosted-engine-setup, vdsm, and hosted-engine-ha?
I looked at previous posts and only found setup logs with the external ca cert. Your http://www.fpaste.org/72643/98338713/ starts at 19:03:31 where the problem might be much earlier.
Sorry about that. ovirt-hosted-engine-setup: http://www.fpaste.org/72679/13909935/ fpaste doesn't seem to like the long vdsm log so I have attached it instead.
I managed to resolve this, don't know why I was not paying attention to the first error. The engine needs to have a cluster called Default or the host won't get added to the engine, this was causing that constant spam of "still waiting for host to become operational". The host would however still get added to the ha-services just not the engine and the install terminates. On Jan 29, 2014 10:15 PM, "Andrew Lau" <andrew@andrewklau.com> wrote:
On Wed, Jan 29, 2014 at 9:50 PM, Yedidyah Bar David <didi@redhat.com>wrote:
*From: *"Andrew Lau" <andrew@andrewklau.com> *To: *"Yedidyah Bar David" <didi@redhat.com> *Cc: *"users" <users@ovirt.org> *Sent: *Wednesday, January 29, 2014 12:19:56 PM
*Subject: *Re: [Users] Hosted Engine adding host SSL Failure (w/ engine custom cert)
On Wed, Jan 29, 2014 at 8:57 PM, Yedidyah Bar David <didi@redhat.com>wrote:
*From: *"Andrew Lau" <andrew@andrewklau.com> *To: *"Yedidyah Bar David" <didi@redhat.com> *Cc: *"users" <users@ovirt.org> *Sent: *Wednesday, January 29, 2014 10:17:21 AM
*Subject: *Re: [Users] Hosted Engine adding host SSL Failure (w/ engine custom cert)
Shame about the way the CA works, may be worth putting a reverse proxy in front as unsigned SSL can be a deal breaker.
Perhaps. Would you like to open a bug?
Anyway, my vdsm.log is here http://www.fpaste.org/72643/98338713/
When it's "Still waiting for VDSM host to become operational.." there is no output in vdsm.log
Sorry, didn't follow. What this refers to? The ssl issue or something else?
So the output of the install process is like this:
[ INFO ] Engine replied: DB Up!Welcome to Health Status! [ ERROR ] Cannot automatically add the host to the Default cluster: Entity not found: Cluster: name=Default [ INFO ] Waiting for the host to become operational in the engine. This may take several minutes... [ INFO ] Still waiting for VDSM host to become operational... [ INFO ] Still waiting for VDSM host to become operational... [ INFO ] Still waiting for VDSM host to become operational... [ INFO ] Still waiting for VDSM host to become operational... [ INFO ] Still waiting for VDSM host to become operational... [ INFO ] Still waiting for VDSM host to become operational... [ INFO ] Still waiting for VDSM host to become operational... [ INFO ] Still waiting for VDSM host to become operational... [ INFO ] Still waiting for VDSM host to become operational... [ INFO ] Still waiting for VDSM host to become operational... [ INFO ] Still waiting for VDSM host to become operational... [ INFO ] Still waiting for VDSM host to become operational... [ INFO ] Still waiting for VDSM host to become operational... [ INFO ] Still waiting for VDSM host to become operational... [ INFO ] Still waiting for VDSM host to become operational... [ INFO ] Still waiting for VDSM host to become operational... [ INFO ] Still waiting for VDSM host to become operational... [ INFO ] Still waiting for VDSM host to become operational... [ INFO ] Still waiting for VDSM host to become operational... [ INFO ] Still waiting for VDSM host to become operational... [ ERROR ] Timed out while waiting for host to start. Please check the logs. [ ERROR ] Unable to add HV02 to the manager [ INFO ] Enabling and starting HA services Hosted Engine successfully set up [ INFO ] Stage: Clean up [ INFO ] Stage: Pre-termination [ INFO ] Stage: Termination
During that whole "Still waiting for VDSM host to become operational..." The vdsm.log doesn't report anything at all not until the timeout
Can you please post full logs of hosted-engine-setup, vdsm, and hosted-engine-ha?
I looked at previous posts and only found setup logs with the external ca cert. Your http://www.fpaste.org/72643/98338713/ starts at 19:03:31 where the problem might be much earlier.
Sorry about that.
ovirt-hosted-engine-setup: http://www.fpaste.org/72679/13909935/ fpaste doesn't seem to like the long vdsm log so I have attached it instead.
I have opened two BZs around these two case scenarios: BZ 1059952 - hosted-engine --deploy (additional host) will fail if the engine is not using the default self-signed CA BZ 1059950 - If cluster=Default does not exist in hosted-engine it will fail and timeout Thanks, Andrew On Fri, Jan 31, 2014 at 9:58 AM, Andrew Lau <andrew@andrewklau.com> wrote:
I managed to resolve this, don't know why I was not paying attention to the first error.
The engine needs to have a cluster called Default or the host won't get added to the engine, this was causing that constant spam of "still waiting for host to become operational".
The host would however still get added to the ha-services just not the engine and the install terminates. On Jan 29, 2014 10:15 PM, "Andrew Lau" <andrew@andrewklau.com> wrote:
On Wed, Jan 29, 2014 at 9:50 PM, Yedidyah Bar David <didi@redhat.com>wrote:
*From: *"Andrew Lau" <andrew@andrewklau.com> *To: *"Yedidyah Bar David" <didi@redhat.com> *Cc: *"users" <users@ovirt.org> *Sent: *Wednesday, January 29, 2014 12:19:56 PM
*Subject: *Re: [Users] Hosted Engine adding host SSL Failure (w/ engine custom cert)
On Wed, Jan 29, 2014 at 8:57 PM, Yedidyah Bar David <didi@redhat.com>wrote:
*From: *"Andrew Lau" <andrew@andrewklau.com> *To: *"Yedidyah Bar David" <didi@redhat.com> *Cc: *"users" <users@ovirt.org> *Sent: *Wednesday, January 29, 2014 10:17:21 AM
*Subject: *Re: [Users] Hosted Engine adding host SSL Failure (w/ engine custom cert)
Shame about the way the CA works, may be worth putting a reverse proxy in front as unsigned SSL can be a deal breaker.
Perhaps. Would you like to open a bug?
Anyway, my vdsm.log is here http://www.fpaste.org/72643/98338713/
When it's "Still waiting for VDSM host to become operational.." there is no output in vdsm.log
Sorry, didn't follow. What this refers to? The ssl issue or something else?
So the output of the install process is like this:
[ INFO ] Engine replied: DB Up!Welcome to Health Status! [ ERROR ] Cannot automatically add the host to the Default cluster: Entity not found: Cluster: name=Default [ INFO ] Waiting for the host to become operational in the engine. This may take several minutes... [ INFO ] Still waiting for VDSM host to become operational... [ INFO ] Still waiting for VDSM host to become operational... [ INFO ] Still waiting for VDSM host to become operational... [ INFO ] Still waiting for VDSM host to become operational... [ INFO ] Still waiting for VDSM host to become operational... [ INFO ] Still waiting for VDSM host to become operational... [ INFO ] Still waiting for VDSM host to become operational... [ INFO ] Still waiting for VDSM host to become operational... [ INFO ] Still waiting for VDSM host to become operational... [ INFO ] Still waiting for VDSM host to become operational... [ INFO ] Still waiting for VDSM host to become operational... [ INFO ] Still waiting for VDSM host to become operational... [ INFO ] Still waiting for VDSM host to become operational... [ INFO ] Still waiting for VDSM host to become operational... [ INFO ] Still waiting for VDSM host to become operational... [ INFO ] Still waiting for VDSM host to become operational... [ INFO ] Still waiting for VDSM host to become operational... [ INFO ] Still waiting for VDSM host to become operational... [ INFO ] Still waiting for VDSM host to become operational... [ INFO ] Still waiting for VDSM host to become operational... [ ERROR ] Timed out while waiting for host to start. Please check the logs. [ ERROR ] Unable to add HV02 to the manager [ INFO ] Enabling and starting HA services Hosted Engine successfully set up [ INFO ] Stage: Clean up [ INFO ] Stage: Pre-termination [ INFO ] Stage: Termination
During that whole "Still waiting for VDSM host to become operational..." The vdsm.log doesn't report anything at all not until the timeout
Can you please post full logs of hosted-engine-setup, vdsm, and hosted-engine-ha?
I looked at previous posts and only found setup logs with the external ca cert. Your http://www.fpaste.org/72643/98338713/ starts at 19:03:31 where the problem might be much earlier.
Sorry about that.
ovirt-hosted-engine-setup: http://www.fpaste.org/72679/13909935/ fpaste doesn't seem to like the long vdsm log so I have attached it instead.
------=_Part_13150888_1301993029.1391322265347 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit
From: "Andrew Lau" <andrew@andrewklau.com> To: "Yedidyah Bar David" <didi@redhat.com> Cc: "users" <users@ovirt.org> Sent: Friday, January 31, 2014 6:00:45 AM Subject: Re: [Users] Hosted Engine adding host SSL Failure (w/ engine custom cert)
I have opened two BZs around these two case scenarios:
BZ 1059952 - hosted-engine --deploy (additional host) will fail if the engine is not using the default self-signed CA BZ 1059950 - If cluster=Default does not exist in hosted-engine it will fail and timeout
Thank you very much! -- Didi ------=_Part_13150888_1301993029.1391322265347 Content-Type: text/html; charset=utf-8 Content-Transfer-Encoding: quoted-printable <html><body><div style=3D"font-family: times new roman, new york, times, se= rif; font-size: 12pt; color: #000000"><div></div><blockquote style=3D"borde= r-left:2px solid #1010FF;margin-left:5px;padding-left:5px;color:#000;font-w= eight:normal;font-style:normal;text-decoration:none;font-family:Helvetica,A= rial,sans-serif;font-size:12pt;" data-mce-style=3D"border-left: 2px solid #= 1010FF; margin-left: 5px; padding-left: 5px; color: #000; font-weight: norm= al; font-style: normal; text-decoration: none; font-family: Helvetica,Arial= ,sans-serif; font-size: 12pt;"><b>From: </b>"Andrew Lau" <andrew@andrewk= lau.com><br><b>To: </b>"Yedidyah Bar David" <didi@redhat.com><br><= b>Cc: </b>"users" <users@ovirt.org><br><b>Sent: </b>Friday, January 3= 1, 2014 6:00:45 AM<br><b>Subject: </b>Re: [Users] Hosted Engine adding host= SSL Failure (w/ engine custom cert)<br><div><br></div><div dir=3D"ltr"><di= v class=3D"gmail_default" style=3D"font-family:tahoma,sans-serif" data-mce-= style=3D"font-family: tahoma,sans-serif;">I have opened two BZs around thes= e two case scenarios:</div><div class=3D"gmail_default" style=3D"font-famil= y:tahoma,sans-serif" data-mce-style=3D"font-family: tahoma,sans-serif;"><br=
</div><div class=3D"gmail_default"><span style=3D"font-family:tahoma,sans-= serif" data-mce-style=3D"font-family: tahoma,sans-serif;">BZ 1059952 - host= ed-engine --deploy (additional host) will fail if the engine is not using t= he default self-signed CA</span><br></div><div class=3D"gmail_default"><spa= n face=3D"tahoma, sans-serif" data-mce-style=3D"font-family: tahoma, sans-s= erif;" style=3D"font-family: tahoma, sans-serif;">BZ 1059950 - If cluster= =3DDefault does not exist in hosted-engine it will fail and timeout</span><= /div></div></blockquote><div><br></div><div>Thank you very much!</div><div>= -- <br></div><div><span name=3D"x"></span>Didi<span name=3D"x"></span><br><= /div><div><br></div></div></body></html> ------=_Part_13150888_1301993029.1391322265347--
participants (2)
-
Andrew Lau -
Yedidyah Bar David