in ovirt-engine all host show the status at "non-responsive"
hello everyone, I apologize for asking what is probably a very basic question. i have 4 hosts running on the ovirt-engine, but on the last week the alert show all the hosts status has gone to non responsive like the following statement Host 1 became non responsive. It has no power management configured. Please check the host status, manually reboot it, and click "Confirm Host Has Been Rebooted" all the storage, vm, cannot detect on the ovirt-engine, does anyone face this before? and also the alert also show ""Engine's certification has expired at 2020-08-18. Please renew the engine's certification"" is it related to the hosts become non-responsive??? i have already regenerate the ovirt-engine cert from the previous post: https://lists.ovirt.org/archives/list/users@ovirt.org/thread/ZI5WNU6OB6FZMQN... Yours Sincerely, school it
is it any other cert i also need to renew?? please help me, i am very green on the ovirt, and all the ovirt environment is build up by the predecessor
On Mon, Sep 21, 2020 at 2:45 AM momokch--- via Users <users@ovirt.org> wrote:
hello everyone,
I apologize for asking what is probably a very basic question. i have 4 hosts running on the ovirt-engine, but on the last week the alert show all the hosts status has gone to non responsive like the following statement Host 1 became non responsive. It has no power management configured. Please check the host status, manually reboot it, and click "Confirm Host Has Been Rebooted" all the storage, vm, cannot detect on the ovirt-engine, does anyone face this before? and also the alert also show ""Engine's certification has expired at 2020-08-18. Please renew the engine's certification"" is it related to the hosts become non-responsive???
Might be, can't tell. What happens if you try to Activate them? Please check/share /var/log/ovirt-engine/engine.log. Search there for "nonresponsive" (case insensitive) and ' ERROR '.
i have already regenerate the ovirt-engine cert from the previous post: https://lists.ovirt.org/archives/list/users@ovirt.org/thread/ZI5WNU6OB6FZMQN...
In principle you should have ran 'engine-setup', and it should have noticed and renewed it for you. If you do not want it to also upgrade, you can pass also '--offline'. What you have done, though, seems ok to me. What version is this? When was it set up? If it's indeed 5+ years old, then probably all certs have indeed expired. You can try to 'Reinstall' the hosts, or 'Enroll Certificates'. This will require stopping all VMs on them. Good luck and best regards, -- Didi
What you have done??? i just regenerate the ovirt-engine cert according to the link below https://lists.ovirt.org/pipermail/users/2014-April/023402.html # cp -a /etc/pki/ovirt-engine "/etc/pki/ovirt-engine.$(date "+%Y%m%d")" # SUBJECT="$(openssl x509 -subject -noout -in /etc/pki/ovirt-engine/certs/apache.cer | sed 's/subject= //')" # /usr/share/ovirt-engine/bin/pki-enroll-pkcs12.sh --name=apache --password="@PASSWORD@" --subject="${SUBJECT}" # openssl pkcs12 -passin "pass:@PASSWORD@" -nokeys -in /etc/pki/ovirt-engine/keys/apache.p12 > /etc/pki/ovirt-engine/certs/apache.cer # openssl pkcs12 -passin "pass:@PASSWORD@" -nocerts -nodes -in /etc/pki/ovirt-engine/keys/apache.p12 > /etc/pki/ovirt-engine/keys/apache.key.nopass # chmod 0600 /etc/pki/ovirt-engine/keys/apache.key.nopass What version is this? 4.0.6.3-1el7.centos When was it set up? 15,NOV, 2016 is it any method which no need to stop all VMs, because they are running as the service
On Mon, Sep 21, 2020 at 11:18 AM momokch--- via Users <users@ovirt.org> wrote:
What you have done??? i just regenerate the ovirt-engine cert according to the link below https://lists.ovirt.org/pipermail/users/2014-April/023402.html
# cp -a /etc/pki/ovirt-engine "/etc/pki/ovirt-engine.$(date "+%Y%m%d")" # SUBJECT="$(openssl x509 -subject -noout -in /etc/pki/ovirt-engine/certs/apache.cer | sed 's/subject= //')" # /usr/share/ovirt-engine/bin/pki-enroll-pkcs12.sh --name=apache --password="@PASSWORD@" --subject="${SUBJECT}" # openssl pkcs12 -passin "pass:@PASSWORD@" -nokeys -in /etc/pki/ovirt-engine/keys/apache.p12 > /etc/pki/ovirt-engine/certs/apache.cer # openssl pkcs12 -passin "pass:@PASSWORD@" -nocerts -nodes -in /etc/pki/ovirt-engine/keys/apache.p12 > /etc/pki/ovirt-engine/keys/apache.key.nopass # chmod 0600 /etc/pki/ovirt-engine/keys/apache.key.nopass
What version is this? 4.0.6.3-1el7.centos
When was it set up? 15,NOV, 2016
What happens if you try to Activate them? Please check/share /var/log/ovirt-engine/engine.log. Search there for "nonresponsive" (case insensitive) and ' ERROR '. -- Didi
when i activate the ovirt-engine cert, i can access to the ovirt-engine webpage i have checked the log file , i have 4 hosts, all of them are "ERROR [org.ovirt.vdsm.jsonrpc.client.reactors.Reactor] (SSL Stomp Reactor) [] Unable to process messages: Received fatal alert: certificate_expired" is it i must shutdown all vm running from my ovirt-engine??? if yes, i must facing a question i cannot check the status of all of vm, some vm was down and cannot access anymore. is it i just turn off the host and Reinstall' the hosts, or 'Enroll Certificates', right???
participants (2)
-
momokch@yahoo.com.hk -
Yedidyah Bar David