[ovirt-devel] ovirt 3.5 Test day 1 - vdsm-tool configure libvirt with python code

Yedidyah Bar David didi at redhat.com
Thu Jul 3 15:11:07 UTC 2014


----- Original Message -----
> From: "ybronhei" <ybronhei at redhat.com>
> To: "Yedidyah Bar David" <didi at redhat.com>, devel at ovirt.org
> Sent: Thursday, July 3, 2014 6:05:52 PM
> Subject: Re: [ovirt-devel] ovirt 3.5 Test day 1 - vdsm-tool configure libvirt with python code
> 
> On 07/01/2014 05:13 PM, Yedidyah Bar David wrote:
> > Hi all,
> >
> > I was assigned to test [1], which was fixed by [2], which pointed
> > at [3].
> >
> > Most things worked as expected.
> >
> > Issues I noticed:
> >
> > * the table says that vdsClient with or without '-s' should work against
> > vdsm with ssl=true or ssl=false. In my tests '-s' worked with true, without
> > '-s' worked with false, but the other options didn't work.
> >
> "vdsClient -s" means to use secure communication, which will work
> properly if "ssl=true" is configured in vdsm.conf (btw, if ssl not
> specified there true is the default).
> 
> bare in mind, that after changing the conf file you need to restart
> vdsmd service.
> 
> when you change vdsm.conf like "ssl=true" to "ssl=false", before running
> vdsmd again, you need to perform "vdsm-tool configure" to configure all
> related service to work properly with the new vdsm configuration (in
> that case, not secured which require libvirtd.conf and qemu.conf update)
> 
> after vdsm-tool configures libvirtd.conf and qemu.conf accordingly , you
> can start vdsmd and see that "vdsClient" (without -s) works properly.
> 
> this works as far as I checked in vdsm 3.5

Not sure I got you right - with the above (edit/configure/restart), is it
intended that '-s' will work with 'ssl=false'? Because iirc it didn't.

I do not think it's important that it works - if a user wants ssl they should
obviously do 'ssl=true' and '-s', and if not, 'ssl=false' and no '-s'. The
only reason I tested this and point out above is that it is mentioned in the
wiki table that it's supposed to work and it didn't for me (again, if I
understood everything correctly).
-- 
Didi



More information about the Devel mailing list