[ovirt-devel] changing engine domain name

Yedidyah Bar David didi at redhat.com
Sun Jul 17 05:48:00 UTC 2016


On Fri, Jul 15, 2016 at 3:43 AM, Paul Dyer <pmdyermms at gmail.com> wrote:
> Hi,
>
> thanks, changing 20-setup-ovrit-post.conf fixed the PKI Organization in
> engine-setup.
>
> after engine-setup completed, I was not able to login to the webportal.   I

With what user? admin at internal or some external directory user (or something
else)?

Did you get an error message?

Do you still have logs you can/want to share?

> needed to copy the  /etc/pki/ovirt-engine-backup-before-recreation back to
> ovirt-engine in order to login.

But didn't this partially revert your rename?

>   The errors on the webportal were about PKI
> something.   I didn't get a picture of it. sorry.

Quite likely it's still possible to find in the logs.

>
>
>
>
>
> On Thu, Jul 14, 2016 at 1:02 AM, Yedidyah Bar David <didi at redhat.com> wrote:
>>
>> On Thu, Jul 14, 2016 at 2:58 AM, Paul Dyer <pmdyermms at gmail.com> wrote:
>> > I am not having any luck.   When I get to step 5 (engine-setup), the
>> > "PKI
>> > organization" still has the old domainname???
>>
>> You can try editing
>> /etc/ovirt-engine-setup.conf.d/20-setup-ovirt-post.conf
>> and delete the line with 'OVESETUP_PKI/organization', then try
>> engine-setup
>> again.
>>
>> Best,
>>
>> >
>> >           --== CONFIGURATION PREVIEW ==--
>> >
>> >           Update Firewall                         : False
>> >           Host FQDN                               :
>> > bacchus.xxxcentral.com
>> >           Engine database secured connection      : False
>> >           Engine database host                    : localhost
>> >           Engine database user name               : engine
>> >           Engine database name                    : engine
>> >           Engine database port                    : 5432
>> >           Engine database host name validation    : False
>> >           DWH database secured connection         : False
>> >           DWH database host                       : localhost
>> >           DWH database user name                  : ovirt_engine_history
>> >           DWH database name                       : ovirt_engine_history
>> >           DWH database port                       : 5432
>> >           DWH database host name validation       : False
>> >           Engine installation                     : True
>> >           PKI organization                        : xxxportal.com
>> >           DWH installation                        : True
>> >           Backup DWH database                     : True
>> >           Engine Host FQDN                        :
>> > bacchus.xxxcentral.com
>> >           Configure VMConsole Proxy               : False
>> >           Configure WebSocket Proxy               : False
>> >
>> >
>> > On Sun, Jul 10, 2016 at 2:27 AM, Yedidyah Bar David <didi at redhat.com>
>> > wrote:
>> >>
>> >> On Sat, Jul 9, 2016 at 2:35 AM, Paul Dyer <pmdyermms at gmail.com> wrote:
>> >> > Hi,
>> >> >
>> >> > back in 2015, with the first install of ovirt, I used a domain of
>> >> > xxxportal.com.   Since the client has an xxxcentral.com wildcard
>> >> > certificate, I added changed the hostname and domainname, and added
>> >> > the
>> >> > cert/cacert to the apache webpage.
>> >> >
>> >> > The pki on ovirt and vdsm (host) both still have the original
>> >> > xxxportal.com
>> >> > domain.   I am looking for a way to wipe away the old domain.
>> >> >
>> >> > Do I need to remove the host (not hosted engine), drop the
>> >> > datacenter/cluster, and build from a clean db?
>> >>
>> >> Basically yes. See also:
>> >>
>> >>
>> >>
>> >> https://www.ovirt.org/documentation/how-to/networking/changing-engine-hostname/
>> >>
>> >> If you have lots of data in your engine (hosts, VMs etc), you might
>> >> manage
>> >> to
>> >> keep most of it by something like this, didn't try that:
>> >>
>> >> 1. Shutdown all VMs and move all hosts to maintenance
>> >> 2. Stop ovirt-engine service
>> >> 3. mv /etc/pki/ovirt-engine
>> >> /etc/pki/ovirt-engine-backup-before-recreation
>> >> 4. yum reinstall ovirt-engine-backend, or copy back from above backup
>> >> only these, without the files they hold (for directories), but keep
>> >> owner/permissions:
>> >> cacert.template.in  certs  cert.template.in  keys  openssl.conf
>> >> private  requests
>> >> 5. engine-setup
>> >> It will notice pki is removed and recreate it for you
>> >> You might need to change admin password because it's encrypted with
>> >> engine's key

Did you change admin password?

Best,

>> >> 6. Connect to web admin, and per host:
>> >> 6.1. Right click -> Enroll Certificate
>> >> 6.2. You might need Right-Click -> Reinstall
>> >> 6.3. Activate
>> >>
>> >> This should be enough, more-or-less. You might want, just in case,
>> >> before step 6,
>> >> to connect to all hosts and remove stuff under /etc/pki, but I didn't
>> >> check
>> >> what exactly.
>> >>
>> >> Best,
>> >> --
>> >> Didi
>> >
>> >
>> >
>> >
>> > --
>> > Paul Dyer,
>> > Mercury Consulting Group, RHCE
>> > 504-302-8750
>>
>>
>>
>> --
>> Didi
>
>
>
>
> --
> Paul Dyer,
> Mercury Consulting Group, RHCE
> 504-302-8750



-- 
Didi



More information about the Devel mailing list