[ovirt-devel] oVirt messages from engine to vdsm
Eli Mesika
emesika at redhat.com
Mon May 7 09:22:27 UTC 2018
On Mon, May 7, 2018 at 11:40 AM, Anastasiya Ruzhanskaya <
anastasiya.ruzhanskaya at frtk.ru> wrote:
> If the engine user is not accessible directly, why then in this command
> you use it?:
>
> psql -U engine engine -c "UPDATE vdc_options set option_value = 'false'
> WHERE option_name = 'SSLEnabled';"
>
> I am not really good in managing databases, I also didn't have postgresql
> installed after finishing oVirt engine installation and even managing to
> deploy everything. Does it mean that no database was created at all? I have
> chosen automatic and local creation in all fields related to database while
> installing oVirt engine.
>
Can you paste the output of the following command
rpm -qa |grep postgres
>
>
> 2018-05-07 11:00 GMT+03:00 Martin Sivak <msivak at redhat.com>:
>
>> Hi,
>>
>> I think what you are looking for is mostly this:
>> https://github.com/oVirt/vdsm/blob/master/lib/vdsm/api/vdsm-api.yml
>>
>> The best way to see what the traffic is is to disable SSL. The
>> postgres database is installed and accessible using the postgres user
>> (the engine user is not allowed to access it directly).
>>
>> You might also be interested in the vdsm fake project we use as node
>> simulator. Its readme will tell you exactly how to do this:
>> https://github.com/oVirt/ovirt-vdsmfake
>>
>> I wrote an article some time ago that explained how to setup a
>> development environment without real hosts:
>> https://www.ovirt.org/blog/2016/11/testing-ovirt-changes-without-cluster/
>>
>> Might I ask what you goal is?
>>
>> Best regards
>>
>> --
>> Martin Sivak
>> SLA / oVirt
>>
>> On Sun, May 6, 2018 at 6:26 AM, Anastasiya Ruzhanskaya
>> <anastasiya.ruzhanskaya at frtk.ru> wrote:
>> > Hello everyone!
>> > Currently I want to determine what information is included in messages
>> > passing from oVirt engine to VDSM on ovirt-node.
>> >
>> > I made up a really simple configuration with one VM representing engine,
>> > another - node, a managed to successfully launch a single VM on this
>> node.
>> > However, I have chosen to configure everything automatically. Currently
>> > traffic is encrypted with default certificates.
>> > So, there are three options for me and no one of them really works.
>> >
>> > 1) Find the format of messages ( what the fields are, session id for
>> > example) in docs, but I didn't manage to find it;
>> > 2) Use wireshark to decrypt the traffic and the apply maybe a json
>> > -dissector to the decrypted data. I have tried many solutions ( thanks
>> god I
>> > have rsa private and public keys but there is another session key which
>> is
>> > generated every time engine starts to communicate with vdsm, which I
>> cannot
>> > get with the help of sslkeylog file or ld_preload technology.
>> > Maybe someone knows the exact methodology how to do this correctly?
>> >
>> > 3) Turn off ssl in oVirt. It is simple to do that for vdsm, but for
>> engine,
>> > according to answers on oVirt site, I should do 2 requests to the
>> database.
>> > I was really surprised that psql was not installed by oVirt on my
>> system.
>> > How did it then created a default database? ( I have chosen to create
>> all
>> > locally and with default configurations).
>> > I mean these two commands :
>> > https://www.ovirt.org/develop/developer-guide/vdsm/connectin
>> g-development-vdsm-to-engine/
>> > . I have a following error there :
>> > psql: FATAL: Peer authentication failed for user "engine"
>> >
>> > Could you please guide my what method is the best and how should I
>> correct
>> > my faults there?
>> >
>> >
>> > _______________________________________________
>> > Devel mailing list
>> > Devel at ovirt.org
>> > http://lists.ovirt.org/mailman/listinfo/devel
>>
>
>
> _______________________________________________
> Devel mailing list
> Devel at ovirt.org
> http://lists.ovirt.org/mailman/listinfo/devel
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ovirt.org/pipermail/devel/attachments/20180507/e081063f/attachment.html>
More information about the Devel
mailing list