[Engine-devel] Root password to add Host

Florian BRUSCHET florian.bruschet at gmail.com
Tue Apr 30 22:00:55 UTC 2013


Oh sure,

[root at scenic ~]# rpm -q ovirt-engine
ovirt-engine-3.1.0-3.26.3.el6.centos.alt.noarch


[root at scenic ~]# java -version
java version "1.7.0_19"
OpenJDK Runtime Environment (rhel-2.3.9.1.el6_4-x86_64)
OpenJDK 64-Bit Server VM (build 23.7-b01, mixed mode)



2013/4/30 Alon Bar-Lev <alonbl at redhat.com>

>
>
> ----- Original Message -----
> > From: "Florian BRUSCHET" <florian.bruschet at gmail.com>
> > To: "Alon Bar-Lev" <alonbl at redhat.com>
> > Cc: "engine-devel" <engine-devel at ovirt.org>
> > Sent: Wednesday, May 1, 2013 12:56:07 AM
> > Subject: Re: [Engine-devel] Root password to add Host
> >
> > I use oVirt 3.x, to install i follow this guide :
> > http://wiki.centos.org/HowTos/oVirt
>
> The x is quite important...
> rpm -q ovirt-engine
>
> Also, please send your java version:
> java -version
>
> > And ovirt-node version is 2.6.0
> >
> > [root at scenic ~]# openssl x509 -in /etc/pki/ovirt-engine/certs/engine.cer
> > -text
> > Certificate:
> >     Data:
> >         Version: 3 (0x2)
> >         Serial Number: 2 (0x2)
> >         Signature Algorithm: sha1WithRSAEncryption
> >         Issuer: C=US, O=lix.polytechnique.fr,
> > CN=CA-scenic.lix.polytechnique.fr.20433
> >         Validity
> >             Not Before: Apr 29 15:11:10 2013
> >             Not After : Apr  4 15:11:12 2018 GMT
> >         Subject: C=US, O=lix.polytechnique.fr, CN=
> > scenic.lix.polytechnique.fr
> >         Subject Public Key Info:
> >             Public Key Algorithm: rsaEncryption
> >                 Public-Key: (2048 bit)
> >                 Modulus:
> >                     00:ce:7a:2e:c1:9a:86:2c:c2:76:5e:ea:8b:59:18:
> >                     62:7d:7a:9f:55:ff:71:15:f7:93:3f:40:1e:70:5d:
> >                     80:43:ea:c7:f4:50:0a:a6:47:2a:f8:07:4d:0c:0a:
> >                     4d:01:1e:97:de:36:63:40:df:30:7a:40:9d:34:93:
> >                     d6:a8:43:c6:b3:62:c1:de:db:57:d1:fb:b9:c6:e2:
> >                     34:65:f2:67:e1:8c:91:67:3f:99:a6:2b:7b:8a:51:
> >                     ad:9c:43:c3:a5:cd:c5:a2:29:e9:99:db:ba:f4:76:
> >                     d0:e5:41:97:31:fc:13:94:53:af:90:ca:06:aa:7d:
> >                     68:04:62:66:a5:90:4b:11:de:07:34:ec:68:89:9c:
> >                     13:7b:a2:ba:1f:2a:28:6b:ba:9a:b3:ba:97:5c:96:
> >                     cd:1e:2e:e7:fc:bf:20:a2:a5:57:f3:73:8d:12:db:
> >                     81:00:53:50:a6:54:e9:14:1e:46:69:08:e2:80:b1:
> >                     30:97:89:d3:a1:a2:7a:47:a3:c9:2e:c9:ce:14:74:
> >                     92:27:02:58:41:d8:e1:dd:9e:99:26:fa:b0:ad:6c:
> >                     e0:11:3f:17:7d:f7:63:27:62:a3:d0:28:f3:1a:91:
> >                     ca:65:b7:69:9b:b6:86:85:70:a6:ac:5c:51:e2:ff:
> >                     e9:f2:28:78:24:21:28:0c:d0:95:a4:f8:e5:67:15:
> >                     d6:77
> >                 Exponent: 65537 (0x10001)
> >         X509v3 extensions:
> >             X509v3 Subject Key Identifier:
> >
> 4A:E0:DF:6D:4D:AD:03:26:30:B5:D4:D4:DC:69:C5:DA:74:B2:66:AB
> >             Authority Information Access:
> >                 CA Issuers - URI:
> > http://scenic.lix.polytechnique.fr:80/ca.crt
> >
> >             X509v3 Authority Key Identifier:
> >
> > keyid:7E:D8:AE:56:25:C5:B0:34:96:5A:EA:AF:E9:2D:F3:E0:06:1C:19:D0
> >                 DirName:/C=US/O=
> > lix.polytechnique.fr/CN=CA-scenic.lix.polytechnique.fr.20433
> >                 serial:01
> >
> >             X509v3 Basic Constraints:
> >                 CA:FALSE
> >             X509v3 Key Usage: critical
> >                 Digital Signature, Key Encipherment
> >             X509v3 Extended Key Usage: critical
> >                 TLS Web Server Authentication, TLS Web Client
> Authentication
> >     Signature Algorithm: sha1WithRSAEncryption
> >         89:f3:e5:af:a8:98:44:fa:60:52:93:4f:7c:e8:62:78:40:f8:
> >         c7:a7:e1:c3:38:b5:7d:4c:5b:7a:df:5d:1b:05:2c:ca:43:ce:
> >         a2:8a:f6:fd:02:3e:98:6f:bc:ea:a6:78:f7:e4:7a:4f:49:0c:
> >         86:cb:b6:23:2e:b7:93:f1:e8:ba:76:05:21:00:ed:cc:f2:ee:
> >         0e:17:dc:21:0a:21:9e:ce:e1:bf:b5:11:d4:a5:d3:31:dd:f4:
> >         e3:c7:ea:40:26:27:45:79:9f:2d:79:91:41:03:61:26:51:31:
> >         54:d5:06:90:cf:d4:a0:8b:b7:8a:b0:02:b4:37:24:0f:b2:26:
> >         99:a9:39:78:48:8a:1b:03:89:64:68:de:9e:cb:fc:99:d6:41:
> >         3d:3d:d9:15:8f:f6:ef:3f:b2:51:c8:dd:60:a8:c5:29:88:20:
> >         69:b9:8a:23:eb:9b:64:94:cd:ad:e2:f9:7c:0e:d7:92:cf:cb:
> >         7d:dd:3b:2d:67:13:1d:c3:0a:51:28:e7:b7:44:36:fa:43:83:
> >         80:13:51:ff:f7:1b:22:c0:80:c5:c1:85:90:87:a6:17:46:44:
> >         dc:88:1f:16:69:ee:27:44:89:c0:2b:2a:4d:f9:46:fc:50:f1:
> >         2c:af:af:c1:30:ee:6f:6c:b5:cd:f5:e7:73:99:b0:ff:36:2c:
> >         87:32:66:0e
> > -----BEGIN CERTIFICATE-----
> > MIIEXjCCA0agAwIBAgIBAjANBgkqhkiG9w0BAQUFADBbMQswCQYDVQQGEwJVUzEd
> > MBsGA1UEChMUbGl4LnBvbHl0ZWNobmlxdWUuZnIxLTArBgNVBAMTJENBLXNjZW5p
> > Yy5saXgucG9seXRlY2huaXF1ZS5mci4yMDQzMzAiFxExMzA0MjkxNTExMTArMDAw
> > MBcNMTgwNDA0MTUxMTEyWjBSMQswCQYDVQQGEwJVUzEdMBsGA1UECgwUbGl4LnBv
> > bHl0ZWNobmlxdWUuZnIxJDAiBgNVBAMMG3NjZW5pYy5saXgucG9seXRlY2huaXF1
> > ZS5mcjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAM56LsGahizCdl7q
> > i1kYYn16n1X/cRX3kz9AHnBdgEPqx/RQCqZHKvgHTQwKTQEel942Y0DfMHpAnTST
> > 1qhDxrNiwd7bV9H7ucbiNGXyZ+GMkWc/maYre4pRrZxDw6XNxaIp6ZnbuvR20OVB
> > lzH8E5RTr5DKBqp9aARiZqWQSxHeBzTsaImcE3uiuh8qKGu6mrO6l1yWzR4u5/y/
> > IKKlV/NzjRLbgQBTUKZU6RQeRmkI4oCxMJeJ06GiekejyS7JzhR0kicCWEHY4d2e
> > mSb6sK1s4BE/F333Yydio9Ao8xqRymW3aZu2hoVwpqxcUeL/6fIoeCQhKAzQlaT4
> > 5WcV1ncCAwEAAaOCATAwggEsMB0GA1UdDgQWBBRK4N9tTa0DJjC11NTcacXadLJm
> > qzBIBggrBgEFBQcBAQQ8MDowOAYIKwYBBQUHMAKGLGh0dHA6Ly9zY2VuaWMubGl4
> > LnBvbHl0ZWNobmlxdWUuZnI6ODAvY2EuY3J0MIGDBgNVHSMEfDB6gBR+2K5WJcWw
> > NJZa6q/pLfPgBhwZ0KFfpF0wWzELMAkGA1UEBhMCVVMxHTAbBgNVBAoTFGxpeC5w
> > b2x5dGVjaG5pcXVlLmZyMS0wKwYDVQQDEyRDQS1zY2VuaWMubGl4LnBvbHl0ZWNo
> > bmlxdWUuZnIuMjA0MzOCAQEwCQYDVR0TBAIwADAOBgNVHQ8BAf8EBAMCBaAwIAYD
> > VR0lAQH/BBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMA0GCSqGSIb3DQEBBQUAA4IB
> > AQCJ8+WvqJhE+mBSk0986GJ4QPjHp+HDOLV9TFt6310bBSzKQ86iivb9Aj6Yb7zq
> > pnj35HpPSQyGy7YjLreT8ei6dgUhAO3M8u4OF9whCiGezuG/tRHUpdMx3fTjx+pA
> > JidFeZ8teZFBA2EmUTFU1QaQz9Sgi7eKsAK0NyQPsiaZqTl4SIobA4lkaN6ey/yZ
> > 1kE9PdkVj/bvP7JRyN1gqMUpiCBpuYoj65tklM2t4vl8DteSz8t93TstZxMdwwpR
> > KOe3RDb6Q4OAE1H/9xsiwIDFwYWQh6YXRkTciB8Wae4nRInAKypN+Ub8UPEsr6/B
> > MO5vbLXN9edzmbD/NiyHMmYO
> > -----END CERTIFICATE-----
> >
> >
> >
> > 2013/4/30 Alon Bar-Lev <alonbl at redhat.com>
> >
> > > Which version do you use?
> > >
> > > this should not happen...
> > >
> > > what is the output of:
> > >
> > > $ openssl x509 -in /etc/pki/ovirt-engine/certs/engine.cer -text
> > >
> > > ----- Original Message -----
> > > > From: "Florian BRUSCHET" <florian.bruschet at gmail.com>
> > > > To: "Alon Bar-Lev" <alonbl at redhat.com>
> > > > Cc: "engine-devel" <engine-devel at ovirt.org>
> > > > Sent: Wednesday, May 1, 2013 12:47:13 AM
> > > > Subject: Re: [Engine-devel] Root password to add Host
> > > >
> > > > Sure,
> > > >
> > > > 2013-04-30 23:44:35,984 ERROR
> > > > [org.ovirt.engine.core.pki.PKIResourceServlet]
> (ajp--127.0.0.1-8702-4)
> > > > Cannot send public key resource
> '/etc/pki/ovirt-engine/certs/engine.cer'
> > > > format 'SSH': java.security.cert.CertificateParsingException: invalid
> > > > DER-encoded certificate data
> > > >         at
> sun.security.x509.X509CertImpl.parse(X509CertImpl.java:1723)
> > > > [rt.jar:1.6.0_24]
> > > >         at
> sun.security.x509.X509CertImpl.<init>(X509CertImpl.java:320)
> > > > [rt.jar:1.6.0_24]
> > > >         at
> > > >
> > >
> sun.security.provider.X509Factory.engineGenerateCertificate(X509Factory.java:121)
> > > > [rt.jar:1.6.0_24]
> > > >         at
> > > >
> > >
> java.security.cert.CertificateFactory.generateCertificate(CertificateFactory.java:322)
> > > > [rt.jar:1.6.0_24]
> > > >         at
> > > >
> > >
> org.ovirt.engine.core.pki.PKIResourceServlet.doGet(PKIResourceServlet.java:83)
> > > > [classes:]
> > > >         at
> javax.servlet.http.HttpServlet.service(HttpServlet.java:734)
> > > > [jboss-servlet-api_3.0_spec-1.0.0.Final.jar:1.0.0.Final]
> > > >         at
> javax.servlet.http.HttpServlet.service(HttpServlet.java:847)
> > > > [jboss-servlet-api_3.0_spec-1.0.0.Final.jar:1.0.0.Final]
> > > >         at
> > > >
> > >
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:329)
> > > > [jbossweb-7.0.13.Final.jar:]
> > > >         at
> > > >
> > >
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:248)
> > > > [jbossweb-7.0.13.Final.jar:]
> > > >         at
> > > >
> > >
> org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:275)
> > > > [jbossweb-7.0.13.Final.jar:]
> > > >         at
> > > >
> > >
> org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:161)
> > > > [jbossweb-7.0.13.Final.jar:]
> > > >         at
> > > >
> > >
> org.jboss.as.web.security.SecurityContextAssociationValve.invoke(SecurityContextAssociationValve.java:153)
> > > > [jboss-as-web-7.1.1.Final.jar:7.1.1.Final]
> > > >         at
> > > >
> > >
> org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:155)
> > > > [jbossweb-7.0.13.Final.jar:]
> > > >         at
> > > >
> > >
> org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
> > > > [jbossweb-7.0.13.Final.jar:]
> > > >         at
> > > org.jboss.web.rewrite.RewriteValve.invoke(RewriteValve.java:466)
> > > > [jbossweb-7.0.13.Final.jar:]
> > > >         at
> > > >
> > >
> org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
> > > > [jbossweb-7.0.13.Final.jar:]
> > > >         at
> > > >
> > >
> org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:368)
> > > > [jbossweb-7.0.13.Final.jar:]
> > > >         at
> > > > org.apache.coyote.ajp.AjpProcessor.process(AjpProcessor.java:505)
> > > > [jbossweb-7.0.13.Final.jar:]
> > > >         at
> > > >
> > >
> org.apache.coyote.ajp.AjpProtocol$AjpConnectionHandler.process(AjpProtocol.java:445)
> > > > [jbossweb-7.0.13.Final.jar:]
> > > >         at
> > > >
> org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:930)
> > > > [jbossweb-7.0.13.Final.jar:]
> > > >         at java.lang.Thread.run(Thread.java:679) [rt.jar:1.6.0_24]
> > > >
> > > >
> > > >
> > > > 2013/4/30 Alon Bar-Lev <alonbl at redhat.com>
> > > >
> > > > >
> > > > > Can you please attach /var/log/ovirt-engine/engine.log?
> > > > >
> > > > > ----- Original Message -----
> > > > > > From: "Florian BRUSCHET" <florian.bruschet at gmail.com>
> > > > > > To: "Alon Bar-Lev" <alonbl at redhat.com>
> > > > > > Cc: "engine-devel" <engine-devel at ovirt.org>
> > > > > > Sent: Wednesday, May 1, 2013 12:33:38 AM
> > > > > > Subject: Re: [Engine-devel] Root password to add Host
> > > > > >
> > > > > > Ok this what I have done, I see it, I specify the engine address,
> > > then he
> > > > > > ask me to "Retrieve Certificate" i do it, it works. After I
> choose
> > > "Save
> > > > > &
> > > > > > Register", i can see "Activating VDMS", and "All changes were
> applied
> > > > > > successfully". But nothing in the engine ...
> > > > > > I tryed the other way but don't work too ... for this solution
> i'm
> > > nearly
> > > > > > sure that it's cause the password is wrong, it isn't the one
> which i
> > > > > > specified in ovirt-node.
> > > > > >
> > > > > >
> > > > > > 2013/4/30 Alon Bar-Lev <alonbl at redhat.com>
> > > > > >
> > > > > > >
> > > > > > > Please reply to 'all'.
> > > > > > >
> > > > > > > When you login as admin you should be presented with Text User
> > > > > Interface.
> > > > > > > Within this interface there should be options on the left and a
> > > dialog
> > > > > on
> > > > > > > the right.
> > > > > > > At the left you should see 'ovirt-engine' or similar option,
> when
> > > > > > > selecting it, you should see on the right an input field of
> > > address of
> > > > > the
> > > > > > > ovirt-engine server, specifying the engine address and
> selecting
> > > apply
> > > > > will
> > > > > > > initiate registration into the engine.
> > > > > > >
> > > > > > > Once registered, you should see the host in the engine, select
> it
> > > and
> > > > > > > click on "Approve".
> > > > > > >
> > > > > > > Another option is to specify password at the same dialog
> without
> > > > > filling
> > > > > > > the engine address. This password may be used as the password
> > > withi the
> > > > > > > 'Add Host' dialog.
> > > > > > >
> > > > > > > Alon
> > > > > > >
> > > > > > > ----- Original Message -----
> > > > > > > > From: "Florian BRUSCHET" <florian.bruschet at gmail.com>
> > > > > > > > To: "Alon Bar-Lev" <alonbl at redhat.com>
> > > > > > > > Sent: Wednesday, May 1, 2013 12:00:01 AM
> > > > > > > > Subject: Re: [Engine-devel] Root password to add Host
> > > > > > > >
> > > > > > > > I think I don't really understand what you call TUI?
> > > > > > > > Yes I'm log as admin on ovirt-node to use Hypervisor
> > > > > > > >
> > > > > > > > (And sorry if I make some language faults English isn't my
> native
> > > > > > > language
> > > > > > > > ^^)
> > > > > > > >
> > > > > > > >
> > > > > > > > 2013/4/30 Alon Bar-Lev <alonbl at redhat.com>
> > > > > > > >
> > > > > > > > >
> > > > > > > > > You cannot do this via agent by via the TUI of the
> ovirt-node.
> > > > > > > > >
> > > > > > > > > Just to make sure, you are using ovirt-node as hypervisor,
> > > right?
> > > > > > > > >
> > > > > > > > > ----- Original Message -----
> > > > > > > > > > From: "Florian BRUSCHET" <florian.bruschet at gmail.com>
> > > > > > > > > > To: "Alon Bar-Lev" <alonbl at redhat.com>
> > > > > > > > > > Sent: Tuesday, April 30, 2013 11:47:53 PM
> > > > > > > > > > Subject: Re: [Engine-devel] Root password to add Host
> > > > > > > > > >
> > > > > > > > > > Oh ok, i didn't know ...
> > > > > > > > > >
> > > > > > > > > > I was looking my oVirt Engine and i don't understand how
> i
> > > can
> > > > > add an
> > > > > > > > > Host
> > > > > > > > > > without this password ...
> > > > > > > > > > For me i have to right click on the Hosts panel, select
> "new"
> > > > > and it
> > > > > > > asks
> > > > > > > > > > me to give name, address and Root password.
> > > > > > > > > > I have already register this Host from oVirt Node
> > > Hypervisor, i
> > > > > add
> > > > > > > my
> > > > > > > > > > Management Server and there is no problem i can see
> > > "Certificate
> > > > > > > Status :
> > > > > > > > > > Verified" but this Host don't appears in the Web page ...
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > > 2013/4/30 Alon Bar-Lev <alonbl at redhat.com>
> > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > > ----- Original Message -----
> > > > > > > > > > > > From: "Florian BRUSCHET" <florian.bruschet at gmail.com
> >
> > > > > > > > > > > > To: "Alon Bar-Lev" <alonbl at redhat.com>
> > > > > > > > > > > > Sent: Tuesday, April 30, 2013 11:06:14 PM
> > > > > > > > > > > > Subject: Re: [Engine-devel] Root password to add Host
> > > > > > > > > > > >
> > > > > > > > > > > > For me single mode it's when you add "single" at the
> end
> > > of
> > > > > the
> > > > > > > > > kernel
> > > > > > > > > > > > commande line like that you boot on shell commande as
> > > > > > > > > > > > root at localhostand
> > > > > > > > > > > > you can do what you want.
> > > > > > > > > > >
> > > > > > > > > > > Oh... this is "single user mode"... :)
> > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > I will try it soon!
> > > > > > > > > > > >
> > > > > > > > > > > > Thank you
> > > > > > > > > > > >
> > > > > > > > > > > > Florian
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > 2013/4/30 Alon Bar-Lev <alonbl at redhat.com>
> > > > > > > > > > > >
> > > > > > > > > > > > > What is 'single mode'?
> > > > > > > > > > > > >
> > > > > > > > > > > > > You should be able to set root password via node
> TUI,
> > > at
> > > > > ovirt
> > > > > > > tab.
> > > > > > > > > > > > > Or... you can simply perform registration via the
> node
> > > > > TUI, so
> > > > > > > you
> > > > > > > > > > > don't
> > > > > > > > > > > > > need to specify password at all.
> > > > > > > > > > > > >
> > > > > > > > > > > > > ----- Original Message -----
> > > > > > > > > > > > > > From: "Florian BRUSCHET" <
> florian.bruschet at gmail.com
> > > >
> > > > > > > > > > > > > > To: engine-devel at ovirt.org
> > > > > > > > > > > > > > Sent: Tuesday, April 30, 2013 7:28:12 PM
> > > > > > > > > > > > > > Subject: [Engine-devel] Root password to add Host
> > > > > > > > > > > > > >
> > > > > > > > > > > > > > Hi,
> > > > > > > > > > > > > >
> > > > > > > > > > > > > > I try to add Host from oVirt Engine Web
> > > Administration,
> > > > > but
> > > > > > > it
> > > > > > > > > asks
> > > > > > > > > > > me to
> > > > > > > > > > > > > > give a Root Password (It's not the same that i
> used
> > > to
> > > > > log in
> > > > > > > > > admin
> > > > > > > > > > > on
> > > > > > > > > > > > > the
> > > > > > > > > > > > > > Node).
> > > > > > > > > > > > > > Do i really need this Root Password? Because i
> can't
> > > > > have it
> > > > > > > and
> > > > > > > > > i
> > > > > > > > > > > don't
> > > > > > > > > > > > > want
> > > > > > > > > > > > > > to change it by using single mode...
> > > > > > > > > > > > > > There is an other solution to add Hosts?
> > > > > > > > > > > > > >
> > > > > > > > > > > > > > Thank you,
> > > > > > > > > > > > > >
> > > > > > > > > > > > > > Florian BRUSCHET
> > > > > > > > > > > > > >
> > > > > > > > > > > > > >
> > > > > > > > > > > > > >
> > > > > > > > > > > > > > _______________________________________________
> > > > > > > > > > > > > > Engine-devel mailing list
> > > > > > > > > > > > > > Engine-devel at ovirt.org
> > > > > > > > > > > > > >
> http://lists.ovirt.org/mailman/listinfo/engine-devel
> > > > > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > >
> > > > > > > > >
> > > > > > > >
> > > > > > >
> > > > > >
> > > > >
> > > >
> > >
> >
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ovirt.org/pipermail/engine-devel/attachments/20130501/5de26807/attachment.html>


More information about the Engine-devel mailing list