[lago-devel] Lago - Installation help needed

Yaniv Kaul ykaul at redhat.com
Thu Sep 29 10:14:33 UTC 2016 

On Thu, Sep 29, 2016 at 11:56 AM, Nicolas Ecarnot <nicolas at ecarnot.net>
wrote:

> Le 29/09/2016 à 10:30, Yedidyah Bar David a écrit :
>
>> On Thu, Sep 29, 2016 at 11:28 AM, Yedidyah Bar David <didi at redhat.com>
>> wrote:
>>
>>> On Thu, Sep 29, 2016 at 10:59 AM, Nicolas Ecarnot <nicolas at ecarnot.net>
>>> wrote:
>>>
>>>> Le 29/09/2016 à 08:36, Yedidyah Bar David a écrit :
>>>>
>>>>>
>>>>> On Wed, Sep 28, 2016 at 11:07 PM, Nicolas Ecarnot <nicolas at ecarnot.net
>>>>> >
>>>>> wrote:
>>>>>
>>>>>>
>>>>>> Le 28/09/2016 à 20:47, Yaniv Kaul a écrit :
>>>>>>
>>>>>>
>>>>>> Apart that, by connecting into the engine VM, I saw that the engine
>>>>>>> process was running, so I tried to access the web GUI, by running an
>>>>>>> SSH
>>>>>>> connection to the bare-metal host :
>>>>>>> ssh -L 8443:192.168.200.4:443 root at serv-hv-dev01.sdis.isere.fr
>>>>>>>
>>>>>>>
>>>>>>> Accessing https://localhost:8443/ is working, but when trying to
>>>>>>> access
>>>>>>> the login screen, I'm left with :
>>>>>>> "The client is not authorized to request an authorization. It's
>>>>>>> required
>>>>>>> to access the system using FQDN."
>>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>> Add to your /etc/hosts
>>>>>> 192.168.200.4 engine
>>>>>>
>>>>>> And connect to https://engine
>>>>>>
>>>>>>
>>>>>> Yaniv,
>>>>>>
>>>>>>  If you mean : "Change the /etc/hosts of the bare-metal server which
>>>>>> is
>>>>>> running Lago", I already tried that :
>>>>>>
>>>>>> root at serv-hv-dev01:/etc# cat /etc/hosts
>>>>>> 127.0.0.1   localhost localhost.localdomain localhost4
>>>>>> localhost4.localdomain4
>>>>>> ::1         localhost localhost.localdomain localhost6
>>>>>> localhost6.localdomain6
>>>>>> 192.168.200.4    engine lago-basic-suite-4-0-engine.lago.local
>>>>>>
>>>>>> And of course, I adapted the "ssh -L" connection according to it :
>>>>>> ssh -L 8443:engine:443 root at serv-hv-dev01
>>>>>> or
>>>>>> ssh -L 8443:lago-basic-suite-4-0-engine.lago.local:443
>>>>>> root at serv-hv-dev01
>>>>>>
>>>>>> If you mean to change the /etc/hosts of the computer I'm initiating
>>>>>> the
>>>>>> ssh
>>>>>> connection from, it does not seem relevant as it can not reach the
>>>>>> internal
>>>>>> 192.168.200/24 virtual subnet.
>>>>>>
>>>>>
>>>>>
>>>>> You can do something like this:
>>>>>
>>>>> Add to your client's /etc/hosts:
>>>>>
>>>>> 127.0.3.1 engine
>>>>>
>>>>> And then:
>>>>>
>>>>> ssh -L engine:8443:lago-basic-suite-4-0-engine.lago.local:443
>>>>> root at serv-hv-dev01
>>>>>
>>>>
>>>>
>>>> Hello,
>>>>
>>>> Been there, tried that : to no avail.
>>>>
>>>> In the engine log, I see :
>>>>
>>>> 2016-09-29 03:35:15,236 DEBUG [org.ovirt.engine.core.sso.uti
>>>> ls.SsoUtils]
>>>> (default task-13) [] Parameter app_url not found request, using default
>>>> value
>>>> 2016-09-29 03:35:15,236 ERROR [org.ovirt.engine.core.sso.uti
>>>> ls.SsoUtils]
>>>> (default task-13) [] The client is not authorized to request an
>>>> authorization. It's required to access the system using FQDN.
>>>> 2016-09-29 03:35:15,236 DEBUG [org.ovirt.engine.core.sso.uti
>>>> ls.SsoUtils]
>>>> (default task-13) [] Exception:
>>>> org.ovirt.engine.core.sso.utils.OAuthException: The client is not
>>>> authorized
>>>> to request an authorization. It's required to access the system using
>>>> FQDN.
>>>>         at
>>>> org.ovirt.engine.core.sso.utils.SsoUtils.validateClientReque
>>>> st(SsoUtils.java:460)
>>>> [enginesso.jar:]
>>>>         at
>>>> org.ovirt.engine.core.sso.servlets.OAuthAuthorizeServlet.
>>>> service(OAuthAuthorizeServlet.java:51)
>>>> [enginesso.jar:]
>>>>
>>>>
>>>>
>>>> Moreover, reading https://www.ovirt.org/release/4.0.4/ , I see :
>>>> "it's required to access engine only using the same FQDN which was
>>>> specified
>>>> during engine-setup invocation."
>>>>
>>>> Isn't it the key of this issue?
>>>>
>>>
>>> Indeed.
>>>
>>> Reading that, should I understand that from the moment this patch was
>>>> merged
>>>> in, the "ssh -L" trick could not work anymore?
>>>>
>>>
>>> I still do not understand why not. In your client's browser, just
>>> connect to
>>> https://engine:8443. Does this fail?
>>>
>>
>> If it fails due to the port (no idea), you can try also listening on the
>> "real" 443 port.
>>
>
> Hallelujah! That was it! It seems the port was also part of the problem.
>

You managed to get Lago with hosted-engine in a 4GB RAM host? That's a
Guinness world record! (shame, I managed in 8GB and thought I held that
record).
Nice!
Y.


>
> Thank you so much for your patience.
> Thank you to Didi, Yaniv, Nadav, and everyone who contributed to Lago and
> its doc.
>
> But don't relax, as now that I'm able to access Lago based oVirt's webGUI,
> I'm very likely to found new issues and keep bugging you for the years to
> come :)
>
>
> --
> Nicolas ECARNOT
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ovirt.org/pipermail/lago-devel/attachments/20160929/49ccfee6/attachment-0001.html>

More information about the lago-devel mailing list