[ovirt-users] Foreman: Add external provider (Failed with error PROVIDER_FAILURE and code 5050)
Nathanaël Blanchet
blanchet at abes.fr
Fri Sep 25 09:27:11 UTC 2015
hi Yaniv,
When using http request, ovirt tells me " I Failed to communicate with
the external provider." and I get this on the foreman side:
| Started GET "/api/v2" for 192.168.52.116 at 2015-09-25 11:18:32 +0200
2015-09-25 11:18:32 [app] [I] Processing by
Api::V2::HomeController#index as JSON
2015-09-25 11:18:32 [app] [I] Parameters: {"apiv"=>"v2", "home"=>{}}
2015-09-25 11:18:32 [app] [I] Redirected to https://euphorbe.v3.abes.fr/api
2015-09-25 11:18:32 [app] [I] Filter chain halted as
#<Proc:0x000000093503a0@/opt/rh/ruby193/root/usr/share/gems/gems/actionpack-3.2.8/lib/action_controller/metal/force_ssl.rb:28>
rendered or redirected
2015-09-25 11:18:32 [app] [I] Completed 301 Moved Permanently in 1ms
(ActiveRecord: 0.0ms)
But no log comes using https on the foreman side and I get "Test Failed
(unknown error)." with 5-09-25 11:25:31,181 ERROR
[org.ovirt.engine.core.bll.GetProviderCertificateChainQuery]
(ajp--127.0.0.1-8702-4) Error in encoding certificate. Error is {}
java.io.IOException: Keystore was tampered with, or password was incorrect.
I've just updated to 3.5.4 and otopi asked me for renewing the
certificate. May it be the reason of the issue?
Le 25/09/2015 11:14, Yaniv Bronheim a écrit :
> Hi Nathanael,
>
> This error means that the restAPI request to foreman returned an
> error. Most of the time it is a communication issue.. but we can't
> know much from this report.
> Can you please share the production.log file from your foreman host?
> Better to try to add the server as provider, get the error and then
> check the production.log file - it will show us if engine request got
> to foreman server, the internal fields and why foreman returned 5050.
>
> Greeting,
> Yaniv Bronhaim.
>
> On Wed, Sep 23, 2015 at 5:31 PM, Nathanaël Blanchet <blanchet at abes.fr
> <mailto:blanchet at abes.fr>> wrote:
>
> Hello,
>
> I have a working foreman 1.9.1 installed with katello 2.3.
> ruby193-rubygem-ovirt_provision_plugin-1.0.1-1.el7 is also
> installed on the same host.
> But the issue is the same as below when testing in "add external
> provider" from ovirt 3.5.4.
> What can I do now?
>
> Le 06/11/2014 12:31, Oved Ourfali a écrit :
>
>
> ----- Original Message -----
>
> From: "Daniel Helgenberger" <daniel.helgenberger at m-box.de
> <mailto:daniel.helgenberger at m-box.de>>
> To: "Oved Ourfali" <oourfali at redhat.com
> <mailto:oourfali at redhat.com>>
> Cc: users at ovirt.org <mailto:users at ovirt.org>
> Sent: Thursday, November 6, 2014 1:29:38 PM
> Subject: Re: [ovirt-users] Foreman: Add external provider
> (Failed with error PROVIDER_FAILURE and code 5050)
>
>
>
> On 06.11.2014 05:47, Oved Ourfali wrote:
>
> These steps are also in the feature page
>
> Thanks Oved for pointing to the doc; my bad. I was using
> the foreman
> integration document [1]. Maybe the pages should be merged?
>
> Yaniv - you planned to merge them, right? That would be a good
> time...
>
>
> , but it would be nice if you review them to see
> nothing is missing.
>
> http://www.ovirt.org/Features/AdvancedForemanIntegration
>
> With foreman 1.6 (at least) there is no need to enable the
> nightly
> builds any more as rb-ovirt is resolved by yum.
>
> Lastly, I think you need to enable foreman_discovery with
> the foreman
> installer to work and download images:
>
> # foreman-installer --enable-foreman-plugin-discovery
> --foreman-plugin-discovery-install-images=true
>
> You have that already listed in the testing env setup; but
> this needs to
> be put in context with installing foreman-ovirt on the
> foreman host.
>
> Yaniv - please add a note there too.
>
> Daniel - thanks for the review and the comments!
>
> Regards,
> Oved
>
> Thanks
> Oved
>
> [1] http://www.ovirt.org/Features/ForemanIntegration
>
> On Nov 6, 2014 12:40 AM, Daniel Helgenberger
> <daniel.helgenberger at m-box.de
> <mailto:daniel.helgenberger at m-box.de>>
> wrote:
>
> Answering my own question; and maybe a very
> obvious cause for the
> failing provider: the missiAnswering my own
> question; and maybe a very
> obvious cause for the
>
> failing provider: the missing provider plugin in forman!
> So one needs to do:
>
> yum install ruby193-rubygem-ovirt_provision_plugin
>
> on the foreman host.
>
> After that, the connection test in the engine comes up
> positive. Sadly,
> this is not documented anywhere; only on the GitHub
> repo readme [1].
> This is also a little bit outdated, as the rbovirt
> dependency is
> resolved now automatically.
>
> Also, but I am not sure, the porvider lugin needs the
> foreman_discovery
> plugin to work:
>
> yum install ruby193-rubygem-foreman_discovery
>
> [1]
> https://github.com/theforeman/ovirt_provision_plugin/blob/master/README.md
>
> On 29.10.2014 00:36, Daniel Helgenberger wrote:
>
> Hello,
>
> did anyone actually get this working in oVirt 3.5
> / EL6 - Engine? I am
> trying this for two days now.
>
> Setup:
> Engine; EL6.5
> Foreman; EL6.5
>
> Foreman seems to do it's as I can use it to deploy
> hosts and also smart
> proxies are running fine.
>
> I have opened a BZ [1]; because this really can
> not work out of the box
> with EL6 plain vanilla packages. I wonder if this
> was ever tested... ?
> Java 7 used i n EL6 [4] does only support DH keys
> up to 1024byte. This
> is known issue in Foreman [2] as longer DH keys
> are now used by default
> in Foreman / PuppetCA.
> A dirty fix confirmed working is adding default DH
> parameters to the
> foreman cert; effectively disabling it [3].
>
> So I got SSL working and I get beyond the
> authentication (entering wrong
> data gets me auth errors)- however, I am still not
> able to add the
> external provider. Pressing 'test' results in
> (Failed with error PROVIDER_FAILURE and code 5050)
>
> Sample engine.log
> 2014-10-28 23:49:40,860 ERROR
> [org.ovirt.engine.core.bll.provider.TestProviderConnectivityCommand]
> (ajp--127.0.0.1-8702-1) [6a3da4e7] Command
> org.ovirt.engine.core.bll.provider.TestProviderConnectivityCommand
> throw
> Vdc Bll exception. With error message
> VdcBLLException: PROVIDER_FAILURE
> (Failed with error PROVIDER_FAILURE and code 5050)
>
> I can't find any more hints in oVirt; access logs
> in Foreman are telling
> me API queries by the engine. Did I miss a crucial
> step in the foreman
> setup? How can I debug this issue?
>
> I am willing to upgrade openjdk; provided this
> does not break my engine...
>
> Thanks!
>
> [1]
> https://bugzilla.redhat.com/show_bug.cgi?id=1157749
> [2] https://tickets.puppetlabs.com/browse/SERVER-17
> [3]
> http://httpd.apache.org/docs/current/ssl/ssl_faq.html#javadh
> [4] java-1.7.0-openjdk-1.7.0.65-2.5.1.2.el6_5.x86_64
>
> --
> Daniel Helgenberger
> m box bewegtbild GmbH
>
> P: +49/30/2408781-22
> F: +49/30/2408781-10
>
> ACKERSTR. 19
> D-10115 BERLIN
>
>
> www.m-box.de <http://www.m-box.de> www.monkeymen.tv
> <http://www.monkeymen.tv>
>
> Geschäftsführer: Martin Retschitzegger / Michaela Göllner
> Handeslregister: Amtsgericht Charlottenburg / HRB 112767
>
> _______________________________________________
> Users mailing list
> Users at ovirt.org <mailto:Users at ovirt.org>
> http://lists.ovirt.org/mailman/listinfo/users
>
>
> --
> Nathanaël Blanchet
>
> Supervision réseau
> Pôle Infrastrutures Informatiques
> 227 avenue Professeur-Jean-Louis-Viala
> 34193 MONTPELLIER CEDEX 5
> Tél. 33 (0)4 67 54 84 55
> Fax 33 (0)4 67 54 84 14
> blanchet at abes.fr <mailto:blanchet at abes.fr>
>
> _______________________________________________
> Users mailing list
> Users at ovirt.org <mailto:Users at ovirt.org>
> http://lists.ovirt.org/mailman/listinfo/users
>
>
>
>
> --
> *Yaniv Bronhaim.*
--
Nathanaël Blanchet
Supervision réseau
Pôle Infrastrutures Informatiques
227 avenue Professeur-Jean-Louis-Viala
34193 MONTPELLIER CEDEX 5
Tél. 33 (0)4 67 54 84 55
Fax 33 (0)4 67 54 84 14
blanchet at abes.fr
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ovirt.org/pipermail/users/attachments/20150925/d8aa196e/attachment-0001.html>
More information about the Users
mailing list