[ovirt-users] Unable to backend oVirt with Cinder

Logan Kuhn logank at wolfram.com
Wed Aug 31 13:27:35 UTC 2016 

Thank you for your response, but unfortunately it still doesn't work. 

I can do cinder-ey things from the command line, including cinder list, type-show, create. The keystonerc_admin file that I use matches yours with the relevant bits changed for my environment, password, region etc. I've filled out the External Provider dialog with the admin user, cinder user and a new user. The dialog reports that it Failed to communicate with the external provider and to consult the log. The log reports the following: 

2016-08-31 08:04:21,518 INFO [org.ovirt.engine.core.bll.provider.TestProviderConnectivityCommand] (default task-46) [20342b40] Running command: TestProviderConnectivityCommand internal: false. Entities affected : ID: aaa00000-0000-0000-0000-123456789aaa Type: SystemAction group CREATE_STORAGE_POOL with role type ADMIN 
2016-08-31 08:04:21,546 ERROR [org.ovirt.engine.core.bll.provider.storage.AbstractOpenStackStorageProviderProxy] (default task-46) [20342b40] Unauthorized (OpenStack response error code: 401) 
2016-08-31 08:04:21,546 ERROR [org.ovirt.engine.core.bll.provider.TestProviderConnectivityCommand] (default task-46) [20342b40] Command 'org.ovirt.engine.core.bll.provider.TestProviderConnectivityCommand' failed: EngineException: (Failed with error PROVIDER_FAILURE and code 5050) 

Which is very obvious that the username/auth that ovirt is sending isn't allowed to create, but it's using the same username/password that's in the keystonerc_admin file that I can do various command line things with. 

This is my keystonerc_admin file: 

OS_AUTH_URL=http://10.128.7.252:5000/v3 
OS_PASSWORD=adminpass 
OS_PROJECT_DOMAIN_NAME=default 
OS_PROJECT_NAME=admin 
OS_REGION_NAME=WRI 
OS_TENANT_NAME=admin 
OS_USERNAME=admin 
OS_USER_DOMAIN_NAME=default 

I had to make add certain fields and change the auth url to v3 otherwise it reported either a malformed URL or more commonly, 401 Unauthorized. Which made me wonder if it's a compatibility issue with the v3 API. I've been working with Openstack Mitaka and ovirt 4.0.2 and 4.0.3 

Regards, 
Logan 

----- On Aug 31, 2016, at 6:07 AM, Natalie Gavrilov <ngavrilo at redhat.com> wrote: 

| Hi Logen,

| I'll refer only to using authentication , because I had configured it
| previously.
| This means: /etc/cinder/cinder.conf should have: auth_strategy = keystone
| I'm using keystonerc file, example keystonerc_admin:
| ----------------------------------------------------------------------------
| unset OS_SERVICE_TOKEN
| export OS_USERNAME=admin
| export OS_PASSWORD=password
| export OS_AUTH_URL=http://CINDER-HOST:5000/v2.0
| export PS1='[\u@\h \W(keystone_admin)]\$ '

| export OS_TENANT_NAME=admin
| export OS_REGION_NAME=RegionOne
| ----------------------------------------------------------------------------

| This will be step by step as much as possible just to make sure nothing is
| missed (assuming Cinder and Ceph are configured correctly).

| Go to:
| External providers -> Add
| Fill in the fields:
| Name:
| Type: OpenStack Volume
| Provider url: http://CINDER_HOST:8776
| Check "Requires Authentication"

| Fill in the information, this is an example:
| Username: admin
| Password: password
| Tenant name: admin
| Authentication URL: http://CINDER-HOST:5000/v2.0

| Test should return "Test succeeded, managed to access provider."
| Now click Ok.

| Now lets configure additional information:

| Lower pane: Authentication Keys
| Click on: New
| Fill in UUID field with rbd_secret_uuid
| and value :which is the key (it's in /etc/ceph/ceph.client.USERNAME.keyring)

| Hope this helps..

| Regards,
| Natalie

| From: "Aharon Canan" < acanan at redhat.com >
| To: "Natalie Gavrilov" < ngavrilo at redhat.com >
| Sent: Wednesday, August 31, 2016 8:53:22 AM
| Subject: Fwd: [ovirt-users] Unable to backend oVirt with Cinder

| Hi

| Can you help with below?
| This is community email and will be great if you can help this guy.

| Aharon
| ---------- Forwarded message ----------
| From: Logan Kuhn < logank at wolfram.com >
| Date: Tue, Aug 30, 2016 at 11:07 PM
| Subject: [ovirt-users] Unable to backend oVirt with Cinder
| To: users < users at ovirt.org >

| I've got Cinder configured and pointed at Ceph for it's back end storage.
| I can run ceph commands on the cinder machine and cinder is configured for
| noauth and I've also tried it with Keystone for auth. I can run various
| cinder commands and it'll return as expected.

| When I configure it in oVirt it'll add the external provider fine, but when
| I go to create a disk it doesn't populate the volume type field, it's just
| empty. The corresponding command for cinder: cinder type-list and cinder
| type-show <name> returns fine and it is public.

| Ovirt and Cinder are on the same host so it isn't a firewall issue.

| Cinder config:
| [DEFAULT]
| rpc_backend = rabbit
| #auth_strategy = keystone
| auth_strategy = noauth
| enabled_backends = ceph
| #glance_api_servers = http://10.128.7.252:9292
| #glance_api_version = 2

| #[keystone_authtoken]
| #auth_uri = http://10.128.7.252:5000/v3
| #auth_url = http://10.128.7.252:35357/v3
| #auth_type = password
| #memcached_servers = localhost:11211
| #project_domain_name = default
| #user_domain_name = default
| #project_name = services
| #username = user
| #password = pass

| [ceph]
| volume_driver = cinder.volume.drivers.rbd.RBDDriver
| volume_backend_name = ceph
| rbd_pool = ovirt-images
| rbd_user = cinder
| rbd_secret_uuid = <secret>
| rbd_ceph_conf = /etc/ceph/ceph.conf
| rbd_flatten_volume_from_snapshot = true
| rbd_max_clone_depth = 5
| rbd_store_chunk_size = 4
| rados_connect_timeout = -1
| #glance_api_version = 2

| [database]
| connection = postgresql:// user:pass at 10.128.2.33/cinder

| [oslo_concurrency]
| lock_path = /var/lib/cinder/tmp

| [oslo_messaging_rabbit]
| rabbit_host = localhost
| rabbit_port = 5672
| rabbit_userid = user
| rabbit_password = pass

| Regards,
| Logan

| _______________________________________________
| Users mailing list
| Users at ovirt.org
| http://lists.ovirt.org/mailman/listinfo/users
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ovirt.org/pipermail/users/attachments/20160831/bf966197/attachment-0001.html>

More information about the Users mailing list