Re: [I] Host is showing as unsecure not matter how it is added. [cloudstack]

Tue, 19 Dec 2023 09:02:42 -0800 


Fozzman commented on issue #8379:
URL: https://github.com/apache/cloudstack/issues/8379#issuecomment-1863152631

   Thank you very much! It worked like a champ! I will close the issue as 
resolved. Very much appreciated.
   
   From: João Jandre ***@***.***>
   Date: Tuesday, December 19, 2023 at 11:36 AM
   To: apache/cloudstack ***@***.***>
   Cc: Fozzman ***@***.***>, Mention ***@***.***>
   Subject: Re: [apache/cloudstack] Host is showing as unsecure not matter how 
it is added. (Issue #8379)
   
   Hello @Fozzman<https://github.com/Fozzman>,
   
   The Unsecure state in ACS indicates that the Libvirt service has been 
configured to start with TCP. For the host to be marked with the Up state, 
Libvirt must be configured to start with TLS. However, during installation of 
the ACS Agent for KVM, some sockets are automatically masked, including the TLS 
socket; making it necessary to unmask them manually. To unmask the sockets and 
reestablish communication via TLS, the following steps are needed:
   
     1.  Unmask sockets:
   
   systemctl unmask libvirtd-admin.socket
   
   systemctl unmask libvirtd-ro.socket
   
   systemctl unmask libvirtd-tcp.socket
   
   systemctl unmask libvirtd-tls.socket
   
   systemctl unmask libvirtd.socket
   
     1.  Stop the libvirtd service:
   
   systemctl stop libvirtd
   
     1.  Start libvirtd-tls.socket
   
   systemctl start libvirtd-tls.socket
   
     1.  Restart the ACS agent:
   
   systemctl restart cloudstack-agent
   
     1.  Enable socket libvirt-tls
   
   systemctl enable libvirtd-tls.socket
   
   With this, Libvirt should start with TLS and ACS will mark it with the 
status Up, instead of Unsecure.
   
   —
   Reply to this email directly, view it on 
GitHub<https://github.com/apache/cloudstack/issues/8379#issuecomment-1863105278>,
 or 
unsubscribe<https://github.com/notifications/unsubscribe-auth/AZHFIEKPHBLQ7BJW4AKYWSDYKG677AVCNFSM6AAAAABA3EYXC6VHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMYTQNRTGEYDKMRXHA>.
   You are receiving this because you were mentioned.Message ID: ***@***.***>
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: [email protected]

For queries about this service, please contact Infrastructure at:
[email protected]

Reply via email to