Hi,

On 3/24/20 10:28 AM, Milan Zamazal wrote:
Hi, I've experienced a problem with host deploy and oVirt master last
week in an environment with TLS disabled.  When I install/reinstall a
4.4 host, it removes the following options from
/etc/libvirt/libvirtd.conf:

   ca_file="/etc/pki/vdsm/certs/cacert.pem"
   cert_file="/etc/pki/vdsm/certs/vdsmcert.pem"
   key_file="/etc/pki/vdsm/keys/vdsmkey.pem"

As a result, libvirt refuses to start, complaining about missing
certificates and keys in their default locations.
And this is where things start to get blurry...
Since you're trying out a non-TLS environment I guess that vdsm-tool added to 'libvirtd.conf':

auth_tcp: "none"
listen_tcp: 1
listen_tls: 0

right?

But supervdsmd's service definition still requires libvirtd-tls.socket and that might cause libvirtd to complain. Could you please try manually removing the libvirtd-tls.socket dependency, disabling this unit and see if libvirtd still complains?

Does anybody who uses a non-TLS environment experience the same problem?
Can it be related to the fact that we require libvirtd-tls service from
the split libvirtd services now?

(Yes, I know TLS should always be used, but that is a shared development
environment where TLS is disabled for whatever reason.)

Thanks,
Milan

_______________________________________________
Devel mailing list -- devel@ovirt.org
To unsubscribe send an email to devel-le...@ovirt.org
Privacy Statement: https://www.ovirt.org/privacy-policy.html
oVirt Code of Conduct: 
https://www.ovirt.org/community/about/community-guidelines/
List Archives: 
https://lists.ovirt.org/archives/list/devel@ovirt.org/message/PH4B7575KETQMXFW523TAEORPNNZ3F62/

Reply via email to