[ovirt-users] Re: oVirt CLI tool for automation tasks
A long time ago I created this https://github.com/fbacchella/ovirtcmd and still use it. > Le 19 juin 2024 à 16:21, munnadaw...@gmail.com a écrit : > > > We recently migrated from VMware to oVirt. I am looking for any CLI tool well > suited for my automation tasks like VM create, clone, migrate 100s of Virtual > machines in oVirt cluster. > with VMware I was using govc (vSphere CLI built on top of govmomi). Another > option I read is powercli, quite unsure if it works with oVirt. > Any suggestions would be highly appreciated. > > Thanks! > ___ > Users mailing list -- users@ovirt.org > To unsubscribe send an email to users-le...@ovirt.org > Privacy Statement: https://www.ovirt.org/privacy-policy.html > oVirt Code of Conduct: > https://www.ovirt.org/community/about/community-guidelines/ > List Archives: > https://lists.ovirt.org/archives/list/users@ovirt.org/message/5D4T7U5BVMO4S57PAKWNIYJOL2CU6TGL/ ___ Users mailing list -- users@ovirt.org To unsubscribe send an email to users-le...@ovirt.org Privacy Statement: https://www.ovirt.org/privacy-policy.html oVirt Code of Conduct: https://www.ovirt.org/community/about/community-guidelines/ List Archives: https://lists.ovirt.org/archives/list/users@ovirt.org/message/3XVEOQF6T5OY7XG252WI3JFGBO7YZKDQ/
[ovirt-users] Re: PKIX path validation failed
Did you try to drop valid certificates in /etc/pki/tls/certs and run `update-ca-trust extract ` ? (see https://fedoraproject.org/wiki/Features/SharedSystemCertificates for details) If you use an openjdk jvm, and not temurin or oracle JDK, that should be enough. > Le 10 juin 2024 à 15:47, Ali Gusainov a écrit : > > Hello experts. > > Environment: > oVirt: Software Version:4.4.10.7-1.el8 > OS: CentOS Linux release 8.5.2111 > > Symptoms: > 1. At login prompt I see this: > "PKIX path validation failed: java.security.certCertPathValidatorException: > validity check failed" > which successfully resolved by "engine-setup --offline" > 2. Now the host at 'Unassigned' status and all VMs marked with '?' symbol. > At vdsm.log I found message: > ERROR (Reactor thread) [ProtocolDetector.SSLHandshakeDispatcher] ssl > handshake: socket error, address: :::. (sslutils:272) > At engine.log I found messages: > ERROR [org.ovirt.engine.core.vdsbroker.monitoring.HostMonitoring] > (EE-ManagedScheduledExecutorService-engineScheduledThreadPool-Thread-2) [] > Unable to RefreshCapabilities: VDSNetworkException: VDSGenericException: > VDSNetworkException: PKIX path validation failed: > java.security.cert.CertPathValidatorException: validity check failed > ... > 2024-06-10 17:54:13,576+05 ERROR > [org.ovirt.engine.core.vdsbroker.monitoring.HostMonitoring] > (EE-ManagedScheduledExecutorService-engineScheduledThreadPool-Thread-8) [] > Unable to RefreshCapabilities: VDSNetworkException: VDSGenericException: > VDSNetworkException: PKIX path validation failed: > java.security.cert.CertPathValidatorException: validity check failed > > Cause: > Certificate expired. > > Questions: > 1. How to bring host 'Online'? > 2. How to properly update SSL? > ___ > Users mailing list -- users@ovirt.org > To unsubscribe send an email to users-le...@ovirt.org > Privacy Statement: https://www.ovirt.org/privacy-policy.html > oVirt Code of Conduct: > https://www.ovirt.org/community/about/community-guidelines/ > List Archives: > https://lists.ovirt.org/archives/list/users@ovirt.org/message/ERNPMYZDMRJAEWQI5VZJMX4YOK3TJWS5/ ___ Users mailing list -- users@ovirt.org To unsubscribe send an email to users-le...@ovirt.org Privacy Statement: https://www.ovirt.org/privacy-policy.html oVirt Code of Conduct: https://www.ovirt.org/community/about/community-guidelines/ List Archives: https://lists.ovirt.org/archives/list/users@ovirt.org/message/5HPVZKQM4JSVE4ISJSF5ZCMUFFPMET23/
[ovirt-users] Migrating Engine to a new host
To upgrade both hardware and software for the engine, I will move it to a different physical server, with a different hostname. The HTTP interface to manage it is handled by my own PKI, so I managed it myself and don’t request help from oVirt. But I wonder if there is other trap that I will need to check. Will old hosts accept communication for a new engine once I will have migrated the database ? ___ Users mailing list -- users@ovirt.org To unsubscribe send an email to users-le...@ovirt.org Privacy Statement: https://www.ovirt.org/privacy-policy.html oVirt Code of Conduct: https://www.ovirt.org/community/about/community-guidelines/ List Archives: https://lists.ovirt.org/archives/list/users@ovirt.org/message/L43M2ZTJYBB4H43IW7QWPOMBJPRLRTPN/
[ovirt-users] Re: CVE-2024-1597
I think there is a typo in the announcement. 42.2.8 is 4 year old, 42.2.28 was issued this night. That’s suspicious. > Le 21 févr. 2024 à 09:24, Sandro Bonazzola a écrit : > > I'm not an expert on this topic, but according engine's pom we are using > 42.2.27 which doesn't seem to be in the list of the affected version on > https://github.com/advisories/GHSA-xfg6-62px-cxc2 > > Il giorno mer 21 feb 2024 alle ore 09:09 Fabrice Bacchella via Users > mailto:users@ovirt.org>> ha scritto: >> Does oVirt is exposed to CVE-2024-1597 ? >> >> To be exposed, the jdbc driver needs to be used with PreferQueryMode=SIMPLE. >> Is that the situation ? >> ___ >> Users mailing list -- users@ovirt.org <mailto:users@ovirt.org> >> To unsubscribe send an email to users-le...@ovirt.org >> <mailto:users-le...@ovirt.org> >> Privacy Statement: https://www.ovirt.org/privacy-policy.html >> oVirt Code of Conduct: >> https://www.ovirt.org/community/about/community-guidelines/ >> List Archives: >> https://lists.ovirt.org/archives/list/users@ovirt.org/message/MORV4QFHRUUKWEWTXSLUWKADCF7YTYW6/ > > > -- > Sandro Bonazzola > MANAGER, SOFTWARE ENGINEERING > Red Hat In-Vehicle Operating System > Red Hat EMEA <https://www.redhat.com/> > <https://www.redhat.com/> > Red Hat respects your work life balance. Therefore there is no need to answer > this email out of your office hours. > > ___ Users mailing list -- users@ovirt.org To unsubscribe send an email to users-le...@ovirt.org Privacy Statement: https://www.ovirt.org/privacy-policy.html oVirt Code of Conduct: https://www.ovirt.org/community/about/community-guidelines/ List Archives: https://lists.ovirt.org/archives/list/users@ovirt.org/message/U6RRN65LSS3NOMSR2LLT5QJAN3NNK2OA/
[ovirt-users] CVE-2024-1597
Does oVirt is exposed to CVE-2024-1597 ? To be exposed, the jdbc driver needs to be used with PreferQueryMode=SIMPLE. Is that the situation ?___ Users mailing list -- users@ovirt.org To unsubscribe send an email to users-le...@ovirt.org Privacy Statement: https://www.ovirt.org/privacy-policy.html oVirt Code of Conduct: https://www.ovirt.org/community/about/community-guidelines/ List Archives: https://lists.ovirt.org/archives/list/users@ovirt.org/message/MORV4QFHRUUKWEWTXSLUWKADCF7YTYW6/
[ovirt-users] Failed certificate expiration
I missed the certificate expiration for the oVirt PKI. So the engine is now totally unable to talk to the hosts. Is there any documentation for this kind of failure recovery ? ___ Users mailing list -- users@ovirt.org To unsubscribe send an email to users-le...@ovirt.org Privacy Statement: https://www.ovirt.org/privacy-policy.html oVirt Code of Conduct: https://www.ovirt.org/community/about/community-guidelines/ List Archives: https://lists.ovirt.org/archives/list/users@ovirt.org/message/QBLLPHW3DNQMI65LBIK7SVNQQVZOMAJB/