Hi Simon,
In Keycloak there is a way to create a 'bootstrap' administrator user (a
user that belong do Administrator group) that is automatically recognised
as oVirt admin.
Typically, you want to use that user to assign permissions in oVirt
Administrator panel[1]. I suspect that is what you really
Hi Theo,
The thing you mentioned - ovirt-administrator groups is a special construct
with a purpose of having bootstrapped ovirt admin user for the new oVirt
installations. This explains why Keycloak users assigned to that group, can
for example, create new VMs.
Keycloak server bundled into
Hi,
For new environment I would recommend to clean it and start from
scratch. During engine-setup just provide 'No' to keycloak related
questions
.
In case you already have a working setup, then please take a look into
this thread [1]. It's a bit old but the procedure worked that time.
[1]
org
> Privacy Statement: https://www.ovirt.org/privacy-policy.html
> oVirt Code of Conduct:
> https://www.ovirt.org/community/about/community-guidelines/
> List Archives:
> https://lists.ovirt.org/archives/list/users@ovirt.org/message/EAQBIPA3YS54C6BKRBIEPN
ith the defaults, the password is the same.
Next, scroll down, click ‘Test’ and make sure it is successful before
submitting the change.
Up to my best knowledge these steps should be sufficient to fully revert to
legacy AAA on the existing Keycloak enabled environment.
Fingers crossed!
Artur
t: https://www.ovirt.org/privacy-policy.html
> oVirt Code of Conduct:
> https://www.ovirt.org/community/about/community-guidelines/
> List Archives:
> https://lists.ovirt.org/archives/list/users@ovirt.org/message/6HNKNAXW2ACO5VAJAH2BTMD3T3BKTUHK/
>
--
Artur Soch
ives/list/users@ovirt.org/message/CDGPSSGLGLUP6J352ONQDDCJLYYIV46I/
>
--
Artur Socha
Senior Software Engineer, RHV
Red Hat
___
Users mailing list -- users@ovirt.org
To unsubscribe send an email to users-le...@ovirt.org
Privacy Statement: https://www
t; Privacy Statement: https://www.ovirt.org/privacy-policy.html
> oVirt Code of Conduct:
> https://www.ovirt.org/community/about/community-guidelines/
> List Archives:
> https://lists.ovirt.org/archives/list/users@ovirt.org/message/UHEK3DEX
onduct:
> https://www.ovirt.org/community/about/community-guidelines/
> List Archives:
> https://lists.ovirt.org/archives/list/users@ovirt.org/message/F7BHAD6DJ66QYTYQCLAZ5F4DSTH6VDU3/
>
--
Artur Socha
Senior Software Engineer, RHV
Red Hat
__
dhat.com/show_bug.cgi?id=2101474
[4] https://www.keycloak.org/archive/documentation-15.0.html
Please, let us know if you have any questions/concerns.
Last, but not least, any contributions or bug reports are more than
welcomed!
thanks!
Artur
--
Artur Socha
Senior Software Engineer, RHV
Red Hat
... and I forgot to mention that you would need to enable openidc auth
module before installing it:
$ dnf module enable mod_auth_openidc:2.3 -y
Artur
On Tue, Jun 28, 2022 at 10:38 AM Artur Socha wrote:
> Hi Moula,
> I am a bit confused with Centos Stream 8.6. There is Centos St
@ovirt.org/message/U667QVSPA3BR3PQVQGRLYGBQ3TIUPNBX/
>
--
Artur Socha
Senior Software Engineer, RHV
Red Hat
___
Users mailing list -- users@ovirt.org
To unsubscribe send an email to users-le...@ovirt.org
Privacy Statement: https://www.ovirt.org/privacy-pol
.dal.dbbroker.SimpleJdbcCallsHandler.executeReadList(SimpleJdbcCallsHandler.java:105)
> at
> org.ovirt.engine.core.dal//org.ovirt.engine.core.dao.TagDaoImpl.getAllForParent(TagDaoImpl.java:82)
> at
> deployment.engine.ear.bll.jar//org.ovirt.engine.core.bll.TagsDirecto
Privacy Statement: https://www.ovirt.org/privacy-policy.html
> oVirt Code of Conduct:
> https://www.ovirt.org/community/about/community-guidelines/
> List Archives:
> https://lists.ovirt.org/archives/list/users@ovirt.org/message/6USYSPBHOVD4JMOQZMZVEFOPNXJIJMBS/
>
--
Artur Socha
Senior Software
t the way to
>> configure the oauth2 token lifetime. I mean, we usually use the
>> engine-config for this kind of thing, but it seems there is currently no
>> way to do this with engine-config.
>>
>> Where can I configure this?
>>
>
> +Artur Socha +Martin Pe
To unsubscribe send an email to users-le...@ovirt.org
> Privacy Statement: https://www.ovirt.org/privacy-policy.html
> oVirt Code of Conduct:
> https://www.ovirt.org/community/about/community-guidelines/
> List Archives:
> https://lists.ovirt.org/archives/list/users@ovirt.org/message/EREU
>
>
> > On 9 Aug 2021, at 17:56, Artur Socha wrote:
> >
> > Actually you could even make 3 thread dumps in 30second intervals.
> > Artur
> >
> > On Mon, Aug 9, 2021 at 4:53 PM Artur Socha wrote:
> > Unfortunately I don't see anything wrong in both en
virt-imageio
> ovirt-vmconsole rpc-bind snmp ssh vdsm
> ports: 2301/tcp 2381/tcp 22/tcp 6081/udp
> protocols:
> forward: no
> masquerade: no
> forward-ports:
> source-ports:
> icmp-blocks:
> rich rules:
> [root@node14 andrei]#
>
>
> vdsm-client
Actually you could even make 3 thread dumps in 30second intervals.
Artur
On Mon, Aug 9, 2021 at 4:53 PM Artur Socha wrote:
> Unfortunately I don't see anything wrong in both engine and vdsm logs.
> There is one last thing that comes to my mind that you try - restart
> engin
start via SSH from oVirt Web GUI works.
> oVirt engine runs on dedicated server, not hosted engine.
>
>
>
>
> On 9 Aug 2021, at 11:24, Artur Socha wrote:
>
> Hi Andrei,
> Could you also post a relevant piece of engine.log? I don't have high
> expectations to fi
-le...@ovirt.org
> Privacy Statement: https://www.ovirt.org/privacy-policy.html
> oVirt Code of Conduct:
> https://www.ovirt.org/community/about/community-guidelines/
> List Archives:
> https://lists.ovirt.org/archives/list/users@ovirt.org/message/55M65W57Z43ZVPOARDTK7HKHCAMAUGO5/
>
/www.ovirt.org/community/about/community-guidelines/
> List Archives:
> https://lists.ovirt.org/archives/list/users@ovirt.org/message/SV4ENLDTVHIPV7EKFCA4EPQNRHAPDV4N/
>
--
Artur Socha
Senior Software Engineer, RHV
Red Hat
___
Users mailing list -- users@ovir
Hi Nicolás,
First thing would be to check engine's logs
/var/log/ovirt-engine/engine.log. Would it be possible to post here a
snippet from the time this issue occurred?
There might be something in audit log as well (from the admin's account)
cheers,
Artur
On 24.02.2021 11:48, Nicolás wrote:
>
>
>
>
>
>
>
>
>
> But why cannot login ?
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
> ___
> Users mailing list -- users@ovirt.org
> To unsubscribe send an emai
0:05"
> "56:6f:86:41:00:15"
>
> "56:6f:86:41:00:16"
> "56:6f:86:41:00:17"
> "56:6f:86:41:00:18"
> "56:6f:86:41:00:19"
>
>
> # Note one field is "null"
>
> Question:
> 1) is this bad?
>
mmediately report the error to the sender and permanently delete
> this email from all storage devices.
>
> This email has been scanned for viruses and malware, and may have been
> automatically archived by *Mimecast Ltd*, an innovator in Software as a
> Service (SaaS) for
t; compliance. To find out more Click Here
> <https://www.voxtelecom.co.za/security/mimecast/?prod=Enterprise>.
>
>
>
> ___
> Users mailing list -- users@ovirt.org
> To unsubscribe send an email to users-le...@ovirt.org
> P
ly ignored.
Here is BZ with details:
https://bugzilla.redhat.com/show_bug.cgi?id=1849569
best,
Artur
On Tue, Jun 23, 2020 at 5:03 PM Artur Socha wrote:
> On Tue, 2020-06-23 at 14:41 +, Anton Louw wrote:
>
>
>
> Hi Artur,
>
>
>
> Apologies for the late response. So we have downgr
affected host
on engine:
# incoming traffic
sudo tcpdump -i -c 1000 -nnvvS src
Artur
On Thu, Aug 6, 2020 at 4:51 PM Artur Socha wrote:
> Thanks Nardus,
> After a quick look I found what I was suspecting - there are way too many
> threads in Blocked state. I don't know yet t
dump_3.txt
>
> Regards
>
> Nar
>
> On Thu, 6 Aug 2020 at 15:55, Artur Socha wrote:
>
>> Sure thing.
>> On engine host please find jboss pid. You can use this command:
>>
>> ps -ef | grep jboss | grep -v grep | awk '{
gt; Hi
>
> Can create thread dump, please send details on howto.
>
> Regards
>
> Nardus
>
> On Thu, 6 Aug 2020 at 14:17, Artur Socha wrote:
>
>> Hi Nardus,
>> You might have hit an issue I have been hunting for some time ( [1] and
>> [2] ).
>
>>
>> >>[org.ovirt.engine.core.dal.dbbroker.auditloghandling.AuditLogDirector]
>> >> >(EE-ManagedThreadFactory-engineScheduled-Thread-70) [] EVENT_ID:
>> >> >VDS_BROKER_COMMAND_FAILURE(10,802), VDSM someserver command Get Host
>> >> &
On Mon, 2020-06-22 at 15:14 +0200, Artur Socha wrote:
> Anton,
> I managed to re-create the issue on my local environment.
> Previously I tested it against Keycloak 8.0.1 with users loaded from LDAP.
> Currently I have users/groups created via Keycloak management panel. I need to
&
A: Rutherford Estate, 1 Scott Street, Waverley, Johannesburg
>
> www.vox.co.za
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
> From: Artur Socha
>
>
> Sent: 22 June 2020 11:23
>
> To: Anton Louw ; users@ovirt.org
>
> Cc: Stephen Hutchi
t;7"
>
> CentOS Linux release 7.7.1908 (Core)
> CentOS Linux release 7.7.1908 (Core)
>
> KeyCloak –
>
>
>
>
>
>
> Server Version
>
>
>
> 10.0.1
>
>
>
>
>
> Thanks a lot for your help Artur. Please let me know
S
cat /etc/*elease
I'll submit a bug ... which, most likely, I will assign to myself anyway :)
Artur
> Thanks
>
>
>
> From: Artur Socha
>
>
> Sent: 19 June 2020 12:16
>
> To: Anton Louw ; users@ovirt.org
>
> Cc: Stephen Hutchinson
>
&g
rying to understand what happened and how to reproduce it before submitting the
bug into http://bugzilla.redhat.com id="-x-evo-selection-start-marker">
>
> Thanks
>
>
>
>
>
>
> Anton Louw
>
>
> Cloud Engineer: Storage and Virtualization at Vox
>
>
>
>
>
>
>
>
>
>
>
>
> T: 087 805 | D: 087 805 1572
> M: N/A
>
> E: anton.l...@voxtelecom.co.za
> A: Rutherford Estate, 1 Scott Street, Waverley, Johannesburg
>
> www.vox.co.za
>
>
>
>
>
>
>
On Fri, 2020-06-19 at 07:35 +, Anton Louw via Users wrote:
>
>
>
> Hi Everybody,
Hi Anton,
>
>
> So I have implemented KeyCloak into our oVirt environment, which works, up
> until a point. So WebUI access works, but when calling the API, using:
>
>
> curl -k -H "Accept:
On Thu, 2020-05-07 at 13:07 +, Anton Louw via Users wrote:
>
>
>
> Hi All,
>
>
>
> One of my nodes went into a unresponsive state, but the VMs running on that
> host are still up. I just want to know, can I restart VDSM on that node, or
> will it impact the running VMs? In
On Wed, 2020-04-22 at 14:43 +0200, Artur Socha wrote:
> On Wed, 2020-04-22 at 12:28 +, Anton Louw wrote:
> >
> >
> >
> > Hi Artur,
> >
> >
> >
> > You are a champion! I can access oVirt now. Thank you so much.
> >
> Y
@voxtelecom.co.za
> A: Rutherford Estate, 1 Scott Street, Waverley, Johannesburg
>
> www.vox.co.za
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
> From: Artur Socha
>
>
> Sent: 22 April 2020 13:21
>
> To: Anto
On Wed, 2020-04-22 at 13:09 +0200, Artur Socha wrote:
> On Wed, 2020-04-22 at 10:42 +, Anton Louw wrote:
> >
> > Ok so this is definitely looking better. I get an error, but at least now it
> > is saying : “The user admin@openidchttp is not author
Louw
> Sent: 22 April 2020 12:38
> To: Artur Socha ; users@ovirt.org
> Subject: RE: [ovirt-users] oVirt and KeyCloak intergration
>
> Perfect, I’ll test and let you know.
>
> Thanks
>
> From: Artur Socha
> Sent: 22 April 2020 12:32
> To: Anton Louw ;
is ok.
> Thanks
>
>
>
>
>
>
>
> Anton Louw
>
>
> Cloud Engineer: Storage and Virtualization at Vox
>
>
>
>
>
>
> T: 087 805 | D: 087 805 1572
> M: N/A
>
> E: anton.l...@voxtelecom.co.za
> A: Rutherford Estate, 1 Scott Street,
45 matches
Mail list logo