[ovirt-users] New user intro & some questions

2015-01-29 Thread George Skorup 

Hello oVirt Users Community,

I've been working with Red Hat and RHEL and clones for about 11 years, 
though I do still consider myself amateur mostly because I'm more of a 
networking guy. :) One-man IT department so I get very little time to 
tinker.


I'm evaluating oVirt (because the boss said no to VMware) and will 
likely begin implementation soon to virtualize our datacenter. So I have 
a SuperMicro Twin2 (4 nodes) system and a cheap managed L2+ switch to 
use for now. Dual 6-core Xeon's and 24GB per node. The two on-board 
82574L's are bonded 802.3ad, no issues there (so far). I currently have 
two 1TB WD RE4 SATA drives configured as RAID1 using the Intel RAID BIOS 
in each node. I understand this is software RAID. That's all working 
fine and I did this so that if a drive dies then I can still boot the 
machine(s). I have a 500MB partition formatted as ext4 for /boot. A 48GB 
ext4 for the root. 24GB for swap. And finally the rest (800-something 
GB) is LVM and XFS for Gluster.


I've been following Jason Brooks' "Up and Running with oVirt" guides 
(which are great, BTW!). I have the cluster up and running with CentOS 7 
and oVirt 3.5, hosted-engine on CentOS 6.6 and CTDB to host a virtual IP 
for the engine NFS mount. There are a couple test VMs running along with 
the engine on various nodes. I found it interesting that I was able to 
upload a ripped ISO of Win 2k3 Enterprise (not SP2) and was able to 
successfully boot it, after which I promptly installed SP2 and oVirt 
guest tools. I do very little with Windows, but there's always that one 
remaining customer that needs IIS and we're not about to buy a new 
Windows Server 2012 license just for them.


So anyway, I'm having a problem with node reboots. They simply will not 
shut down and reboot cleanly. Instead, it looks like they hang after all 
processes are shut down, or at least attempted to be shut down. Then 
after a couple minutes, the hardware watchdog resets the system. I've 
came to the conclusion that sanlock and/or wdmd is causing the hangup. 
I'm guessing an active but non-responsive NFS mount is the culprit, 
possibly the ISO domain NFS mount which is on the engine? I've tried 
manually shutting down all oVirt, VDSM, etc. processes, unmounting all 
NFS shares, but it seems sanlock still has a hold on something in 
/rhev/.. I've Google'd a bit and have come across posts about this as 
well. Any tips here?


Then I experienced something else odd yesterday. I did a yum update for 
the glibc vulnerability stuff. Gluster was updated as well which really 
threw a wrench into things because I wasn't paying attention and quorum 
broke, etc. I got that fixed. Rebooted all nodes (which is when I found 
the sanlock/watchdog problem). Nodes 2, 3 and 4 came back up, but node1 
did not. I logged into the IPKVM console and found that it had no 
network configuration. All /etc/sysconfig/network-scripts/ifcfg-* files 
were gone. I was able to manually reconfigure the physical interfaces, 
set the bonding back up and add the ovirtmgmt bridge. But then the 
engine reported the host as non-operational due to '..does not comply 
with cluster default networks... ovirtmgmt missing' which I was able to 
resolve by reconfiguring the host's network config within the engine GUI 
and all is now well. I'm just curious how/why the ifcfg files were wiped 
out? I haven't touched the network config on any hosts since running 
hosted-engine --deploy.


Please forgive my ignorance and point me to the correct place if these 
issues have been discussed and/or resolved already.


And overall I'm very much liking oVirt, especially as a viable and 
cost-effective alternative to vSphere.


Thanks,
George
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] [Users] A mobile monitoring application for oVirt

2015-01-29 Thread Gianluca Cecchi 
Il 29/Gen/2015 19:50 "Sphoorti Joglekar"  ha
scritto:
>
> Hello,
>
> Could you share the IP address URL you used? Also is the Admin Privilege
check box checked or unchecked?
>
The same happens with my Samsung note pro and 4.4.2 .
Probably it is needed to have the engine hostname in DNS ?
In that case I can setup one of the VM with bind and configure my
Smartphone and ttablet to me the ip of that VM as DNS server...
The lan is a local lan so I can't share its ip address
Gianluca
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] [Users] A mobile monitoring application for oVirt

2015-01-29 Thread Sphoorti Joglekar 
Hello,

Could you share the IP address URL you used? Also is the Admin Privilege
check box checked or unchecked?

Best Regards,
Sphoorti
On Jan 29, 2015 11:59 PM, "Gianluca Cecchi" 
wrote:

>
> hello,
> using the ip address with "disable https" works to see events and such,
> but if I click on vm line (both if VM is powered on or off) movirt
> terminates.
> I only use admin@internal, giving him power user role access to the vm;
> in fact I can connect to it from user portal with admin@internal)
> If I download the certificate and then try to use https I get this error
> message when starting movirt and selecting load button:
>
> https://drive.google.com/file/d/0BwoPbcrMv8mvX2ZKUVdRUW5OLUU/view?usp=sharing
>
> any special thing to do with certificate?
>
> Gianluca
>
>
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] oVirt 3.5.1 user permissions

2015-01-29 Thread Oved Ourfali 

On Jan 29, 2015 8:32 PM, Gianluca Cecchi  wrote:
>
> On Thu, Jan 29, 2015 at 6:13 PM, Oved Ourfali  wrote:
>>
>>
>> On Jan 29, 2015 7:00 PM, Gianluca Cecchi  wrote:
>> >
>> >
>> > Il 29/gen/2015 15:13 "Yaniv Dary"  ha scritto:
>> > >
>> > > WebAdmin is for admin and has permissions to see anything in the system.
>> > > For power users please use the power user portal
>> >
>> > Power user portal doesn't exist any more or did I miss anything?
>>
>> We have the webadmin and the user portal. If you have permissions like power user role, then when you login to the user portal you have access to a different view which is the power user portal.
>
> BTW: I'm not the one who openend the thread
>
> In fact. Power user portal was used in RHEV 2.2 time..
> If I give power user role to a vm for a user, than when the user (included admin@internal) open user portal, he can see the vm and work with it...
>
But power user role on the DC for example, should give you permissions to access the power user portal, in which you can create VMs
> Gianluca

___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] oVirt 3.5.1 user permissions

2015-01-29 Thread Gianluca Cecchi 
On Thu, Jan 29, 2015 at 6:13 PM, Oved Ourfali  wrote:

>
> On Jan 29, 2015 7:00 PM, Gianluca Cecchi 
> wrote:
> >
> >
> > Il 29/gen/2015 15:13 "Yaniv Dary"  ha scritto:
> > >
> > > WebAdmin is for admin and has permissions to see anything in the
> system.
> > > For power users please use the power user portal
> >
> > Power user portal doesn't exist any more or did I miss anything?
>
> We have the webadmin and the user portal. If you have permissions like
> power user role, then when you login to the user portal you have access to
> a different view which is the power user portal.
>
BTW: I'm not the one who openend the thread

In fact. Power user portal was used in RHEV 2.2 time..
If I give power user role to a vm for a user, than when the user (included
admin@internal) open user portal, he can see the vm and work with it...

Gianluca
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] [Users] A mobile monitoring application for oVirt

2015-01-29 Thread Gianluca Cecchi 
hello,
using the ip address with "disable https" works to see events and such, but
if I click on vm line (both if VM is powered on or off) movirt terminates.
I only use admin@internal, giving him power user role access to the vm; in
fact I can connect to it from user portal with admin@internal)
If I download the certificate and then try to use https I get this error
message when starting movirt and selecting load button:
https://drive.google.com/file/d/0BwoPbcrMv8mvX2ZKUVdRUW5OLUU/view?usp=sharing

any special thing to do with certificate?

Gianluca
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] AAA

2015-01-29 Thread Alon Bar-Lev 


- Original Message -
> From: "Koen Vanoppen" 
> To: "Ondra Machacek" 
> Cc: users@ovirt.org
> Sent: Thursday, January 29, 2015 4:11:40 PM
> Subject: Re: [ovirt-users] AAA
> 
> FOUND IT!!
> 
> include = 
> 
> #
> # Active directory domain name.
> #
> #vars.domain = ldap.mydomain.com
> vars.server = ldap.mydomain.com
> 
> #
> # Search user and its password.
> #
> vars.user = juniper-ad...@mydomain.com
> vars.password = **
> 
> #
> # Optional DNS servers, if enterprise
> # DNS server cannot resolve the domain srvrecord.
> #
> vars.dns = dns:// srvdc03.mydomain.com dns:// srvdc04.mydomain.com
> 
> #pool.default.serverset.type = srvrecord

as I wrote several times, not using srvrecord for active directory will result 
in non working configuration. we need to find the root cause of your problem.

> pool.default.serverset.single.server = ${global:vars.server}
> pool.default.serverset.srvrecord.domain = ${global:vars.domain}
> pool.default.auth.simple.bindDN = ${global:vars.user}
> pool.default.auth.simple.password = ${global:vars.password}
> 
> # Uncomment if using custom DNS
> pool.default.serverset.srvrecord.jndi-properties.java.naming.provider.url =
> ${global:vars.dns}
> pool.default.socketfactory.resolver.uRL = ${global:vars.dns
> 
> 
> 
> BIG THANKS MAN!
> 
> 2015-01-29 15:00 GMT+01:00 Ondra Machacek < omach...@redhat.com > :
> 
> 
> 
> 
> On 01/29/2015 02:54 PM, Koen Vanoppen wrote:
> 
> 
> I just don't understand. Why did engine-manage-domains previously DID
> work, no problems what so ever and now I have this...
> 
> Because manage-domains didn't use global catalog. And probabaly the reason
> you don't have _ldap SRV record is that you didn't have them never and you
> just used '--ldapServers' parameter, that's why manage-domains worked with
> your domain.
> 
> Now you are using DNS, not static configuration of ldap servers.
> 
> 
> 
> 
> 2015-01-29 14:48 GMT+01:00 Ondra Machacek < omach...@redhat.com
> >:
> 
> It's same situation as before, but now you are missing ldap SRV record.
> 
> With same steps you used to add _gc SRV record add also _ldap SRV
> record. But it's strange that you don't already have them.
> 
> On 01/29/2015 02:46 PM, Koen Vanoppen wrote:
> 
> I saw that when I pressed the send button. If I do that i again
> get the
> following:
> 
> 2015-01-29 14:28:35,891 WARN
> [org.ovirt.engineextensions.__ aaa.ldap.AuthzExtension] (MSC
> service thread
> 1-1) [ovirt-engine-extension-aaa-__ ldap.authz::BRU_AIR-authz] Cannot
> initialize LDAP framework, deferring initialization. Error: An error
> occurred while attempting to query DNS in order to retrieve SRV
> records
> with name '_ldap._ tcp.ldap.mydomain.com
> < http://tcp.ldap.mydomain.com >
> < http://tcp.ldap.mydomain.com > __':
> javax.naming.__ NameNotFoundException:
> DNS name not found [response code 3]; remaining name
> '_ldap._ tcp.ldap.mydomain.com < http://tcp.ldap.mydomain.com >
> < http://tcp.ldap.mydomain.com > __'
> 2015-01-29 14:28:35,924 WARN
> [org.ovirt.engineextensions.__ aaa.ldap.AuthnExtension] (MSC
> service thread
> 1-1) [ovirt-engine-extension-aaa-__ ldap.authn::BRU_AIR-authn] Cannot
> initialize LDAP framework, deferring initialization. Error: An error
> occurred while attempting to query DNS in order to retrieve SRV
> records
> with name '_ldap._ tcp.ldap.mydomain.com
> < http://tcp.ldap.mydomain.com >
> < http://tcp.ldap.mydomain.com > __':
> javax.naming.__ NameNotFoundException:
> DNS name not found [response code 3]; remaining name
> '_ldap._ tcp.ldap.mydomain.com < http://tcp.ldap.mydomain.com >
> < http://tcp.ldap.mydomain.com > __'
> 
> And yes I replayed mydomain with the correct one... :-)
> 
> 2015-01-29 14:40 GMT+01:00 Ondra Machacek < omach...@redhat.com
> 
> >> :
> 
> 
> 
> On 01/29/2015 02:18 PM, Koen Vanoppen wrote:
> 
> OK... Now I have this one :-)
> WARN
> [org.ovirt.engineextensions.__ __aaa.ldap.AuthnExtension]
> (MSC service
> thread 1-2)
> [ovirt-engine-extension-aaa-__ __ldap.authn::BRU_AIR-authn]
> Cannot initialize LDAP framework, deferring
> initialization. Error:
> Invalid DNS pseudo-URL(s):
> 
> 
> uncomment vars.dns
> 
> 
> Changed the properties file to this:
> 
> include = 
> 
> #
> # Active directory domain name.
> #
> vars.domain = ldap.mydomain.com
> < http://ldap.mydomain.com > < http://ldap.mydomain.com >
> < http://ldap.mydomain.com > (this one
> resolves to and gives ping back, front end of the pool)
> 
> #
> # Search user and its password.
> #
> vars.user = juniper-ad...@mydomain.com
> 
>  >
>  __ mydom a__in.com < http://mydomain.com >
>  >>
> vars.password = *
> 
> #
> # Optional DNS servers, if enterprise
> # DNS server cannot resolve the domain srvrecord.
> #
> #vars.dns = dns://srvdc03.my.domain
> dns://srvdc04.my.domain (these
> resolve and give a ping back)
> 
> pool.default.serverset.type = srvrecord
> #pool.default.serverset. single.server =
> ${global:vars.server}
> pool.default.serverset. srvrecord.domain =
> ${global:vars.dom

Re: [ovirt-users] oVirt 3.5.1 user permissions

2015-01-29 Thread Oved Ourfali 

On Jan 29, 2015 7:00 PM, Gianluca Cecchi  wrote:
>
>
> Il 29/gen/2015 15:13 "Yaniv Dary"  ha scritto:
> >
> > WebAdmin is for admin and has permissions to see anything in the system.
> > For power users please use the power user portal
>
> Power user portal doesn't exist any more or did I miss anything?
We have the webadmin and the user portal. If you have permissions like power user role, then when you login to the user portal you have access to a different view which is the power user portal. 
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] oVirt 3.5.1 user permissions

2015-01-29 Thread Gianluca Cecchi 
Il 29/gen/2015 15:13 "Yaniv Dary"  ha scritto:
>
> WebAdmin is for admin and has permissions to see anything in the system.
> For power users please use the power user portal

Power user portal doesn't exist any more or did I miss anything?
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] oVirt 3.5.1 user permissions

2015-01-29 Thread Donny Davis 
Setting that login permission at the system level is why they can see 
everything even if they can't control it. Copy the user permission role and 
remove all the permissions except login to system (the last box under login) 
create instance, and attach to storage domains. 

Then add it to the datacenter permission set 

On Jan 29, 2015 2:02 AM, Ondra Machacek  wrote:
>
> If you add for example 'UserRole' on VM, then your user should login to 
> UserPortal without any problem and see his VM.
>
> On 01/29/2015 09:58 AM, Nikolai Bochev wrote:
> > Ok, but if i don't add "System" permissions to a user with "UserRole"
> > they cannot login at all ?
> >
> > On Thu, Jan 29, 2015 at 10:56 AM, Ondra Machacek  > > wrote:
> >
> >
> >
> > On 01/29/2015 09:35 AM, Nikolai Bochev wrote:
> >
> > Hello,
> >
> > I've been running ovirt hosted engine for around a month already
> > without
> > any major interruptions. Last week i tied it to freeipa, to be
> > able to
> > give permissions to other people, but so far no success because
> > of the
> > following problem :
> >
> > All users can see all VM's. I tried clearing all permission
> > entries (
> > leaving the admin only ) and the re-adding and it didn't help at
> > all.
> >
> > I am attaching a few screenshots to better describe :
> >
> >
> >
> > The problem is that you are assigning system permissions.
> > If you assign system permissions you have permission to whole system.
> >
> > If you want to assign a permission to user on a specific vm(or object),
> > you have to select the object, then click 'permissions' subtab, then
> > click 'add', then find your user and choose the role for him.
> >
> >
> >
> >
> > ​
> > Most of the vm's have no permissions attached to them, but they are
> > still visible to everyone that logs from the userpanel
> > What am i doing wrong ?
> >
> > Regards,
> >
> >
> > _
> > Users mailing list
> > Users@ovirt.org 
> > http://lists.ovirt.org/__mailman/listinfo/users
> > 
> >
> >
> ___
> Users mailing list
> Users@ovirt.org
> http://lists.ovirt.org/mailman/listinfo/users
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] oVirt 3.5.1 user permissions

2015-01-29 Thread Donny Davis 
You are assigning permissions at too high of a level.

Set the following permissions for users to be able to only see what they create 

Add a new set of permissions in the config menu


Login to system
Create instance
Attach to storage domains

Then assign that permission at the datacenter level, or even better the cluster 
level

And add permissions as needed

I will get you some screen shots when I get home



On Jan 29, 2015 7:13 AM, Yaniv Dary  wrote:
>
> WebAdmin is for admin and has permissions to see anything in the system.
> For power users please use the power user portal.
>
> On 01/29/2015 10:35 AM, Nikolai Bochev wrote:
> > Hello,
> >
> > I've been running ovirt hosted engine for around a month already 
> > without any major interruptions. Last week i tied it to freeipa, to be 
> > able to give permissions to other people, but so far no success 
> > because of the following problem :
> >
> > All users can see all VM's. I tried clearing all permission entries ( 
> > leaving the admin only ) and the re-adding and it didn't help at all.
> >
> > I am attaching a few screenshots to better describe :
> >
> >
> >
> >
> >
> > ​
> > Most of the vm's have no permissions attached to them, but they are 
> > still visible to everyone that logs from the userpanel
> > What am i doing wrong ?
> >
> > Regards,
> >
> >
> > ___
> > Users mailing list
> > Users@ovirt.org
> > http://lists.ovirt.org/mailman/listinfo/users
>
> -- 
> Yaniv Dary
> Red Hat Israel Ltd.
> 34 Jerusalem Road
> Building A, 4th floor
> Ra'anana, Israel 4350109
>
> Tel : +972 (9) 7692306
> 8272306
> Email: yd...@redhat.com
> IRC : ydary
>
> ___
> Users mailing list
> Users@ovirt.org
> http://lists.ovirt.org/mailman/listinfo/users
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] AAA

2015-01-29 Thread Alon Bar-Lev 


- Original Message -
> From: "Koen Vanoppen" 
> To: "Ondra Machacek" , users@ovirt.org
> Sent: Thursday, January 29, 2015 3:46:09 PM
> Subject: Re: [ovirt-users] AAA
> 
> I saw that when I pressed the send button. If I do that i again get the
> following:
> 
> 2015-01-29 14:28:35,891 WARN
> [org.ovirt.engineextensions.aaa.ldap.AuthzExtension] (MSC service thread
> 1-1) [ovirt-engine-extension-aaa-ldap.authz::BRU_AIR-authz] Cannot
> initialize LDAP framework, deferring initialization. Error: An error
> occurred while attempting to query DNS in order to retrieve SRV records with
> name '_ldap._ tcp.ldap.mydomain.com ': javax.naming.NameNotFoundException:
> DNS name not found [response code 3]; remaining name '_ldap._
> tcp.ldap.mydomain.com '
> 2015-01-29 14:28:35,924 WARN
> [org.ovirt.engineextensions.aaa.ldap.AuthnExtension] (MSC service thread
> 1-1) [ovirt-engine-extension-aaa-ldap.authn::BRU_AIR-authn] Cannot
> initialize LDAP framework, deferring initialization. Error: An error
> occurred while attempting to query DNS in order to retrieve SRV records with
> name '_ldap._ tcp.ldap.mydomain.com ': javax.naming.NameNotFoundException:
> DNS name not found [response code 3]; remaining name '_ldap._
> tcp.ldap.mydomain.com '
> 
> And yes I replayed mydomain with the correct one... :-)

Hi Koen,

I keep asking you... please provide the following so we can help:

1. your real domain name that you are using, I guess mydomain.com is not the 
correct one and also ldap.mydomain.com is not the active directory domain name, 
please determine what is the active directory domain name, you can do this via 
the domains and site manager.

2. the command and full output of dig using:

$ dig @srvdc03. SRV _ldap._tcp.
$ dig @srvdc03. SRV _gc._tcp.

these srv records MUST exist within active directory DNS, otherwise the active 
directory itself will not work, your task is to find what  is in your 
environment and what server runs valid DNS.

3. open the dns manager within active directory, expand the _tcp branch, and 
attach screen shoot of what you see.

Thanks,
Alon.

> 
> 2015-01-29 14:40 GMT+01:00 Ondra Machacek < omach...@redhat.com > :
> 
> 
> 
> 
> On 01/29/2015 02:18 PM, Koen Vanoppen wrote:
> 
> 
> OK... Now I have this one :-)
> WARN [org.ovirt.engineextensions. aaa.ldap.AuthnExtension] (MSC service
> thread 1-2) [ovirt-engine-extension-aaa- ldap.authn::BRU_AIR-authn]
> Cannot initialize LDAP framework, deferring initialization. Error:
> Invalid DNS pseudo-URL(s):
> 
> uncomment vars.dns
> 
> 
> 
> 
> Changed the properties file to this:
> 
> include = 
> 
> #
> # Active directory domain name.
> #
> vars.domain = ldap.mydomain.com < http://ldap.mydomain.com > (this one
> resolves to and gives ping back, front end of the pool)
> 
> #
> # Search user and its password.
> #
> vars.user = juniper-ad...@mydomain.com 
> vars.password = *
> 
> #
> # Optional DNS servers, if enterprise
> # DNS server cannot resolve the domain srvrecord.
> #
> #vars.dns = dns://srvdc03.my.domain dns://srvdc04.my.domain (these
> resolve and give a ping back)
> 
> pool.default.serverset.type = srvrecord
> #pool.default.serverset. single.server = ${global:vars.server}
> pool.default.serverset. srvrecord.domain = ${global:vars.domain}
> pool.default.auth.simple. bindDN = ${global:vars.user}
> pool.default.auth.simple. password = ${global:vars.password}
> 
> # Uncomment if using custom DNS
> pool.default.serverset. srvrecord.jndi-properties. java.naming.provider.url =
> ${global:vars.dns}
> pool.default.socketfactory. resolver.uRL = ${global:vars.dns}
> 
> 
> Thanks for your effort!
> 
> 
> 2015-01-29 13:50 GMT+01:00 Alon Bar-Lev < alo...@redhat.com
> >:
> 
> 
> 
> - Original Message -
> > From: "Koen Vanoppen" < vanoppen.k...@gmail.com  > vanoppen.koen@gmail. com >>
> > To: "Alon Bar-Lev" < alo...@redhat.com >
> > Cc:users@ovirt.org 
> > Sent: Thursday, January 29, 2015 2:41:52 PM
> > Subject: Re: [ovirt-users] AAA
> > 
> > Yes We have:
> > 
> > [root@ovirtmgmt01prod ~]# dig @ srvdc03.mydomain.com <
> > http://srvdc03.mydomain.com > SRV _gc._
> > tcp.mydomain.com < http://tcp.mydomain.com >
> > 
> > ; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.23. rc1.el6_5.1 <<>> @
> > srvdc03.mydomain.com < http://srvdc03.mydomain.com >
> > SRV _gc._ tcp.mydomain.com < http://tcp.mydomain.com >
> > ; (1 server found)
> > ;; global options: +cmd
> > ;; Got answer:
> > ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 33340
> > ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
> > 
> > ;; QUESTION SECTION:
> > ;_gc._ tcp.mydomain.com < http://tcp.mydomain.com >. IN SRV
> 
> this ^^^ means that you do not have srv record. are you sure you
> replace mydomain.com < http://mydomain.com > with your actual active
> directory domain name?
> have you tried to look into your dns manager for this information as
> well?
> 
> > 
> > ;; AUTHORITY SECTION:
> > mydomain.com < http://mydomain.com >. 3600 IN SOA
> srvdc03.mydomain.com < h

[ovirt-users] dwh not receiving any data

2015-01-29 Thread David van zeebroeck 
hi
we are running ovirt 3.5.1 and we are trying to setup the dwh part
install and setup appears to run fine but when starting the service we see
following error in the log file :

2015-01-29 16:06:26|ETL Service Started
Exception in component tJDBCOutput_5
org.postgresql.util.PSQLException: ERROR: insert or update on table
"vm_samples_history" violates foreign key constraint
"vm_samples_history_current_user_id_fkey"
  Detail: Key (current_user_id)=(ab932902-cead-4435-a2b6-8b88576feab6) is
not present in table "users_details_history".
at
org.postgresql.core.v3.QueryExecutorImpl.receiveErrorResponse(QueryExecutorImpl.java:2062)
at
org.postgresql.core.v3.QueryExecutorImpl.processResults(QueryExecutorImpl.java:1795)
at
org.postgresql.core.v3.QueryExecutorImpl.execute(QueryExecutorImpl.java:257)
at
org.postgresql.jdbc2.AbstractJdbc2Statement.execute(AbstractJdbc2Statement.java:479)
at
org.postgresql.jdbc2.AbstractJdbc2Statement.executeWithFlags(AbstractJdbc2Statement.java:367)
at
org.postgresql.jdbc2.AbstractJdbc2Statement.executeUpdate(AbstractJdbc2Statement.java:321)
at
ovirt_engine_dwh.statisticssync_3_5.StatisticsSync.tJDBCInput_10Process(StatisticsSync.java:10482)
at
ovirt_engine_dwh.statisticssync_3_5.StatisticsSync$6.run(StatisticsSync.java:17437)
Exception in component tJDBCOutput_6
org.postgresql.util.PSQLException: ERROR: current transaction is aborted,
commands ignored until end of transaction block
at
org.postgresql.core.v3.QueryExecutorImpl.receiveErrorResponse(QueryExecutorImpl.java:2062)
at
org.postgresql.core.v3.QueryExecutorImpl.processResults(QueryExecutorImpl.java:1795)
at
org.postgresql.core.v3.QueryExecutorImpl.execute(QueryExecutorImpl.java:257)
at
org.postgresql.jdbc2.AbstractJdbc2Statement.execute(AbstractJdbc2Statement.java:479)
at
org.postgresql.jdbc2.AbstractJdbc2Statement.executeWithFlags(AbstractJdbc2Statement.java:367)
at
org.postgresql.jdbc2.AbstractJdbc2Statement.executeUpdate(AbstractJdbc2Statement.java:321)
at
ovirt_engine_dwh.statisticssync_3_5.StatisticsSync.tJDBCInput_12Process(StatisticsSync.java:12689)
at
ovirt_engine_dwh.statisticssync_3_5.StatisticsSync$7.run(StatisticsSync.java:17483)
Exception in component tJDBCOutput_7
org.postgresql.util.PSQLException: ERROR: current transaction is aborted,
commands ignored until end of transaction block
at
org.postgresql.core.v3.QueryExecutorImpl.receiveErrorResponse(QueryExecutorImpl.java:2062)
at
org.postgresql.core.v3.QueryExecutorImpl.processResults(QueryExecutorImpl.java:1795)
at
org.postgresql.core.v3.QueryExecutorImpl.execute(QueryExecutorImpl.java:257)
at
org.postgresql.jdbc2.AbstractJdbc2Statement.execute(AbstractJdbc2Statement.java:479)
at
org.postgresql.jdbc2.AbstractJdbc2Statement.executeWithFlags(AbstractJdbc2Statement.java:367)
at
org.postgresql.jdbc2.AbstractJdbc2Statement.executeUpdate(AbstractJdbc2Statement.java:321)
at
ovirt_engine_dwh.statisticssync_3_5.StatisticsSync.tJDBCInput_18Process(StatisticsSync.java:14806)
at
ovirt_engine_dwh.statisticssync_3_5.StatisticsSync$8.run(StatisticsSync.java:17529)
Exception in component tJDBCOutput_4
org.postgresql.util.PSQLException: ERROR: current transaction is aborted,
commands ignored until end of transaction block
at
org.postgresql.core.v3.QueryExecutorImpl.receiveErrorResponse(QueryExecutorImpl.java:2062)
at
org.postgresql.core.v3.QueryExecutorImpl.processResults(QueryExecutorImpl.java:1795)
at
org.postgresql.core.v3.QueryExecutorImpl.execute(QueryExecutorImpl.java:257)
at
org.postgresql.jdbc2.AbstractJdbc2Statement.execute(AbstractJdbc2Statement.java:479)
at
org.postgresql.jdbc2.AbstractJdbc2Statement.executeWithFlags(AbstractJdbc2Statement.java:367)
at
org.postgresql.jdbc2.AbstractJdbc2Statement.executeUpdate(AbstractJdbc2Statement.java:321)
at
ovirt_engine_dwh.statisticssync_3_5.StatisticsSync.tJDBCInput_8Process(StatisticsSync.java:7788)
at
ovirt_engine_dwh.statisticssync_3_5.StatisticsSync$5.run(StatisticsSync.java:17391)
2015-01-29
16:07:04|kGEf8p|YhA1NE|VVdF7H|OVIRT_ENGINE_DWH|StatisticsSync|Default|6|Java
Exception|tJDBCOutput_7|org.postgresql.util.PSQLException:ERROR: current
transaction is aborted, commands ignored until end of transaction block|1
2015-01-29
16:07:04|kGEf8p|YhA1NE|VVdF7H|OVIRT_ENGINE_DWH|StatisticsSync|Default|6|Java
Exception|tJDBCOutput_5|org.postgresql.util.PSQLException:ERROR: insert or
update on table "vm_samples_history" violates foreign key constraint
"vm_samples_history_current_user_id_fkey"
  Detail: Key (current_user_id)=(ab932902-cead-4435-a2b6-8b88576feab6) is
not present in table "users_details_history".|1
2015-01-29
16:07:04|kGEf8p|YhA1NE|VVdF7H|OVIRT_ENGINE_DWH|StatisticsSync|Default|6|Java
Exception|tJDBCOutput_6|org.postgresql.util.PSQLException:ERROR: current
transaction is a

Re: [ovirt-users] oVirt 3.5.1 user permissions

2015-01-29 Thread Yaniv Dary 

WebAdmin is for admin and has permissions to see anything in the system.
For power users please use the power user portal.


On 01/29/2015 10:35 AM, Nikolai Bochev wrote:

Hello,

I've been running ovirt hosted engine for around a month already 
without any major interruptions. Last week i tied it to freeipa, to be 
able to give permissions to other people, but so far no success 
because of the following problem :


All users can see all VM's. I tried clearing all permission entries ( 
leaving the admin only ) and the re-adding and it didn't help at all.


I am attaching a few screenshots to better describe :





​
Most of the vm's have no permissions attached to them, but they are 
still visible to everyone that logs from the userpanel

What am i doing wrong ?

Regards,


___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users


--
Yaniv Dary
Red Hat Israel Ltd.
34 Jerusalem Road
Building A, 4th floor
Ra'anana, Israel 4350109

Tel : +972 (9) 7692306
8272306
Email: yd...@redhat.com
IRC : ydary

___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] AAA

2015-01-29 Thread Koen Vanoppen 
FOUND IT!!

include = 

#
# Active directory domain name.
#
#vars.domain = ldap.mydomain.com
vars.server = ldap.mydomain.com

#
# Search user and its password.
#
vars.user = juniper-ad...@mydomain.com
vars.password = **

#
# Optional DNS servers, if enterprise
# DNS server cannot resolve the domain srvrecord.
#
vars.dns = dns://srvdc03.mydomain.com dns://srvdc04.mydomain.com

#pool.default.serverset.type = srvrecord
pool.default.serverset.single.server = ${global:vars.server}
pool.default.serverset.srvrecord.domain = ${global:vars.domain}
pool.default.auth.simple.bindDN = ${global:vars.user}
pool.default.auth.simple.password = ${global:vars.password}

# Uncomment if using custom DNS
pool.default.serverset.srvrecord.jndi-properties.java.naming.provider.url =
${global:vars.dns}
pool.default.socketfactory.resolver.uRL = ${global:vars.dns



BIG THANKS MAN!

2015-01-29 15:00 GMT+01:00 Ondra Machacek :

>
>
> On 01/29/2015 02:54 PM, Koen Vanoppen wrote:
>
>> I just don't understand. Why did engine-manage-domains previously DID
>> work, no problems what so ever and now I have this...
>>
>
> Because manage-domains didn't use global catalog. And probabaly the reason
> you don't have _ldap SRV record is that you didn't have them never and you
> just used '--ldapServers' parameter, that's why manage-domains worked with
> your domain.
>
> Now you are using DNS, not static configuration of ldap servers.
>
>
>> 2015-01-29 14:48 GMT+01:00 Ondra Machacek > >:
>>
>> It's same situation as before, but now you are missing ldap SRV
>> record.
>>
>> With same steps you used to add _gc SRV record add also _ldap SRV
>> record. But it's strange that you don't already have them.
>>
>> On 01/29/2015 02:46 PM, Koen Vanoppen wrote:
>>
>> I saw that when I pressed the send button. If I do that i again
>> get the
>> following:
>>
>> 2015-01-29 14:28:35,891 WARN
>> [org.ovirt.engineextensions.__aaa.ldap.AuthzExtension] (MSC
>> service thread
>> 1-1) [ovirt-engine-extension-aaa-__ldap.authz::BRU_AIR-authz]
>> Cannot
>> initialize LDAP framework, deferring initialization. Error: An
>> error
>> occurred while attempting to query DNS in order to retrieve SRV
>> records
>> with name '_ldap._tcp.ldap.mydomain.com
>> 
>> __':
>> javax.naming.__NameNotFoundException:
>> DNS name not found [response code 3]; remaining name
>> '_ldap._tcp.ldap.mydomain.com 
>> __'
>> 2015-01-29 14:28:35,924 WARN
>> [org.ovirt.engineextensions.__aaa.ldap.AuthnExtension] (MSC
>> service thread
>> 1-1) [ovirt-engine-extension-aaa-__ldap.authn::BRU_AIR-authn]
>> Cannot
>> initialize LDAP framework, deferring initialization. Error: An
>> error
>> occurred while attempting to query DNS in order to retrieve SRV
>> records
>> with name '_ldap._tcp.ldap.mydomain.com
>> 
>> __':
>> javax.naming.__NameNotFoundException:
>> DNS name not found [response code 3]; remaining name
>> '_ldap._tcp.ldap.mydomain.com 
>> __'
>>
>> And yes I replayed mydomain with the correct one... :-)
>>
>> 2015-01-29 14:40 GMT+01:00 Ondra Machacek > 
>> >>:
>>
>>
>>
>>  On 01/29/2015 02:18 PM, Koen Vanoppen wrote:
>>
>>  OK... Now I have this one :-)
>>  WARN
>> [org.ovirt.engineextensions.aaa.ldap.AuthnExtension]
>>  (MSC service
>>  thread 1-2)
>> [ovirt-engine-extension-aaa-ldap.authn::BRU_AIR-authn]
>>  Cannot initialize LDAP framework, deferring
>> initialization. Error:
>>  Invalid DNS pseudo-URL(s):
>>
>>
>>  uncomment vars.dns
>>
>>
>>  Changed the properties file to this:
>>
>>  include = 
>>
>>  #
>>  # Active directory domain name.
>>  #
>>  vars.domain = ldap.mydomain.com
>>  
>>   (this one
>>  resolves to and gives ping back, front end of the pool)
>>
>>  #
>>  # Search user and its password.
>>  #
>>  vars.user = juniper-ad...@mydomain.com
>> 
>>  > >
>>

Re: [ovirt-users] AAA

2015-01-29 Thread Ondra Machacek 



On 01/29/2015 02:54 PM, Koen Vanoppen wrote:

I just don't understand. Why did engine-manage-domains previously DID
work, no problems what so ever and now I have this...


Because manage-domains didn't use global catalog. And probabaly the 
reason you don't have _ldap SRV record is that you didn't have them 
never and you just used '--ldapServers' parameter, that's why 
manage-domains worked with your domain.


Now you are using DNS, not static configuration of ldap servers.



2015-01-29 14:48 GMT+01:00 Ondra Machacek mailto:omach...@redhat.com>>:

It's same situation as before, but now you are missing ldap SRV record.

With same steps you used to add _gc SRV record add also _ldap SRV
record. But it's strange that you don't already have them.

On 01/29/2015 02:46 PM, Koen Vanoppen wrote:

I saw that when I pressed the send button. If I do that i again
get the
following:

2015-01-29 14:28:35,891 WARN
[org.ovirt.engineextensions.__aaa.ldap.AuthzExtension] (MSC
service thread
1-1) [ovirt-engine-extension-aaa-__ldap.authz::BRU_AIR-authz] Cannot
initialize LDAP framework, deferring initialization. Error: An error
occurred while attempting to query DNS in order to retrieve SRV
records
with name '_ldap._tcp.ldap.mydomain.com

__':
javax.naming.__NameNotFoundException:
DNS name not found [response code 3]; remaining name
'_ldap._tcp.ldap.mydomain.com 
__'
2015-01-29 14:28:35,924 WARN
[org.ovirt.engineextensions.__aaa.ldap.AuthnExtension] (MSC
service thread
1-1) [ovirt-engine-extension-aaa-__ldap.authn::BRU_AIR-authn] Cannot
initialize LDAP framework, deferring initialization. Error: An error
occurred while attempting to query DNS in order to retrieve SRV
records
with name '_ldap._tcp.ldap.mydomain.com

__':
javax.naming.__NameNotFoundException:
DNS name not found [response code 3]; remaining name
'_ldap._tcp.ldap.mydomain.com 
__'

And yes I replayed mydomain with the correct one... :-)

2015-01-29 14:40 GMT+01:00 Ondra Machacek mailto:omach...@redhat.com>
>>:



 On 01/29/2015 02:18 PM, Koen Vanoppen wrote:

 OK... Now I have this one :-)
 WARN
[org.ovirt.engineextensions.aaa.ldap.AuthnExtension]
 (MSC service
 thread 1-2)
[ovirt-engine-extension-aaa-ldap.authn::BRU_AIR-authn]
 Cannot initialize LDAP framework, deferring
initialization. Error:
 Invalid DNS pseudo-URL(s):


 uncomment vars.dns


 Changed the properties file to this:

 include = 

 #
 # Active directory domain name.
 #
 vars.domain = ldap.mydomain.com
 
  (this one
 resolves to and gives ping back, front end of the pool)

 #
 # Search user and its password.
 #
 vars.user = juniper-ad...@mydomain.com

 >
 __mydoma__in.com 
 >>
 vars.password = *

 #
 # Optional DNS servers, if enterprise
 # DNS server cannot resolve the domain srvrecord.
 #
 #vars.dns = dns://srvdc03.my.domain
dns://srvdc04.my.domain (these
 resolve and give a ping back)

 pool.default.serverset.type = srvrecord
 #pool.default.serverset.single.server =
${global:vars.server}
 pool.default.serverset.srvrecord.domain =
${global:vars.domain}
 pool.default.auth.simple.bindDN = ${global:vars.user}
 pool.default.auth.simple.password =
${global:vars.password}

 # Uncomment if using custom DNS


pool.default.serverset.srvrecord.jndi-properties.java.naming.provider.url
 =
 ${global:vars.dns}
 pool.default.socketfactory.resolver.uRL =
${global:v

Re: [ovirt-users] AAA

2015-01-29 Thread Koen Vanoppen 
I just don't understand. Why did engine-manage-domains previously DID work,
no problems what so ever and now I have this...

2015-01-29 14:48 GMT+01:00 Ondra Machacek :

> It's same situation as before, but now you are missing ldap SRV record.
>
> With same steps you used to add _gc SRV record add also _ldap SRV record.
> But it's strange that you don't already have them.
>
> On 01/29/2015 02:46 PM, Koen Vanoppen wrote:
>
>> I saw that when I pressed the send button. If I do that i again get the
>> following:
>>
>> 2015-01-29 14:28:35,891 WARN
>> [org.ovirt.engineextensions.aaa.ldap.AuthzExtension] (MSC service thread
>> 1-1) [ovirt-engine-extension-aaa-ldap.authz::BRU_AIR-authz] Cannot
>> initialize LDAP framework, deferring initialization. Error: An error
>> occurred while attempting to query DNS in order to retrieve SRV records
>> with name '_ldap._tcp.ldap.mydomain.com
>> ':  javax.naming.NameNotFoundException:
>> DNS name not found [response code 3]; remaining name
>> '_ldap._tcp.ldap.mydomain.com '
>> 2015-01-29 14:28:35,924 WARN
>> [org.ovirt.engineextensions.aaa.ldap.AuthnExtension] (MSC service thread
>> 1-1) [ovirt-engine-extension-aaa-ldap.authn::BRU_AIR-authn] Cannot
>> initialize LDAP framework, deferring initialization. Error: An error
>> occurred while attempting to query DNS in order to retrieve SRV records
>> with name '_ldap._tcp.ldap.mydomain.com
>> ':  javax.naming.NameNotFoundException:
>> DNS name not found [response code 3]; remaining name
>> '_ldap._tcp.ldap.mydomain.com '
>>
>> And yes I replayed mydomain with the correct one... :-)
>>
>> 2015-01-29 14:40 GMT+01:00 Ondra Machacek > >:
>>
>>
>>
>> On 01/29/2015 02:18 PM, Koen Vanoppen wrote:
>>
>> OK... Now I have this one :-)
>> WARN  [org.ovirt.engineextensions.__aaa.ldap.AuthnExtension]
>> (MSC service
>> thread 1-2) [ovirt-engine-extension-aaa-__
>> ldap.authn::BRU_AIR-authn]
>> Cannot initialize LDAP framework, deferring initialization. Error:
>> Invalid DNS pseudo-URL(s):
>>
>>
>> uncomment vars.dns
>>
>>
>> Changed the properties file to this:
>>
>> include = 
>>
>> #
>> # Active directory domain name.
>> #
>> vars.domain = ldap.mydomain.com 
>>  (this one
>> resolves to and gives ping back, front end of the pool)
>>
>> #
>> # Search user and its password.
>> #
>> vars.user = juniper-ad...@mydomain.com
>> 
>> > >
>> vars.password = *
>>
>> #
>> # Optional DNS servers, if enterprise
>> # DNS server cannot resolve the domain srvrecord.
>> #
>> #vars.dns = dns://srvdc03.my.domain dns://srvdc04.my.domain (these
>> resolve and give a ping back)
>>
>> pool.default.serverset.type = srvrecord
>> #pool.default.serverset.__single.server = ${global:vars.server}
>> pool.default.serverset.__srvrecord.domain = ${global:vars.domain}
>> pool.default.auth.simple.__bindDN = ${global:vars.user}
>> pool.default.auth.simple.__password = ${global:vars.password}
>>
>> # Uncomment if using custom DNS
>> pool.default.serverset.__srvrecord.jndi-properties.__
>> java.naming.provider.url
>> =
>> ${global:vars.dns}
>> pool.default.socketfactory.__resolver.uRL = ${global:vars.dns}
>>
>>
>> Thanks for your effort!
>>
>>
>> 2015-01-29 13:50 GMT+01:00 Alon Bar-Lev > 
>> >>:
>>
>>
>>
>>  - Original Message -
>>  > From: "Koen Vanoppen" > 
>> > >>>
>>  > To: "Alon Bar-Lev" >  > >>
>>  > Cc:users@ovirt.org 
>> >
>>  > Sent: Thursday, January 29, 2015 2:41:52 PM
>>  > Subject: Re: [ovirt-users] AAA
>>  >
>>  > Yes We have:
>>  >
>>  > [root@ovirtmgmt01prod ~]# dig @srvdc03.mydomain.com
>>   SRV
>> _gc._
>>  >tcp.mydomain.com 
>> 
>>  >
>>  > ; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.23.__rc1.el6_5.1 <<>>
>> @srvdc03.mydomain.com 
>>

Re: [ovirt-users] AAA

2015-01-29 Thread Ondra Machacek 

It's same situation as before, but now you are missing ldap SRV record.

With same steps you used to add _gc SRV record add also _ldap SRV 
record. But it's strange that you don't already have them.


On 01/29/2015 02:46 PM, Koen Vanoppen wrote:

I saw that when I pressed the send button. If I do that i again get the
following:

2015-01-29 14:28:35,891 WARN
[org.ovirt.engineextensions.aaa.ldap.AuthzExtension] (MSC service thread
1-1) [ovirt-engine-extension-aaa-ldap.authz::BRU_AIR-authz] Cannot
initialize LDAP framework, deferring initialization. Error: An error
occurred while attempting to query DNS in order to retrieve SRV records
with name '_ldap._tcp.ldap.mydomain.com
':  javax.naming.NameNotFoundException:
DNS name not found [response code 3]; remaining name
'_ldap._tcp.ldap.mydomain.com '
2015-01-29 14:28:35,924 WARN
[org.ovirt.engineextensions.aaa.ldap.AuthnExtension] (MSC service thread
1-1) [ovirt-engine-extension-aaa-ldap.authn::BRU_AIR-authn] Cannot
initialize LDAP framework, deferring initialization. Error: An error
occurred while attempting to query DNS in order to retrieve SRV records
with name '_ldap._tcp.ldap.mydomain.com
':  javax.naming.NameNotFoundException:
DNS name not found [response code 3]; remaining name
'_ldap._tcp.ldap.mydomain.com '

And yes I replayed mydomain with the correct one... :-)

2015-01-29 14:40 GMT+01:00 Ondra Machacek mailto:omach...@redhat.com>>:



On 01/29/2015 02:18 PM, Koen Vanoppen wrote:

OK... Now I have this one :-)
WARN  [org.ovirt.engineextensions.__aaa.ldap.AuthnExtension]
(MSC service
thread 1-2) [ovirt-engine-extension-aaa-__ldap.authn::BRU_AIR-authn]
Cannot initialize LDAP framework, deferring initialization. Error:
Invalid DNS pseudo-URL(s):


uncomment vars.dns


Changed the properties file to this:

include = 

#
# Active directory domain name.
#
vars.domain = ldap.mydomain.com 
 (this one
resolves to and gives ping back, front end of the pool)

#
# Search user and its password.
#
vars.user = juniper-ad...@mydomain.com

>
vars.password = *

#
# Optional DNS servers, if enterprise
# DNS server cannot resolve the domain srvrecord.
#
#vars.dns = dns://srvdc03.my.domain dns://srvdc04.my.domain (these
resolve and give a ping back)

pool.default.serverset.type = srvrecord
#pool.default.serverset.__single.server = ${global:vars.server}
pool.default.serverset.__srvrecord.domain = ${global:vars.domain}
pool.default.auth.simple.__bindDN = ${global:vars.user}
pool.default.auth.simple.__password = ${global:vars.password}

# Uncomment if using custom DNS

pool.default.serverset.__srvrecord.jndi-properties.__java.naming.provider.url
=
${global:vars.dns}
pool.default.socketfactory.__resolver.uRL = ${global:vars.dns}


Thanks for your effort!


2015-01-29 13:50 GMT+01:00 Alon Bar-Lev mailto:alo...@redhat.com>
>>:



 - Original Message -
 > From: "Koen Vanoppen" mailto:vanoppen.k...@gmail.com>
>>
 > To: "Alon Bar-Lev" mailto:alo...@redhat.com> >>
 > Cc:users@ovirt.org 
>
 > Sent: Thursday, January 29, 2015 2:41:52 PM
 > Subject: Re: [ovirt-users] AAA
 >
 > Yes We have:
 >
 > [root@ovirtmgmt01prod ~]# dig @srvdc03.mydomain.com
  SRV
_gc._
 >tcp.mydomain.com 

 >
 > ; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.23.__rc1.el6_5.1 <<>>
@srvdc03.mydomain.com 

 > SRV _gc._tcp.mydomain.com 

 > ; (1 server found)
 > ;; global options: +cmd
 > ;; Got answer:
 > ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 33340
 > ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1,
ADDITIONAL: 0
 >
 > ;; QUESTION SECTION:
 > ;_gc._tcp.mydomain.com

Re: [ovirt-users] AAA

2015-01-29 Thread Koen Vanoppen 
I saw that when I pressed the send button. If I do that i again get the
following:

2015-01-29 14:28:35,891 WARN
[org.ovirt.engineextensions.aaa.ldap.AuthzExtension] (MSC service thread
1-1) [ovirt-engine-extension-aaa-ldap.authz::BRU_AIR-authz] Cannot
initialize LDAP framework, deferring initialization. Error: An error
occurred while attempting to query DNS in order to retrieve SRV records
with name '_ldap._tcp.ldap.mydomain.com':
javax.naming.NameNotFoundException: DNS name not found [response code 3];
remaining name '_ldap._tcp.ldap.mydomain.com'
2015-01-29 14:28:35,924 WARN
[org.ovirt.engineextensions.aaa.ldap.AuthnExtension] (MSC service thread
1-1) [ovirt-engine-extension-aaa-ldap.authn::BRU_AIR-authn] Cannot
initialize LDAP framework, deferring initialization. Error: An error
occurred while attempting to query DNS in order to retrieve SRV records
with name '_ldap._tcp.ldap.mydomain.com':
javax.naming.NameNotFoundException: DNS name not found [response code 3];
remaining name '_ldap._tcp.ldap.mydomain.com'

And yes I replayed mydomain with the correct one... :-)

2015-01-29 14:40 GMT+01:00 Ondra Machacek :

>
>
> On 01/29/2015 02:18 PM, Koen Vanoppen wrote:
>
>> OK... Now I have this one :-)
>> WARN  [org.ovirt.engineextensions.aaa.ldap.AuthnExtension] (MSC service
>> thread 1-2) [ovirt-engine-extension-aaa-ldap.authn::BRU_AIR-authn]
>> Cannot initialize LDAP framework, deferring initialization. Error:
>> Invalid DNS pseudo-URL(s):
>>
>
> uncomment vars.dns
>
>
>> Changed the properties file to this:
>>
>> include = 
>>
>> #
>> # Active directory domain name.
>> #
>> vars.domain = ldap.mydomain.com  (this one
>> resolves to and gives ping back, front end of the pool)
>>
>> #
>> # Search user and its password.
>> #
>> vars.user = juniper-ad...@mydomain.com > >
>> vars.password = *
>>
>> #
>> # Optional DNS servers, if enterprise
>> # DNS server cannot resolve the domain srvrecord.
>> #
>> #vars.dns = dns://srvdc03.my.domain dns://srvdc04.my.domain (these
>> resolve and give a ping back)
>>
>> pool.default.serverset.type = srvrecord
>> #pool.default.serverset.single.server = ${global:vars.server}
>> pool.default.serverset.srvrecord.domain = ${global:vars.domain}
>> pool.default.auth.simple.bindDN = ${global:vars.user}
>> pool.default.auth.simple.password = ${global:vars.password}
>>
>> # Uncomment if using custom DNS
>> pool.default.serverset.srvrecord.jndi-properties.java.naming.provider.url
>> =
>> ${global:vars.dns}
>> pool.default.socketfactory.resolver.uRL = ${global:vars.dns}
>>
>>
>> Thanks for your effort!
>>
>>
>> 2015-01-29 13:50 GMT+01:00 Alon Bar-Lev > >:
>>
>>
>>
>> - Original Message -
>> > From: "Koen Vanoppen" > vanoppen.k...@gmail.com>>
>> > To: "Alon Bar-Lev" mailto:alo...@redhat.com>>
>> > Cc:users@ovirt.org 
>> > Sent: Thursday, January 29, 2015 2:41:52 PM
>> > Subject: Re: [ovirt-users] AAA
>> >
>> > Yes We have:
>> >
>> > [root@ovirtmgmt01prod ~]# dig @srvdc03.mydomain.com <
>> http://srvdc03.mydomain.com> SRV  _gc._
>> >tcp.mydomain.com 
>> >
>> > ; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.23.rc1.el6_5.1 <<>> @
>> srvdc03.mydomain.com 
>> > SRV _gc._tcp.mydomain.com 
>> > ; (1 server found)
>> > ;; global options: +cmd
>> > ;; Got answer:
>> > ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 33340
>> > ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1,
>> ADDITIONAL: 0
>> >
>> > ;; QUESTION SECTION:
>> > ;_gc._tcp.mydomain.com . IN  SRV
>>
>> this ^^^ means that you do not have srv record. are you sure you
>> replace mydomain.com  with your actual active
>> directory domain name?
>> have you tried to look into your dns manager for this information as
>> well?
>>
>>  >
>>  > ;; AUTHORITY SECTION:
>>  > mydomain.com .   3600IN  SOA
>> srvdc03.mydomain.com .
>>  > hostmaster.airport. 1398582 900 600 86400 3600
>>  >
>>  > ;; Query time: 12 msec
>>  > ;; SERVER: 10.110.3.123#53(10.110.3.123)
>>  > ;; WHEN: Thu Jan 29 13:40:41 2015
>>  > ;; MSG SIZE  rcvd: 98
>>  >
>>  >
>>  >
>>  > 2015-01-29 13:33 GMT+01:00 Alon Bar-Lev > >:
>>  >
>>  > >
>>  > >
>>  > > - Original Message -
>>  > > > From: "Koen Vanoppen" > >
>>  > > > To: "Alon Bar-Lev" > >, users@ovirt.org 
>>  > > > Sent: Thursday, January 29, 2015 2:19:32 PM
>>  > > > Subject: Re: [ovirt-users] AAA
>>  > > >
>>  > > > Big thanks for your help, but still the same:
>>  > > >
>>  > > >

Re: [ovirt-users] AAA

2015-01-29 Thread Ondra Machacek 



On 01/29/2015 02:18 PM, Koen Vanoppen wrote:

OK... Now I have this one :-)
WARN  [org.ovirt.engineextensions.aaa.ldap.AuthnExtension] (MSC service
thread 1-2) [ovirt-engine-extension-aaa-ldap.authn::BRU_AIR-authn]
Cannot initialize LDAP framework, deferring initialization. Error:
Invalid DNS pseudo-URL(s):


uncomment vars.dns



Changed the properties file to this:

include = 

#
# Active directory domain name.
#
vars.domain = ldap.mydomain.com  (this one
resolves to and gives ping back, front end of the pool)

#
# Search user and its password.
#
vars.user = juniper-ad...@mydomain.com 
vars.password = *

#
# Optional DNS servers, if enterprise
# DNS server cannot resolve the domain srvrecord.
#
#vars.dns = dns://srvdc03.my.domain dns://srvdc04.my.domain (these
resolve and give a ping back)

pool.default.serverset.type = srvrecord
#pool.default.serverset.single.server = ${global:vars.server}
pool.default.serverset.srvrecord.domain = ${global:vars.domain}
pool.default.auth.simple.bindDN = ${global:vars.user}
pool.default.auth.simple.password = ${global:vars.password}

# Uncomment if using custom DNS
pool.default.serverset.srvrecord.jndi-properties.java.naming.provider.url =
${global:vars.dns}
pool.default.socketfactory.resolver.uRL = ${global:vars.dns}


Thanks for your effort!


2015-01-29 13:50 GMT+01:00 Alon Bar-Lev mailto:alo...@redhat.com>>:



- Original Message -
> From: "Koen Vanoppen" mailto:vanoppen.k...@gmail.com>>
> To: "Alon Bar-Lev" mailto:alo...@redhat.com>>
> Cc:users@ovirt.org 
> Sent: Thursday, January 29, 2015 2:41:52 PM
> Subject: Re: [ovirt-users] AAA
>
> Yes We have:
>
> [root@ovirtmgmt01prod ~]# dig @srvdc03.mydomain.com 
 SRV  _gc._
>tcp.mydomain.com 
>
> ; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.23.rc1.el6_5.1 <<>> @srvdc03.mydomain.com 

> SRV _gc._tcp.mydomain.com 
> ; (1 server found)
> ;; global options: +cmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 33340
> ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
>
> ;; QUESTION SECTION:
> ;_gc._tcp.mydomain.com . IN  SRV

this ^^^ means that you do not have srv record. are you sure you
replace mydomain.com  with your actual active
directory domain name?
have you tried to look into your dns manager for this information as
well?

 >
 > ;; AUTHORITY SECTION:
 > mydomain.com .   3600IN  SOA
srvdc03.mydomain.com .
 > hostmaster.airport. 1398582 900 600 86400 3600
 >
 > ;; Query time: 12 msec
 > ;; SERVER: 10.110.3.123#53(10.110.3.123)
 > ;; WHEN: Thu Jan 29 13:40:41 2015
 > ;; MSG SIZE  rcvd: 98
 >
 >
 >
 > 2015-01-29 13:33 GMT+01:00 Alon Bar-Lev mailto:alo...@redhat.com>>:
 >
 > >
 > >
 > > - Original Message -
 > > > From: "Koen Vanoppen" mailto:vanoppen.k...@gmail.com>>
 > > > To: "Alon Bar-Lev" mailto:alo...@redhat.com>>, users@ovirt.org 
 > > > Sent: Thursday, January 29, 2015 2:19:32 PM
 > > > Subject: Re: [ovirt-users] AAA
 > > >
 > > > Big thanks for your help, but still the same:
 > > >
 > > > #
 > > > # Active directory domain name.
 > > > #
 > > > vars.domain = mydomain.com 
 > > >
 > > > #
 > > > # Search user and its password.
 > > > #
 > > > vars.user = admin@${global:vars.domain}
 > > > vars.password = *
 > > >
 > > > #
 > > > # Optional DNS servers, if enterprise
 > > > # DNS server cannot resolve the domain srvrecord.
 > > > #
 > > > vars.dns = dns://srvdc03.${global:vars.domain}
 > > > dns://srvdc04.${global:vars.domain}
 > > >
 > > > pool.default.serverset.type = srvrecord
 > > > pool.default.serverset.srvrecord.domain = ${global:vars.domain}
 > > > pool.default.auth.simple.bindDN = ${global:vars.user}
 > > > pool.default.auth.simple.password = ${global:vars.password}
 > > >
 > > > # Uncomment if using custom DNS
 > > >
 > >
pool.default.serverset.srvrecord.jndi-properties.java.naming.provider.url
=
 > > > ${global:vars.dns}
 > > > pool.default.socketfactory.resolver.uRL = ${global:vars.dns}
 > > >
 > > >
 > > >
 > > >  [ovirt-engine-extension-aaa-ldap.authz::BRU_AIR-authz]
Cannot initialize
 > > > LDAP framework, deferring initialization. Error: No DNS SRV
records were
 > > > found with record name '_gc._tcp.brussels.airport'.
 > > >
 > > > And I can't put '_gc._tcp.mydomain.com
 in the dns... Isn't there another

Re: [ovirt-users] AAA

2015-01-29 Thread Koen Vanoppen 
Can't I use domain service? I'm getting a bit gr... :-). We already
used LDAP login for ovirt before the AAA with the engine-manage-domains.
And this worked.
[root@ovirtmgmt01prod aaa]# engine-manage-domains validateDomain my.domain
is valid.
The configured user for domain my.domain is juniper-admin@BRUSSELS.AIRPORT

Manage Domains completed successfully


2015-01-29 14:18 GMT+01:00 Koen Vanoppen :

> OK... Now I have this one :-)
> WARN  [org.ovirt.engineextensions.aaa.ldap.AuthnExtension] (MSC service
> thread 1-2) [ovirt-engine-extension-aaa-ldap.authn::BRU_AIR-authn] Cannot
> initialize LDAP framework, deferring initialization. Error: Invalid DNS
> pseudo-URL(s):
>
> Changed the properties file to this:
>
> include = 
>
> #
> # Active directory domain name.
> #
> vars.domain = ldap.mydomain.com (this one resolves to and gives ping
> back, front end of the pool)
>
> #
> # Search user and its password.
> #
> vars.user = juniper-ad...@mydomain.com
> vars.password = *
>
> #
> # Optional DNS servers, if enterprise
> # DNS server cannot resolve the domain srvrecord.
> #
> #vars.dns = dns://srvdc03.my.domain dns://srvdc04.my.domain (these resolve
> and give a ping back)
>
> pool.default.serverset.type = srvrecord
> #pool.default.serverset.single.server = ${global:vars.server}
> pool.default.serverset.srvrecord.domain = ${global:vars.domain}
> pool.default.auth.simple.bindDN = ${global:vars.user}
> pool.default.auth.simple.password = ${global:vars.password}
>
> # Uncomment if using custom DNS
> pool.default.serverset.srvrecord.jndi-properties.java.naming.provider.url
> = ${global:vars.dns}
> pool.default.socketfactory.resolver.uRL = ${global:vars.dns}
>
>
> Thanks for your effort!
>
>
> 2015-01-29 13:50 GMT+01:00 Alon Bar-Lev :
>
>>
>>
>> - Original Message -
>> > From: "Koen Vanoppen" 
>> > To: "Alon Bar-Lev" 
>> > Cc: users@ovirt.org
>> > Sent: Thursday, January 29, 2015 2:41:52 PM
>> > Subject: Re: [ovirt-users] AAA
>> >
>> > Yes We have:
>> >
>> > [root@ovirtmgmt01prod ~]# dig @srvdc03.mydomain.com SRV  _gc._
>> > tcp.mydomain.com
>> >
>> > ; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.23.rc1.el6_5.1 <<>> @
>> srvdc03.mydomain.com
>> > SRV _gc._tcp.mydomain.com
>> > ; (1 server found)
>> > ;; global options: +cmd
>> > ;; Got answer:
>> > ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 33340
>> > ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
>> >
>> > ;; QUESTION SECTION:
>> > ;_gc._tcp.mydomain.com. IN  SRV
>>
>> this ^^^ means that you do not have srv record. are you sure you
>> replace mydomain.com with your actual active directory domain name?
>> have you tried to look into your dns manager for this information as well?
>>
>> >
>> > ;; AUTHORITY SECTION:
>> > mydomain.com.   3600IN  SOA srvdc03.mydomain.com.
>> > hostmaster.airport. 1398582 900 600 86400 3600
>> >
>> > ;; Query time: 12 msec
>> > ;; SERVER: 10.110.3.123#53(10.110.3.123)
>> > ;; WHEN: Thu Jan 29 13:40:41 2015
>> > ;; MSG SIZE  rcvd: 98
>> >
>> >
>> >
>> > 2015-01-29 13:33 GMT+01:00 Alon Bar-Lev :
>> >
>> > >
>> > >
>> > > - Original Message -
>> > > > From: "Koen Vanoppen" 
>> > > > To: "Alon Bar-Lev" , users@ovirt.org
>> > > > Sent: Thursday, January 29, 2015 2:19:32 PM
>> > > > Subject: Re: [ovirt-users] AAA
>> > > >
>> > > > Big thanks for your help, but still the same:
>> > > >
>> > > > #
>> > > > # Active directory domain name.
>> > > > #
>> > > > vars.domain = mydomain.com
>> > > >
>> > > > #
>> > > > # Search user and its password.
>> > > > #
>> > > > vars.user = admin@${global:vars.domain}
>> > > > vars.password = *
>> > > >
>> > > > #
>> > > > # Optional DNS servers, if enterprise
>> > > > # DNS server cannot resolve the domain srvrecord.
>> > > > #
>> > > > vars.dns = dns://srvdc03.${global:vars.domain}
>> > > > dns://srvdc04.${global:vars.domain}
>> > > >
>> > > > pool.default.serverset.type = srvrecord
>> > > > pool.default.serverset.srvrecord.domain = ${global:vars.domain}
>> > > > pool.default.auth.simple.bindDN = ${global:vars.user}
>> > > > pool.default.auth.simple.password = ${global:vars.password}
>> > > >
>> > > > # Uncomment if using custom DNS
>> > > >
>> > >
>> pool.default.serverset.srvrecord.jndi-properties.java.naming.provider.url =
>> > > > ${global:vars.dns}
>> > > > pool.default.socketfactory.resolver.uRL = ${global:vars.dns}
>> > > >
>> > > >
>> > > >
>> > > >  [ovirt-engine-extension-aaa-ldap.authz::BRU_AIR-authz] Cannot
>> initialize
>> > > > LDAP framework, deferring initialization. Error: No DNS SRV records
>> were
>> > > > found with record name '_gc._tcp.brussels.airport'.
>> > > >
>> > > > And I can't put '_gc._tcp.mydomain.com in the dns... Isn't there
>> another
>> > > > way it just resolves the dns servers I gave him?
>> > > >
>> > >
>> > > Microsoft Domain controller must have gc service entry within DNS to
>> work
>> > > properly.
>> > > 1. Are you sure you have Microsoft DNS installed on
>> srvdc03.mydomain.com ?
>> > > 2. Can yo

Re: [ovirt-users] AAA

2015-01-29 Thread Koen Vanoppen 
OK... Now I have this one :-)
WARN  [org.ovirt.engineextensions.aaa.ldap.AuthnExtension] (MSC service
thread 1-2) [ovirt-engine-extension-aaa-ldap.authn::BRU_AIR-authn] Cannot
initialize LDAP framework, deferring initialization. Error: Invalid DNS
pseudo-URL(s):

Changed the properties file to this:

include = 

#
# Active directory domain name.
#
vars.domain = ldap.mydomain.com (this one resolves to and gives ping back,
front end of the pool)

#
# Search user and its password.
#
vars.user = juniper-ad...@mydomain.com
vars.password = *

#
# Optional DNS servers, if enterprise
# DNS server cannot resolve the domain srvrecord.
#
#vars.dns = dns://srvdc03.my.domain dns://srvdc04.my.domain (these resolve
and give a ping back)

pool.default.serverset.type = srvrecord
#pool.default.serverset.single.server = ${global:vars.server}
pool.default.serverset.srvrecord.domain = ${global:vars.domain}
pool.default.auth.simple.bindDN = ${global:vars.user}
pool.default.auth.simple.password = ${global:vars.password}

# Uncomment if using custom DNS
pool.default.serverset.srvrecord.jndi-properties.java.naming.provider.url =
${global:vars.dns}
pool.default.socketfactory.resolver.uRL = ${global:vars.dns}


Thanks for your effort!


2015-01-29 13:50 GMT+01:00 Alon Bar-Lev :

>
>
> - Original Message -
> > From: "Koen Vanoppen" 
> > To: "Alon Bar-Lev" 
> > Cc: users@ovirt.org
> > Sent: Thursday, January 29, 2015 2:41:52 PM
> > Subject: Re: [ovirt-users] AAA
> >
> > Yes We have:
> >
> > [root@ovirtmgmt01prod ~]# dig @srvdc03.mydomain.com SRV  _gc._
> > tcp.mydomain.com
> >
> > ; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.23.rc1.el6_5.1 <<>> @
> srvdc03.mydomain.com
> > SRV _gc._tcp.mydomain.com
> > ; (1 server found)
> > ;; global options: +cmd
> > ;; Got answer:
> > ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 33340
> > ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
> >
> > ;; QUESTION SECTION:
> > ;_gc._tcp.mydomain.com. IN  SRV
>
> this ^^^ means that you do not have srv record. are you sure you
> replace mydomain.com with your actual active directory domain name?
> have you tried to look into your dns manager for this information as well?
>
> >
> > ;; AUTHORITY SECTION:
> > mydomain.com.   3600IN  SOA srvdc03.mydomain.com.
> > hostmaster.airport. 1398582 900 600 86400 3600
> >
> > ;; Query time: 12 msec
> > ;; SERVER: 10.110.3.123#53(10.110.3.123)
> > ;; WHEN: Thu Jan 29 13:40:41 2015
> > ;; MSG SIZE  rcvd: 98
> >
> >
> >
> > 2015-01-29 13:33 GMT+01:00 Alon Bar-Lev :
> >
> > >
> > >
> > > - Original Message -
> > > > From: "Koen Vanoppen" 
> > > > To: "Alon Bar-Lev" , users@ovirt.org
> > > > Sent: Thursday, January 29, 2015 2:19:32 PM
> > > > Subject: Re: [ovirt-users] AAA
> > > >
> > > > Big thanks for your help, but still the same:
> > > >
> > > > #
> > > > # Active directory domain name.
> > > > #
> > > > vars.domain = mydomain.com
> > > >
> > > > #
> > > > # Search user and its password.
> > > > #
> > > > vars.user = admin@${global:vars.domain}
> > > > vars.password = *
> > > >
> > > > #
> > > > # Optional DNS servers, if enterprise
> > > > # DNS server cannot resolve the domain srvrecord.
> > > > #
> > > > vars.dns = dns://srvdc03.${global:vars.domain}
> > > > dns://srvdc04.${global:vars.domain}
> > > >
> > > > pool.default.serverset.type = srvrecord
> > > > pool.default.serverset.srvrecord.domain = ${global:vars.domain}
> > > > pool.default.auth.simple.bindDN = ${global:vars.user}
> > > > pool.default.auth.simple.password = ${global:vars.password}
> > > >
> > > > # Uncomment if using custom DNS
> > > >
> > >
> pool.default.serverset.srvrecord.jndi-properties.java.naming.provider.url =
> > > > ${global:vars.dns}
> > > > pool.default.socketfactory.resolver.uRL = ${global:vars.dns}
> > > >
> > > >
> > > >
> > > >  [ovirt-engine-extension-aaa-ldap.authz::BRU_AIR-authz] Cannot
> initialize
> > > > LDAP framework, deferring initialization. Error: No DNS SRV records
> were
> > > > found with record name '_gc._tcp.brussels.airport'.
> > > >
> > > > And I can't put '_gc._tcp.mydomain.com in the dns... Isn't there
> another
> > > > way it just resolves the dns servers I gave him?
> > > >
> > >
> > > Microsoft Domain controller must have gc service entry within DNS to
> work
> > > properly.
> > > 1. Are you sure you have Microsoft DNS installed on
> srvdc03.mydomain.com ?
> > > 2. Can you please execute:
> > > $ dig @srvdc03.mydomain.com SRV _gc._tcp.mydomain.com
> > > 3. Can you please open the DNS manager within your domain and search
> for
> > > srv records? Maybe you have DNS installed only on few servers, using
> the
> > > DNS manager you can also see which.
> > >
> > > >
> > > > 2015-01-29 13:02 GMT+01:00 Alon Bar-Lev :
> > > >
> > > > >
> > > > >
> > > > > - Original Message -
> > > > > > From: "Ondra Machacek" 
> > > > > > To: "Koen Vanoppen" , users@ovirt.org
> > > > > > Sent: Thursday, January 29, 2015 1:49:00 PM
> > > > > > Subject: Re: [ovirt-use

Re: [ovirt-users] [Users] A mobile monitoring application for oVirt

2015-01-29 Thread Tomas Jelinek 


- Original Message -
> From: "Karli Sjöberg" 
> To: "Tomas Jelinek" 
> Cc: "Gianluca Cecchi" , "Sphoorti Joglekar" 
> , "users"
> 
> Sent: Thursday, January 29, 2015 12:48:59 PM
> Subject: Re: [ovirt-users] [Users] A mobile monitoring application for oVirt
> 
> On Thu, 2015-01-29 at 06:28 -0500, Tomas Jelinek wrote:
> > 
> > - Original Message -
> > > From: "Gianluca Cecchi" 
> > > To: "Karli Sjöberg" 
> > > Cc: "Tomas Jelinek" , "Sphoorti Joglekar"
> > > , "users"
> > > 
> > > Sent: Thursday, January 29, 2015 12:19:24 PM
> > > Subject: Re: [ovirt-users] [Users] A mobile monitoring application for
> > > oVirt
> > > 
> > > On Thu, Jan 29, 2015 at 12:11 PM, Karli Sjöberg 
> > > wrote:
> > > 
> > > >
> > > >
> > > > No, I spoke too soon, 'the attachment was removed'. Can you upload it
> > > > somewhere and paste the link?
> > > >
> > > >
> > > >
> > > If it's ok for Tomas and Sphoorti I can set a gdrive link for the apk
> > > Gianluca
> > 
> > Seen your mail too late - I have just uploaded it to github: [1]. There is
> > a link now from the main github page [2]
> > 
> > Tomas
> > 
> > [1]:
> > https://github.com/matobet/moVirt/blob/master/moVirt/moVirt-debug.apk?raw=true
> > [2]: https://github.com/matobet/moVirt
> > >
> 
> Cool as fsck!:) Worked like a charm on my Nexus 4 and going to install
> it on my Nexus 7 tonight as well. Shame no SPICE but keep it up guys,
> that was great!

Cool, thanx for the review! :)

> 
> /K
> 
> 
> 
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] AAA

2015-01-29 Thread Donny Davis 
Use /etc/hosts and add this to your .properties

pool.default.socketfactory.type = java

On Jan 29, 2015 5:50 AM, Alon Bar-Lev wrote: > > > > - Original Message 
- > > From: "Koen Vanoppen" > > To: "Alon Bar-Lev" > > Cc: users@ovirt.org 
> > Sent: Thursday, January 29, 2015 2:41:52 PM > > Subject: Re: [ovirt-users] 
AAA > > > > Yes We have: > > > > [root@ovirtmgmt01prod ~]# dig 
@srvdc03.mydomain.com SRV  _gc._ > > tcp.mydomain.com > > > > ; <<>> DiG 
9.8.2rc1-RedHat-9.8.2-0.23.rc1.el6_5.1 <<>> @srvdc03.mydomain.com > > SRV 
_gc._tcp.mydomain.com > > ; (1 server found) > > ;; global options: +cmd > > ;; 
Got answer: > > ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 33340 > > 
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0 > > > > 
;; QUESTION SECTION: > > ;_gc._tcp.mydomain.com. IN  SRV > > this ^^^ 
means that you do not have srv record. are you sure you replace mydomain.com 
with your actual active directory domain name? > have you tried to look into 
your dns manager for this information as well? > > > > > ;; AUTHORITY SECTION: 
> > mydomain.com.   3600    IN  SOA srvdc03.mydomain.com. > > 
hostmaster.airport. 1398582 900 600 86400 3600 > > > > ;; Query time: 12 msec > 
> ;; SERVER: 10.110.3.123#53(10.110.3.123) > > ;; WHEN: Thu Jan 29 13:40:41 
2015 > > ;; MSG SIZE  rcvd: 98 > > > > > > > > 2015-01-29 13:33 GMT+01:00 Alon 
Bar-Lev : > > > > > > > > > > > - Original Message - > > > > From: 
"Koen Vanoppen" > > > > To: "Alon Bar-Lev" , users@ovirt.org > > > > Sent: 
Thursday, January 29, 2015 2:19:32 PM > > > > Subject: Re: [ovirt-users] AAA > 
> > > > > > > Big thanks for your help, but still the same: > > > > > > > > # > 
> > > # Active directory domain name. > > > > # > > > > vars.domain = 
mydomain.com > > > > > > > > # > > > > # Search user and its password. > > > > 
# > > > > vars.user = admin@${global:vars.domain} > > > > vars.password = * 
> > > > > > > > # > > > > # Optional DNS servers, if enterprise > > > > # DNS 
server cannot resolve the domain srvrecord. > > > > # > > > > vars.dns = 
dns://srvdc03.${global:vars.domain} > > > > dns://srvdc04.${global:vars.domain} 
> > > > > > > > pool.default.serverset.type = srvrecord > > > > 
pool.default.serverset.srvrecord.domain = ${global:vars.domain} > > > > 
pool.default.auth.simple.bindDN = ${global:vars.user} > > > > 
pool.default.auth.simple.password = ${global:vars.password} > > > > > > > > # 
Uncomment if using custom DNS > > > > > > > 
pool.default.serverset.srvrecord.jndi-properties.java.naming.provider.url = > > 
> > ${global:vars.dns} > > > > pool.default.socketfactory.resolver.uRL = 
${global:vars.dns} > > > > > > > > > > > > > > > >  
[ovirt-engine-extension-aaa-ldap.authz::BRU_AIR-authz] Cannot initialize > > > 
> LDAP framework, deferring initialization. Error: No DNS SRV records were > > 
> > found with record name '_gc._tcp.brussels.airport'. > > > > > > > > And I 
can't put '_gc._tcp.mydomain.com in the dns... Isn't there another > > > > way 
it just resolves the dns servers I gave him? > > > > > > > > > > Microsoft 
Domain controller must have gc service entry within DNS to work > > > properly. 
> > > 1. Are you sure you have Microsoft DNS installed on srvdc03.mydomain.com 
? > > > 2. Can you please execute: > > > $ dig @srvdc03.mydomain.com SRV 
_gc._tcp.mydomain.com > > > 3. Can you please open the DNS manager within your 
domain and search for > > > srv records? Maybe you have DNS installed only on 
few servers, using the > > > DNS manager you can also see which. > > > > > > > 
> > > > 2015-01-29 13:02 GMT+01:00 Alon Bar-Lev : > > > > > > > > > > > > > > > 
> > > > - Original Message - > > > > > > From: "Ondra Machacek" > > > > 
> > To: "Koen Vanoppen" , users@ovirt.org > > > > > > Sent: Thursday, January 
29, 2015 1:49:00 PM > > > > > > Subject: Re: [ovirt-users] AAA > > > > > > > > 
> > > > > > > > > > On 01/29/2015 12:30 PM, Koen Vanoppen wrote: > > > > > > > 
No, I don't. and I wouldn't know how he got to this name... > > > > > > > > > > 
> > Well, then you have to, if you want to use > > > 
'pool.default.serverset.type > > > > > > = srvrecord'. > > > > > > > > > > > > 
It just need to know where your global catalog is running, since it's > > > > > 
> needed for new provider. > > > > > > > > > > > > It searches for global 
catalog like this: > > > > > > dig @${vars.dns} -t SRV _gc._tcp.${vars.domain} 
> > > > > > > > > > > > So you need to have this SRV record in DNS, if you want 
to use > > > srvrecord > > > > > > serverset type. Or you don't have to if you 
use single server type. > > > > > > > > > > active directory will not work 
without access to global catalog. > > > > > please set one or more of the 
domain controllers as dns server, for > > > > > example: > > > > > > > > > > 
vars.dns = dns://dc1.${global:vars.domain} > > > 
dns://dc2.${global:vars.domain} > > > > > > > > > > please also uncomment/add 
these lines to make vars.dns effective. >

Re: [ovirt-users] [Users] A mobile monitoring application for oVirt

2015-01-29 Thread Sphoorti Joglekar 
Hello folks!
I am an OPW intern working on this project with Tomas.

I work on Android Lollipop to test movirt and it works fine.

Looking forward to your views on movirt.

Best Regards,
Sphoorti

On Thu, Jan 29, 2015, 4:37 PM Karli Sjöberg  wrote:

> On Thu, 2015-01-29 at 06:01 -0500, Tomas Jelinek wrote:
> >
> > - Original Message -
> > > From: "Karli Sjöberg" 
> > > To: "Gianluca Cecchi" 
> > > Cc: "users" 
> > > Sent: Thursday, January 29, 2015 11:45:02 AM
> > > Subject: Re: [ovirt-users] [Users] A mobile monitoring application for
> oVirt
> > >
> > > On Wed, 2015-01-28 at 19:07 +0100, Gianluca Cecchi wrote:
> > > >
> > > > Il 03/apr/2014 16:37 "Martin Betak"  ha scritto:
> > > >
> > > > > This is still under heavy development, but first usable version can
> > > > be found at [1]
> > > >
> > > > [Snip]
> > > >
> > > > > feature requests and general feedback are very welcome. You can
> file
> > > > any issues directly at [2].
> > > >
> > > > [Snip]
> > > >
> > > > > [1] https://github.com/matobet/moVirt/blob/master/moVirt/
> moVirt.apk
> > > > > [2] https://github.com/matobet/moVirt/issues
> > > >
> > > >
> > > > Hello
> > > > Are the above links yet the right ones to use for apk
> download/install
> > > > and issue tracking in case I want to test movirt?
> > > > Thanks
> > > > Gianluca
> > > >
> > > > plain text document attachment (ATT1)
> > > > ___
> > > > Users mailing list
> > > > Users@ovirt.org
> > > > http://lists.ovirt.org/mailman/listinfo/users
> > >
> > > BTW, just curious, what about Lollipop? Does it work with the same app
> > > or must it be specifically built for the new version?
> >
> > It should, but no one have tested it so far. Do you have a device with
> Lollipop? It would be so awesome if you could test it!
>
> Yup, sure thing:) I´ll report back once I´ve tested.
>
> /K
>
> >
> > >
> > > /K
> > >
> > >
> > > ___
> > > Users mailing list
> > > Users@ovirt.org
> > > http://lists.ovirt.org/mailman/listinfo/users
> > >
>
>
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] AAA

2015-01-29 Thread Alon Bar-Lev 


- Original Message -
> From: "Koen Vanoppen" 
> To: "Alon Bar-Lev" 
> Cc: users@ovirt.org
> Sent: Thursday, January 29, 2015 2:41:52 PM
> Subject: Re: [ovirt-users] AAA
> 
> Yes We have:
> 
> [root@ovirtmgmt01prod ~]# dig @srvdc03.mydomain.com SRV  _gc._
> tcp.mydomain.com
> 
> ; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.23.rc1.el6_5.1 <<>> @srvdc03.mydomain.com
> SRV _gc._tcp.mydomain.com
> ; (1 server found)
> ;; global options: +cmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 33340
> ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
> 
> ;; QUESTION SECTION:
> ;_gc._tcp.mydomain.com. IN  SRV

this ^^^ means that you do not have srv record. are you sure you replace 
mydomain.com with your actual active directory domain name?
have you tried to look into your dns manager for this information as well?

> 
> ;; AUTHORITY SECTION:
> mydomain.com.   3600IN  SOA srvdc03.mydomain.com.
> hostmaster.airport. 1398582 900 600 86400 3600
> 
> ;; Query time: 12 msec
> ;; SERVER: 10.110.3.123#53(10.110.3.123)
> ;; WHEN: Thu Jan 29 13:40:41 2015
> ;; MSG SIZE  rcvd: 98
> 
> 
> 
> 2015-01-29 13:33 GMT+01:00 Alon Bar-Lev :
> 
> >
> >
> > - Original Message -
> > > From: "Koen Vanoppen" 
> > > To: "Alon Bar-Lev" , users@ovirt.org
> > > Sent: Thursday, January 29, 2015 2:19:32 PM
> > > Subject: Re: [ovirt-users] AAA
> > >
> > > Big thanks for your help, but still the same:
> > >
> > > #
> > > # Active directory domain name.
> > > #
> > > vars.domain = mydomain.com
> > >
> > > #
> > > # Search user and its password.
> > > #
> > > vars.user = admin@${global:vars.domain}
> > > vars.password = *
> > >
> > > #
> > > # Optional DNS servers, if enterprise
> > > # DNS server cannot resolve the domain srvrecord.
> > > #
> > > vars.dns = dns://srvdc03.${global:vars.domain}
> > > dns://srvdc04.${global:vars.domain}
> > >
> > > pool.default.serverset.type = srvrecord
> > > pool.default.serverset.srvrecord.domain = ${global:vars.domain}
> > > pool.default.auth.simple.bindDN = ${global:vars.user}
> > > pool.default.auth.simple.password = ${global:vars.password}
> > >
> > > # Uncomment if using custom DNS
> > >
> > pool.default.serverset.srvrecord.jndi-properties.java.naming.provider.url =
> > > ${global:vars.dns}
> > > pool.default.socketfactory.resolver.uRL = ${global:vars.dns}
> > >
> > >
> > >
> > >  [ovirt-engine-extension-aaa-ldap.authz::BRU_AIR-authz] Cannot initialize
> > > LDAP framework, deferring initialization. Error: No DNS SRV records were
> > > found with record name '_gc._tcp.brussels.airport'.
> > >
> > > And I can't put '_gc._tcp.mydomain.com in the dns... Isn't there another
> > > way it just resolves the dns servers I gave him?
> > >
> >
> > Microsoft Domain controller must have gc service entry within DNS to work
> > properly.
> > 1. Are you sure you have Microsoft DNS installed on srvdc03.mydomain.com ?
> > 2. Can you please execute:
> > $ dig @srvdc03.mydomain.com SRV _gc._tcp.mydomain.com
> > 3. Can you please open the DNS manager within your domain and search for
> > srv records? Maybe you have DNS installed only on few servers, using the
> > DNS manager you can also see which.
> >
> > >
> > > 2015-01-29 13:02 GMT+01:00 Alon Bar-Lev :
> > >
> > > >
> > > >
> > > > - Original Message -
> > > > > From: "Ondra Machacek" 
> > > > > To: "Koen Vanoppen" , users@ovirt.org
> > > > > Sent: Thursday, January 29, 2015 1:49:00 PM
> > > > > Subject: Re: [ovirt-users] AAA
> > > > >
> > > > >
> > > > > On 01/29/2015 12:30 PM, Koen Vanoppen wrote:
> > > > > > No, I don't. and I wouldn't know how he got to this name...
> > > > >
> > > > > Well, then you have to, if you want to use
> > 'pool.default.serverset.type
> > > > > = srvrecord'.
> > > > >
> > > > > It just need to know where your global catalog is running, since it's
> > > > > needed for new provider.
> > > > >
> > > > > It searches for global catalog like this:
> > > > > dig @${vars.dns} -t SRV _gc._tcp.${vars.domain}
> > > > >
> > > > > So you need to have this SRV record in DNS, if you want to use
> > srvrecord
> > > > > serverset type. Or you don't have to if you use single server type.
> > > >
> > > > active directory will not work without access to global catalog.
> > > > please set one or more of the domain controllers as dns server, for
> > > > example:
> > > >
> > > > vars.dns = dns://dc1.${global:vars.domain}
> > dns://dc2.${global:vars.domain}
> > > >
> > > > please also uncomment/add these lines to make vars.dns effective.
> > > >
> > > >
> > pool.default.serverset.srvrecord.jndi-properties.java.naming.provider.url
> > > > = ${global:vars.dns}
> > > > pool.default.socketfactory.resolver.uRL = ${global:vars.dns}
> > > >
> > > > Thanks!
> > > >
> > > > >
> > > > > >
> > > > > > Thanks for the reply!
> > > > > >
> > > > > > 2015-01-29 11:53 GMT+01:00 Ondra Machacek  > > > > > >:
> > > > > >
> > > > > > On 01/29/2015 11:41 AM, Koen Vanoppen wro

Re: [ovirt-users] AAA

2015-01-29 Thread Koen Vanoppen 
Yes We have:

[root@ovirtmgmt01prod ~]# dig @srvdc03.mydomain.com SRV  _gc._
tcp.mydomain.com

; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.23.rc1.el6_5.1 <<>> @srvdc03.mydomain.com
SRV _gc._tcp.mydomain.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 33340
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;_gc._tcp.mydomain.com. IN  SRV

;; AUTHORITY SECTION:
mydomain.com.   3600IN  SOA srvdc03.mydomain.com.
hostmaster.airport. 1398582 900 600 86400 3600

;; Query time: 12 msec
;; SERVER: 10.110.3.123#53(10.110.3.123)
;; WHEN: Thu Jan 29 13:40:41 2015
;; MSG SIZE  rcvd: 98



2015-01-29 13:33 GMT+01:00 Alon Bar-Lev :

>
>
> - Original Message -
> > From: "Koen Vanoppen" 
> > To: "Alon Bar-Lev" , users@ovirt.org
> > Sent: Thursday, January 29, 2015 2:19:32 PM
> > Subject: Re: [ovirt-users] AAA
> >
> > Big thanks for your help, but still the same:
> >
> > #
> > # Active directory domain name.
> > #
> > vars.domain = mydomain.com
> >
> > #
> > # Search user and its password.
> > #
> > vars.user = admin@${global:vars.domain}
> > vars.password = *
> >
> > #
> > # Optional DNS servers, if enterprise
> > # DNS server cannot resolve the domain srvrecord.
> > #
> > vars.dns = dns://srvdc03.${global:vars.domain}
> > dns://srvdc04.${global:vars.domain}
> >
> > pool.default.serverset.type = srvrecord
> > pool.default.serverset.srvrecord.domain = ${global:vars.domain}
> > pool.default.auth.simple.bindDN = ${global:vars.user}
> > pool.default.auth.simple.password = ${global:vars.password}
> >
> > # Uncomment if using custom DNS
> >
> pool.default.serverset.srvrecord.jndi-properties.java.naming.provider.url =
> > ${global:vars.dns}
> > pool.default.socketfactory.resolver.uRL = ${global:vars.dns}
> >
> >
> >
> >  [ovirt-engine-extension-aaa-ldap.authz::BRU_AIR-authz] Cannot initialize
> > LDAP framework, deferring initialization. Error: No DNS SRV records were
> > found with record name '_gc._tcp.brussels.airport'.
> >
> > And I can't put '_gc._tcp.mydomain.com in the dns... Isn't there another
> > way it just resolves the dns servers I gave him?
> >
>
> Microsoft Domain controller must have gc service entry within DNS to work
> properly.
> 1. Are you sure you have Microsoft DNS installed on srvdc03.mydomain.com ?
> 2. Can you please execute:
> $ dig @srvdc03.mydomain.com SRV _gc._tcp.mydomain.com
> 3. Can you please open the DNS manager within your domain and search for
> srv records? Maybe you have DNS installed only on few servers, using the
> DNS manager you can also see which.
>
> >
> > 2015-01-29 13:02 GMT+01:00 Alon Bar-Lev :
> >
> > >
> > >
> > > - Original Message -
> > > > From: "Ondra Machacek" 
> > > > To: "Koen Vanoppen" , users@ovirt.org
> > > > Sent: Thursday, January 29, 2015 1:49:00 PM
> > > > Subject: Re: [ovirt-users] AAA
> > > >
> > > >
> > > > On 01/29/2015 12:30 PM, Koen Vanoppen wrote:
> > > > > No, I don't. and I wouldn't know how he got to this name...
> > > >
> > > > Well, then you have to, if you want to use
> 'pool.default.serverset.type
> > > > = srvrecord'.
> > > >
> > > > It just need to know where your global catalog is running, since it's
> > > > needed for new provider.
> > > >
> > > > It searches for global catalog like this:
> > > > dig @${vars.dns} -t SRV _gc._tcp.${vars.domain}
> > > >
> > > > So you need to have this SRV record in DNS, if you want to use
> srvrecord
> > > > serverset type. Or you don't have to if you use single server type.
> > >
> > > active directory will not work without access to global catalog.
> > > please set one or more of the domain controllers as dns server, for
> > > example:
> > >
> > > vars.dns = dns://dc1.${global:vars.domain}
> dns://dc2.${global:vars.domain}
> > >
> > > please also uncomment/add these lines to make vars.dns effective.
> > >
> > >
> pool.default.serverset.srvrecord.jndi-properties.java.naming.provider.url
> > > = ${global:vars.dns}
> > > pool.default.socketfactory.resolver.uRL = ${global:vars.dns}
> > >
> > > Thanks!
> > >
> > > >
> > > > >
> > > > > Thanks for the reply!
> > > > >
> > > > > 2015-01-29 11:53 GMT+01:00 Ondra Machacek  > > > > >:
> > > > >
> > > > > On 01/29/2015 11:41 AM, Koen Vanoppen wrote:
> > > > >
> > > > > Can somebody help me setting up AAA for ovirt 3.5.1?
> > > > >
> > > > > I'm getting this now:
> > > > >
> > > > > 2015-01-29 11:35:36,889 WARN
> > > > > [org.ovirt.engineextensions.__aaa.ldap.AuthzExtension] (MSC
> > > > > service thread
> > > > > 1-1)
> [ovirt-engine-extension-aaa-__ldap.authz::BRU_AIR-authz]
> > > > > Cannot
> > > > > initialize LDAP framework, deferring initialization.
> Error: An
> > > > > error
> > > > > occurred while attempting to query DNS in order to
> retrieve SRV
> > > > > records
> > > > > with name '_gc._tcp.brussels.air

Re: [ovirt-users] AAA

2015-01-29 Thread Alon Bar-Lev 


- Original Message -
> From: "Koen Vanoppen" 
> To: "Alon Bar-Lev" , users@ovirt.org
> Sent: Thursday, January 29, 2015 2:19:32 PM
> Subject: Re: [ovirt-users] AAA
> 
> Big thanks for your help, but still the same:
> 
> #
> # Active directory domain name.
> #
> vars.domain = mydomain.com
> 
> #
> # Search user and its password.
> #
> vars.user = admin@${global:vars.domain}
> vars.password = *
> 
> #
> # Optional DNS servers, if enterprise
> # DNS server cannot resolve the domain srvrecord.
> #
> vars.dns = dns://srvdc03.${global:vars.domain}
> dns://srvdc04.${global:vars.domain}
> 
> pool.default.serverset.type = srvrecord
> pool.default.serverset.srvrecord.domain = ${global:vars.domain}
> pool.default.auth.simple.bindDN = ${global:vars.user}
> pool.default.auth.simple.password = ${global:vars.password}
> 
> # Uncomment if using custom DNS
> pool.default.serverset.srvrecord.jndi-properties.java.naming.provider.url =
> ${global:vars.dns}
> pool.default.socketfactory.resolver.uRL = ${global:vars.dns}
> 
> 
> 
>  [ovirt-engine-extension-aaa-ldap.authz::BRU_AIR-authz] Cannot initialize
> LDAP framework, deferring initialization. Error: No DNS SRV records were
> found with record name '_gc._tcp.brussels.airport'.
> 
> And I can't put '_gc._tcp.mydomain.com in the dns... Isn't there another
> way it just resolves the dns servers I gave him?
> 

Microsoft Domain controller must have gc service entry within DNS to work 
properly.
1. Are you sure you have Microsoft DNS installed on srvdc03.mydomain.com ?
2. Can you please execute:
$ dig @srvdc03.mydomain.com SRV _gc._tcp.mydomain.com
3. Can you please open the DNS manager within your domain and search for srv 
records? Maybe you have DNS installed only on few servers, using the DNS 
manager you can also see which.

> 
> 2015-01-29 13:02 GMT+01:00 Alon Bar-Lev :
> 
> >
> >
> > - Original Message -
> > > From: "Ondra Machacek" 
> > > To: "Koen Vanoppen" , users@ovirt.org
> > > Sent: Thursday, January 29, 2015 1:49:00 PM
> > > Subject: Re: [ovirt-users] AAA
> > >
> > >
> > > On 01/29/2015 12:30 PM, Koen Vanoppen wrote:
> > > > No, I don't. and I wouldn't know how he got to this name...
> > >
> > > Well, then you have to, if you want to use 'pool.default.serverset.type
> > > = srvrecord'.
> > >
> > > It just need to know where your global catalog is running, since it's
> > > needed for new provider.
> > >
> > > It searches for global catalog like this:
> > > dig @${vars.dns} -t SRV _gc._tcp.${vars.domain}
> > >
> > > So you need to have this SRV record in DNS, if you want to use srvrecord
> > > serverset type. Or you don't have to if you use single server type.
> >
> > active directory will not work without access to global catalog.
> > please set one or more of the domain controllers as dns server, for
> > example:
> >
> > vars.dns = dns://dc1.${global:vars.domain} dns://dc2.${global:vars.domain}
> >
> > please also uncomment/add these lines to make vars.dns effective.
> >
> > pool.default.serverset.srvrecord.jndi-properties.java.naming.provider.url
> > = ${global:vars.dns}
> > pool.default.socketfactory.resolver.uRL = ${global:vars.dns}
> >
> > Thanks!
> >
> > >
> > > >
> > > > Thanks for the reply!
> > > >
> > > > 2015-01-29 11:53 GMT+01:00 Ondra Machacek  > > > >:
> > > >
> > > > On 01/29/2015 11:41 AM, Koen Vanoppen wrote:
> > > >
> > > > Can somebody help me setting up AAA for ovirt 3.5.1?
> > > >
> > > > I'm getting this now:
> > > >
> > > > 2015-01-29 11:35:36,889 WARN
> > > > [org.ovirt.engineextensions.__aaa.ldap.AuthzExtension] (MSC
> > > > service thread
> > > > 1-1) [ovirt-engine-extension-aaa-__ldap.authz::BRU_AIR-authz]
> > > > Cannot
> > > > initialize LDAP framework, deferring initialization. Error: An
> > > > error
> > > > occurred while attempting to query DNS in order to retrieve SRV
> > > > records
> > > > with name '_gc._tcp.brussels.airport':
> > > > javax.naming.__NameNotFoundException: DNS name not found
> > > > [response code
> > > > 3]; remaining name '_gc._tcp.brussels.airport'
> > > >
> > > >
> > > > Do you have this '_gc._tcp.brussels.airport' SRV record in DNS ?
> > > >
> > > >
> > > > my 3 configs:
> > > > _*BRU_AIR-authn.properties*_
> > > > ovirt.engine.extension.name <
> > http://ovirt.engine.extension.name>
> > > >  > > > > =
> > > > BRU_AIR-authn
> > > > ovirt.engine.extension.__bindings.method = jbossmodule
> > > > ovirt.engine.extension.__binding.jbossmodule.module =
> > > > org.ovirt.engine-extensions.__aaa.ldap
> > > > ovirt.engine.extension.__binding.jbossmodule.class =
> > > > org.ovirt.engineextensions.__aaa.ldap.AuthnExtension
> > > > ovirt.engine.extension.__provides =
> > > >

Re: [ovirt-users] AAA

2015-01-29 Thread Koen Vanoppen 
Big thanks for your help, but still the same:

#
# Active directory domain name.
#
vars.domain = mydomain.com

#
# Search user and its password.
#
vars.user = admin@${global:vars.domain}
vars.password = *

#
# Optional DNS servers, if enterprise
# DNS server cannot resolve the domain srvrecord.
#
vars.dns = dns://srvdc03.${global:vars.domain}
dns://srvdc04.${global:vars.domain}

pool.default.serverset.type = srvrecord
pool.default.serverset.srvrecord.domain = ${global:vars.domain}
pool.default.auth.simple.bindDN = ${global:vars.user}
pool.default.auth.simple.password = ${global:vars.password}

# Uncomment if using custom DNS
pool.default.serverset.srvrecord.jndi-properties.java.naming.provider.url =
${global:vars.dns}
pool.default.socketfactory.resolver.uRL = ${global:vars.dns}



 [ovirt-engine-extension-aaa-ldap.authz::BRU_AIR-authz] Cannot initialize
LDAP framework, deferring initialization. Error: No DNS SRV records were
found with record name '_gc._tcp.brussels.airport'.

And I can't put '_gc._tcp.mydomain.com in the dns... Isn't there another
way it just resolves the dns servers I gave him?


2015-01-29 13:02 GMT+01:00 Alon Bar-Lev :

>
>
> - Original Message -
> > From: "Ondra Machacek" 
> > To: "Koen Vanoppen" , users@ovirt.org
> > Sent: Thursday, January 29, 2015 1:49:00 PM
> > Subject: Re: [ovirt-users] AAA
> >
> >
> > On 01/29/2015 12:30 PM, Koen Vanoppen wrote:
> > > No, I don't. and I wouldn't know how he got to this name...
> >
> > Well, then you have to, if you want to use 'pool.default.serverset.type
> > = srvrecord'.
> >
> > It just need to know where your global catalog is running, since it's
> > needed for new provider.
> >
> > It searches for global catalog like this:
> > dig @${vars.dns} -t SRV _gc._tcp.${vars.domain}
> >
> > So you need to have this SRV record in DNS, if you want to use srvrecord
> > serverset type. Or you don't have to if you use single server type.
>
> active directory will not work without access to global catalog.
> please set one or more of the domain controllers as dns server, for
> example:
>
> vars.dns = dns://dc1.${global:vars.domain} dns://dc2.${global:vars.domain}
>
> please also uncomment/add these lines to make vars.dns effective.
>
> pool.default.serverset.srvrecord.jndi-properties.java.naming.provider.url
> = ${global:vars.dns}
> pool.default.socketfactory.resolver.uRL = ${global:vars.dns}
>
> Thanks!
>
> >
> > >
> > > Thanks for the reply!
> > >
> > > 2015-01-29 11:53 GMT+01:00 Ondra Machacek  > > >:
> > >
> > > On 01/29/2015 11:41 AM, Koen Vanoppen wrote:
> > >
> > > Can somebody help me setting up AAA for ovirt 3.5.1?
> > >
> > > I'm getting this now:
> > >
> > > 2015-01-29 11:35:36,889 WARN
> > > [org.ovirt.engineextensions.__aaa.ldap.AuthzExtension] (MSC
> > > service thread
> > > 1-1) [ovirt-engine-extension-aaa-__ldap.authz::BRU_AIR-authz]
> > > Cannot
> > > initialize LDAP framework, deferring initialization. Error: An
> > > error
> > > occurred while attempting to query DNS in order to retrieve SRV
> > > records
> > > with name '_gc._tcp.brussels.airport':
> > > javax.naming.__NameNotFoundException: DNS name not found
> > > [response code
> > > 3]; remaining name '_gc._tcp.brussels.airport'
> > >
> > >
> > > Do you have this '_gc._tcp.brussels.airport' SRV record in DNS ?
> > >
> > >
> > > my 3 configs:
> > > _*BRU_AIR-authn.properties*_
> > > ovirt.engine.extension.name <
> http://ovirt.engine.extension.name>
> > >  > > > =
> > > BRU_AIR-authn
> > > ovirt.engine.extension.__bindings.method = jbossmodule
> > > ovirt.engine.extension.__binding.jbossmodule.module =
> > > org.ovirt.engine-extensions.__aaa.ldap
> > > ovirt.engine.extension.__binding.jbossmodule.class =
> > > org.ovirt.engineextensions.__aaa.ldap.AuthnExtension
> > > ovirt.engine.extension.__provides =
> > > org.ovirt.engine.api.__extensions.aaa.Authn
> > > ovirt.engine.aaa.authn.__profile.name
> > > 
> > >  > > > = BRU-AIR
> > > ovirt.engine.aaa.authn.authz.__plugin = BRU_AIR-authz
> > > config.profile.file.1 =
> /etc/ovirt-engine/aaa/BRU_AIR.__properties
> > >
> > > _*BRU_AIR-authz.properties*_
> > > ovirt.engine.extension.name <
> http://ovirt.engine.extension.name>
> > >  > > > =
> > > BRU_AIR-authz
> > > ovirt.engine.extension.__bindings.method = jbossmodule
> > > ovirt.engine.extension.__binding.jbossmodule.module =
> > >

Re: [ovirt-users] Network setup for load balance

2015-01-29 Thread Martin Pavlík 
Hi Carlos,

you figured it yourself, the fastest/easiest way will be to deploy ovirt again. 
This time set the bonding manually before deployment and tie the management to 
the bond you create.

You did not mention what bond mode you want to use, please note that not all 
bond modes are supported for VM networks. You’ve mentioned that you are after 
load balancing, in this case you can use  mode=2(balance-xor), or 
mode=4(802.3ad) however mode 4 requires switch side support/configuration.

HTH

Martin Pavlik

> On 28 Jan 2015, at 15:16, Carlos Ibrahim Arias  wrote:
> 
> Hello,
> 
> I'm writing after a few weeks of trying to deploy the installation I had in 
> mind without success. I'm a newbie using orvit and my problem may sound odd 
> to some but I haven't been able to find a solution yet... I've searched all 
> the Web.
> 
> I have a server with two NICs (em1 and em2) and I want to bond them for load 
> balancing. I installed oVirt 3.5.1 using the hosted-engine option with CentOS 
> 7 on the hosted-engine and the host, and gluster on the host for the domain 
> storage. Everything was fine during the installation and the system seems to 
> work properly. ovirtmgmt is linked to em1. 
> 
> The problem is that  now I can't bond em1 and em2 using the web GUI. I set up 
> the bonding manually, it works but vdsmd is not starting afterwards.
> 
> Should I have done the bond before installing oVirt? Is there any workaround 
> to bond my NICs so that oVirt can use them for load balance? Shall I use 
> other network setup for load balance (VLANs..)?
> 
> Thanks in advanced,
> -- 
> Carlos Ibrahim Arias
> Consultor & Ingeniero en Informática
> Braimtec - Smart IT
> E: car...@braimtec.com 
> M: +34 600 457 497
> ___
> Users mailing list
> Users@ovirt.org
> http://lists.ovirt.org/mailman/listinfo/users

___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] Unable to reactivate host after reboot due to failed Gluster probe

2015-01-29 Thread Shubhendu Tripathi 

On 01/29/2015 04:26 PM, Jan Siml wrote:

Hello,

finally I got the nodes online. What helps was probing the not needed 
peer node-04 (no brick) from one of the other cluster nodes. When the 
node becames a Gluster peer, I am able to activate any oVirt node 
which serves bricks.


Therefore I assume, the error message which the UI returns comes from 
node-04:


Yes, this could be an issue as all other successful cases, the value for 
opErrno is retruned as 0 and opErrStr is blank.

I feel this scenario is treated as an error engine side.



root@node-04:~ $ gluster peer probe node-01
peer probe: failed: Probe returned with unknown errno 107

root@node-03:~ $ gluster peer status
Number of Peers: 2

Hostname: node-01
Uuid: 18027b35-971b-4b21-bb3d-df252b4dd525
State: Peer in Cluster (Connected)

Hostname: node-02
Uuid: 3fc36f55-d3a2-4efc-b2f0-31f83ed709d9
State: Peer in Cluster (Connected)

root@node-03:~ $ gluster peer probe node-04
peer probe: success.

root@node-03:~ $ gluster peer status
Number of Peers: 3

Hostname: node-01
Uuid: 18027b35-971b-4b21-bb3d-df252b4dd525
State: Peer in Cluster (Connected)

Hostname: node-02
Uuid: 3fc36f55-d3a2-4efc-b2f0-31f83ed709d9
State: Peer in Cluster (Connected)

Hostname: node-04
Uuid: 9cdefc68-d710-4346-93b1-76b5307e258b
State: Peer in Cluster (Connected)

This (oVirt's behavior) seems to be reproducible.

On 01/29/2015 11:10 AM, Jan Siml wrote:

Hello,

when looking into engine.log, I can see, that "gluster probe" returned
errno 107. But I can't figure out why:

2015-01-29 10:40:03,546 ERROR
[org.ovirt.engine.core.bll.InitVdsOnUpCommand]
(DefaultQuartzScheduler_Worker-59) [5977aac5] Could not peer probe the
gluster server node-03. Error: VdcBLLException: org.ovirt.eng
ine.core.vdsbroker.vdsbroker.VDSErrorException: VDSGenericException:
VDSErrorException: Failed to AddGlusterServerVDS, error = Add host 
failed

error: Probe returned with unknown errno 107

Just for the record: We use the /etc/hosts method because of missing
possibility to choose the network interface for Gluster. The three
Gluster peer hosts have modified /etc/hosts files with addresses binded
to a different interface than the ovirtmgmt addresses.

Example:

root@node-03:~ $ cat /etc/hosts
192.168.200.195  node-01
192.168.200.196  node-02
192.168.200.198  node-03

The /etc/hosts file on engine host isn't modified.


On 01/29/2015 10:39 AM, Jan Siml wrote:

Hello,

we have a strange behavior within an oVirt cluster. Version is 3.5.1,
engine is running on EL6 machine and hosts are using EL7 as operating
system. The cluster uses a GlusterFS backed storage domain amongst
others. Three of four hosts are peers in the Gluster cluster (3 bricks,
3 replica).

When all hosts are restarted (maybe due to power outage), engine can't
activate them again, because Gluster probe fails. The message given in
UI is:

"Gluster command [gluster peer node-03] failed on server node-03."

Checking Gluster peer and volume status on each host confirms that
Gluster peers are known to each other and volume is up.

node-03:~ $ gluster peer status
Number of Peers: 2

Hostname: node-02
Uuid: 3fc36f55-d3a2-4efc-b2f0-31f83ed709d9
State: Peer in Cluster (Connected)

Hostname: node-01
Uuid: 18027b35-971b-4b21-bb3d-df252b4dd525
State: Peer in Cluster (Connected)

node-03:~ $ gluster volume status
Status of volume: glusterfs-1
Gluster processPortOnlinePid
-- 




Brick node-01:/export/glusterfs/brick   49152Y 12409
Brick node-02:/export/glusterfs/brick49153Y 9978
Brick node-03:/export/glusterfs/brick49152Y 10001
Self-heal Daemon on localhostN/AY10003
Self-heal Daemon on node-01N/AY11590
Self-heal Daemon on node-02N/AY9988

Task Status of Volume glusterfs-1
-- 




There are no active volume tasks

Storage domain in oVirt UI is fine (active and green) and usable. But
neither Gluster volume nor any brick is visible in UI.

If I try the command which is shown in UI it returns:

root@node-03:~ $ gluster peer probe node-03
peer probe: success. Probe on localhost not needed

root@node-03:~ $ gluster --mode=script peer probe node-03 --xml


   0
   1
   (null)
   Probe on localhost not needed


Is this maybe just an engine side parsing error?







___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] [POLL] FOSDEM Social Event Date

2015-01-29 Thread Sven Kieske 
Hi,

just a short notice that I will attend FOSDEM too.
I don't know yet if I make it to the social event, see you
at the ovirt sessions!

-- 
Mit freundlichen Grüßen / Regards

Sven Kieske

Systemadministrator
Mittwald CM Service GmbH & Co. KG
Königsberger Straße 6
32339 Espelkamp
T: +49-5772-293-100
F: +49-5772-293-333
https://www.mittwald.de
Geschäftsführer: Robert Meyer
St.Nr.: 331/5721/1033, USt-IdNr.: DE814773217, HRA 6640, AG Bad Oeynhausen
Komplementärin: Robert Meyer Verwaltungs GmbH, HRB 13260, AG Bad Oeynhausen
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] AAA

2015-01-29 Thread Alon Bar-Lev 


- Original Message -
> From: "Ondra Machacek" 
> To: "Koen Vanoppen" , users@ovirt.org
> Sent: Thursday, January 29, 2015 1:49:00 PM
> Subject: Re: [ovirt-users] AAA
> 
> 
> On 01/29/2015 12:30 PM, Koen Vanoppen wrote:
> > No, I don't. and I wouldn't know how he got to this name...
> 
> Well, then you have to, if you want to use 'pool.default.serverset.type
> = srvrecord'.
> 
> It just need to know where your global catalog is running, since it's
> needed for new provider.
> 
> It searches for global catalog like this:
> dig @${vars.dns} -t SRV _gc._tcp.${vars.domain}
> 
> So you need to have this SRV record in DNS, if you want to use srvrecord
> serverset type. Or you don't have to if you use single server type.

active directory will not work without access to global catalog.
please set one or more of the domain controllers as dns server, for example:

vars.dns = dns://dc1.${global:vars.domain} dns://dc2.${global:vars.domain}

please also uncomment/add these lines to make vars.dns effective.

pool.default.serverset.srvrecord.jndi-properties.java.naming.provider.url = 
${global:vars.dns}
pool.default.socketfactory.resolver.uRL = ${global:vars.dns}

Thanks!

> 
> >
> > Thanks for the reply!
> >
> > 2015-01-29 11:53 GMT+01:00 Ondra Machacek  > >:
> >
> > On 01/29/2015 11:41 AM, Koen Vanoppen wrote:
> >
> > Can somebody help me setting up AAA for ovirt 3.5.1?
> >
> > I'm getting this now:
> >
> > 2015-01-29 11:35:36,889 WARN
> > [org.ovirt.engineextensions.__aaa.ldap.AuthzExtension] (MSC
> > service thread
> > 1-1) [ovirt-engine-extension-aaa-__ldap.authz::BRU_AIR-authz]
> > Cannot
> > initialize LDAP framework, deferring initialization. Error: An
> > error
> > occurred while attempting to query DNS in order to retrieve SRV
> > records
> > with name '_gc._tcp.brussels.airport':
> > javax.naming.__NameNotFoundException: DNS name not found
> > [response code
> > 3]; remaining name '_gc._tcp.brussels.airport'
> >
> >
> > Do you have this '_gc._tcp.brussels.airport' SRV record in DNS ?
> >
> >
> > my 3 configs:
> > _*BRU_AIR-authn.properties*_
> > ovirt.engine.extension.name 
> >  > > =
> > BRU_AIR-authn
> > ovirt.engine.extension.__bindings.method = jbossmodule
> > ovirt.engine.extension.__binding.jbossmodule.module =
> > org.ovirt.engine-extensions.__aaa.ldap
> > ovirt.engine.extension.__binding.jbossmodule.class =
> > org.ovirt.engineextensions.__aaa.ldap.AuthnExtension
> > ovirt.engine.extension.__provides =
> > org.ovirt.engine.api.__extensions.aaa.Authn
> > ovirt.engine.aaa.authn.__profile.name
> > 
> >  > > = BRU-AIR
> > ovirt.engine.aaa.authn.authz.__plugin = BRU_AIR-authz
> > config.profile.file.1 = /etc/ovirt-engine/aaa/BRU_AIR.__properties
> >
> > _*BRU_AIR-authz.properties*_
> > ovirt.engine.extension.name 
> >  > > =
> > BRU_AIR-authz
> > ovirt.engine.extension.__bindings.method = jbossmodule
> > ovirt.engine.extension.__binding.jbossmodule.module =
> > org.ovirt.engine-extensions.__aaa.ldap
> > ovirt.engine.extension.__binding.jbossmodule.class =
> > org.ovirt.engineextensions.__aaa.ldap.AuthzExtension
> > ovirt.engine.extension.__provides =
> > org.ovirt.engine.api.__extensions.aaa.Authz
> > config.profile.file.1 = /etc/ovirt-engine/aaa/BRU_AIR.__properties
> >
> > _*BRU_AIR.properties*_
> > include = 
> >
> > #
> > # Active directory domain name.
> > #
> > vars.domain = mydomain.com 
> > 
> >
> > #
> > # Search user and its password.
> > #
> > vars.user = admin@${global:vars.domain}
> > vars.password = ***
> >
> > #
> > # Optional DNS servers, if enterprise
> > # DNS server cannot resolve the domain srvrecord.
> > #
> > vars.dns = dns://dc01.mydomain.com 
> > 
> >
> > pool.default.serverset.type = srvrecord
> > pool.default.serverset.__srvrecord.domain = ${global:vars.domain}
> > pool.default.auth.simple.__bindDN = ${global:vars.user}
> > pool.default.auth.simple.__password = ${global:vars.password
> >
> > In the GUI for adding user I get this:
> >
> >

Re: [ovirt-users] [Users] A mobile monitoring application for oVirt

2015-01-29 Thread Karli Sjöberg 
On Thu, 2015-01-29 at 06:28 -0500, Tomas Jelinek wrote:
> 
> - Original Message -
> > From: "Gianluca Cecchi" 
> > To: "Karli Sjöberg" 
> > Cc: "Tomas Jelinek" , "Sphoorti Joglekar" 
> > , "users"
> > 
> > Sent: Thursday, January 29, 2015 12:19:24 PM
> > Subject: Re: [ovirt-users] [Users] A mobile monitoring application for oVirt
> > 
> > On Thu, Jan 29, 2015 at 12:11 PM, Karli Sjöberg 
> > wrote:
> > 
> > >
> > >
> > > No, I spoke too soon, 'the attachment was removed'. Can you upload it
> > > somewhere and paste the link?
> > >
> > >
> > >
> > If it's ok for Tomas and Sphoorti I can set a gdrive link for the apk
> > Gianluca
> 
> Seen your mail too late - I have just uploaded it to github: [1]. There is a 
> link now from the main github page [2]
> 
> Tomas
> 
> [1]: 
> https://github.com/matobet/moVirt/blob/master/moVirt/moVirt-debug.apk?raw=true
> [2]: https://github.com/matobet/moVirt
> >

Cool as fsck!:) Worked like a charm on my Nexus 4 and going to install
it on my Nexus 7 tonight as well. Shame no SPICE but keep it up guys,
that was great!

/K


___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] AAA

2015-01-29 Thread Ondra Machacek 


On 01/29/2015 12:30 PM, Koen Vanoppen wrote:

No, I don't. and I wouldn't know how he got to this name...


Well, then you have to, if you want to use 'pool.default.serverset.type 
= srvrecord'.


It just need to know where your global catalog is running, since it's 
needed for new provider.


It searches for global catalog like this:
dig @${vars.dns} -t SRV _gc._tcp.${vars.domain}

So you need to have this SRV record in DNS, if you want to use srvrecord 
serverset type. Or you don't have to if you use single server type.




Thanks for the reply!

2015-01-29 11:53 GMT+01:00 Ondra Machacek mailto:omach...@redhat.com>>:

On 01/29/2015 11:41 AM, Koen Vanoppen wrote:

Can somebody help me setting up AAA for ovirt 3.5.1?

I'm getting this now:

2015-01-29 11:35:36,889 WARN
[org.ovirt.engineextensions.__aaa.ldap.AuthzExtension] (MSC
service thread
1-1) [ovirt-engine-extension-aaa-__ldap.authz::BRU_AIR-authz] Cannot
initialize LDAP framework, deferring initialization. Error: An error
occurred while attempting to query DNS in order to retrieve SRV
records
with name '_gc._tcp.brussels.airport':
javax.naming.__NameNotFoundException: DNS name not found
[response code
3]; remaining name '_gc._tcp.brussels.airport'


Do you have this '_gc._tcp.brussels.airport' SRV record in DNS ?


my 3 configs:
_*BRU_AIR-authn.properties*_
ovirt.engine.extension.name 
> =
BRU_AIR-authn
ovirt.engine.extension.__bindings.method = jbossmodule
ovirt.engine.extension.__binding.jbossmodule.module =
org.ovirt.engine-extensions.__aaa.ldap
ovirt.engine.extension.__binding.jbossmodule.class =
org.ovirt.engineextensions.__aaa.ldap.AuthnExtension
ovirt.engine.extension.__provides =
org.ovirt.engine.api.__extensions.aaa.Authn
ovirt.engine.aaa.authn.__profile.name

> = BRU-AIR
ovirt.engine.aaa.authn.authz.__plugin = BRU_AIR-authz
config.profile.file.1 = /etc/ovirt-engine/aaa/BRU_AIR.__properties

_*BRU_AIR-authz.properties*_
ovirt.engine.extension.name 
> =
BRU_AIR-authz
ovirt.engine.extension.__bindings.method = jbossmodule
ovirt.engine.extension.__binding.jbossmodule.module =
org.ovirt.engine-extensions.__aaa.ldap
ovirt.engine.extension.__binding.jbossmodule.class =
org.ovirt.engineextensions.__aaa.ldap.AuthzExtension
ovirt.engine.extension.__provides =
org.ovirt.engine.api.__extensions.aaa.Authz
config.profile.file.1 = /etc/ovirt-engine/aaa/BRU_AIR.__properties

_*BRU_AIR.properties*_
include = 

#
# Active directory domain name.
#
vars.domain = mydomain.com 


#
# Search user and its password.
#
vars.user = admin@${global:vars.domain}
vars.password = ***

#
# Optional DNS servers, if enterprise
# DNS server cannot resolve the domain srvrecord.
#
vars.dns = dns://dc01.mydomain.com 


pool.default.serverset.type = srvrecord
pool.default.serverset.__srvrecord.domain = ${global:vars.domain}
pool.default.auth.simple.__bindDN = ${global:vars.user}
pool.default.auth.simple.__password = ${global:vars.password

In the GUI for adding user I get this:

An error occurred while attempting to query DNS in order to
retrieve SRV
records with name '_gc__tcp_brussels_airport':
javax_naming___NameNotFoundException: DNS name not found
[response code
3]; remaining name '_gc__tcp_brussels_airport'

Any ideas? I ran out...

Kind regards,

Koen


_
Users mailing list
Users@ovirt.org 
http://lists.ovirt.org/__mailman/listinfo/users




___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] AAA

2015-01-29 Thread Koen Vanoppen 
No, I don't. and I wouldn't know how he got to this name...

Thanks for the reply!

2015-01-29 11:53 GMT+01:00 Ondra Machacek :

> On 01/29/2015 11:41 AM, Koen Vanoppen wrote:
>
>> Can somebody help me setting up AAA for ovirt 3.5.1?
>>
>> I'm getting this now:
>>
>> 2015-01-29 11:35:36,889 WARN
>> [org.ovirt.engineextensions.aaa.ldap.AuthzExtension] (MSC service thread
>> 1-1) [ovirt-engine-extension-aaa-ldap.authz::BRU_AIR-authz] Cannot
>> initialize LDAP framework, deferring initialization. Error: An error
>> occurred while attempting to query DNS in order to retrieve SRV records
>> with name '_gc._tcp.brussels.airport':
>> javax.naming.NameNotFoundException: DNS name not found [response code
>> 3]; remaining name '_gc._tcp.brussels.airport'
>>
>
> Do you have this '_gc._tcp.brussels.airport' SRV record in DNS ?
>
>
>> my 3 configs:
>> _*BRU_AIR-authn.properties*_
>> ovirt.engine.extension.name  =
>> BRU_AIR-authn
>> ovirt.engine.extension.bindings.method = jbossmodule
>> ovirt.engine.extension.binding.jbossmodule.module =
>> org.ovirt.engine-extensions.aaa.ldap
>> ovirt.engine.extension.binding.jbossmodule.class =
>> org.ovirt.engineextensions.aaa.ldap.AuthnExtension
>> ovirt.engine.extension.provides = org.ovirt.engine.api.
>> extensions.aaa.Authn
>> ovirt.engine.aaa.authn.profile.name
>>  = BRU-AIR
>> ovirt.engine.aaa.authn.authz.plugin = BRU_AIR-authz
>> config.profile.file.1 = /etc/ovirt-engine/aaa/BRU_AIR.properties
>>
>> _*BRU_AIR-authz.properties*_
>> ovirt.engine.extension.name  =
>> BRU_AIR-authz
>> ovirt.engine.extension.bindings.method = jbossmodule
>> ovirt.engine.extension.binding.jbossmodule.module =
>> org.ovirt.engine-extensions.aaa.ldap
>> ovirt.engine.extension.binding.jbossmodule.class =
>> org.ovirt.engineextensions.aaa.ldap.AuthzExtension
>> ovirt.engine.extension.provides = org.ovirt.engine.api.
>> extensions.aaa.Authz
>> config.profile.file.1 = /etc/ovirt-engine/aaa/BRU_AIR.properties
>>
>> _*BRU_AIR.properties*_
>> include = 
>>
>> #
>> # Active directory domain name.
>> #
>> vars.domain = mydomain.com 
>>
>> #
>> # Search user and its password.
>> #
>> vars.user = admin@${global:vars.domain}
>> vars.password = ***
>>
>> #
>> # Optional DNS servers, if enterprise
>> # DNS server cannot resolve the domain srvrecord.
>> #
>> vars.dns = dns://dc01.mydomain.com 
>>
>> pool.default.serverset.type = srvrecord
>> pool.default.serverset.srvrecord.domain = ${global:vars.domain}
>> pool.default.auth.simple.bindDN = ${global:vars.user}
>> pool.default.auth.simple.password = ${global:vars.password
>>
>> In the GUI for adding user I get this:
>>
>> An error occurred while attempting to query DNS in order to retrieve SRV
>> records with name '_gc__tcp_brussels_airport':
>> javax_naming_NameNotFoundException: DNS name not found [response code
>> 3]; remaining name '_gc__tcp_brussels_airport'
>>
>> Any ideas? I ran out...
>>
>> Kind regards,
>>
>> Koen
>>
>>
>> ___
>> Users mailing list
>> Users@ovirt.org
>> http://lists.ovirt.org/mailman/listinfo/users
>>
>>
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] [Users] A mobile monitoring application for oVirt

2015-01-29 Thread Tomas Jelinek 


- Original Message -
> From: "Gianluca Cecchi" 
> To: "Karli Sjöberg" 
> Cc: "Tomas Jelinek" , "Sphoorti Joglekar" 
> , "users"
> 
> Sent: Thursday, January 29, 2015 12:19:24 PM
> Subject: Re: [ovirt-users] [Users] A mobile monitoring application for oVirt
> 
> On Thu, Jan 29, 2015 at 12:11 PM, Karli Sjöberg 
> wrote:
> 
> >
> >
> > No, I spoke too soon, 'the attachment was removed'. Can you upload it
> > somewhere and paste the link?
> >
> >
> >
> If it's ok for Tomas and Sphoorti I can set a gdrive link for the apk
> Gianluca

Seen your mail too late - I have just uploaded it to github: [1]. There is a 
link now from the main github page [2]

Tomas

[1]: 
https://github.com/matobet/moVirt/blob/master/moVirt/moVirt-debug.apk?raw=true
[2]: https://github.com/matobet/moVirt
>
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] [Users] A mobile monitoring application for oVirt

2015-01-29 Thread Gianluca Cecchi 
On Thu, Jan 29, 2015 at 12:11 PM, Karli Sjöberg 
wrote:

>
>
> No, I spoke too soon, 'the attachment was removed'. Can you upload it
> somewhere and paste the link?
>
>
>
If it's ok for Tomas and Sphoorti I can set a gdrive link for the apk
Gianluca
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] [Users] A mobile monitoring application for oVirt

2015-01-29 Thread Karli Sjöberg 
On Thu, 2015-01-29 at 11:07 +, Karli Sjöberg wrote:
> On Thu, 2015-01-29 at 06:01 -0500, Tomas Jelinek wrote:
> > 
> > - Original Message -
> > > From: "Karli Sjöberg" 
> > > To: "Gianluca Cecchi" 
> > > Cc: "users" 
> > > Sent: Thursday, January 29, 2015 11:45:02 AM
> > > Subject: Re: [ovirt-users] [Users] A mobile monitoring application for 
> > > oVirt
> > > 
> > > On Wed, 2015-01-28 at 19:07 +0100, Gianluca Cecchi wrote:
> > > > 
> > > > Il 03/apr/2014 16:37 "Martin Betak"  ha scritto:
> > > > 
> > > > > This is still under heavy development, but first usable version can
> > > > be found at [1]
> > > > 
> > > > [Snip]
> > > > 
> > > > > feature requests and general feedback are very welcome. You can file
> > > > any issues directly at [2].
> > > > 
> > > > [Snip]
> > > > 
> > > > > [1] https://github.com/matobet/moVirt/blob/master/moVirt/moVirt.apk
> > > > > [2] https://github.com/matobet/moVirt/issues
> > > > 
> > > > 
> > > > Hello
> > > > Are the above links yet the right ones to use for apk download/install
> > > > and issue tracking in case I want to test movirt?
> > > > Thanks
> > > > Gianluca
> > > > 
> > > > plain text document attachment (ATT1)
> > > > ___
> > > > Users mailing list
> > > > Users@ovirt.org
> > > > http://lists.ovirt.org/mailman/listinfo/users
> > > 
> > > BTW, just curious, what about Lollipop? Does it work with the same app
> > > or must it be specifically built for the new version?
> > 
> > It should, but no one have tested it so far. Do you have a device with 
> > Lollipop? It would be so awesome if you could test it!
> 
> Yup, sure thing:) I´ll report back once I´ve tested.

No, I spoke too soon, 'the attachment was removed'. Can you upload it
somewhere and paste the link?

/K

> 
> /K
> 
> > 
> > > 
> > > /K
> > > 
> > > 
> > > ___
> > > Users mailing list
> > > Users@ovirt.org
> > > http://lists.ovirt.org/mailman/listinfo/users
> > > 
> 
> ___
> Users mailing list
> Users@ovirt.org
> http://lists.ovirt.org/mailman/listinfo/users

___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] [Users] A mobile monitoring application for oVirt

2015-01-29 Thread Karli Sjöberg 
On Thu, 2015-01-29 at 06:01 -0500, Tomas Jelinek wrote:
> 
> - Original Message -
> > From: "Karli Sjöberg" 
> > To: "Gianluca Cecchi" 
> > Cc: "users" 
> > Sent: Thursday, January 29, 2015 11:45:02 AM
> > Subject: Re: [ovirt-users] [Users] A mobile monitoring application for oVirt
> > 
> > On Wed, 2015-01-28 at 19:07 +0100, Gianluca Cecchi wrote:
> > > 
> > > Il 03/apr/2014 16:37 "Martin Betak"  ha scritto:
> > > 
> > > > This is still under heavy development, but first usable version can
> > > be found at [1]
> > > 
> > > [Snip]
> > > 
> > > > feature requests and general feedback are very welcome. You can file
> > > any issues directly at [2].
> > > 
> > > [Snip]
> > > 
> > > > [1] https://github.com/matobet/moVirt/blob/master/moVirt/moVirt.apk
> > > > [2] https://github.com/matobet/moVirt/issues
> > > 
> > > 
> > > Hello
> > > Are the above links yet the right ones to use for apk download/install
> > > and issue tracking in case I want to test movirt?
> > > Thanks
> > > Gianluca
> > > 
> > > plain text document attachment (ATT1)
> > > ___
> > > Users mailing list
> > > Users@ovirt.org
> > > http://lists.ovirt.org/mailman/listinfo/users
> > 
> > BTW, just curious, what about Lollipop? Does it work with the same app
> > or must it be specifically built for the new version?
> 
> It should, but no one have tested it so far. Do you have a device with 
> Lollipop? It would be so awesome if you could test it!

Yup, sure thing:) I´ll report back once I´ve tested.

/K

> 
> > 
> > /K
> > 
> > 
> > ___
> > Users mailing list
> > Users@ovirt.org
> > http://lists.ovirt.org/mailman/listinfo/users
> > 

___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] [Users] A mobile monitoring application for oVirt

2015-01-29 Thread Tomas Jelinek 


- Original Message -
> From: "Karli Sjöberg" 
> To: "Gianluca Cecchi" 
> Cc: "users" 
> Sent: Thursday, January 29, 2015 11:45:02 AM
> Subject: Re: [ovirt-users] [Users] A mobile monitoring application for oVirt
> 
> On Wed, 2015-01-28 at 19:07 +0100, Gianluca Cecchi wrote:
> > 
> > Il 03/apr/2014 16:37 "Martin Betak"  ha scritto:
> > 
> > > This is still under heavy development, but first usable version can
> > be found at [1]
> > 
> > [Snip]
> > 
> > > feature requests and general feedback are very welcome. You can file
> > any issues directly at [2].
> > 
> > [Snip]
> > 
> > > [1] https://github.com/matobet/moVirt/blob/master/moVirt/moVirt.apk
> > > [2] https://github.com/matobet/moVirt/issues
> > 
> > 
> > Hello
> > Are the above links yet the right ones to use for apk download/install
> > and issue tracking in case I want to test movirt?
> > Thanks
> > Gianluca
> > 
> > plain text document attachment (ATT1)
> > ___
> > Users mailing list
> > Users@ovirt.org
> > http://lists.ovirt.org/mailman/listinfo/users
> 
> BTW, just curious, what about Lollipop? Does it work with the same app
> or must it be specifically built for the new version?

It should, but no one have tested it so far. Do you have a device with 
Lollipop? It would be so awesome if you could test it!

> 
> /K
> 
> 
> ___
> Users mailing list
> Users@ovirt.org
> http://lists.ovirt.org/mailman/listinfo/users
> 
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] Unable to reactivate host after reboot due to failed Gluster probe

2015-01-29 Thread Jan Siml 

Hello,

finally I got the nodes online. What helps was probing the not needed 
peer node-04 (no brick) from one of the other cluster nodes. When the 
node becames a Gluster peer, I am able to activate any oVirt node which 
serves bricks.


Therefore I assume, the error message which the UI returns comes from 
node-04:


root@node-04:~ $ gluster peer probe node-01
peer probe: failed: Probe returned with unknown errno 107

root@node-03:~ $ gluster peer status
Number of Peers: 2

Hostname: node-01
Uuid: 18027b35-971b-4b21-bb3d-df252b4dd525
State: Peer in Cluster (Connected)

Hostname: node-02
Uuid: 3fc36f55-d3a2-4efc-b2f0-31f83ed709d9
State: Peer in Cluster (Connected)

root@node-03:~ $ gluster peer probe node-04
peer probe: success.

root@node-03:~ $ gluster peer status
Number of Peers: 3

Hostname: node-01
Uuid: 18027b35-971b-4b21-bb3d-df252b4dd525
State: Peer in Cluster (Connected)

Hostname: node-02
Uuid: 3fc36f55-d3a2-4efc-b2f0-31f83ed709d9
State: Peer in Cluster (Connected)

Hostname: node-04
Uuid: 9cdefc68-d710-4346-93b1-76b5307e258b
State: Peer in Cluster (Connected)

This (oVirt's behavior) seems to be reproducible.

On 01/29/2015 11:10 AM, Jan Siml wrote:

Hello,

when looking into engine.log, I can see, that "gluster probe" returned
errno 107. But I can't figure out why:

2015-01-29 10:40:03,546 ERROR
[org.ovirt.engine.core.bll.InitVdsOnUpCommand]
(DefaultQuartzScheduler_Worker-59) [5977aac5] Could not peer probe the
gluster server node-03. Error: VdcBLLException: org.ovirt.eng
ine.core.vdsbroker.vdsbroker.VDSErrorException: VDSGenericException:
VDSErrorException: Failed to AddGlusterServerVDS, error = Add host failed
error: Probe returned with unknown errno 107

Just for the record: We use the /etc/hosts method because of missing
possibility to choose the network interface for Gluster. The three
Gluster peer hosts have modified /etc/hosts files with addresses binded
to a different interface than the ovirtmgmt addresses.

Example:

root@node-03:~ $ cat /etc/hosts
192.168.200.195  node-01
192.168.200.196  node-02
192.168.200.198  node-03

The /etc/hosts file on engine host isn't modified.


On 01/29/2015 10:39 AM, Jan Siml wrote:

Hello,

we have a strange behavior within an oVirt cluster. Version is 3.5.1,
engine is running on EL6 machine and hosts are using EL7 as operating
system. The cluster uses a GlusterFS backed storage domain amongst
others. Three of four hosts are peers in the Gluster cluster (3 bricks,
3 replica).

When all hosts are restarted (maybe due to power outage), engine can't
activate them again, because Gluster probe fails. The message given in
UI is:

"Gluster command [gluster peer node-03] failed on server node-03."

Checking Gluster peer and volume status on each host confirms that
Gluster peers are known to each other and volume is up.

node-03:~ $ gluster peer status
Number of Peers: 2

Hostname: node-02
Uuid: 3fc36f55-d3a2-4efc-b2f0-31f83ed709d9
State: Peer in Cluster (Connected)

Hostname: node-01
Uuid: 18027b35-971b-4b21-bb3d-df252b4dd525
State: Peer in Cluster (Connected)

node-03:~ $ gluster volume status
Status of volume: glusterfs-1
Gluster processPortOnlinePid
--


Brick node-01:/export/glusterfs/brick   49152Y12409
Brick node-02:/export/glusterfs/brick49153Y9978
Brick node-03:/export/glusterfs/brick49152Y10001
Self-heal Daemon on localhostN/AY10003
Self-heal Daemon on node-01N/AY11590
Self-heal Daemon on node-02N/AY9988

Task Status of Volume glusterfs-1
--


There are no active volume tasks

Storage domain in oVirt UI is fine (active and green) and usable. But
neither Gluster volume nor any brick is visible in UI.

If I try the command which is shown in UI it returns:

root@node-03:~ $ gluster peer probe node-03
peer probe: success. Probe on localhost not needed

root@node-03:~ $ gluster --mode=script peer probe node-03 --xml


   0
   1
   (null)
   Probe on localhost not needed


Is this maybe just an engine side parsing error?





--
Kind regards

Jan Siml
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] [Users] A mobile monitoring application for oVirt

2015-01-29 Thread Tomas Jelinek 


- Original Message -
> From: "Gianluca Cecchi" 
> To: "Tomas Jelinek" 
> Cc: "Martin Betak" , "users" 
> Sent: Thursday, January 29, 2015 11:39:34 AM
> Subject: Re: [ovirt-users] [Users] A mobile monitoring application for oVirt
> 
> On Thu, Jan 29, 2015 at 11:18 AM, Tomas Jelinek  wrote:
> 
> >
> >
> > Hi Gianluca,
> >
> > the link to APK is not correct anymore, it was a very old version
> > containing quite nasty bugs and the development moved.
> > It is now much more stable but not yet officially released. But if you are
> > willing to test it, it would be great! Attaching the debug apk file you can
> > install on your phone.
> > It should work, but if not I can make you a signed apk...
> >
> >
> Thanks.
> OK, in the mean time I installed it on my Samsung S2 that comes with
> KitKat Beanstalk 4.4.4
> It's myself built, see here
> https://plus.google.com/105661760401324958761/posts/7b7tmu2shVj
> ;-)
> 
> This evening I'm going to try with my home based all-in-one 3.5.1 oVirt
> environment.

cool! can't wait for results :)

> Some preliminary questions:
> - is the application suitable for tablets too? I would like t test it on a
> Samsung Note Pro too (stock 4.4.2)

yes, it should work properly

> - can I connect to multiple environments (so define for example multiple
> configurations)?

no, not now. You have to be be connected to only one.

> - does it require dns resolving engine hostname, or will it work with ip
> based configurations?

it works both with IP and hostname - you just need to have the correct address 
filled :) Don't forget to add both the protocol and the actual path to api, 
e.g.:
https://192.168.122.12:443/ovirt-engine/api
and for username don't forget to add also the domain, e.g.
admin@internal

Than you can have problems with the SSL certificates - you have to either 
import your cert to the phone or just select "disable https" in the movirt 
settings - for home setup it is enough ;)
Also, please note that if you are connecting with admin@internal (or any other 
user with admin permissions), select the "Admin Privilege" in the settings - 
than you will be able to use the search queries and such.
If you decide to unselect it, you have to make sure that VMs are actually 
visible to the user from which you are connecting. And also, the search queries 
will not be available for you - it is a limitation of oVirt's REST API.

uau, I'm so excited that someone from the community is going to test it!

Tomas

> 
> Gianluca
> 
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] AAA

2015-01-29 Thread Ondra Machacek 

On 01/29/2015 11:41 AM, Koen Vanoppen wrote:

Can somebody help me setting up AAA for ovirt 3.5.1?

I'm getting this now:

2015-01-29 11:35:36,889 WARN
[org.ovirt.engineextensions.aaa.ldap.AuthzExtension] (MSC service thread
1-1) [ovirt-engine-extension-aaa-ldap.authz::BRU_AIR-authz] Cannot
initialize LDAP framework, deferring initialization. Error: An error
occurred while attempting to query DNS in order to retrieve SRV records
with name '_gc._tcp.brussels.airport':
javax.naming.NameNotFoundException: DNS name not found [response code
3]; remaining name '_gc._tcp.brussels.airport'


Do you have this '_gc._tcp.brussels.airport' SRV record in DNS ?



my 3 configs:
_*BRU_AIR-authn.properties*_
ovirt.engine.extension.name  =
BRU_AIR-authn
ovirt.engine.extension.bindings.method = jbossmodule
ovirt.engine.extension.binding.jbossmodule.module =
org.ovirt.engine-extensions.aaa.ldap
ovirt.engine.extension.binding.jbossmodule.class =
org.ovirt.engineextensions.aaa.ldap.AuthnExtension
ovirt.engine.extension.provides = org.ovirt.engine.api.extensions.aaa.Authn
ovirt.engine.aaa.authn.profile.name
 = BRU-AIR
ovirt.engine.aaa.authn.authz.plugin = BRU_AIR-authz
config.profile.file.1 = /etc/ovirt-engine/aaa/BRU_AIR.properties

_*BRU_AIR-authz.properties*_
ovirt.engine.extension.name  =
BRU_AIR-authz
ovirt.engine.extension.bindings.method = jbossmodule
ovirt.engine.extension.binding.jbossmodule.module =
org.ovirt.engine-extensions.aaa.ldap
ovirt.engine.extension.binding.jbossmodule.class =
org.ovirt.engineextensions.aaa.ldap.AuthzExtension
ovirt.engine.extension.provides = org.ovirt.engine.api.extensions.aaa.Authz
config.profile.file.1 = /etc/ovirt-engine/aaa/BRU_AIR.properties

_*BRU_AIR.properties*_
include = 

#
# Active directory domain name.
#
vars.domain = mydomain.com 

#
# Search user and its password.
#
vars.user = admin@${global:vars.domain}
vars.password = ***

#
# Optional DNS servers, if enterprise
# DNS server cannot resolve the domain srvrecord.
#
vars.dns = dns://dc01.mydomain.com 

pool.default.serverset.type = srvrecord
pool.default.serverset.srvrecord.domain = ${global:vars.domain}
pool.default.auth.simple.bindDN = ${global:vars.user}
pool.default.auth.simple.password = ${global:vars.password

In the GUI for adding user I get this:

An error occurred while attempting to query DNS in order to retrieve SRV
records with name '_gc__tcp_brussels_airport':
javax_naming_NameNotFoundException: DNS name not found [response code
3]; remaining name '_gc__tcp_brussels_airport'

Any ideas? I ran out...

Kind regards,

Koen


___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users


___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] [Users] A mobile monitoring application for oVirt

2015-01-29 Thread Karli Sjöberg 
On Wed, 2015-01-28 at 19:07 +0100, Gianluca Cecchi wrote:
> 
> Il 03/apr/2014 16:37 "Martin Betak"  ha scritto:
> 
> > This is still under heavy development, but first usable version can
> be found at [1]
> 
> [Snip]
> 
> > feature requests and general feedback are very welcome. You can file
> any issues directly at [2].
> 
> [Snip]
> 
> > [1] https://github.com/matobet/moVirt/blob/master/moVirt/moVirt.apk
> > [2] https://github.com/matobet/moVirt/issues
> 
> 
> Hello
> Are the above links yet the right ones to use for apk download/install
> and issue tracking in case I want to test movirt?
> Thanks
> Gianluca
> 
> plain text document attachment (ATT1)
> ___
> Users mailing list
> Users@ovirt.org
> http://lists.ovirt.org/mailman/listinfo/users

BTW, just curious, what about Lollipop? Does it work with the same app
or must it be specifically built for the new version?

/K


___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

[ovirt-users] AAA

2015-01-29 Thread Koen Vanoppen 
Can somebody help me setting up AAA for ovirt 3.5.1?

I'm getting this now:

2015-01-29 11:35:36,889 WARN
[org.ovirt.engineextensions.aaa.ldap.AuthzExtension] (MSC service thread
1-1) [ovirt-engine-extension-aaa-ldap.authz::BRU_AIR-authz] Cannot
initialize LDAP framework, deferring initialization. Error: An error
occurred while attempting to query DNS in order to retrieve SRV records
with name '_gc._tcp.brussels.airport':  javax.naming.NameNotFoundException:
DNS name not found [response code 3]; remaining name
'_gc._tcp.brussels.airport'

my 3 configs:
*BRU_AIR-authn.properties*
ovirt.engine.extension.name = BRU_AIR-authn
ovirt.engine.extension.bindings.method = jbossmodule
ovirt.engine.extension.binding.jbossmodule.module =
org.ovirt.engine-extensions.aaa.ldap
ovirt.engine.extension.binding.jbossmodule.class =
org.ovirt.engineextensions.aaa.ldap.AuthnExtension
ovirt.engine.extension.provides = org.ovirt.engine.api.extensions.aaa.Authn
ovirt.engine.aaa.authn.profile.name = BRU-AIR
ovirt.engine.aaa.authn.authz.plugin = BRU_AIR-authz
config.profile.file.1 = /etc/ovirt-engine/aaa/BRU_AIR.properties

*BRU_AIR-authz.properties*
ovirt.engine.extension.name = BRU_AIR-authz
ovirt.engine.extension.bindings.method = jbossmodule
ovirt.engine.extension.binding.jbossmodule.module =
org.ovirt.engine-extensions.aaa.ldap
ovirt.engine.extension.binding.jbossmodule.class =
org.ovirt.engineextensions.aaa.ldap.AuthzExtension
ovirt.engine.extension.provides = org.ovirt.engine.api.extensions.aaa.Authz
config.profile.file.1 = /etc/ovirt-engine/aaa/BRU_AIR.properties

*BRU_AIR.properties*
include = 

#
# Active directory domain name.
#
vars.domain = mydomain.com

#
# Search user and its password.
#
vars.user = admin@${global:vars.domain}
vars.password = ***

#
# Optional DNS servers, if enterprise
# DNS server cannot resolve the domain srvrecord.
#
vars.dns = dns://dc01.mydomain.com

pool.default.serverset.type = srvrecord
pool.default.serverset.srvrecord.domain = ${global:vars.domain}
pool.default.auth.simple.bindDN = ${global:vars.user}
pool.default.auth.simple.password = ${global:vars.password

In the GUI for adding user I get this:

An error occurred while attempting to query DNS in order to retrieve SRV
records with name '_gc__tcp_brussels_airport':
javax_naming_NameNotFoundException: DNS name not found [response code 3];
remaining name '_gc__tcp_brussels_airport'

Any ideas? I ran out...

Kind regards,

Koen
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] [Users] A mobile monitoring application for oVirt

2015-01-29 Thread Gianluca Cecchi 
On Thu, Jan 29, 2015 at 11:18 AM, Tomas Jelinek  wrote:

>
>
> Hi Gianluca,
>
> the link to APK is not correct anymore, it was a very old version
> containing quite nasty bugs and the development moved.
> It is now much more stable but not yet officially released. But if you are
> willing to test it, it would be great! Attaching the debug apk file you can
> install on your phone.
> It should work, but if not I can make you a signed apk...
>
>
Thanks.
OK, in the mean time I installed it on my Samsung S2 that comes with
KitKat Beanstalk 4.4.4
It's myself built, see here
https://plus.google.com/105661760401324958761/posts/7b7tmu2shVj
;-)

This evening I'm going to try with my home based all-in-one 3.5.1 oVirt
environment.
Some preliminary questions:
- is the application suitable for tablets too? I would like t test it on a
Samsung Note Pro too (stock 4.4.2)
- can I connect to multiple environments (so define for example multiple
configurations)?
- does it require dns resolving engine hostname, or will it work with ip
based configurations?

Gianluca
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

[ovirt-users] oVirt Node 3.5 status

2015-01-29 Thread Douglas Schilling Landgraf 

Hi,

If you are looking for oVirt Node 3.5, we will deliver the official ISO 
as soon as the package which resolves the below bugzilla is available in 
CentOS repo. The current version of nss-softokn package is affecting the 
build of iso.


nss-softokn prevents dracut from building the initrd
https://bugzilla.redhat.com/show_bug.cgi?id=1182297

--
Cheers
Douglas
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] Unable to reactivate host after reboot due to failed Gluster probe

2015-01-29 Thread Jan Siml 

Hello,

when looking into engine.log, I can see, that "gluster probe" returned 
errno 107. But I can't figure out why:


2015-01-29 10:40:03,546 ERROR 
[org.ovirt.engine.core.bll.InitVdsOnUpCommand] 
(DefaultQuartzScheduler_Worker-59) [5977aac5] Could not peer probe the 
gluster server node-03. Error: VdcBLLException: org.ovirt.eng
ine.core.vdsbroker.vdsbroker.VDSErrorException: VDSGenericException: 
VDSErrorException: Failed to AddGlusterServerVDS, error = Add host failed

error: Probe returned with unknown errno 107

Just for the record: We use the /etc/hosts method because of missing 
possibility to choose the network interface for Gluster. The three 
Gluster peer hosts have modified /etc/hosts files with addresses binded 
to a different interface than the ovirtmgmt addresses.


Example:

root@node-03:~ $ cat /etc/hosts
192.168.200.195  node-01
192.168.200.196  node-02
192.168.200.198  node-03

The /etc/hosts file on engine host isn't modified.


On 01/29/2015 10:39 AM, Jan Siml wrote:

Hello,

we have a strange behavior within an oVirt cluster. Version is 3.5.1,
engine is running on EL6 machine and hosts are using EL7 as operating
system. The cluster uses a GlusterFS backed storage domain amongst
others. Three of four hosts are peers in the Gluster cluster (3 bricks,
3 replica).

When all hosts are restarted (maybe due to power outage), engine can't
activate them again, because Gluster probe fails. The message given in
UI is:

"Gluster command [gluster peer node-03] failed on server node-03."

Checking Gluster peer and volume status on each host confirms that
Gluster peers are known to each other and volume is up.

node-03:~ $ gluster peer status
Number of Peers: 2

Hostname: node-02
Uuid: 3fc36f55-d3a2-4efc-b2f0-31f83ed709d9
State: Peer in Cluster (Connected)

Hostname: node-01
Uuid: 18027b35-971b-4b21-bb3d-df252b4dd525
State: Peer in Cluster (Connected)

node-03:~ $ gluster volume status
Status of volume: glusterfs-1
Gluster processPortOnlinePid
--

Brick node-01:/export/glusterfs/brick   49152Y12409
Brick node-02:/export/glusterfs/brick49153Y9978
Brick node-03:/export/glusterfs/brick49152Y10001
Self-heal Daemon on localhostN/AY10003
Self-heal Daemon on node-01N/AY11590
Self-heal Daemon on node-02N/AY9988

Task Status of Volume glusterfs-1
--

There are no active volume tasks

Storage domain in oVirt UI is fine (active and green) and usable. But
neither Gluster volume nor any brick is visible in UI.

If I try the command which is shown in UI it returns:

root@node-03:~ $ gluster peer probe node-03
peer probe: success. Probe on localhost not needed

root@node-03:~ $ gluster --mode=script peer probe node-03 --xml


   0
   1
   (null)
   Probe on localhost not needed


Is this maybe just an engine side parsing error?



--
Kind regards

Jan Siml
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

[ovirt-users] Unable to reactivate host after reboot due to failed Gluster probe

2015-01-29 Thread Jan Siml 

Hello,

we have a strange behavior within an oVirt cluster. Version is 3.5.1, 
engine is running on EL6 machine and hosts are using EL7 as operating 
system. The cluster uses a GlusterFS backed storage domain amongst 
others. Three of four hosts are peers in the Gluster cluster (3 bricks, 
3 replica).


When all hosts are restarted (maybe due to power outage), engine can't 
activate them again, because Gluster probe fails. The message given in 
UI is:


"Gluster command [gluster peer node-03] failed on server node-03."

Checking Gluster peer and volume status on each host confirms that 
Gluster peers are known to each other and volume is up.


node-03:~ $ gluster peer status
Number of Peers: 2

Hostname: node-02
Uuid: 3fc36f55-d3a2-4efc-b2f0-31f83ed709d9
State: Peer in Cluster (Connected)

Hostname: node-01
Uuid: 18027b35-971b-4b21-bb3d-df252b4dd525
State: Peer in Cluster (Connected)

node-03:~ $ gluster volume status
Status of volume: glusterfs-1
Gluster process PortOnline  Pid
--
Brick node-01:/export/glusterfs/brick   49152   Y   12409
Brick node-02:/export/glusterfs/brick   49153   Y   9978
Brick node-03:/export/glusterfs/brick   49152   Y   10001
Self-heal Daemon on localhost   N/A Y   10003
Self-heal Daemon on node-01 N/A Y   11590
Self-heal Daemon on node-02 N/A Y   9988

Task Status of Volume glusterfs-1
--
There are no active volume tasks

Storage domain in oVirt UI is fine (active and green) and usable. But 
neither Gluster volume nor any brick is visible in UI.


If I try the command which is shown in UI it returns:

root@node-03:~ $ gluster peer probe node-03
peer probe: success. Probe on localhost not needed

root@node-03:~ $ gluster --mode=script peer probe node-03 --xml


  0
  1
  (null)
  Probe on localhost not needed


Is this maybe just an engine side parsing error?

--
Kind regards

Jan Siml
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] oVirt 3.5.1 user permissions

2015-01-29 Thread Ondra Machacek 
If you add for example 'UserRole' on VM, then your user should login to 
UserPortal without any problem and see his VM.


On 01/29/2015 09:58 AM, Nikolai Bochev wrote:

Ok, but if i don't add "System" permissions to a user with "UserRole"
they cannot login at all ?

On Thu, Jan 29, 2015 at 10:56 AM, Ondra Machacek mailto:omach...@redhat.com>> wrote:



On 01/29/2015 09:35 AM, Nikolai Bochev wrote:

Hello,

I've been running ovirt hosted engine for around a month already
without
any major interruptions. Last week i tied it to freeipa, to be
able to
give permissions to other people, but so far no success because
of the
following problem :

All users can see all VM's. I tried clearing all permission
entries (
leaving the admin only ) and the re-adding and it didn't help at
all.

I am attaching a few screenshots to better describe :



The problem is that you are assigning system permissions.
If you assign system permissions you have permission to whole system.

If you want to assign a permission to user on a specific vm(or object),
you have to select the object, then click 'permissions' subtab, then
click 'add', then find your user and choose the role for him.




​
Most of the vm's have no permissions attached to them, but they are
still visible to everyone that logs from the userpanel
What am i doing wrong ?

Regards,


_
Users mailing list
Users@ovirt.org 
http://lists.ovirt.org/__mailman/listinfo/users




___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] oVirt 3.5.1 user permissions

2015-01-29 Thread Nikolai Bochev 
Ok, but if i don't add "System" permissions to a user with "UserRole" they
cannot login at all ?

On Thu, Jan 29, 2015 at 10:56 AM, Ondra Machacek 
wrote:

>
>
> On 01/29/2015 09:35 AM, Nikolai Bochev wrote:
>
>> Hello,
>>
>> I've been running ovirt hosted engine for around a month already without
>> any major interruptions. Last week i tied it to freeipa, to be able to
>> give permissions to other people, but so far no success because of the
>> following problem :
>>
>> All users can see all VM's. I tried clearing all permission entries (
>> leaving the admin only ) and the re-adding and it didn't help at all.
>>
>> I am attaching a few screenshots to better describe :
>>
>>
>>
> The problem is that you are assigning system permissions.
> If you assign system permissions you have permission to whole system.
>
> If you want to assign a permission to user on a specific vm(or object),
> you have to select the object, then click 'permissions' subtab, then click
> 'add', then find your user and choose the role for him.
>
>
>>
>>
>> ​
>> Most of the vm's have no permissions attached to them, but they are
>> still visible to everyone that logs from the userpanel
>> What am i doing wrong ?
>>
>> Regards,
>>
>>
>> ___
>> Users mailing list
>> Users@ovirt.org
>> http://lists.ovirt.org/mailman/listinfo/users
>>
>>
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] oVirt 3.5.1 user permissions

2015-01-29 Thread Ondra Machacek 



On 01/29/2015 09:35 AM, Nikolai Bochev wrote:

Hello,

I've been running ovirt hosted engine for around a month already without
any major interruptions. Last week i tied it to freeipa, to be able to
give permissions to other people, but so far no success because of the
following problem :

All users can see all VM's. I tried clearing all permission entries (
leaving the admin only ) and the re-adding and it didn't help at all.

I am attaching a few screenshots to better describe :




The problem is that you are assigning system permissions.
If you assign system permissions you have permission to whole system.

If you want to assign a permission to user on a specific vm(or object),
you have to select the object, then click 'permissions' subtab, then 
click 'add', then find your user and choose the role for him.






​
Most of the vm's have no permissions attached to them, but they are
still visible to everyone that logs from the userpanel
What am i doing wrong ?

Regards,


___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users


___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] Disable/Hide domain on UserPortal

2015-01-29 Thread Alon Bar-Lev 

In 3.5 you can no longer login using that convention.

- Original Message -
> From: "Kevin" 
> To: users@ovirt.org
> Sent: Wednesday, January 28, 2015 10:54:40 PM
> Subject: [ovirt-users] Disable/Hide domain on UserPortal
> 
> Is there a way to disable/hide the Domain drop-down on the UserPortal?
> 
> You can login with User name: @
> So I don't want so show the domains!
> 
> Cheers,
> 
> Kevin
> 
> ___
> Users mailing list
> Users@ovirt.org
> http://lists.ovirt.org/mailman/listinfo/users
> 
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

[ovirt-users] Disable/Hide domain on UserPortal

2015-01-29 Thread Kevin 
Is there a way to disable/hide the Domain drop-down on the UserPortal?

You can login with User name: @ 
So I don't want so show the domains!

Cheers,

Kevin

___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users