Re: [ovirt-users] Unable to run noVNC console un recent browsers
Hello! Already done but this didn't help. I downloaded a portable version of Firefox 17 and noVNC work as expected. Il 20/02/2015 5.18, Darrell Budic ha scritto: Try reimporting the ca.cert for noVNC by connecting directly to the webproxy address at port 6100. Do this by trying to connect to a console and then, once the 1006 error shows up, just strip off everything after :6100/ . I've found that somewhere in or after 3.5, restarting the webproxy causes it to generate its own new ca.cert even through it shouldn't. -Darrell On Feb 19, 2015, at 4:09 PM, Stefano Danzi s.da...@hawai.it wrote: Hello, I can't make work noVNC console on recent browsers (Chrome 40, Firefox 35 and IE 11). The error that I have is already explained here: https://forge.univention.org/bugzilla/show_bug.cgi?id=33587 I tried to change websocket like suggested (http://errata.univention.de/ucs/3.2/31.html) but this not helped. Someone know a workaround? ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
Re: [ovirt-users] Unable to run noVNC console un recent browsers
- Original Message - From: Stefano Danzi s.da...@hawai.it To: Darrell Budic bu...@onholyground.com Cc: users@ovirt.org Sent: Friday, February 20, 2015 9:07:51 AM Subject: Re: [ovirt-users] Unable to run noVNC console un recent browsers Hello! Already done but this didn't help. I downloaded a portable version of Firefox 17 and noVNC work as expected. Il 20/02/2015 5.18, Darrell Budic ha scritto: Try reimporting the ca.cert for noVNC by connecting directly to the webproxy address at port 6100. Do this by trying to connect to a console and then, once the 1006 error shows up, just strip off everything after :6100/ . I've found that somewhere in or after 3.5, restarting the webproxy causes it to generate its own new ca.cert even through it shouldn't. -Darrell On Feb 19, 2015, at 4:09 PM, Stefano Danzi s.da...@hawai.it wrote: Hello, I can't make work noVNC console on recent browsers (Chrome 40, Firefox 35 and IE 11). The error that I have is already explained here: https://forge.univention.org/bugzilla/show_bug.cgi?id=33587 I tried to change websocket like suggested ( http://errata.univention.de/ucs/3.2/31.html ) but this not helped. noVNC 0.5.1 should be soon released in EPEL6/EPEL7 as for [1]. noVNC 0.5.1 should also improve compatibility with recent browsers. [1] https://bugzilla.redhat.com/show_bug.cgi?id=1193454#c3 Someone know a workaround? ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
Re: [ovirt-users] Unable to run noVNC console un recent browsers
Also are you use the ip address, or the FQDN for the engine in the browser? I have issues with noVNC using the ip address of the engine even if the cert is trusted. Donny D -Original Message- From: users-boun...@ovirt.org [mailto:users-boun...@ovirt.org] On Behalf Of Simone Tiraboschi Sent: Friday, February 20, 2015 5:57 AM To: Stefano Danzi Cc: users@ovirt.org Subject: Re: [ovirt-users] Unable to run noVNC console un recent browsers - Original Message - From: Stefano Danzi s.da...@hawai.it To: Darrell Budic bu...@onholyground.com Cc: users@ovirt.org Sent: Friday, February 20, 2015 9:07:51 AM Subject: Re: [ovirt-users] Unable to run noVNC console un recent browsers Hello! Already done but this didn't help. I downloaded a portable version of Firefox 17 and noVNC work as expected. Il 20/02/2015 5.18, Darrell Budic ha scritto: Try reimporting the ca.cert for noVNC by connecting directly to the webproxy address at port 6100. Do this by trying to connect to a console and then, once the 1006 error shows up, just strip off everything after :6100/ . I've found that somewhere in or after 3.5, restarting the webproxy causes it to generate its own new ca.cert even through it shouldn't. -Darrell On Feb 19, 2015, at 4:09 PM, Stefano Danzi s.da...@hawai.it wrote: Hello, I can't make work noVNC console on recent browsers (Chrome 40, Firefox 35 and IE 11). The error that I have is already explained here: https://forge.univention.org/bugzilla/show_bug.cgi?id=33587 I tried to change websocket like suggested ( http://errata.univention.de/ucs/3.2/31.html ) but this not helped. noVNC 0.5.1 should be soon released in EPEL6/EPEL7 as for [1]. noVNC 0.5.1 should also improve compatibility with recent browsers. [1] https://bugzilla.redhat.com/show_bug.cgi?id=1193454#c3 Someone know a workaround? ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
Re: [ovirt-users] self hosted engine add second host - maintenance mode needed?
- Original Message - From: Mike ov...@theinternet.org.uk To: users@ovirt.org Sent: Thursday, February 19, 2015 10:15:10 PM Subject: [ovirt-users] self hosted engine add second host - maintenance mode needed? Hi Got a running self hosted install with VMs running on the host, now adding a second host to get ha for the engine VMs. Do I need to put the engine into maintenance mode before running hosted-engine --deploy on new host node? No, it's not explicitly needed. The HA for the engine VM is ensured by the oVirt HA agent on each host. HA for other VMs can be ensured by the engine if needed. Thanks Mike ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
[ovirt-users] Problem: My VM's keep logging off
My VM's keep logging off I have a HP server with 64GB of ram and 2 TB of disk space, the cpu is a Intel E5-2420v2 and 13 thin clients from igel (https://www.igel.com/products/thin-client-zero-client-hardware/iz2ud2-series/iz2ud2-specifications.html) i've purchase the clients and a service from a company, they installed the thins clients and the system but they are not finding a solution to my problem. The company installed centos 6.6 (final) (kernel linux 23.32-504.3.3.el6.x86_64) and ovirt 3.5.1 for virtualization (o.o.master.20141206225404) I have 12 VM's with centos (when i edit then is shows red hat enterprise linux 6.x x64) and gnome desktop 2.28.2 and 1 VM with windows xp prof. The problem only occurs on the VM's with linux. On linux display type is: Spice I use virtual machine viewer 1.0256 *Problem: when working the vm seems to log off and i have to put the username and password again, all the work that was open is losed.* 1 VM seems to log off more or less at the same hour each day 1h40 pm and 6h15 pm. This VM now as a newer thin client version UD3 instead of UD2 (https://www.igel.com/products/thin-client-zero-client-hardware/iz3ud3-series/iz3ud3-specifications.html) and now the problem only occur 1 time each day (at 12h30/12h45pm). All of the VM's including the one with XP Pro suffers from slowness, and on libreoffice the mouse scrooll seems nuts scrolling up and down by itself, now the exception is the VM with the new thin client. On the same network switch i have VM's that logs off and others that remain on. So the problem doesn't seem to be with the network. The different VM's logs off from 1 to 7 times a day. Mostly 4 to 5 times a day. When the VM logs off the caps lock become to work on the opposite condition off with caps light on and on with the caps light off. Beside this i have problems with the canon's printes i have, they stop printing quite often. I have access to the logs if anyone can help me i can upload the logs you like. Hope anyone can help me, i'm glad to provide more information if you need. Thanks in advance. PS pedro...@pmls.pt ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
Re: [ovirt-users] Local and remote storage?
- Original Message - From: Pat Riehecky riehe...@fnal.gov To: users@ovirt.org Sent: Thursday, February 19, 2015 3:14:08 PM Subject: [ovirt-users] Local and remote storage? Hello, I've run into an odd problem with oVirt 3.5.1. I've two sets of VMs: A) some fairly critical VMs which need HA and have access to shared storage B) some less important systems which can be reconstructed in the event of a disaster My plan was to use the slack disk on my oVirt nodes to host the 'B' systems while still allowing the 'A' systems to run there. This seems to not be allowed[1]. Is there a way I can utilize both the spare disk on my compute nodes and have HA configured for some VMs with shared storage? Currently indeed each datacenter must be configured as a shared or local storage one, no mix for the same datacenter. For the next release (ovirt 3.6) we are going to have oVirt and GlusterFS hyper converged: you'll can use each host both for virtualization pourposes and for storages ones sharing the local spare disks into a shared GlusterFS volume to be used by oVirt hosts. So you can also have HA capabilities and so on for the VM stored on the host disks shared in a GlusterFS volume; at the same time you could still use you state-of-the art SAN for critical VMs. Here you can find some info an this architecture: http://www.ovirt.org/images/6/6c/2015-ovirt-glusterfs-hyperconvergence.pdf Than we are also going to have self-hosted engine over GlusterFS. Pat [1] http://www.ovirt.org/OVirt_Administration_Guide#Preparing_Local_Storage -- Pat Riehecky Scientific Linux developer Fermi National Accelerator Laboratory www.fnal.gov www.scientificlinux.org ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
Re: [ovirt-users] Unable to run noVNC console un recent browsers
No, I made my life easy and used nginx to proxy for the websocket. I was then able to use my commercial ssl cert to avoid all of these issues. Using a proxy for a proxy has been working out quite well for cloudspin, because I don't have to mess with anything internal to the engine and noVNC works without issue. DonnyD -Original Message- From: Simone Tiraboschi [mailto:stira...@redhat.com] Sent: Friday, February 20, 2015 7:03 AM To: Donny Davis Subject: Re: [ovirt-users] Unable to run noVNC console un recent browsers - Original Message - From: Donny Davis do...@cloudspin.me To: Simone Tiraboschi stira...@redhat.com Sent: Friday, February 20, 2015 2:23:56 PM Subject: RE: [ovirt-users] Unable to run noVNC console un recent browsers Is your websocket proxy on the same machine as your engine. I also get the CA error when the time it off. The proxy throws the error to /var/log/messages Hi Donny, I'm using the proxy on the same machine where the engine runs. No error till now no my side. I also trusted oVirt internal CA to sign other certs in my browser. Did you? You can find it at https://{engine}/ca.crt You should download it and add to the list of trusted certification authorities in your browser. -Original Message- From: users-boun...@ovirt.org [mailto:users-boun...@ovirt.org] On Behalf Of Simone Tiraboschi Sent: Friday, February 20, 2015 5:57 AM To: Stefano Danzi Cc: users@ovirt.org Subject: Re: [ovirt-users] Unable to run noVNC console un recent browsers - Original Message - From: Stefano Danzi s.da...@hawai.it To: Darrell Budic bu...@onholyground.com Cc: users@ovirt.org Sent: Friday, February 20, 2015 9:07:51 AM Subject: Re: [ovirt-users] Unable to run noVNC console un recent browsers Hello! Already done but this didn't help. I downloaded a portable version of Firefox 17 and noVNC work as expected. Il 20/02/2015 5.18, Darrell Budic ha scritto: Try reimporting the ca.cert for noVNC by connecting directly to the webproxy address at port 6100. Do this by trying to connect to a console and then, once the 1006 error shows up, just strip off everything after :6100/ . I've found that somewhere in or after 3.5, restarting the webproxy causes it to generate its own new ca.cert even through it shouldn't. -Darrell On Feb 19, 2015, at 4:09 PM, Stefano Danzi s.da...@hawai.it wrote: Hello, I can't make work noVNC console on recent browsers (Chrome 40, Firefox 35 and IE 11). The error that I have is already explained here: https://forge.univention.org/bugzilla/show_bug.cgi?id=33587 I tried to change websocket like suggested ( http://errata.univention.de/ucs/3.2/31.html ) but this not helped. noVNC 0.5.1 should be soon released in EPEL6/EPEL7 as for [1]. noVNC 0.5.1 should also improve compatibility with recent browsers. [1] https://bugzilla.redhat.com/show_bug.cgi?id=1193454#c3 Someone know a workaround? ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
Re: [ovirt-users] Problem: My VM's keep logging off
For the spice console on the VM do you have single sign on checked? From: users-boun...@ovirt.org [mailto:users-boun...@ovirt.org] On Behalf Of Pedro ML Sousa Sent: Friday, February 20, 2015 7:27 AM To: users@ovirt.org Subject: [ovirt-users] Problem: My VM's keep logging off My VM's keep logging off I have a HP server with 64GB of ram and 2 TB of disk space, the cpu is a Intel E5-2420v2 and 13 thin clients from igel (https://www.igel.com/products/thin-client-zero-client-hardware/iz2ud2-series/iz2ud2-specifications.html) i've purchase the clients and a service from a company, they installed the thins clients and the system but they are not finding a solution to my problem. The company installed centos 6.6 (final) (kernel linux 23.32-504.3.3.el6.x86_64) and ovirt 3.5.1 for virtualization (o.o.master.20141206225404) I have 12 VM's with centos (when i edit then is shows red hat enterprise linux 6.x x64) and gnome desktop 2.28.2 and 1 VM with windows xp prof. The problem only occurs on the VM's with linux. On linux display type is: Spice I use virtual machine viewer 1.0256 Problem: when working the vm seems to log off and i have to put the username and password again, all the work that was open is losed. 1 VM seems to log off more or less at the same hour each day 1h40 pm and 6h15 pm. This VM now as a newer thin client version UD3 instead of UD2 (https://www.igel.com/products/thin-client-zero-client-hardware/iz3ud3-series/iz3ud3-specifications.html) and now the problem only occur 1 time each day (at 12h30/12h45pm). All of the VM's including the one with XP Pro suffers from slowness, and on libreoffice the mouse scrooll seems nuts scrolling up and down by itself, now the exception is the VM with the new thin client. On the same network switch i have VM's that logs off and others that remain on. So the problem doesn't seem to be with the network. The different VM's logs off from 1 to 7 times a day. Mostly 4 to 5 times a day. When the VM logs off the caps lock become to work on the opposite condition off with caps light on and on with the caps light off. Beside this i have problems with the canon's printes i have, they stop printing quite often. I have access to the logs if anyone can help me i can upload the logs you like. Hope anyone can help me, i'm glad to provide more information if you need. Thanks in advance. PS pedro...@pmls.pt ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
Re: [ovirt-users] Unable to run noVNC console un recent browsers
- Original Message - From: Donny Davis do...@cloudspin.me To: Simone Tiraboschi stira...@redhat.com Cc: users@ovirt.org Sent: Friday, February 20, 2015 3:53:04 PM Subject: RE: [ovirt-users] Unable to run noVNC console un recent browsers No, I made my life easy and used nginx to proxy for the websocket. I was then able to use my commercial ssl cert to avoid all of these issues. Using a proxy for a proxy has been working out quite well for cloudspin, because I don't have to mess with anything internal to the engine and noVNC works without issue. Yes, using the oVirt internal CA is just the low-profile out of the box solution. DonnyD -Original Message- From: Simone Tiraboschi [mailto:stira...@redhat.com] Sent: Friday, February 20, 2015 7:03 AM To: Donny Davis Subject: Re: [ovirt-users] Unable to run noVNC console un recent browsers - Original Message - From: Donny Davis do...@cloudspin.me To: Simone Tiraboschi stira...@redhat.com Sent: Friday, February 20, 2015 2:23:56 PM Subject: RE: [ovirt-users] Unable to run noVNC console un recent browsers Is your websocket proxy on the same machine as your engine. I also get the CA error when the time it off. The proxy throws the error to /var/log/messages Hi Donny, I'm using the proxy on the same machine where the engine runs. No error till now no my side. I also trusted oVirt internal CA to sign other certs in my browser. Did you? You can find it at https://{engine}/ca.crt You should download it and add to the list of trusted certification authorities in your browser. -Original Message- From: users-boun...@ovirt.org [mailto:users-boun...@ovirt.org] On Behalf Of Simone Tiraboschi Sent: Friday, February 20, 2015 5:57 AM To: Stefano Danzi Cc: users@ovirt.org Subject: Re: [ovirt-users] Unable to run noVNC console un recent browsers - Original Message - From: Stefano Danzi s.da...@hawai.it To: Darrell Budic bu...@onholyground.com Cc: users@ovirt.org Sent: Friday, February 20, 2015 9:07:51 AM Subject: Re: [ovirt-users] Unable to run noVNC console un recent browsers Hello! Already done but this didn't help. I downloaded a portable version of Firefox 17 and noVNC work as expected. Il 20/02/2015 5.18, Darrell Budic ha scritto: Try reimporting the ca.cert for noVNC by connecting directly to the webproxy address at port 6100. Do this by trying to connect to a console and then, once the 1006 error shows up, just strip off everything after :6100/ . I've found that somewhere in or after 3.5, restarting the webproxy causes it to generate its own new ca.cert even through it shouldn't. -Darrell On Feb 19, 2015, at 4:09 PM, Stefano Danzi s.da...@hawai.it wrote: Hello, I can't make work noVNC console on recent browsers (Chrome 40, Firefox 35 and IE 11). The error that I have is already explained here: https://forge.univention.org/bugzilla/show_bug.cgi?id=33587 I tried to change websocket like suggested ( http://errata.univention.de/ucs/3.2/31.html ) but this not helped. noVNC 0.5.1 should be soon released in EPEL6/EPEL7 as for [1]. noVNC 0.5.1 should also improve compatibility with recent browsers. [1] https://bugzilla.redhat.com/show_bug.cgi?id=1193454#c3 Someone know a workaround? ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
Re: [ovirt-users] Unable to run noVNC console un recent browsers
What do the logs say in /var/log/messages from the non working browsers? -Original Message- From: Simone Tiraboschi [mailto:stira...@redhat.com] Sent: Friday, February 20, 2015 7:57 AM To: Donny Davis Cc: users@ovirt.org Subject: Re: [ovirt-users] Unable to run noVNC console un recent browsers - Original Message - From: Donny Davis do...@cloudspin.me To: Simone Tiraboschi stira...@redhat.com Cc: users@ovirt.org Sent: Friday, February 20, 2015 3:53:04 PM Subject: RE: [ovirt-users] Unable to run noVNC console un recent browsers No, I made my life easy and used nginx to proxy for the websocket. I was then able to use my commercial ssl cert to avoid all of these issues. Using a proxy for a proxy has been working out quite well for cloudspin, because I don't have to mess with anything internal to the engine and noVNC works without issue. Yes, using the oVirt internal CA is just the low-profile out of the box solution. DonnyD -Original Message- From: Simone Tiraboschi [mailto:stira...@redhat.com] Sent: Friday, February 20, 2015 7:03 AM To: Donny Davis Subject: Re: [ovirt-users] Unable to run noVNC console un recent browsers - Original Message - From: Donny Davis do...@cloudspin.me To: Simone Tiraboschi stira...@redhat.com Sent: Friday, February 20, 2015 2:23:56 PM Subject: RE: [ovirt-users] Unable to run noVNC console un recent browsers Is your websocket proxy on the same machine as your engine. I also get the CA error when the time it off. The proxy throws the error to /var/log/messages Hi Donny, I'm using the proxy on the same machine where the engine runs. No error till now no my side. I also trusted oVirt internal CA to sign other certs in my browser. Did you? You can find it at https://{engine}/ca.crt You should download it and add to the list of trusted certification authorities in your browser. -Original Message- From: users-boun...@ovirt.org [mailto:users-boun...@ovirt.org] On Behalf Of Simone Tiraboschi Sent: Friday, February 20, 2015 5:57 AM To: Stefano Danzi Cc: users@ovirt.org Subject: Re: [ovirt-users] Unable to run noVNC console un recent browsers - Original Message - From: Stefano Danzi s.da...@hawai.it To: Darrell Budic bu...@onholyground.com Cc: users@ovirt.org Sent: Friday, February 20, 2015 9:07:51 AM Subject: Re: [ovirt-users] Unable to run noVNC console un recent browsers Hello! Already done but this didn't help. I downloaded a portable version of Firefox 17 and noVNC work as expected. Il 20/02/2015 5.18, Darrell Budic ha scritto: Try reimporting the ca.cert for noVNC by connecting directly to the webproxy address at port 6100. Do this by trying to connect to a console and then, once the 1006 error shows up, just strip off everything after :6100/ . I've found that somewhere in or after 3.5, restarting the webproxy causes it to generate its own new ca.cert even through it shouldn't. -Darrell On Feb 19, 2015, at 4:09 PM, Stefano Danzi s.da...@hawai.it wrote: Hello, I can't make work noVNC console on recent browsers (Chrome 40, Firefox 35 and IE 11). The error that I have is already explained here: https://forge.univention.org/bugzilla/show_bug.cgi?id=33587 I tried to change websocket like suggested ( http://errata.univention.de/ucs/3.2/31.html ) but this not helped. noVNC 0.5.1 should be soon released in EPEL6/EPEL7 as for [1]. noVNC 0.5.1 should also improve compatibility with recent browsers. [1] https://bugzilla.redhat.com/show_bug.cgi?id=1193454#c3 Someone know a workaround? ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
Re: [ovirt-users] Unable to run noVNC console un recent browsers
Yeah, any x.509 cert not ultimately signed by a major trust anchor was problematic. I noticed it on some internal sites signed by my freeipa ca myself. On Feb 20, 2015, at 11:50 AM, Simone Tiraboschi stira...@redhat.com wrote: - Original Message - From: Darrell Budic bu...@onholyground.com To: Simone Tiraboschi stira...@redhat.com Cc: users users@ovirt.org Sent: Friday, February 20, 2015 5:57:10 PM Subject: Re: [ovirt-users] Unable to run noVNC console un recent browsers I had some trouble with self signed certs in firefox when they switch to the new pkix stuff recently, have you tried setting security.use_mozillapkix_verification to false? The websocket proxy cert is not self-signed: it's normally signed by the internal oVirt CA. On Feb 20, 2015, at 8:56 AM, Simone Tiraboschi stira...@redhat.com wrote: - Original Message - From: Donny Davis do...@cloudspin.me To: Simone Tiraboschi stira...@redhat.com Cc: users@ovirt.org Sent: Friday, February 20, 2015 3:53:04 PM Subject: RE: [ovirt-users] Unable to run noVNC console un recent browsers No, I made my life easy and used nginx to proxy for the websocket. I was then able to use my commercial ssl cert to avoid all of these issues. Using a proxy for a proxy has been working out quite well for cloudspin, because I don't have to mess with anything internal to the engine and noVNC works without issue. Yes, using the oVirt internal CA is just the low-profile out of the box solution. DonnyD -Original Message- From: Simone Tiraboschi [mailto:stira...@redhat.com] Sent: Friday, February 20, 2015 7:03 AM To: Donny Davis Subject: Re: [ovirt-users] Unable to run noVNC console un recent browsers - Original Message - From: Donny Davis do...@cloudspin.me To: Simone Tiraboschi stira...@redhat.com Sent: Friday, February 20, 2015 2:23:56 PM Subject: RE: [ovirt-users] Unable to run noVNC console un recent browsers Is your websocket proxy on the same machine as your engine. I also get the CA error when the time it off. The proxy throws the error to /var/log/messages Hi Donny, I'm using the proxy on the same machine where the engine runs. No error till now no my side. I also trusted oVirt internal CA to sign other certs in my browser. Did you? You can find it at https://{engine}/ca.crt You should download it and add to the list of trusted certification authorities in your browser. -Original Message- From: users-boun...@ovirt.org [mailto:users-boun...@ovirt.org] On Behalf Of Simone Tiraboschi Sent: Friday, February 20, 2015 5:57 AM To: Stefano Danzi Cc: users@ovirt.org Subject: Re: [ovirt-users] Unable to run noVNC console un recent browsers - Original Message - From: Stefano Danzi s.da...@hawai.it To: Darrell Budic bu...@onholyground.com Cc: users@ovirt.org Sent: Friday, February 20, 2015 9:07:51 AM Subject: Re: [ovirt-users] Unable to run noVNC console un recent browsers Hello! Already done but this didn't help. I downloaded a portable version of Firefox 17 and noVNC work as expected. Il 20/02/2015 5.18, Darrell Budic ha scritto: Try reimporting the ca.cert for noVNC by connecting directly to the webproxy address at port 6100. Do this by trying to connect to a console and then, once the 1006 error shows up, just strip off everything after :6100/ . I've found that somewhere in or after 3.5, restarting the webproxy causes it to generate its own new ca.cert even through it shouldn't. -Darrell On Feb 19, 2015, at 4:09 PM, Stefano Danzi s.da...@hawai.it wrote: Hello, I can't make work noVNC console on recent browsers (Chrome 40, Firefox 35 and IE 11). The error that I have is already explained here: https://forge.univention.org/bugzilla/show_bug.cgi?id=33587 I tried to change websocket like suggested ( http://errata.univention.de/ucs/3.2/31.html ) but this not helped. noVNC 0.5.1 should be soon released in EPEL6/EPEL7 as for [1]. noVNC 0.5.1 should also improve compatibility with recent browsers. [1] https://bugzilla.redhat.com/show_bug.cgi?id=1193454#c3 Someone know a workaround? ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
[ovirt-users] It is possible - Ovirt ? different CHAP authentication credentials
Hello, We have a requirement where when we add storage to our Ovirt cluster, each node in the cluster must use a different iSCSI CHAP username. This unfortunately does not work correctly when adding storage from the web interface for Ovirt as it only allows you to specify a shared username/password combination. We need to be able to use different CHAP authentication credentials when we add storage to Ovirt ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
[ovirt-users] Slow storage migration towards nfs
Heho, I currently move some vms from fcal-store to nfs, so i can restructure the fcal storage. However, i noticed, that dd is running with oflag=direct. I/o is currently very slow (~160mbit) on the nfs-servers network. Starting dd without oflag=direct leads to link-speed transmission (~1gbit/s). So... is this intended beheaviour? With best Regards, Tobias ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
Re: [ovirt-users] reinstall hosted engine vm (centos 6.6 - 7)
Hey everybody, I found a way after thinking about the upgrade for few days (rhel 6.6. - rhel 7 upgrade scripts, which of course did not work, (oVirt irc help, just gave it a go)). It seems that it helps to have been “playing” from RedHat 2.0 from the days (you know what is gonna work and whats not..)… I did engine vm upgrade (more like complicated engine reinstall (most of the instructions that you can gather from rhev / ovirt are quite bad(?) ) from 6.6 to 7 and now everything is working fine again. I was just hoping for more community support, never seen similar situation as now (no answers). I’m a big RedHat supporter, it just works if you know what you are doing.. Never needed support before and not now either, thanks everybody :-) Br, Pete On 13 Feb 2015, at 16:11, Pete p...@snake24.net wrote: Hi, I currently have Centos 6.6 engine vm running, the server it self is running centos 7 with oVirt. How I could get rid of the 6.6 Centos engine vm and update to Centos 7 engine vm ? I was unable to find any docs on how to do it. Thanks in advance. Br, Pete ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
Re: [ovirt-users] Unable to run noVNC console un recent browsers
I had some trouble with self signed certs in firefox when they switch to the new pkix stuff recently, have you tried setting security.use_mozillapkix_verification to false? On Feb 20, 2015, at 8:56 AM, Simone Tiraboschi stira...@redhat.com wrote: - Original Message - From: Donny Davis do...@cloudspin.me To: Simone Tiraboschi stira...@redhat.com Cc: users@ovirt.org Sent: Friday, February 20, 2015 3:53:04 PM Subject: RE: [ovirt-users] Unable to run noVNC console un recent browsers No, I made my life easy and used nginx to proxy for the websocket. I was then able to use my commercial ssl cert to avoid all of these issues. Using a proxy for a proxy has been working out quite well for cloudspin, because I don't have to mess with anything internal to the engine and noVNC works without issue. Yes, using the oVirt internal CA is just the low-profile out of the box solution. DonnyD -Original Message- From: Simone Tiraboschi [mailto:stira...@redhat.com] Sent: Friday, February 20, 2015 7:03 AM To: Donny Davis Subject: Re: [ovirt-users] Unable to run noVNC console un recent browsers - Original Message - From: Donny Davis do...@cloudspin.me To: Simone Tiraboschi stira...@redhat.com Sent: Friday, February 20, 2015 2:23:56 PM Subject: RE: [ovirt-users] Unable to run noVNC console un recent browsers Is your websocket proxy on the same machine as your engine. I also get the CA error when the time it off. The proxy throws the error to /var/log/messages Hi Donny, I'm using the proxy on the same machine where the engine runs. No error till now no my side. I also trusted oVirt internal CA to sign other certs in my browser. Did you? You can find it at https://{engine}/ca.crt You should download it and add to the list of trusted certification authorities in your browser. -Original Message- From: users-boun...@ovirt.org [mailto:users-boun...@ovirt.org] On Behalf Of Simone Tiraboschi Sent: Friday, February 20, 2015 5:57 AM To: Stefano Danzi Cc: users@ovirt.org Subject: Re: [ovirt-users] Unable to run noVNC console un recent browsers - Original Message - From: Stefano Danzi s.da...@hawai.it To: Darrell Budic bu...@onholyground.com Cc: users@ovirt.org Sent: Friday, February 20, 2015 9:07:51 AM Subject: Re: [ovirt-users] Unable to run noVNC console un recent browsers Hello! Already done but this didn't help. I downloaded a portable version of Firefox 17 and noVNC work as expected. Il 20/02/2015 5.18, Darrell Budic ha scritto: Try reimporting the ca.cert for noVNC by connecting directly to the webproxy address at port 6100. Do this by trying to connect to a console and then, once the 1006 error shows up, just strip off everything after :6100/ . I've found that somewhere in or after 3.5, restarting the webproxy causes it to generate its own new ca.cert even through it shouldn't. -Darrell On Feb 19, 2015, at 4:09 PM, Stefano Danzi s.da...@hawai.it wrote: Hello, I can't make work noVNC console on recent browsers (Chrome 40, Firefox 35 and IE 11). The error that I have is already explained here: https://forge.univention.org/bugzilla/show_bug.cgi?id=33587 I tried to change websocket like suggested ( http://errata.univention.de/ucs/3.2/31.html ) but this not helped. noVNC 0.5.1 should be soon released in EPEL6/EPEL7 as for [1]. noVNC 0.5.1 should also improve compatibility with recent browsers. [1] https://bugzilla.redhat.com/show_bug.cgi?id=1193454#c3 Someone know a workaround? ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
Re: [ovirt-users] Unable to run noVNC console un recent browsers
- Original Message - From: Darrell Budic bu...@onholyground.com To: Simone Tiraboschi stira...@redhat.com Cc: users users@ovirt.org Sent: Friday, February 20, 2015 5:57:10 PM Subject: Re: [ovirt-users] Unable to run noVNC console un recent browsers I had some trouble with self signed certs in firefox when they switch to the new pkix stuff recently, have you tried setting security.use_mozillapkix_verification to false? The websocket proxy cert is not self-signed: it's normally signed by the internal oVirt CA. On Feb 20, 2015, at 8:56 AM, Simone Tiraboschi stira...@redhat.com wrote: - Original Message - From: Donny Davis do...@cloudspin.me To: Simone Tiraboschi stira...@redhat.com Cc: users@ovirt.org Sent: Friday, February 20, 2015 3:53:04 PM Subject: RE: [ovirt-users] Unable to run noVNC console un recent browsers No, I made my life easy and used nginx to proxy for the websocket. I was then able to use my commercial ssl cert to avoid all of these issues. Using a proxy for a proxy has been working out quite well for cloudspin, because I don't have to mess with anything internal to the engine and noVNC works without issue. Yes, using the oVirt internal CA is just the low-profile out of the box solution. DonnyD -Original Message- From: Simone Tiraboschi [mailto:stira...@redhat.com] Sent: Friday, February 20, 2015 7:03 AM To: Donny Davis Subject: Re: [ovirt-users] Unable to run noVNC console un recent browsers - Original Message - From: Donny Davis do...@cloudspin.me To: Simone Tiraboschi stira...@redhat.com Sent: Friday, February 20, 2015 2:23:56 PM Subject: RE: [ovirt-users] Unable to run noVNC console un recent browsers Is your websocket proxy on the same machine as your engine. I also get the CA error when the time it off. The proxy throws the error to /var/log/messages Hi Donny, I'm using the proxy on the same machine where the engine runs. No error till now no my side. I also trusted oVirt internal CA to sign other certs in my browser. Did you? You can find it at https://{engine}/ca.crt You should download it and add to the list of trusted certification authorities in your browser. -Original Message- From: users-boun...@ovirt.org [mailto:users-boun...@ovirt.org] On Behalf Of Simone Tiraboschi Sent: Friday, February 20, 2015 5:57 AM To: Stefano Danzi Cc: users@ovirt.org Subject: Re: [ovirt-users] Unable to run noVNC console un recent browsers - Original Message - From: Stefano Danzi s.da...@hawai.it To: Darrell Budic bu...@onholyground.com Cc: users@ovirt.org Sent: Friday, February 20, 2015 9:07:51 AM Subject: Re: [ovirt-users] Unable to run noVNC console un recent browsers Hello! Already done but this didn't help. I downloaded a portable version of Firefox 17 and noVNC work as expected. Il 20/02/2015 5.18, Darrell Budic ha scritto: Try reimporting the ca.cert for noVNC by connecting directly to the webproxy address at port 6100. Do this by trying to connect to a console and then, once the 1006 error shows up, just strip off everything after :6100/ . I've found that somewhere in or after 3.5, restarting the webproxy causes it to generate its own new ca.cert even through it shouldn't. -Darrell On Feb 19, 2015, at 4:09 PM, Stefano Danzi s.da...@hawai.it wrote: Hello, I can't make work noVNC console on recent browsers (Chrome 40, Firefox 35 and IE 11). The error that I have is already explained here: https://forge.univention.org/bugzilla/show_bug.cgi?id=33587 I tried to change websocket like suggested ( http://errata.univention.de/ucs/3.2/31.html ) but this not helped. noVNC 0.5.1 should be soon released in EPEL6/EPEL7 as for [1]. noVNC 0.5.1 should also improve compatibility with recent browsers. [1] https://bugzilla.redhat.com/show_bug.cgi?id=1193454#c3 Someone know a workaround? ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
Re: [ovirt-users] Unable to run noVNC console un recent browsers
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 20.02.2015 18:50, Simone Tiraboschi wrote: The websocket proxy cert is not self-signed: it's normally signed by the internal oVirt CA. imho this qualifies as a self signed certificate, meaning it is not included in default trustores like browsers. HTH Sven -BEGIN PGP SIGNATURE- Version: GnuPG v2 iQGcBAEBAgAGBQJU55WGAAoJEAq0kGAWDrql1+EMAKII9O/tI5oG2EirDXgbqN3V RI/P0lAkSCr1cNvvCXtlnJBqhwRfaADKnbqDHKGQwBorguHUWOnb45TEtHebS7f5 p9+8uSJQ/JOGGZOkYoGwJabxuM4ZjWZkTP4IEZqTY/ZTmn+9eWDvOcApo6PPET1u anAS3RZAK5uUHUGy5SNHtoVxKZEgD0GuKlHVLtRAws3qKU+vBK3cLgSzSHLDBp04 5ItY28+qYJJWDG1JJ3CSghNlOjbYQ3W8DxFGF5wXgWoYEnavTQIXay7r/QB3TByG a7kyIbVlWljaGI8SFBqm/M56pTnMwigJOVFhsBOgDFCBQu4+fSib83+RI28XBkcL n+gx/MOu7hp5+/eCmUsG1LDkqCqPkE1DeXLg8mU9e/i6MBkmNeU6k+N5YonuwpUE mAyFS+N3KPIxxaFy5NyOmj5MeTaHN95DKTemsAqm2ZlM5yIFdGpQZGiq6SOBr5zO g+QtXtUtt75XEzzSKOr3Y0C8pp2FU67VMdP+pRKlEw== =Mhpl -END PGP SIGNATURE- ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users