Re: [ovirt-users] bad bond name when setting up hosted engine

[Dan Kenigsberg]

On Thu, Jan 4, 2018 at 5:50 AM, Sam McLeod  wrote:
> I'm having a problem where when setting up hosted engine deployment it fails
> stating that the selected bond name is bad.
>
> "code=25, message=bad bond name(s): mgmt)"
>
> - Is there a problem similar to
> https://bugzilla.redhat.com/show_bug.cgi?id=1519807 that's known?
> - If it seems to be this bug, is it preferred that I simply update the
> existing, closed issue as I have done, or open a new bug?
>
> --
> Sam McLeod
> https://smcleod.net
> https://twitter.com/s_mcleod

I see that you are trying to use a bond interface named "mgmt".
To avoid confusion while debugging a system, Vdsm has opted to allow
only bond names starting with "bond" followed by one or more decimal
digits. Anything else is considered "bad bond".

I prefer keeping the "bond" prefix compulsory, but I'd like to hear
why using different names is useful.

You can reopen this bug, but please move it to vdsm and rename it: it
should be something like "Allow any bondXYZ name for bonds" or "Allow
any bond name" and explain there why it is a good idea.

Dominik, is there an Engine-side limitation on bond names?
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] Q: ext4 noatime/nidiratime for oVirt node mount points

[Donny Davis]

I was just curious, and I concur that there is no logic in not just using
the defaults.

On Thu, Jan 4, 2018 at 1:46 PM, Yaniv Kaul  wrote:

>
>
> On Jan 4, 2018 7:01 PM, "Donny Davis"  wrote:
>
> Yaniv,
>
> If there was a central logging server, would the hypervisors send them
> there and stop writing to disk (given its setup properly), or does it write
> them anyway?
>
>
> We ship logs to the central logging, not instead of logging them locally.
> I reckon you could mount /var/log somewhere remotely, but I do not think
> it makes sense.
> Our logging is not intensive and has log rotation configured, so I'm not
> sure what the issue is. A r/o partition or a cheap SD card with limited
> write wear?
> Y.
>
>
>
> https://www.ovirt.org/documentation/admin-guide/chap-Log_Files/
>
> On Thu, Jan 4, 2018 at 11:43 AM, Yaniv Kaul  wrote:
>
>>
>>
>> On Thu, Jan 4, 2018 at 5:04 PM, Donny Davis  wrote:
>>
>>> That makes more sense. Have you measured the write load on the disks
>>> from just the hypervisor processes. I have included a screen shot from
>>> mine, and the load is very low in the Kilobytes/sec
>>>
>>
>> And those are probably the logs, which will be written anyway...
>> Y.
>>
>>
>>>
>>> I am not sure of the implications of changing these parameters, and I do
>>> not see an perceivable benefits from doing so.
>>>
>>> [image: Inline image 1]
>>>
>>> On Thu, Jan 4, 2018 at 9:51 AM, andreil1  wrote:
>>>


 On 4 Jan 2018, at 14:52, Donny Davis  wrote:

 What is the purpose in putting these directives in for the hypervisor?


 I have small node where system and data domains located on the same
 RAID.
 Data domains are on separate partitions.
 These options allow minimise disk access activity.


 On Thu, Jan 4, 2018 at 6:46 AM, andreil1  wrote:

> Hi !
>
> Is it safe to turn on these options (noatime, nodiratime) in oVirt
> node fstab for these mount points?
> /home
> /
> /tmp
> /var
> /var/log
> /var/log/audit
>
> Node 4.2 installed on CentOS, not with node DVD.
>
> Thanks.
>
> ___
> Users mailing list
> Users@ovirt.org
> http://lists.ovirt.org/mailman/listinfo/users
>



 ___
 Users mailing list
 Users@ovirt.org
 http://lists.ovirt.org/mailman/listinfo/users


>>>
>>> ___
>>> Users mailing list
>>> Users@ovirt.org
>>> http://lists.ovirt.org/mailman/listinfo/users
>>>
>>>
>>
>
>
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] Are Ovirt updates nessessary after CVE-2017-5754 CVE-2017-5753 CVE-2017-5715

[Michal Skrivanek]

> On 4 Jan 2018, at 22:16, Sandro Bonazzola  wrote:
> 
> 
> 
> 2018-01-04 17:21 GMT+01:00 Yaniv Kaul  >:
> 
> 
> On Thu, Jan 4, 2018 at 12:31 PM, Barak Korren  > wrote:
> On 4 January 2018 at 09:24, Marcel Hanke  > wrote:
> > Hi,
> > besides the kernel and microcode updates are there also updates of ovirt-
> > engine and vdsm nessessary and if so, is there a timeline when the patches 
> > can
> > be expected?

yes there are
right after the base OS is completely covered

> > If there are Patches nessessary will there also be updates for ovirt 4.1 or
> > only 4.2?

4.1 will be covered

> 
> Looking at the relevant Red Hat announcement:
> https://access.redhat.com/security/vulnerabilities/speculativeexecution 
> 
> 
> It seems that no packages that are derived directly from oVirt were updated.

they are, the page is updating as it progresses

> You can see qemu-kvm-rhev there, which is quemu-kvm-ev in CentOS -
> that used to be distributed by oVirt, but these days its is shipped as
> part of the CentOS VirtSIG repo.
> 
> AFAIK none of those components were released on CentOS yet, so if
> you're running oVirt on CentOS you'll need to wait.
> 
> CentOS kernel, microcode_ctl and linux-firmware have been released.
> See [1] for example. I'm sure others will follow.
> Y.
> 
> [1] 
> https://lists.centos.org/pipermail/centos-announce/2018-January/022696.html 
> 
>  
> 
> qemu-kvm-ev has also been tagged for release, will be in next batch or 
> earlier if I can find kbsing for manually push it.
> 
> 
> 
>  
> 
> I suppose oVirt packages and install scripts will be updated over the
> next few days to require the newer packages, but you do not need to
> wait for those updates to patch your systems, you can probably patch
> as soon as the updates are made available.

I suggest to start with the kernel
But please do read up on the various variants and mitigations. You may not 
necessarily need all of them
Also, you may lack the right firmware/microcode updates from your CPU vendor at 
the moment. Red Hat's microcode package only contains those which were released 
by Intel/AMD so far.

Thanks,
michal

> 
> Once updates are available, a new node and engine-apppliance images
> will probably also be built and released.
> 
> Please note that the above as mostly a rough estimate based on my
> familiarity with the processes involved, I am not directly affiliated
> with any of the teams handling the response to these CVEs.
> 
> --
> Barak Korren
> RHV DevOps team , RHCE, RHCi
> Red Hat EMEA
> redhat.com  | TRIED. TESTED. TRUSTED. | 
> redhat.com/trusted 
> ___
> Users mailing list
> Users@ovirt.org 
> http://lists.ovirt.org/mailman/listinfo/users 
> 
> 
> 
> ___
> Users mailing list
> Users@ovirt.org 
> http://lists.ovirt.org/mailman/listinfo/users 
> 
> 
> 
> 
> 
> -- 
> SANDRO BONAZZOLA
> ASSOCIATE MANAGER, SOFTWARE ENGINEERING, EMEA ENG VIRTUALIZATION R
> Red Hat EMEA 
>   
> TRIED. TESTED. TRUSTED. 
> ___
> Users mailing list
> Users@ovirt.org
> http://lists.ovirt.org/mailman/listinfo/users

___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] Are Ovirt updates nessessary after CVE-2017-5754 CVE-2017-5753 CVE-2017-5715

[Sandro Bonazzola]

2018-01-04 17:21 GMT+01:00 Yaniv Kaul :

>
>
> On Thu, Jan 4, 2018 at 12:31 PM, Barak Korren  wrote:
>
>> On 4 January 2018 at 09:24, Marcel Hanke  wrote:
>> > Hi,
>> > besides the kernel and microcode updates are there also updates of
>> ovirt-
>> > engine and vdsm nessessary and if so, is there a timeline when the
>> patches can
>> > be expected?
>> > If there are Patches nessessary will there also be updates for ovirt
>> 4.1 or
>> > only 4.2?
>>
>> Looking at the relevant Red Hat announcement:
>> https://access.redhat.com/security/vulnerabilities/speculativeexecution
>>
>> It seems that no packages that are derived directly from oVirt were
>> updated.
>> You can see qemu-kvm-rhev there, which is quemu-kvm-ev in CentOS -
>> that used to be distributed by oVirt, but these days its is shipped as
>> part of the CentOS VirtSIG repo.
>>
>> AFAIK none of those components were released on CentOS yet, so if
>> you're running oVirt on CentOS you'll need to wait.
>>
>
> CentOS kernel, microcode_ctl and linux-firmware have been released.
> See [1] for example. I'm sure others will follow.
> Y.
>
> [1] https://lists.centos.org/pipermail/centos-announce/
> 2018-January/022696.html
>
>

qemu-kvm-ev has also been tagged for release, will be in next batch or
earlier if I can find kbsing for manually push it.





>
>> I suppose oVirt packages and install scripts will be updated over the
>> next few days to require the newer packages, but you do not need to
>> wait for those updates to patch your systems, you can probably patch
>> as soon as the updates are made available.
>>
>> Once updates are available, a new node and engine-apppliance images
>> will probably also be built and released.
>>
>> Please note that the above as mostly a rough estimate based on my
>> familiarity with the processes involved, I am not directly affiliated
>> with any of the teams handling the response to these CVEs.
>>
>> --
>> Barak Korren
>> RHV DevOps team , RHCE, RHCi
>> Red Hat EMEA
>> redhat.com | TRIED. TESTED. TRUSTED. | redhat.com/trusted
>> ___
>> Users mailing list
>> Users@ovirt.org
>> http://lists.ovirt.org/mailman/listinfo/users
>>
>
>
> ___
> Users mailing list
> Users@ovirt.org
> http://lists.ovirt.org/mailman/listinfo/users
>
>


-- 

SANDRO BONAZZOLA

ASSOCIATE MANAGER, SOFTWARE ENGINEERING, EMEA ENG VIRTUALIZATION R

Red Hat EMEA 

TRIED. TESTED. TRUSTED. 
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] [CVE-2017-5715] qemu-kvm-ev-2.9.0-16.el7_4.13.1 is now available for testing

[Sandro Bonazzola]

2018-01-04 21:18 GMT+01:00 Sandro Bonazzola :

> Hi, qemu-kvm-ev-2.9.0-16.el7_4.13.1
>  is now available
> for testing.
> I'm testing it right now in oVirt CI, if nothing shows up, I'll tag it for
> release in a few hours.
>
> Here's the changelog:
>
> * Thu Jan 04 2018 Sandro Bonazzola  -
> ev-2.9.0-16.el7_4.13.1 - Removing RH branding from package name * Thu Dec
> 14 2017 Miroslav Rezanina  - rhev-2.9.0-16.el7_4.13
> - Fix CVE-2017-5715 * Thu Nov 16 2017 Miroslav Rezanina <
> mreza...@redhat.com> - rhev-2.9.0-16.el7_4.12 -
> kvm-util-async-use-atomic_mb_set-in-qemu_bh_cancel.patch [bz#1513362] -
> Resolves: bz#1513362 (QEMU's AIO subsystem gets stuck inhibiting all I/O
> operations on virtio-blk-pci devices [rhel-7.4.z])
>
>

Test passed, tagged for release. Will be available on mirrors.centos.org in
the next sign / publish cycle.


> --
>
> SANDRO BONAZZOLA
>
> ASSOCIATE MANAGER, SOFTWARE ENGINEERING, EMEA ENG VIRTUALIZATION R
>
> Red Hat EMEA 
> 
> TRIED. TESTED. TRUSTED. 
>
>


-- 

SANDRO BONAZZOLA

ASSOCIATE MANAGER, SOFTWARE ENGINEERING, EMEA ENG VIRTUALIZATION R

Red Hat EMEA 

TRIED. TESTED. TRUSTED. 
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

[ovirt-users] [CVE-2017-5715] qemu-kvm-ev-2.9.0-16.el7_4.13.1 is now available for testing

[Sandro Bonazzola]

Hi, qemu-kvm-ev-2.9.0-16.el7_4.13.1
 is now available for
testing.
I'm testing it right now in oVirt CI, if nothing shows up, I'll tag it for
release in a few hours.

Here's the changelog:

* Thu Jan 04 2018 Sandro Bonazzola  -
ev-2.9.0-16.el7_4.13.1 - Removing RH branding from package name * Thu Dec
14 2017 Miroslav Rezanina  - rhev-2.9.0-16.el7_4.13 -
Fix CVE-2017-5715 * Thu Nov 16 2017 Miroslav Rezanina 
- rhev-2.9.0-16.el7_4.12 -
kvm-util-async-use-atomic_mb_set-in-qemu_bh_cancel.patch [bz#1513362] -
Resolves: bz#1513362 (QEMU's AIO subsystem gets stuck inhibiting all I/O
operations on virtio-blk-pci devices [rhel-7.4.z])

-- 

SANDRO BONAZZOLA

ASSOCIATE MANAGER, SOFTWARE ENGINEERING, EMEA ENG VIRTUALIZATION R

Red Hat EMEA 

TRIED. TESTED. TRUSTED. 
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] Q: ext4 noatime/nidiratime for oVirt node mount points

[Yaniv Kaul]

On Jan 4, 2018 7:01 PM, "Donny Davis"  wrote:

Yaniv,

If there was a central logging server, would the hypervisors send them
there and stop writing to disk (given its setup properly), or does it write
them anyway?


We ship logs to the central logging, not instead of logging them locally.
I reckon you could mount /var/log somewhere remotely, but I do not think it
makes sense.
Our logging is not intensive and has log rotation configured, so I'm not
sure what the issue is. A r/o partition or a cheap SD card with limited
write wear?
Y.



https://www.ovirt.org/documentation/admin-guide/chap-Log_Files/

On Thu, Jan 4, 2018 at 11:43 AM, Yaniv Kaul  wrote:

>
>
> On Thu, Jan 4, 2018 at 5:04 PM, Donny Davis  wrote:
>
>> That makes more sense. Have you measured the write load on the disks from
>> just the hypervisor processes. I have included a screen shot from mine, and
>> the load is very low in the Kilobytes/sec
>>
>
> And those are probably the logs, which will be written anyway...
> Y.
>
>
>>
>> I am not sure of the implications of changing these parameters, and I do
>> not see an perceivable benefits from doing so.
>>
>> [image: Inline image 1]
>>
>> On Thu, Jan 4, 2018 at 9:51 AM, andreil1  wrote:
>>
>>>
>>>
>>> On 4 Jan 2018, at 14:52, Donny Davis  wrote:
>>>
>>> What is the purpose in putting these directives in for the hypervisor?
>>>
>>>
>>> I have small node where system and data domains located on the same RAID.
>>> Data domains are on separate partitions.
>>> These options allow minimise disk access activity.
>>>
>>>
>>> On Thu, Jan 4, 2018 at 6:46 AM, andreil1  wrote:
>>>
 Hi !

 Is it safe to turn on these options (noatime, nodiratime) in oVirt node
 fstab for these mount points?
 /home
 /
 /tmp
 /var
 /var/log
 /var/log/audit

 Node 4.2 installed on CentOS, not with node DVD.

 Thanks.

 ___
 Users mailing list
 Users@ovirt.org
 http://lists.ovirt.org/mailman/listinfo/users

>>>
>>>
>>>
>>> ___
>>> Users mailing list
>>> Users@ovirt.org
>>> http://lists.ovirt.org/mailman/listinfo/users
>>>
>>>
>>
>> ___
>> Users mailing list
>> Users@ovirt.org
>> http://lists.ovirt.org/mailman/listinfo/users
>>
>>
>
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] Q: ext4 noatime/nidiratime for oVirt node mount points

[Donny Davis]

Yaniv,

If there was a central logging server, would the hypervisors send them
there and stop writing to disk (given its setup properly), or does it write
them anyway?


https://www.ovirt.org/documentation/admin-guide/chap-Log_Files/

On Thu, Jan 4, 2018 at 11:43 AM, Yaniv Kaul  wrote:

>
>
> On Thu, Jan 4, 2018 at 5:04 PM, Donny Davis  wrote:
>
>> That makes more sense. Have you measured the write load on the disks from
>> just the hypervisor processes. I have included a screen shot from mine, and
>> the load is very low in the Kilobytes/sec
>>
>
> And those are probably the logs, which will be written anyway...
> Y.
>
>
>>
>> I am not sure of the implications of changing these parameters, and I do
>> not see an perceivable benefits from doing so.
>>
>> [image: Inline image 1]
>>
>> On Thu, Jan 4, 2018 at 9:51 AM, andreil1  wrote:
>>
>>>
>>>
>>> On 4 Jan 2018, at 14:52, Donny Davis  wrote:
>>>
>>> What is the purpose in putting these directives in for the hypervisor?
>>>
>>>
>>> I have small node where system and data domains located on the same RAID.
>>> Data domains are on separate partitions.
>>> These options allow minimise disk access activity.
>>>
>>>
>>> On Thu, Jan 4, 2018 at 6:46 AM, andreil1  wrote:
>>>
 Hi !

 Is it safe to turn on these options (noatime, nodiratime) in oVirt node
 fstab for these mount points?
 /home
 /
 /tmp
 /var
 /var/log
 /var/log/audit

 Node 4.2 installed on CentOS, not with node DVD.

 Thanks.

 ___
 Users mailing list
 Users@ovirt.org
 http://lists.ovirt.org/mailman/listinfo/users

>>>
>>>
>>>
>>> ___
>>> Users mailing list
>>> Users@ovirt.org
>>> http://lists.ovirt.org/mailman/listinfo/users
>>>
>>>
>>
>> ___
>> Users mailing list
>> Users@ovirt.org
>> http://lists.ovirt.org/mailman/listinfo/users
>>
>>
>
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] Q: ext4 noatime/nidiratime for oVirt node mount points

[Yaniv Kaul]

On Thu, Jan 4, 2018 at 5:04 PM, Donny Davis  wrote:

> That makes more sense. Have you measured the write load on the disks from
> just the hypervisor processes. I have included a screen shot from mine, and
> the load is very low in the Kilobytes/sec
>

And those are probably the logs, which will be written anyway...
Y.


>
> I am not sure of the implications of changing these parameters, and I do
> not see an perceivable benefits from doing so.
>
> [image: Inline image 1]
>
> On Thu, Jan 4, 2018 at 9:51 AM, andreil1  wrote:
>
>>
>>
>> On 4 Jan 2018, at 14:52, Donny Davis  wrote:
>>
>> What is the purpose in putting these directives in for the hypervisor?
>>
>>
>> I have small node where system and data domains located on the same RAID.
>> Data domains are on separate partitions.
>> These options allow minimise disk access activity.
>>
>>
>> On Thu, Jan 4, 2018 at 6:46 AM, andreil1  wrote:
>>
>>> Hi !
>>>
>>> Is it safe to turn on these options (noatime, nodiratime) in oVirt node
>>> fstab for these mount points?
>>> /home
>>> /
>>> /tmp
>>> /var
>>> /var/log
>>> /var/log/audit
>>>
>>> Node 4.2 installed on CentOS, not with node DVD.
>>>
>>> Thanks.
>>>
>>> ___
>>> Users mailing list
>>> Users@ovirt.org
>>> http://lists.ovirt.org/mailman/listinfo/users
>>>
>>
>>
>>
>> ___
>> Users mailing list
>> Users@ovirt.org
>> http://lists.ovirt.org/mailman/listinfo/users
>>
>>
>
> ___
> Users mailing list
> Users@ovirt.org
> http://lists.ovirt.org/mailman/listinfo/users
>
>
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] How to install the engine manually?

[Yaniv Kaul]

On Thu, Jan 4, 2018 at 6:09 PM, Pepe Pepe  wrote:

> Hello.
> Thank you very much for your answer. I really appreaciate it.
>
> I wanted to know if it was possible to install every single packet from
> "src" folder.
> I supposed it was too hard to do, but I didn't know if it exists a easy
> way to do it.
> Regarding that nobody does it like this, I won't try it anymore! Thanks.
>
> You wrote:
> "Also note that engine-setup handles many services, not only ovirt-engine."
>
> Having it in mind, can I configure CentOS7 so that it starts the engine
> when I turn on my PC?
>

It's part of the installation.
Y.


>
> Thanks again!
>
> Regards,
> PP.
>
>
>
>
> *Enviar:* jueves 4 de enero de 2018 a las 15:18
>
> *De:* "Yedidyah Bar David" 
> *Para:* "Pepe Pepe" 
> *CC:* "OVIRT OVIRT" 
> *Asunto:* Re: [ovirt-users] How to install the engine manually?
> On Thu, Jan 4, 2018 at 4:03 PM, Pepe Pepe  wrote:
>>
>> Hello.
>>
>> Thanks for your answer.
>>
>> The only thing I want to do is to install it "manually" without the yum
>> command. Do you know what I want to mean ?
>>
>
> I do not think I understand.
>
> If you want to use oVirt on CentOS 7, you should install it with yum. If
> you
> do not want to, e.g. because you prefer your software to be in /usr/local
> or
> something like that, then this is not supported, I do not know about anyone
> trying this, and I guess it will require quite a lot of effort.
>
> If you want to set up a development environment, see the links I sent. In
> theory
> you can do this also for production, but it will require quite a lot of
> effort
> if your only wish is to not install with yum.
>
> If you want to port it to some other OS or distribution, or want to do
> anything
> else, please provide more details.
>
>
>>
>> One more question... Is it possible to change whether start the service
>> automatically or not?
>>
>
> You mean when installed with yum?
>
> yum install will not make it start automatically.
>
> engine-setup will start it and configure it to start automatically.
> There is no way to make engine-setup not do that.
> After you run engine-setup, you can disable it if you want.
> You will have to remember to do this after each upgrade.
> Also note that engine-setup handles many services, not only ovirt-engine.
> To see which services it enabled, grep the setup log for
> 'systemctl.*enable'.
>
> Best regards,
>
>
>>
>> Thanks in advance.
>> Regards,
>> PP.
>>
>>
>> *Enviar:* jueves 4 de enero de 2018 a las 7:46
>> *De:* "Yedidyah Bar David" 
>> *Para:* "Pepe Pepe" 
>> *CC:* "OVIRT OVIRT" 
>> *Asunto:* Re: [ovirt-users] How to install the engine manually?
>> On Wed, Jan 3, 2018 at 8:07 PM, Pepe Pepe  wrote:
>>>
>>> Hello everybody.
>>>
>>> I'd like to know if it is possible to install the whole engine using the
>>> folder "src" that I can download from here:
>>>
>>> http://resources.ovirt.org/pub/ovirt-4.2/
>>>
>>> Would it be possible to install them all executing a Makefile or script?
>>>
>>
>> You mean that you want to build everything from source? See these:
>>
>> https://ovirt.org/develop/
>> https://ovirt.org/develop/developer-guide/engine/engine-
>> development-environment/
>> https://ovirt.org/develop/developer-guide/vdsm/developers/
>>
>> Best regards,
>> --
>> Didi
>>
>> ___
>> Users mailing list
>> Users@ovirt.org
>> http://lists.ovirt.org/mailman/listinfo/users
>>
>
>
>
>
> --
> Didi
>
> ___
> Users mailing list
> Users@ovirt.org
> http://lists.ovirt.org/mailman/listinfo/users
>
>
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] Q: ext4 noatime/nidiratime for oVirt node mount points

[Yaniv Kaul]

On Thu, Jan 4, 2018 at 1:45 PM, Service  wrote:

> Hi !
>
> Is it safe to turn on these options (noatime, nodiratime) in oVirt node
> fstab for these mount points?
>

Not sure, but why would you do that?
Y.


> /home
> /
> /tmp
> /var
> /var/log
> /var/log/audit
>
> Node 4.2 installed on CentOS, not with node DVD.
>
> Thanks.
>
> ___
> Users mailing list
> Users@ovirt.org
> http://lists.ovirt.org/mailman/listinfo/users
>
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

[ovirt-users] need to close spice remote-viewer after some time with proxy

[Gianluca Cecchi]

Hello,
in 4.1 I had the problem that connecting to remote-console and leaving
there inactive, after some time I cannot use it any more (mouse clicks no
effect).
I also reported here:
http://lists.ovirt.org/pipermail/users/2016-October/076890.html
This happened only if connected to the vm from admin portal, while from
user portal it was ok.
Now after update to 4.2 both the admin portal and the new vm portal have
the same problem, so that if I leave the VM for some minutes I come back
and have to close and open again the spice console

The Vm in question is a Fedora 26, but it was something like Fedora 24 I
presume in Dec 2016
I tried to disable at all the screen savers features on it but it doesn't
depend on it.

Possibly depending on proxy set? I would try to disable it and verify if
problems solves. Any one else using websocket proxy has these problems?

Thanks in advance,
Gianluca
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] Are Ovirt updates nessessary after CVE-2017-5754 CVE-2017-5753 CVE-2017-5715

[Yaniv Kaul]

On Thu, Jan 4, 2018 at 12:31 PM, Barak Korren  wrote:

> On 4 January 2018 at 09:24, Marcel Hanke  wrote:
> > Hi,
> > besides the kernel and microcode updates are there also updates of ovirt-
> > engine and vdsm nessessary and if so, is there a timeline when the
> patches can
> > be expected?
> > If there are Patches nessessary will there also be updates for ovirt 4.1
> or
> > only 4.2?
>
> Looking at the relevant Red Hat announcement:
> https://access.redhat.com/security/vulnerabilities/speculativeexecution
>
> It seems that no packages that are derived directly from oVirt were
> updated.
> You can see qemu-kvm-rhev there, which is quemu-kvm-ev in CentOS -
> that used to be distributed by oVirt, but these days its is shipped as
> part of the CentOS VirtSIG repo.
>
> AFAIK none of those components were released on CentOS yet, so if
> you're running oVirt on CentOS you'll need to wait.
>

CentOS kernel, microcode_ctl and linux-firmware have been released.
See [1] for example. I'm sure others will follow.
Y.

[1]
https://lists.centos.org/pipermail/centos-announce/2018-January/022696.html


>
> I suppose oVirt packages and install scripts will be updated over the
> next few days to require the newer packages, but you do not need to
> wait for those updates to patch your systems, you can probably patch
> as soon as the updates are made available.
>
> Once updates are available, a new node and engine-apppliance images
> will probably also be built and released.
>
> Please note that the above as mostly a rough estimate based on my
> familiarity with the processes involved, I am not directly affiliated
> with any of the teams handling the response to these CVEs.
>
> --
> Barak Korren
> RHV DevOps team , RHCE, RHCi
> Red Hat EMEA
> redhat.com | TRIED. TESTED. TRUSTED. | redhat.com/trusted
> ___
> Users mailing list
> Users@ovirt.org
> http://lists.ovirt.org/mailman/listinfo/users
>
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

[ovirt-users] Q: ext4 noatime/nidiratime for oVirt node mount points

[Service]

Hi !

Is it safe to turn on these options (noatime, nodiratime) in oVirt node fstab 
for these mount points?
/home
/
/tmp
/var
/var/log
/var/log/audit

Node 4.2 installed on CentOS, not with node DVD.

Thanks.

___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] How to install the engine manually?

[Pepe Pepe]

Hello. 

Thank you very much for your answer. I really appreaciate it.

 

I wanted to know if it was possible to install every single packet from "src" folder. 
I supposed it was too hard to do, but I didn't know if it exists a easy way to do it.

Regarding that nobody does it like this, I won't try it anymore! Thanks.


You wrote:
"Also note that engine-setup handles many services, not only ovirt-engine."

 

Having it in mind, can I configure CentOS7 so that it starts the engine when I turn on my PC?

 

Thanks again!

 

Regards,
PP.


 

 

 

 

Enviar: jueves 4 de enero de 2018 a las 15:18
De: "Yedidyah Bar David" 
Para: "Pepe Pepe" 
CC: "OVIRT OVIRT" 
Asunto: Re: [ovirt-users] How to install the engine manually?




On Thu, Jan 4, 2018 at 4:03 PM, Pepe Pepe  wrote:




Hello.

 

Thanks for your answer.

 

The only thing I want to do is to install it "manually" without the yum command. Do you know what I want to mean ? 




 

I do not think I understand.
 

If you want to use oVirt on CentOS 7, you should install it with yum. If you

do not want to, e.g. because you prefer your software to be in /usr/local or

something like that, then this is not supported, I do not know about anyone

trying this, and I guess it will require quite a lot of effort.

 

If you want to set up a development environment, see the links I sent. In theory

you can do this also for production, but it will require quite a lot of effort

if your only wish is to not install with yum.

 

If you want to port it to some other OS or distribution, or want to do anything
else, please provide more details.

 




 

One more question... Is it possible to change whether start the service automatically or not?




 

You mean when installed with yum?
 

yum install will not make it start automatically.
 

engine-setup will start it and configure it to start automatically.

There is no way to make engine-setup not do that.

After you run engine-setup, you can disable it if you want.

You will have to remember to do this after each upgrade.

Also note that engine-setup handles many services, not only ovirt-engine.

To see which services it enabled, grep the setup log for 'systemctl.*enable'.
 

Best regards,

 




 

Thanks in advance.

Regards,

PP.

 

 

Enviar: jueves 4 de enero de 2018 a las 7:46
De: "Yedidyah Bar David" 
Para: "Pepe Pepe" 
CC: "OVIRT OVIRT" 
Asunto: Re: [ovirt-users] How to install the engine manually?






On Wed, Jan 3, 2018 at 8:07 PM, Pepe Pepe  wrote:





Hello everybody.

 

I'd like to know if it is possible to install the whole engine using the folder "src" that I can download from here:

 

http://resources.ovirt.org/pub/ovirt-4.2/

 

Would it be possible to install them all executing a Makefile or script?





 

You mean that you want to build everything from source? See these:


https://ovirt.org/develop/
https://ovirt.org/develop/developer-guide/engine/engine-development-environment/
https://ovirt.org/develop/developer-guide/vdsm/developers/
 

Best regards,

--

Didi










___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users
 




--
Didi





___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

[ovirt-users] Configuring Gluster

[carl langlois]

Hi all,

I am in the process of adding GlusterFS storage to our already ovirt setup.
I am using 4.1.8 for now but plan to upgrade to 4.2 later. I need your
suggestions on what is the best approach for replacing my NFS storage to a
GlusterFS storage..


Thanks for all your inputs.
Carl
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] Unable to add VM Portal successfully

[Jakub Niedermertl]

Hi Pym,

to deploy VM Portal (ovirt-web-ui) next to the engine one needs to compile
it from sources to rpm package [1], and install it next to ovirt-engine
package. Container deployment is not used by default.

Technically ovirt-web-ui is another war application served by engine's
Wildfly.
See symlink /usr/share/ovirt-engine/ovirt-web-ui.war and configuration file
/etc/ovirt-engine/engine.conf.d/50-ovirt-web-ui.conf of package
ovirt-web-ui [2] for details.

Best regards
Jakub

[1]: https://github.com/oVirt/ovirt-web-ui#build
[2]: http://resources.ovirt.org/pub/ovirt-4.2/rpm/el7/noarch/

On Thu, Jan 4, 2018 at 10:58 AM, Pym  wrote:

> Hi:
>
> I recently built the ovirt-engine service in source code compilation,
> which is now accessible through the web interface. However, there is no VM
> Portal feature on the main page. After clicking, "404 - failed to find the
> page".
>
> Next I found the source code for web- UI functionality at github, and I
> wanted to install it through source compilation. I tried to follow the
> above process, but the following problems occurred:
>
> "
> [root@ovirttest ovirt-web-ui]#  docker run --rm -it --network host
> --add-host ovirttest.erc.com:10.100.211.113 -e ENGINE_URL=
> https://ovirttest.erc.com/ovirt-engine -p 3000:3000
> mareklibra/ovirt-web-ui:latest
> yarn start v0.24.4
> $ node scripts/start.js
> Please authenticate against oVirt running at https://ovirttest.erc.com/o
> virt-engine
> oVirt user (admin@internal): admin
> oVirt password: **
> oVirt domain (internal-authz): ovirttest.erc.com
> Failed obtaining oVirt auth token: Error: connect ECONNREFUSED
> 10.100.211.113:443
> Done in 27.64s.
> "
>
> How to make sure the container can reach the engine on this ip:port.
>
> Or there are other ways to solve this problem, which has been bothering me
> for days.
>
> Thank you very much.
>
>
>
>
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] ovirt 4.2 and multiple networks

[Gabriel Stein]

well, sorry, I sent the last E-Mail without all infos(was too fast)

Backend Logs are:

2018-01-04 16:47:42,072+01 WARN
[org.ovirt.engine.core.bll.network.host.HostSetupNetworksCommand] (default
task-27) [41601053-4a3c-49b5-9218-0fa77a50d105] Validation of action
'HostSetupNetworks' failed for user admin@internal-authz. Reasons:
VAR__ACTION__SETUP,VAR__TYPE__NETWORKS,must match
"^\b((25[0-5]|2[0-4]\d|[01]\d\d|\d?\d)\.){3}(25[0-5]|2[0-4]\d|[01]\d\d|\d?\d)",$flags
[Ljavax.validation.constraints.Pattern$Flag;@3e7ee22,$regexp
^\b((25[0-5]|2[0-4]\d|[01]\d\d|\d?\d)\.){3}(25[0-5]|2[0-4]\d|[01]\d\d|\d?\d),$groups
[Ljava.lang.Class;@67769cea,$message
{javax.validation.constraints.Pattern.message},$payload
[Ljava.lang.Class;@2f5c101b,ACTION_TYPE_FAILED_ATTRIBUTE_PATH,$path
ipConfiguration.iPv4Addresses[0].gateway,$validatedValue


Thanks in Advance!

Best Regards,

Gabriel


Gabriel Stein
--
Gabriel Ferraz Stein
Tel.: +49 (0)  170 2881531

2018-01-04 16:45 GMT+01:00 Gabriel Stein :

> Hi all,
>
> I'm trying now to migrate the Networks from an old Proxmox to oVirt. I'm
> doing manually, adding them to oVirt and using VLAN Tag.
>
> But I have a small problem: this VLANs hasn't any gateway/ip address
> configuration, they are just a bridge to the VMs.
>
> After I added all networks to oVirt, I tried to configure these networks
> on a host, network interfaces, setup networks, and attach them to an
> interface
>
> After I attached one network and choose OK, I receive this error on oVirt:
> Error while executing action:
>
> hostabc.domain.tld:
>
>- must match "^\b((25[0-5]|2[0-4]\d|[01]\d\
>d|\d?\d)\_){3}(25[0-5]|2[0-4]\d|[01]\d\d|\d?\d)"
>- Attribute: ipConfiguration.iPv4Addresses[0].gateway
>
>
>
>
> Gabriel Stein
> --
> Gabriel Ferraz Stein
> Tel.: +49 (0)  170 2881531
>
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

[ovirt-users] ovirt 4.2 and multiple networks

[Gabriel Stein]

Hi all,

I'm trying now to migrate the Networks from an old Proxmox to oVirt. I'm
doing manually, adding them to oVirt and using VLAN Tag.

But I have a small problem: this VLANs hasn't any gateway/ip address
configuration, they are just a bridge to the VMs.

After I added all networks to oVirt, I tried to configure these networks on
a host, network interfaces, setup networks, and attach them to an
interface

After I attached one network and choose OK, I receive this error on oVirt:
Error while executing action:

hostabc.domain.tld:

   - must match
   
"^\b((25[0-5]|2[0-4]\d|[01]\d\d|\d?\d)\_){3}(25[0-5]|2[0-4]\d|[01]\d\d|\d?\d)"
   - Attribute: ipConfiguration.iPv4Addresses[0].gateway




Gabriel Stein
--
Gabriel Ferraz Stein
Tel.: +49 (0)  170 2881531
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] Q: ext4 noatime/nidiratime for oVirt node mount points

[Fabrice Bacchella]

Both are no brainer to activate (noatime is a superset of nodiratime, see 
https://lwn.net/Articles/244941/) for every mount point, unless you really know 
why you need exact atime.

If you want to be super-safe, use relatime. You will get not-exact but usable 
atime, to know if a file was acceded after write.

More informations:
https://en.wikipedia.org/wiki/Stat_(system_call)#Criticism_of_atime


> Le 4 janv. 2018 à 12:46, andreil1  a écrit :
> 
> Hi !
> 
> Is it safe to turn on these options (noatime, nodiratime) in oVirt node fstab 
> for these mount points?
> /home
> /
> /tmp
> /var
> /var/log
> /var/log/audit
> 
> Node 4.2 installed on CentOS, not with node DVD.
> 
> Thanks.
> 
> ___
> Users mailing list
> Users@ovirt.org
> http://lists.ovirt.org/mailman/listinfo/users

___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] Q: ext4 noatime/nidiratime for oVirt node mount points

[Donny Davis]

That makes more sense. Have you measured the write load on the disks from
just the hypervisor processes. I have included a screen shot from mine, and
the load is very low in the Kilobytes/sec

I am not sure of the implications of changing these parameters, and I do
not see an perceivable benefits from doing so.

[image: Inline image 1]

On Thu, Jan 4, 2018 at 9:51 AM, andreil1  wrote:

>
>
> On 4 Jan 2018, at 14:52, Donny Davis  wrote:
>
> What is the purpose in putting these directives in for the hypervisor?
>
>
> I have small node where system and data domains located on the same RAID.
> Data domains are on separate partitions.
> These options allow minimise disk access activity.
>
>
> On Thu, Jan 4, 2018 at 6:46 AM, andreil1  wrote:
>
>> Hi !
>>
>> Is it safe to turn on these options (noatime, nodiratime) in oVirt node
>> fstab for these mount points?
>> /home
>> /
>> /tmp
>> /var
>> /var/log
>> /var/log/audit
>>
>> Node 4.2 installed on CentOS, not with node DVD.
>>
>> Thanks.
>>
>> ___
>> Users mailing list
>> Users@ovirt.org
>> http://lists.ovirt.org/mailman/listinfo/users
>>
>
>
>
> ___
> Users mailing list
> Users@ovirt.org
> http://lists.ovirt.org/mailman/listinfo/users
>
>
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] Q: ext4 noatime/nidiratime for oVirt node mount points

[andreil1]

> On 4 Jan 2018, at 14:52, Donny Davis  > wrote:
> 
> What is the purpose in putting these directives in for the hypervisor?

I have small node where system and data domains located on the same RAID.
Data domains are on separate partitions.
These options allow minimise disk access activity.

> 
> On Thu, Jan 4, 2018 at 6:46 AM, andreil1  > wrote:
> Hi !
> 
> Is it safe to turn on these options (noatime, nodiratime) in oVirt node fstab 
> for these mount points?
> /home
> /
> /tmp
> /var
> /var/log
> /var/log/audit
> 
> Node 4.2 installed on CentOS, not with node DVD.
> 
> Thanks.
> 
> ___
> Users mailing list
> Users@ovirt.org 
> http://lists.ovirt.org/mailman/listinfo/users 
> 
> 

___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] bad bond name when setting up hosted engine

[Doron Fediuck]

Can you please provide the installation logs?

On 4 January 2018 at 05:50, Sam McLeod  wrote:

> I'm having a problem where when setting up hosted engine deployment it
> fails stating that the selected bond name is bad.
>
> "code=25, message=bad bond name(s): mgmt)"
>
> - Is there a problem similar to https://bugzilla.redhat.com/
> show_bug.cgi?id=1519807 that's known?
> - If it seems to be this bug, is it preferred that I simply update the
> existing, closed issue as I have done, or open a new bug?
>
> --
> Sam McLeod
> https://smcleod.net
> https://twitter.com/s_mcleod
>
>
> ___
> Users mailing list
> Users@ovirt.org
> http://lists.ovirt.org/mailman/listinfo/users
>
>
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] How to install the engine manually?

[Yedidyah Bar David]

On Thu, Jan 4, 2018 at 4:03 PM, Pepe Pepe  wrote:

> Hello.
>
> Thanks for your answer.
>
> The only thing I want to do is to install it "manually" without the yum
> command. Do you know what I want to mean ?
>

I do not think I understand.

If you want to use oVirt on CentOS 7, you should install it with yum. If you
do not want to, e.g. because you prefer your software to be in /usr/local or
something like that, then this is not supported, I do not know about anyone
trying this, and I guess it will require quite a lot of effort.

If you want to set up a development environment, see the links I sent. In
theory
you can do this also for production, but it will require quite a lot of
effort
if your only wish is to not install with yum.

If you want to port it to some other OS or distribution, or want to do
anything
else, please provide more details.


>
> One more question... Is it possible to change whether start the service
> automatically or not?
>

You mean when installed with yum?

yum install will not make it start automatically.

engine-setup will start it and configure it to start automatically.
There is no way to make engine-setup not do that.
After you run engine-setup, you can disable it if you want.
You will have to remember to do this after each upgrade.
Also note that engine-setup handles many services, not only ovirt-engine.
To see which services it enabled, grep the setup log for
'systemctl.*enable'.

Best regards,


>
> Thanks in advance.
> Regards,
> PP.
>
>
> *Enviar:* jueves 4 de enero de 2018 a las 7:46
> *De:* "Yedidyah Bar David" 
> *Para:* "Pepe Pepe" 
> *CC:* "OVIRT OVIRT" 
> *Asunto:* Re: [ovirt-users] How to install the engine manually?
> On Wed, Jan 3, 2018 at 8:07 PM, Pepe Pepe  wrote:
>>
>> Hello everybody.
>>
>> I'd like to know if it is possible to install the whole engine using the
>> folder "src" that I can download from here:
>>
>> http://resources.ovirt.org/pub/ovirt-4.2/
>>
>> Would it be possible to install them all executing a Makefile or script?
>>
>
> You mean that you want to build everything from source? See these:
>
> https://ovirt.org/develop/
> https://ovirt.org/develop/developer-guide/engine/engine-
> development-environment/
> https://ovirt.org/develop/developer-guide/vdsm/developers/
>
> Best regards,
> --
> Didi
>
> ___
> Users mailing list
> Users@ovirt.org
> http://lists.ovirt.org/mailman/listinfo/users
>
>


-- 
Didi
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] How to install the engine manually?

[Pepe Pepe]

Hello.

 

Thanks for your answer.

 

The only thing I want to do is to install it "manually" without the yum command. Do you know what I want to mean ? 

 

One more question... Is it possible to change whether start the service automatically or not?

 

Thanks in advance.

Regards,

PP.

 

 

Enviar: jueves 4 de enero de 2018 a las 7:46
De: "Yedidyah Bar David" 
Para: "Pepe Pepe" 
CC: "OVIRT OVIRT" 
Asunto: Re: [ovirt-users] How to install the engine manually?




On Wed, Jan 3, 2018 at 8:07 PM, Pepe Pepe  wrote:





Hello everybody.

 

I'd like to know if it is possible to install the whole engine using the folder "src" that I can download from here:

 

http://resources.ovirt.org/pub/ovirt-4.2/

 

Would it be possible to install them all executing a Makefile or script?





 

You mean that you want to build everything from source? See these:


https://ovirt.org/develop/
https://ovirt.org/develop/developer-guide/engine/engine-development-environment/
https://ovirt.org/develop/developer-guide/vdsm/developers/
 

Best regards,

--

Didi





___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] oVirt-Gluster Hyperconvergence: Graceful shutdown and startup

[Bernhard Seidl]

Am 04.01.2018 um 11:56 schrieb Sahina Bose:
> 
> 
> On Wed, Jan 3, 2018 at 9:27 PM, Bernhard Seidl  > wrote:
> 
> Hi all and a happy new year,
> 
> I am just testing oVirt 4.2 using a three node gluster hyperconvergence
> and self hosted engine setup. How should this setup be shutdown and
> started again? Here is what tried an experienced:
> 
> 
> The approach you outlined is correct.
> 
> 
> Shutdown:
> 
> 1. Shutdown all VMs
> 
> 2. Enable global ha maintenance
> 
> 3. Wait for all VM
> 
> 4. Shutdown hosted-engine using "hosted-engine --vm-shutdown"
> 
> 5. Wait for stopped hosted engine
> 
> 6. Shutdown all nodes
> 
> Startup:
> 
> 1. Switch on all nodes
> 
> 2. Start glusterd on all nodes since it does not start by default (is
> this a bug?) using "systemctl start glusterd*"*
> 
> 
> Can you log a bug?

There it is: https://bugzilla.redhat.com/show_bug.cgi?id=1531052

> 
> 
> 3. Check volume status using "gluster peer status" and "gluster volume
> status all" on one of the nodes
> 
> 4. Wait for ovrt-ha-agent until "hosted-engine --vm-status" does not
> fail anymore printing "The hosted engine configuration has not been
> retrieved from shared storage. Please ensure that ovirt-ha-agent is
> running and the storage server is reachable."
> 
> 4. Start hosted engine "hosted-engine --vm-start" on one of the nodes
> 
> 5. Check status using "hosted-engine --vm-status" and wait until health
> reports good
> 
> 6. Wait until a host got the SPM role
> 

I think that I missed a step here:
6a. Disable global ha maintenance


> 7. Start VMs
> 
> Is this the best/correct way?
> 
> Kind regards,
> Bernhard

___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] Q: ext4 noatime/nidiratime for oVirt node mount points

[Donny Davis]

What is the purpose in putting these directives in for the hypervisor?

On Thu, Jan 4, 2018 at 6:46 AM, andreil1  wrote:

> Hi !
>
> Is it safe to turn on these options (noatime, nodiratime) in oVirt node
> fstab for these mount points?
> /home
> /
> /tmp
> /var
> /var/log
> /var/log/audit
>
> Node 4.2 installed on CentOS, not with node DVD.
>
> Thanks.
>
> ___
> Users mailing list
> Users@ovirt.org
> http://lists.ovirt.org/mailman/listinfo/users
>
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

[ovirt-users] Q: ext4 noatime/nidiratime for oVirt node mount points

[andreil1]

Hi !

Is it safe to turn on these options (noatime, nodiratime) in oVirt node fstab 
for these mount points?
/home
/
/tmp
/var
/var/log
/var/log/audit

Node 4.2 installed on CentOS, not with node DVD.

Thanks.

___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] oVirt-Gluster Hyperconvergence: Graceful shutdown and startup

[Sahina Bose]

On Wed, Jan 3, 2018 at 9:27 PM, Bernhard Seidl 
wrote:

> Hi all and a happy new year,
>
> I am just testing oVirt 4.2 using a three node gluster hyperconvergence
> and self hosted engine setup. How should this setup be shutdown and
> started again? Here is what tried an experienced:
>

The approach you outlined is correct.


> Shutdown:
>
> 1. Shutdown all VMs
>
> 2. Enable global ha maintenance
>
> 3. Wait for all VM
>
> 4. Shutdown hosted-engine using "hosted-engine --vm-shutdown"
>
> 5. Wait for stopped hosted engine
>
> 6. Shutdown all nodes
>
> Startup:
>
> 1. Switch on all nodes
>
> 2. Start glusterd on all nodes since it does not start by default (is
> this a bug?) using "systemctl start glusterd*"*
>

Can you log a bug?


> 3. Check volume status using "gluster peer status" and "gluster volume
> status all" on one of the nodes
>
> 4. Wait for ovrt-ha-agent until "hosted-engine --vm-status" does not
> fail anymore printing "The hosted engine configuration has not been
> retrieved from shared storage. Please ensure that ovirt-ha-agent is
> running and the storage server is reachable."
>
> 4. Start hosted engine "hosted-engine --vm-start" on one of the nodes
>
> 5. Check status using "hosted-engine --vm-status" and wait until health
> reports good
>
> 6. Wait until a host got the SPM role
>
> 7. Start VMs
>
> Is this the best/correct way?
>
> Kind regards,
> Bernhard
>
>
> ___
> Users mailing list
> Users@ovirt.org
> http://lists.ovirt.org/mailman/listinfo/users
>
>
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] Are Ovirt updates nessessary after CVE-2017-5754 CVE-2017-5753 CVE-2017-5715

[Barak Korren]

On 4 January 2018 at 09:24, Marcel Hanke  wrote:
> Hi,
> besides the kernel and microcode updates are there also updates of ovirt-
> engine and vdsm nessessary and if so, is there a timeline when the patches can
> be expected?
> If there are Patches nessessary will there also be updates for ovirt 4.1 or
> only 4.2?

Looking at the relevant Red Hat announcement:
https://access.redhat.com/security/vulnerabilities/speculativeexecution

It seems that no packages that are derived directly from oVirt were updated.
You can see qemu-kvm-rhev there, which is quemu-kvm-ev in CentOS -
that used to be distributed by oVirt, but these days its is shipped as
part of the CentOS VirtSIG repo.

AFAIK none of those components were released on CentOS yet, so if
you're running oVirt on CentOS you'll need to wait.

I suppose oVirt packages and install scripts will be updated over the
next few days to require the newer packages, but you do not need to
wait for those updates to patch your systems, you can probably patch
as soon as the updates are made available.

Once updates are available, a new node and engine-apppliance images
will probably also be built and released.

Please note that the above as mostly a rough estimate based on my
familiarity with the processes involved, I am not directly affiliated
with any of the teams handling the response to these CVEs.

-- 
Barak Korren
RHV DevOps team , RHCE, RHCi
Red Hat EMEA
redhat.com | TRIED. TESTED. TRUSTED. | redhat.com/trusted
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] Behaviour when attaching shared iSCSI storage with existing data

[Yaniv Kaul]

On Thu, Jan 4, 2018 at 4:03 AM, Sam McLeod  wrote:

> If one was to attach a shared iSCSI LUN as 'storage' to an oVirt data
> centre that contains existing data - how does oVirt behave?
>
> For example the LUN might be partitioned as LVM, then contain existing
> filesystems etc...
>
> - Would oVirt see that there is existing data on the LUN and simply attach
> it as any other linux initiator (client) world, or would it try to wipe the
> LUN clean and reinitialise it?
>

Neither - we will not be importing these as existing data domains, nor wipe
them, as they have contents.


>
>
> Context: Investigating migration from XenServer to oVirt (4.2.0)
>

A very interesting subject - would love to see the outcome!


>
> All our iSCSI storage is currently attached to XenServer hosts, XenServer
> formats those raw LUNs with LVM and VMs are stored within them.
>

I suspect we need to copy the data. We might be able to do some tricks, but
at the end of the day I think copying the data, LV to LV, makes the most
sense.
However, I wonder what else is needed - do we need a conversion of the
drivers, different kernel, etc.?

What are the export options Xen provides? Perhaps OVF?
Is there an API to stream the disks from Xen?
Y.


>
>
>
> *If the answer to this is already out there and I should have found it by
> searching, I apologise, please point me to the link and I'll RTFM.*
>
> --
> Sam McLeod
> https://smcleod.net
> https://twitter.com/s_mcleod
>
>
> ___
> Users mailing list
> Users@ovirt.org
> http://lists.ovirt.org/mailman/listinfo/users
>
>
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] About vGPU in oVirt

[Martin Polednik]

On 04/01/18 10:04 +0800, lofyer wrote:
It seems to be that no M10/M60 vGPU host driver for RHEL7 available on 
NVIDIA site.


Where should I get the driver or just wait for NVIDIA to release?


Wait for (or try asking) NVIDIA. oVirt can't provide the host/guest
vGPU driver.


___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

[ovirt-users] bad bond name when setting up hosted engine

[Sam McLeod]

I'm having a problem where when setting up hosted engine deployment it fails 
stating that the selected bond name is bad.

"code=25, message=bad bond name(s): mgmt)"

- Is there a problem similar to 
https://bugzilla.redhat.com/show_bug.cgi?id=1519807 
 that's known?
- If it seems to be this bug, is it preferred that I simply update the 
existing, closed issue as I have done, or open a new bug?

--
Sam McLeod
https://smcleod.net
https://twitter.com/s_mcleod

___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

[ovirt-users] Behaviour when attaching shared iSCSI storage with existing data

[Sam McLeod]

If one was to attach a shared iSCSI LUN as 'storage' to an oVirt data centre 
that contains existing data - how does oVirt behave?

For example the LUN might be partitioned as LVM, then contain existing 
filesystems etc...
 
- Would oVirt see that there is existing data on the LUN and simply attach it 
as any other linux initiator (client) world, or would it try to wipe the LUN 
clean and reinitialise it?


Context: Investigating migration from XenServer to oVirt (4.2.0)

All our iSCSI storage is currently attached to XenServer hosts, XenServer 
formats those raw LUNs with LVM and VMs are stored within them.



If the answer to this is already out there and I should have found it by 
searching, I apologise, please point me to the link and I'll RTFM.

--
Sam McLeod
https://smcleod.net
https://twitter.com/s_mcleod

___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users