from:"Alan Griffiths"

[ovirt-users] Replace Engine Self-Signed Certificate

2019-05-15 Thread Alan Griffiths

Hi,

I'm trying to replace the self-signed certificate in the engine.

I updated the four files listed here

http://www.ovirt.org/develop/release-management/features/infra/pki/

But on restarting Apache and logging in I get the following error,
"sun.security.validator.ValidatorException: PKIX path building failed:
sun.security.provider.certpath.SunCertPathBuilderException: unable to find
valid certification path to requested target"

What am I missing?

Thanks,

Alan

--
IMPORTANT!
This message has been scanned for viruses and phishing links.
However, it is your responsibility to evaluate the links and attachments you 
choose to click.
If you are uncertain, we always try to help.
Greetings helpd...@actnet.se



--
IMPORTANT!
This message has been scanned for viruses and phishing links.
However, it is your responsibility to evaluate the links and attachments you 
choose to click.
If you are uncertain, we always try to help.
Greetings helpd...@actnet.se


___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users
___
Users mailing list -- users@ovirt.org
To unsubscribe send an email to users-le...@ovirt.org
Privacy Statement: https://www.ovirt.org/site/privacy-policy/
oVirt Code of Conduct: 
https://www.ovirt.org/community/about/community-guidelines/
List Archives: 
https://lists.ovirt.org/archives/list/users@ovirt.org/message/NQNPRPNHJVH47C6GFINFJLGZSS5636V3/

[ovirt-users] oVirt 3.6.4 / PXE guest boot issues

2019-05-15 Thread Alan Griffiths

A explanation/work-around for this issue raised back in April.

It seems that if, in UCS, you configure a vNIC with a single native VLAN it
will still add an 802.1q header with tag 0 - possibly to do with QoS. And
this extra header prevents iPXE from parsing the DHCP response.

The solution for me was to present all VLANs on a single trunked vNIC to
the blade and configure VLAN tagging as per normal. The result is the tags
are stripped off the packets before being passed to the VM and DHCP now
works.

The same issue applies to VM-FEX as packets coming off the VF will have the
802.1q header. The only solution I can see here is to configure a bridged
interface for initial build of the VM and then switch to VM-FEX afterwards.

I found a discussion on the iPXE mailing list about addressing the vlan 0
issue, but I could see no agreed solution.

http://lists.ipxe.org/pipermail/ipxe-devel/2016-April/004901.html

Alan

--
IMPORTANT!
This message has been scanned for viruses and phishing links.
However, it is your responsibility to evaluate the links and attachments you
choose to click.
If you are uncertain, we always try to help.
Greetings helpd...@actnet.se

___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users
___
Users mailing list -- users@ovirt.org
To unsubscribe send an email to users-le...@ovirt.org
Privacy Statement: https://www.ovirt.org/site/privacy-policy/
oVirt Code of Conduct:
https://www.ovirt.org/community/about/community-guidelines/
List Archives:
https://lists.ovirt.org/archives/list/users@ovirt.org/message/HCN6MC4DSKN33RABI7LY2PLEQQGPZJDC/

[ovirt-users] nfs 4.2 support

2018-04-03 Thread Alan Griffiths

Hi,

I noticed that when mounting nfs domains in ovirt 4.1 using
auto-negotiate it settles on v4.1.

Is this due to lack of live storage migration as referenced in this bug

https://bugzilla.redhat.com/show_bug.cgi?id=1464787

Are there other known issues with 4.2 support?

Thanks,

Alan
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] Engine AAA LDAP startTLS Protocol Issue

2018-02-08 Thread Alan Griffiths

That works. Thanks.

On 8 February 2018 at 12:56, Ondra Machacek <omach...@redhat.com> wrote:
> On 02/08/2018 11:04 AM, Alan Griffiths wrote:
>>
>> Hi,
>>
>> Trying to configure Engine to authenticate against OpenLDAP and I seem
>> to be hitting a protocol bug.
>>
>> Attempts to test the login during the setup fail with
>>
>> 2018-02-07 12:27:37,872Z WARNING Exception: The connection reader was
>> unable to successfully complete TLS negotiation:
>> SSLException(message='Received fatal alert: protocol_version',
>> trace='getSSLException(Alerts.java:208) /
>> getSSLException(Alerts.java:154) / recvAlert(SSLSocketImpl.java:2033)
>> / readRecord(SSLSocketImpl.java:1135) /
>> performInitialHandshake(SSLSocketImpl.java:1385) /
>> startHandshake(SSLSocketImpl.java:1413) /
>> startHandshake(SSLSocketImpl.java:1397) /
>> run(LDAPConnectionReader.java:301)', revision=0)
>>
>> Running a packet trace I see that it's trying to negotiate with TLS
>> 1.0, but my LDAP server only support TLS 1.2.
>
>
> I've sent a fix:
>
>  https://gerrit.ovirt.org/87327
>
> To workaround it just please add to you profile properties file:
>
>  pool.default.ssl.startTLSProtocol = TLSv1.2
>
>>
>> This looks like a regression as it works fine in 4.0.
>>
>> I see the issue in both 4.1 and 4.2
>>
>> 4.1.9.1
>> 4.2.0.2
>>
>> Should I submit a bug?
>>
>> Thanks,
>>
>> Alan
>> ___
>> Users mailing list
>> Users@ovirt.org
>> http://lists.ovirt.org/mailman/listinfo/users
>>
>
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

[ovirt-users] Engine AAA LDAP startTLS Protocol Issue

2018-02-08 Thread Alan Griffiths

Hi,

Trying to configure Engine to authenticate against OpenLDAP and I seem
to be hitting a protocol bug.

Attempts to test the login during the setup fail with

2018-02-07 12:27:37,872Z WARNING Exception: The connection reader was
unable to successfully complete TLS negotiation:
SSLException(message='Received fatal alert: protocol_version',
trace='getSSLException(Alerts.java:208) /
getSSLException(Alerts.java:154) / recvAlert(SSLSocketImpl.java:2033)
/ readRecord(SSLSocketImpl.java:1135) /
performInitialHandshake(SSLSocketImpl.java:1385) /
startHandshake(SSLSocketImpl.java:1413) /
startHandshake(SSLSocketImpl.java:1397) /
run(LDAPConnectionReader.java:301)', revision=0)

Running a packet trace I see that it's trying to negotiate with TLS
1.0, but my LDAP server only support TLS 1.2.

This looks like a regression as it works fine in 4.0.

I see the issue in both 4.1 and 4.2

4.1.9.1
4.2.0.2

Should I submit a bug?

Thanks,

Alan
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] Why was HE Install made OVA only?

2017-11-21 Thread Alan Griffiths

I was building my own image, using Foreman, Puppet and PXE. There's a
specific partitioning schema I'm required to use in my environment and
building my own image from Kickstart is by far the easiest way to
achieve this.

I can appreciate that in most scenarios the OVA install is the
best/easiest option, but it would have been nice to keep PXE and ISO
options.

On 20 November 2017 at 17:24, Simone Tiraboschi <stira...@redhat.com> wrote:
>
> On Mon, Nov 20, 2017 at 4:39 PM, Alan Griffiths <apgriffith...@gmail.com>
> wrote:
>>
>> Hi,
>>
>> What was the reasoning behind making Hosted Engine install OVA only?
>> The PXEBoot feature always worked really well for me, and now I have a
>> number of extra steps to achieve the same end result.
>>
>
> Do you mean that you were customizing the image shipped via PXE?
> Deploying from the OVA is pretty convenient, if you want just to forget
> about it, you have to install also ovirt-engine-appliance rpm when you
> install ovirt-hosted-engine-setup one.
> I don't see other additional steps.
>
>
>>
>> Thanks,
>>
>> Alan
>> ___
>> Users mailing list
>> Users@ovirt.org
>> http://lists.ovirt.org/mailman/listinfo/users
>
>
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

[ovirt-users] Why was HE Install made OVA only?

2017-11-20 Thread Alan Griffiths

Hi,

What was the reasoning behind making Hosted Engine install OVA only?
The PXEBoot feature always worked really well for me, and now I have a
number of extra steps to achieve the same end result.

Thanks,

Alan
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] hosted exchange failed to install

2017-11-14 Thread Alan Griffiths

Looks like you need to clean out your storage domain left over from
the previous install attempt. What are you using, gluster, NFS?

On 14 November 2017 at 14:35, Rudi Ahlers  wrote:
> Hi,
>
> Can someone please help?
>
> I installed hosted exchange but specified the wrong interface, and thus
> couldn't access it. So I removed it (yum install) and reinstalled it, and
> re-ran the deploy but got the following error:
>
>  Please confirm installation settings (Yes, No)[Yes]:
> [ INFO  ] Stage: Transaction setup
> [ INFO  ] Stage: Misc configuration
> [ INFO  ] Stage: Package installation
> [ INFO  ] Stage: Misc configuration
> [ INFO  ] Configuring libvirt
> [ INFO  ] Configuring VDSM
> [WARNING] VDSM configuration file not found: creating a new configuration
> file
> [ INFO  ] Starting vdsmd
> [ INFO  ] Creating Storage Domain
> [ ERROR ] Failed to execute stage 'Misc configuration': Storage domain is
> not empty - requires cleaning: (u'srv1:/engine',)
> [ INFO  ] Yum Performing yum transaction rollback
> [ INFO  ] Stage: Clean up
> [ INFO  ] Generating answer file
> '/var/lib/ovirt-hosted-engine-setup/answers/answers-20171114162130.conf'
> [ INFO  ] Stage: Pre-termination
> [ INFO  ] Stage: Termination
> [ ERROR ] Hosted Engine deployment failed: this system is not reliable,
> please check the issue,fix and redeploy
>   Log file is located at
> /var/log/ovirt-hosted-engine-setup/ovirt-hosted-engine-setup-20171114161520-km3qok.log
>
>
>
> I am honestly not sure why it would think "this system is not reliable". How
> do I check what is actually wrong?
>
> The log file shows the same error:
>
>
> tail -f
> /var/log/ovirt-hosted-engine-setup/ovirt-hosted-engine-setup-20171114161520-km3qok.log
> 2017-11-14 16:21:30 DEBUG otopi.context context._executeMethod:134 condition
> False
> 2017-11-14 16:21:30 INFO otopi.context context.runSequence:687 Stage:
> Termination
> 2017-11-14 16:21:30 DEBUG otopi.context context.runSequence:691 STAGE
> terminate
> 2017-11-14 16:21:30 DEBUG otopi.context context._executeMethod:128 Stage
> terminate METHOD otopi.plugins.gr_he_common.core.misc.Plugin._terminate
> 2017-11-14 16:21:30 ERROR otopi.plugins.gr_he_common.core.misc
> misc._terminate:178 Hosted Engine deployment failed: this system is not
> reliable, please check the issue,fix and redeploy
> 2017-11-14 16:21:30 DEBUG otopi.plugins.otopi.dialog.human
> dialog.__logString:204 DIALOG:SEND Log file is located at
> /var/log/ovirt-hosted-engine-setup/ovirt-hosted-engine-setup-20171114161520-km3qok.log
> 2017-11-14 16:21:30 DEBUG otopi.context context._executeMethod:128 Stage
> terminate METHOD otopi.plugins.otopi.dialog.human.Plugin._terminate
> 2017-11-14 16:21:30 DEBUG otopi.context context._executeMethod:128 Stage
> terminate METHOD otopi.plugins.otopi.dialog.machine.Plugin._terminate
> 2017-11-14 16:21:30 DEBUG otopi.context context._executeMethod:134 condition
> False
> 2017-11-14 16:21:30 DEBUG otopi.context context._executeMethod:128 Stage
> terminate METHOD otopi.plugins.otopi.core.log.Plugin._terminate
>
>
> --
> Kind Regards
> Rudi Ahlers
> Website: http://www.rudiahlers.co.za
>
> ___
> Users mailing list
> Users@ovirt.org
> http://lists.ovirt.org/mailman/listinfo/users
>
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] ovirtmgmt network

2017-11-08 Thread Alan Griffiths

I think you would need an IP address on IF2, otherwise the HE cannot
communicate with the host.

If you have an entry in /etc/hosts that resolves the FQDN of the host
to the IP on IF2 then I think the setup script should create the
ovirtmgmt bridge there.

On 8 November 2017 at 12:33, Arsène Gschwind  wrote:
> Any hint or answer to my question?
>
> I've searched around but couldn't find any answer...
>
>
> On 10/31/2017 10:36 AM, Arsène Gschwind wrote:
>
> Hi,
>
> I have a question about ovirtmgmt network.
>
> When deploying Hosted-Engine it creates ovirtmgmt bridge on top of main nic
> of the host. This means the HE will be connected to the same network as the
> main Host connection. Is it possible to separate those subnet, let say I
> would have something like
>
> Host:
>
> IP: 10.0.a.b (VLAN a untagged) The host has an IP address on that interface
> GW: 10.0.a.gw
>
> Then i would have a tagged VLAN on top of that interface :
>
> IF2 : 10.0.c.x (VLAN c tagged) The host has no IP address on that interface
> GW: 10.0.c.gw
>
> Would it be possible to have the HE connected on IF2, if Yes how do we
> deploy such a setup?
>
> Thanks for any hint.
> Rgds,
> Arsène
>
> --
>
> Arsène Gschwind
> Fa. Sapify AG im Auftrag der Universität Basel
> IT Services
> Klingelbergstr. 70 |  CH-4056 Basel  |  Switzerland
> Tel. +41 79 449 25 63  |  http://its.unibas.ch
> ITS-ServiceDesk: support-...@unibas.ch | +41 61 267 14 11
>
>
> --
>
> Arsène Gschwind
> Fa. Sapify AG im Auftrag der Universität Basel
> IT Services
> Klingelbergstr. 70 |  CH-4056 Basel  |  Switzerland
> Tel. +41 79 449 25 63  |  http://its.unibas.ch
> ITS-ServiceDesk: support-...@unibas.ch | +41 61 267 14 11
>
>
> ___
> Users mailing list
> Users@ovirt.org
> http://lists.ovirt.org/mailman/listinfo/users
>
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] VM remote noVNC console

2017-10-06 Thread Alan Griffiths

I have this working through an SSH tunnel, although it adds some extra steps.

1. Figure out which port your VM console is bound to (5900 + offset).
2. SSH to the hypervisor tunneling a local port to that remote console port.
3. Click on the console link in the Engine and locally save the vv file.
4. Edit the vv file; change host to localhost and port to whichever
port you configured for the local side of the tunnel.
5. Save and run the vv file with your SPICE client.

You have two minutes to connect from downloading the vv file before
the password expires.

On 5 October 2017 at 22:58, Alex K  wrote:
> Any idea how this can be addressed?
>
>
> On Sep 19, 2017 23:07, "Alex K"  wrote:
>
> Hi all,
>
> I am trying to get the VM console of a VM through SSH socks proxy.
> This is a scenario I will frequently face, as the ovirt cluster will be
> available only though a remote SSH tunnel.
>
> I am trying several console options without success.
>
> With SPICE or VNC I get issue with virt-viewer saying "Unable to connect to
> libvirt with URI [none]'
>
> With noVNC I get a separate tab on browser where it is stuck showing
> "loading".
>
> Has anyone success with this kind of remote console access?
>
> Thanx,
> Alex
>
>
>
> ___
> Users mailing list
> Users@ovirt.org
> http://lists.ovirt.org/mailman/listinfo/users
>
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] Ovirt 4.0 and EL 7.4

2017-10-04 Thread Alan Griffiths

That didn't seem to make any difference.

I can make it work by disabling authentication

auth_unix_rw="none"  in /etc/libvirt/libvirtd.conf

On 4 October 2017 at 15:05, VONDRA Alain <avon...@unicef.fr> wrote:
> Hi,
> Did you modify your /etc/sasl2/libvirt.conf, because the update has modify 
> the way to authenticate from md5 to gssapi.
>
> If not just change this line :
> mech_list: gssapi
> to
> mech_list: digest-md5
>
> And restart services
>
> As mentioned in the libvirt.conf file :
>
> # NB, previously DIGEST-MD5 was set as the default mechanism for
> # libvirt. Per RFC 6331 this is vulnerable to many serious security
> # flaws and should no longer be used. Thus GSSAPI is now the default.
> #
> # To use GSSAPI requires that a libvirtd service principal is
> # added to the Kerberos server for each host running libvirtd.
> # This principal needs to be exported to the keytab file listed below
>
> Alain
>
>
>
> Alain VONDRA
>
> Chargé d'Exploitation et de Sécurité des Systèmes d'Information
> Direction Administrative et Financière
> +33 1 44 39 77 76
>
> UNICEF France
> 3 rue Duguay Trouin  75006
> PARIS
> www.unicef.fr
> -Message d'origine-
> De : users-boun...@ovirt.org [mailto:users-boun...@ovirt.org] De la part de 
> Alan Griffiths
> Envoyé : mercredi 4 octobre 2017 15:50
> À : Ovirt Users <users@ovirt.org>
> Objet : [ovirt-users] Ovirt 4.0 and EL 7.4
>
> Hi,
>
> Is 4.0 supported/known to work on CentOS 7.4?
>
> I've just tried to upgrade one of the hosts in my lab from 7.3 to 7.4 and now 
> vdsm-network fails to start with
>
> vdsm-tool: libvirt: XML-RPC error : authentication failed: authentication 
> failed
>
> To even get this far I had to exclude gluster packages as 7.4 introduces 3.8 
> but ovirt 4.0 repo is still on 3.7.
>
> So, more generally. If I'm on ovirt 4.0, gluster 3.7 and EL 7.3. What is the 
> best ordering for getting to ovirt 4.1 and EL 7.4?
>
> Thanks,
>
> Alan
> ___
> Users mailing list
> Users@ovirt.org
> http://lists.ovirt.org/mailman/listinfo/users
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

[ovirt-users] Ovirt 4.0 and EL 7.4

2017-10-04 Thread Alan Griffiths

Hi,

Is 4.0 supported/known to work on CentOS 7.4?

I've just tried to upgrade one of the hosts in my lab from 7.3 to 7.4
and now vdsm-network fails to start with

vdsm-tool: libvirt: XML-RPC error : authentication failed: authentication failed

To even get this far I had to exclude gluster packages as 7.4
introduces 3.8 but ovirt 4.0 repo is still on 3.7.

So, more generally. If I'm on ovirt 4.0, gluster 3.7 and EL 7.3. What
is the best ordering for getting to ovirt 4.1 and EL 7.4?

Thanks,

Alan
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

[ovirt-users] Engine Backup/Restore Question

2017-09-15 Thread Alan Griffiths

Hi,

Currently testing my recovery plan for HE failure.

I run a hosted engine, but in the event of some failure of the engine VM i
want to be able to quickly restore the engine to a standalone host running
independent of Ovirt (in this case a VM running on ESXi).

On a dry run I restore the backup onto the ESXi VM and run engine-setup. At
this point it fails with an error that I am not in Global Maintenance mode.

If I put the cluster into maintenance mode before performing the backup
then it works correctly. So is it necessary to do this on every backup? I
can find nothing in the documentation detailing this as a requirement?

Alternatively it seems I can manually update the ha_global_maintenance
column in the vds_statistics table before running engine-setup, but not
sure of the implications of doing this.

ovirt-4.0.6.3

Thanks,

Alan
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] Ovirt 4.1 testing backup and restore Self-hosted Engine

2017-08-25 Thread Alan Griffiths

As I recall (a few weeks ago now) it was after restore, once the host had
been registered in the Manager. However, I was testing on 4.0, so maybe the
behaviour is slightly different in 4.1.

Can you see anything in the Engine or vdsm logs as to why it won't remove
the storage? Perhaps try removing the stale HostedEngine VM ?

On 25 August 2017 at 09:14, wodel youchi <wodel.you...@gmail.com> wrote:

> Hi and thanks,
>
> But when to remove the hosted_engine storage ? During the restore
> procedure or after ? Because after I couldn't do it, the manager refused to
> put that storage in maintenance mode.
>
> Regards
>
> Le 25 août 2017 08:49, "Alan Griffiths" <apgriffith...@gmail.com> a
> écrit :
>
>> As I recall from my testing. If you remove the old hosted_storage domain
>> then the new one should get automatically imported.
>>
>> On 24 August 2017 at 23:03, wodel youchi <wodel.you...@gmail.com> wrote:
>>
>>> Hi,
>>>
>>> I am testing the backup and restore procedure of the Self-hosted Engine,
>>> and I have a problem.
>>>
>>> This haw I did the test.
>>>
>>> I have two hypervisors hosted-engine. I am used iSCSI disk for the VM
>>> engine.
>>>
>>> I followed the procedure described in the Self-hosted Engine document to
>>> execute the backup, I put the first host in maintenance mode, the I create
>>> the backup and save it elsewhere.
>>>
>>> Then I've create a new iscsi disk, I reinstalled the first host with the
>>> save IP/hostname, then I followed the restore procedure to get the Manager
>>> up and running again.
>>> - hosted-engine --deploy
>>> - do not execute engine-setup, restore backup first
>>> - execute engine-setup
>>> - remove the host from the manager
>>> - synchronize the restored manger with the host
>>> - finalize deployment.
>>>
>>> all went well till this point, but I have a problem with the VM-engine,
>>> it is shown as down in the admin portal. the ovirt-ha-agent cannot retrieve
>>> the VM config from the shared storage.
>>>
>>> I think the problem, is that the hosted-engine storage domain is still
>>> pointing to the old disk of the old manager and not the new one. I don't
>>> know where is this information is stored, in the DB or in the Manager's
>>> config files, but when I click Manager hosted-engine domain, I can see the
>>> old LUN grayed and the new one (which is used by the restored Manager) is
>>> not grayed.
>>>
>>> How can I fix this?
>>>
>>> Regards.
>>>
>>>
>>> <https://www.avast.com/sig-email?utm_medium=email_source=link_campaign=sig-email_content=webmail>
>>>  Garanti
>>> sans virus. www.avast.com
>>> <https://www.avast.com/sig-email?utm_medium=email_source=link_campaign=sig-email_content=webmail>
>>> <#m_9177001278217562974_m_7731007781891096843_m_3883279741882476845_DAB4FAD8-2DD7-40BB-A1B8-4E2AA1F9FDF2>
>>>
>>> ___
>>> Users mailing list
>>> Users@ovirt.org
>>> http://lists.ovirt.org/mailman/listinfo/users
>>>
>>>
>>
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] Inter Cluster Traffic

2017-08-23 Thread Alan Griffiths

I am planning to live migrate VMs. From my testing this works fine
providing cross cluster hosts can talk to each other and they share a
common migration network.

On 23 August 2017 at 13:54, Gianluca Cecchi <gianluca.cec...@gmail.com>
wrote:

> On Tue, Aug 22, 2017 at 5:23 PM, Alan Griffiths <apgriffith...@gmail.com>
> wrote:
>
>> Hi,
>>
>> I'm in the process of building a second ovirt cluster within the default
>> DC. This new cluster will use the same storage domains as the original
>> cluster, and I will slowly migrate VMs from the old cluster to the new.
>>
>> Given that the old and new cluster hosts have a firewall between them I
>> need to ensure that all relevant ports are open, with particular attention
>> to the correct operation of SPM.
>>
>> Is it sufficient to open TCP ports 16514 and 54321 to achieve this?
>>
>> Thanks,
>>
>> Alan
>>
>>
> One note:
>
> when you say:
> I will slowly migrate VMs from the old cluster to the new.
>
> what do you mean exactly with "migrate"?
> If you mean Live Migraton as described here:
> https://access.redhat.com/documentation/en-US/Red_Hat_Enterp
> rise_Virtualization/3.5/html/Administration_Guide/sect-
> Migrating_Virtual_Machines_Between_Hosts.html
>
> please note that you can live migrate a VM only within the same cluster,
> not across.
>
> You can edit a VM of a datacenter and change the cluster where it have to
> start, but you have to first shutdown the VM to do so.
> Probably you already considered this and the related potential downtime
> for your services.
>
> Gianluca
>
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] Inter Cluster Traffic

2017-08-23 Thread Alan Griffiths

Just found this in the RHV docs. I think sections 2.8 to 2.12 cover
everything you could wish to know about SPM process. It made it clear for
me anyway. Once SPM is elected then all communication is via the storage
domain, no TCP/IP comms required.

https://access.redhat.com/documentation/en-us/red_hat_virtualization/4.0/html/technical_reference/role_the_storage_pool_manager



On 22 August 2017 at 16:58, Alan Griffiths <apgriffith...@gmail.com> wrote:

> It's my understanding that when you activate a host part of the process is
> to verify that it can connect to all active storage domains. If it cannot
> connect to any domain then it will refuse to go to the "up" state. In my
> case the storage domains are FC so completely outside the TCP/IP stack.
>
> On 22 August 2017 at 16:42, FERNANDO FREDIANI <fernando.fredi...@upx.com>
> wrote:
>
>> How do you make the new cluster to use the same storage domain as the
>> original one ? Storage Domains in oVirt are a bit confusing and less
>> flexible and I am not sure it allows it, does it ?
>>
>> On 22/08/2017 12:23, Alan Griffiths wrote:
>>
>> Hi,
>>
>> I'm in the process of building a second ovirt cluster within the default
>> DC. This new cluster will use the same storage domains as the original
>> cluster, and I will slowly migrate VMs from the old cluster to the new.
>>
>> Given that the old and new cluster hosts have a firewall between them I
>> need to ensure that all relevant ports are open, with particular attention
>> to the correct operation of SPM.
>>
>> Is it sufficient to open TCP ports 16514 and 54321 to achieve this?
>>
>> Thanks,
>>
>> Alan
>>
>>
>> ___
>> Users mailing 
>> listUsers@ovirt.orghttp://lists.ovirt.org/mailman/listinfo/users
>>
>>
>>
>> ___
>> Users mailing list
>> Users@ovirt.org
>> http://lists.ovirt.org/mailman/listinfo/users
>>
>>
>
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] Inter Cluster Traffic

2017-08-22 Thread Alan Griffiths

It's my understanding that when you activate a host part of the process is
to verify that it can connect to all active storage domains. If it cannot
connect to any domain then it will refuse to go to the "up" state. In my
case the storage domains are FC so completely outside the TCP/IP stack.

On 22 August 2017 at 16:42, FERNANDO FREDIANI <fernando.fredi...@upx.com>
wrote:

> How do you make the new cluster to use the same storage domain as the
> original one ? Storage Domains in oVirt are a bit confusing and less
> flexible and I am not sure it allows it, does it ?
>
> On 22/08/2017 12:23, Alan Griffiths wrote:
>
> Hi,
>
> I'm in the process of building a second ovirt cluster within the default
> DC. This new cluster will use the same storage domains as the original
> cluster, and I will slowly migrate VMs from the old cluster to the new.
>
> Given that the old and new cluster hosts have a firewall between them I
> need to ensure that all relevant ports are open, with particular attention
> to the correct operation of SPM.
>
> Is it sufficient to open TCP ports 16514 and 54321 to achieve this?
>
> Thanks,
>
> Alan
>
>
> ___
> Users mailing listUsers@ovirt.orghttp://lists.ovirt.org/mailman/listinfo/users
>
>
>
> ___
> Users mailing list
> Users@ovirt.org
> http://lists.ovirt.org/mailman/listinfo/users
>
>
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

[ovirt-users] Inter Cluster Traffic

2017-08-22 Thread Alan Griffiths

Hi,

I'm in the process of building a second ovirt cluster within the default
DC. This new cluster will use the same storage domains as the original
cluster, and I will slowly migrate VMs from the old cluster to the new.

Given that the old and new cluster hosts have a firewall between them I
need to ensure that all relevant ports are open, with particular attention
to the correct operation of SPM.

Is it sufficient to open TCP ports 16514 and 54321 to achieve this?

Thanks,

Alan
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] [EXTERNAL] Re: Host stuck unresponsive after Network Outage

2017-07-19 Thread Alan Griffiths

What happens if you run "/usr/bin/vdsm-tool restore-nets" manually?

On 19 July 2017 at 16:22, Anthony.Fillmore <anthony.fillm...@target.com>
wrote:

> All services active and running except the vdsm-network.service which last
> entry is “activating”:
>
>
>
> [root@t0894bmh1001 vdsm.conf.d]# systemctl status -l vdsm-network.service
> -l
>
> ● vdsm-network.service - Virtual Desktop Server Manager network restoration
>
>Loaded: loaded (/usr/lib/systemd/system/vdsm-network.service; enabled;
> vendor preset: enabled)
>
>Active: activating (start) since Tue 2017-07-18 10:42:57 CDT; 23h ago
>
>   Process: 8216 ExecStartPre=/usr/bin/vdsm-tool --vvverbose --append
> --logfile=/var/log/vdsm/upgrade.log upgrade-unified-persistence
> (code=exited, status=0/SUCCESS)
>
> Main PID: 8231 (vdsm-tool)
>
>CGroup: /system.slice/vdsm-network.service
>
>├─8231 /usr/bin/python /usr/bin/vdsm-tool restore-nets
>
>    └─8240 /usr/bin/python /usr/share/vdsm/vdsm-restore-net-config
>
> *From:* Alan Griffiths [mailto:apgriffith...@gmail.com]
> *Sent:* Wednesday, July 19, 2017 10:13 AM
>
> *To:* Anthony.Fillmore <anthony.fillm...@target.com>
> *Cc:* Pavel Gashev <p...@acronis.com>; users@ovirt.org; Brandon.Markgraf <
> brandon.markg...@target.com>; Sandeep.Mendiratta <
> sandeep.mendira...@target.com>
> *Subject:* Re: [ovirt-users] [EXTERNAL] Re: Host stuck unresponsive after
> Network Outage
>
>
>
> Looking at vdsmd.service on one of my 4.0 hosts.
>
>
>
> Requires=multipathd.service libvirtd.service time-sync.target \
>
>  iscsid.service rpcbind.service supervdsmd.service sanlock.service
> \
>
>  vdsm-network.service
>
>
>
> Are all these services present and running?
>
>
>
>
>
> On 19 July 2017 at 16:05, Anthony.Fillmore <anthony.fillm...@target.com>
> wrote:
>
> Are the vdsm.conf or mom.conf file in /etc/vdsm of note in this
> situation?
>
>
>
> *From:* Anthony.Fillmore
> *Sent:* Wednesday, July 19, 2017 9:57 AM
> *To:* 'Alan Griffiths' <apgriffith...@gmail.com>
> *Cc:* Pavel Gashev <p...@acronis.com>; users@ovirt.org; Brandon.Markgraf <
> brandon.markg...@target.com>; Sandeep.Mendiratta <
> sandeep.mendira...@target.com>
> *Subject:* RE: [ovirt-users] [EXTERNAL] Re: Host stuck unresponsive after
> Network Outage
>
>
>
> [boxname ~]# systemctl | grep -i dead
>
> mom-vdsm.service
>
>start MOM instance
> configured for VDSM purposes
>
> vdsmd.service
>
> start Virtual Desktop
> Server Manager
>
>
>
>
>
> [ boxname ~]# systemctl | grep -i exited
>
> blk-availability.service
>
>Availability
> of block devices
>
> iptables.service
>
> IPv4 firewall with
> iptables
>
> kdump.service
>
>  Crash
> recovery kernel arming
>
> kmod-static-nodes.service
>
>  Create list
> of required static device nodes for the current kernel
>
> lvm2-monitor.service
>
>  Monitoring
> of LVM2 mirrors, snapshots etc. using dmeventd or progress polling
>
> lvm2-pvscan@253:3.service
>
>  LVM2 PV scan
> on device 253:3
>
> lvm2-pvscan@253:4.service
>
>  LVM2 PV scan
> on device 253:4
>
> lvm2-pvscan@8:3.service
>
>  LVM2 PV scan
> on device 8:3
>
> network.service
>
>  LSB:
> Bring up/down networking
>
> openvswitch-nonetwork.service
>
>   Open vSwitch
> Internal Unit
>
> openvswitch.service
>
> Open vSwitch
>
> rhel-dmesg.service
>
>  Dump dmesg
> to /var/log/dmesg
>
> rhel-import-state.service
>
>  Import
> network configuration from initramfs
>
> rhel-readonly.service
>
>Configure
> read-only root support

Re: [ovirt-users] [EXTERNAL] Re: Host stuck unresponsive after Network Outage

2017-07-19 Thread Alan Griffiths

Looking at vdsmd.service on one of my 4.0 hosts.

Requires=multipathd.service libvirtd.service time-sync.target \
 iscsid.service rpcbind.service supervdsmd.service sanlock.service \
 vdsm-network.service

Are all these services present and running?


On 19 July 2017 at 16:05, Anthony.Fillmore <anthony.fillm...@target.com>
wrote:

> Are the vdsm.conf or mom.conf file in /etc/vdsm of note in this
> situation?
>
>
>
> *From:* Anthony.Fillmore
> *Sent:* Wednesday, July 19, 2017 9:57 AM
> *To:* 'Alan Griffiths' <apgriffith...@gmail.com>
> *Cc:* Pavel Gashev <p...@acronis.com>; users@ovirt.org; Brandon.Markgraf <
> brandon.markg...@target.com>; Sandeep.Mendiratta <
> sandeep.mendira...@target.com>
> *Subject:* RE: [ovirt-users] [EXTERNAL] Re: Host stuck unresponsive after
> Network Outage
>
>
>
> [boxname ~]# systemctl | grep -i dead
>
> mom-vdsm.service
>
>start MOM instance
> configured for VDSM purposes
>
> vdsmd.service
>
> start Virtual Desktop
> Server Manager
>
>
>
>
>
> [ boxname ~]# systemctl | grep -i exited
>
> blk-availability.service
>
>Availability
> of block devices
>
> iptables.service
>
> IPv4 firewall with
> iptables
>
> kdump.service
>
>  Crash
> recovery kernel arming
>
> kmod-static-nodes.service
>
>  Create list
> of required static device nodes for the current kernel
>
> lvm2-monitor.service
>
>  Monitoring
> of LVM2 mirrors, snapshots etc. using dmeventd or progress polling
>
> lvm2-pvscan@253:3.service
>
>  LVM2 PV scan
> on device 253:3
>
> lvm2-pvscan@253:4.service
>
>  LVM2 PV scan
> on device 253:4
>
> lvm2-pvscan@8:3.service
>
>  LVM2 PV scan
> on device 8:3
>
> network.service
>
>  LSB:
> Bring up/down networking
>
> openvswitch-nonetwork.service
>
>   Open vSwitch
> Internal Unit
>
> openvswitch.service
>
> Open vSwitch
>
> rhel-dmesg.service
>
>  Dump dmesg
> to /var/log/dmesg
>
> rhel-import-state.service
>
>  Import
> network configuration from initramfs
>
> rhel-readonly.service
>
>Configure
> read-only root support
>
> systemd-journal-flush.service
>
>Flush Journal to
> Persistent Storage
>
> systemd-modules-load.service
>
> 
> Load
> Kernel Modules
>
> systemd-random-seed.service
>
>  Load/Save
> Random Seed
>
> systemd-readahead-collect.service
>
>  Collect
> Read-Ahead Data
>
> systemd-readahead-replay.service
>
>   Replay
> Read-Ahead Data
>
> systemd-remount-fs.service
>
>  Remount Root
> and Kernel File Systems
>
> systemd-sysctl.service
>
>  Apply Kernel
> Variables
>
> systemd-tmpfiles-setup-dev.service
>
> Create
> Static Device Nodes in /dev
>
> systemd-tmpfiles-setup.service
>
>
> Create Volatile Files and Directories
>
> systemd-udev-trigger.service
>
>  udev
> Coldplug all Devices
>
> systemd-update-utmp.service
>
>      Update UTMP
> about System Boot/Shutdown
>
> systemd-user-sessions.service
>
>  Permit
> User Sessions
>
> systemd-v

Re: [ovirt-users] [EXTERNAL] Re: Host stuck unresponsive after Network Outage

2017-07-19 Thread Alan Griffiths

Are there other failed services?

systemctl --state=failed

On 19 July 2017 at 15:40, Anthony.Fillmore <anthony.fillm...@target.com>
wrote:

> Hey Alan,
>
>
>
> Rpcbind is running on my box, looks like no issue there.  Any other ideas
> on what could be keeping vdsmd dead?  I even uninstalled all Ovirt related
> components from the host and went for a reinstall of the host through Ovirt
> (just short of actually fully removing the host from ovirt and re-adding,
> which I want to avoid) and the reinstall ends up timing out when it
> attempts to start VDSM (checking logs can see the service is dead when it
> gets here).
>
>
>
> Thanks,
>
> Tony
>
>
>
> *From:* Alan Griffiths [mailto:apgriffith...@gmail.com]
> *Sent:* Wednesday, July 19, 2017 4:14 AM
> *To:* Anthony.Fillmore <anthony.fillm...@target.com>
> *Cc:* Pavel Gashev <p...@acronis.com>; users@ovirt.org; Brandon.Markgraf <
> brandon.markg...@target.com>; Sandeep.Mendiratta <
> sandeep.mendira...@target.com>
> *Subject:* Re: [ovirt-users] [EXTERNAL] Re: Host stuck unresponsive after
> Network Outage
>
>
>
> Is rpcbind running? This is a dependency for vdsmd.
>
>
>
> I've seen issues where rpcbind will not start on boot if IPv6 is disabled.
> The solution for me was to rebuild the initramfs, aka "dracut -f"
>
>
>
> On 18 July 2017 at 18:13, Anthony.Fillmore <anthony.fillm...@target.com>
> wrote:
>
> [boxname ~]# systemctl status -l vdsm-network
>
> ● vdsm-network.service - Virtual Desktop Server Manager network restoration
>
>Loaded: loaded (/usr/lib/systemd/system/vdsm-network.service; enabled;
> vendor preset: enabled)
>
>Active: activating (start) since Tue 2017-07-18 10:42:57 CDT; 1h 29min
> ago
>
>   Process: 8216 ExecStartPre=/usr/bin/vdsm-tool --vvverbose --append
> --logfile=/var/log/vdsm/upgrade.log upgrade-unified-persistence
> (code=exited, status=0/SUCCESS)
>
> Main PID: 8231 (vdsm-tool)
>
>CGroup: /system.slice/vdsm-network.service
>
>├─8231 /usr/bin/python /usr/bin/vdsm-tool restore-nets
>
>└─8240 /usr/bin/python /usr/share/vdsm/vdsm-restore-net-config
>
>
>
> Jul 18 10:42:57 t0894bmh1001.stores.target.com systemd[1]: Starting
> Virtual Desktop Server Manager network restoration...
>
>
>
> Thanks,
>
> Tony
>
> *From:* Pavel Gashev [mailto:p...@acronis.com]
> *Sent:* Tuesday, July 18, 2017 11:17 AM
> *To:* Anthony.Fillmore <anthony.fillm...@target.com>; users@ovirt.org
> *Cc:* Brandon.Markgraf <brandon.markg...@target.com>; Sandeep.Mendiratta <
> sandeep.mendira...@target.com>
> *Subject:* [EXTERNAL] Re: [ovirt-users] Host stuck unresponsive after
> Network Outage
>
>
>
> Anthony,
>
>
>
> Output of “systemctl status -l vdsm-network” would help.
>
>
>
>
>
> *From: *<users-boun...@ovirt.org> on behalf of "Anthony.Fillmore" <
> anthony.fillm...@target.com>
> *Date: *Tuesday, 18 July 2017 at 18:13
> *To: *"users@ovirt.org" <users@ovirt.org>
> *Cc: *"Brandon.Markgraf" <brandon.markg...@target.com>,
> "Sandeep.Mendiratta" <sandeep.mendira...@target.com>
> *Subject: *[ovirt-users] Host stuck unresponsive after Network Outage
>
>
>
> Hey Ovirt Users and Team,
>
>
>
> I have a host that I am unable to recover post a network outage.  The host
> is stuck in unresponsive mode, even though the host is on the network, able
> to SSH and seems to be healthy.  I’ve tried several things to recover the
> host in Ovirt, but have had no success so far.  I’d like to reach out to
> the community before blowing away and rebuilding the host.
>
>
>
> *Environment*: I have an Ovengine server with about 26 Datacenters, with
> 2 to 3 hosts per Datacenter.  My Ovengine server is hosted centrally, with
> my hosts being bare-metal and distributed throughout my environment.
>   Ovengine is version 4.0.6.
>
>
>
> *What I’ve tried: *put into maintenance mode, rebooted the host.
> Confirmed host was rebooted and tried to active, goes back to
> unresponsive.   Attempted a reinstall, which fails.
>
>
>
> *Checking from the host perspective, I can see the following problems: *
>
>
>
> [boxname~]# systemctl status vdsmd
>
> ● vdsmd.service - Virtual Desktop Server Manager
>
>Loaded: loaded (/usr/lib/systemd/system/vdsmd.service; enabled; vendor
> preset: enabled)
>
>Active: inactive (dead)
>
>
>
> Jul 14 12:34:28 boxname systemd[1]: Dependency failed for Virtual Desktop
> Server Manager.
>
> Jul 14 12:34:28 boxname systemd[1]: Job vdsmd.service/start faile

Re: [ovirt-users] [EXTERNAL] Re: Host stuck unresponsive after Network Outage

2017-07-19 Thread Alan Griffiths

Is rpcbind running? This is a dependency for vdsmd.

I've seen issues where rpcbind will not start on boot if IPv6 is disabled.
The solution for me was to rebuild the initramfs, aka "dracut -f"

On 18 July 2017 at 18:13, Anthony.Fillmore 
wrote:

> [boxname ~]# systemctl status -l vdsm-network
>
> ● vdsm-network.service - Virtual Desktop Server Manager network restoration
>
>Loaded: loaded (/usr/lib/systemd/system/vdsm-network.service; enabled;
> vendor preset: enabled)
>
>Active: activating (start) since Tue 2017-07-18 10:42:57 CDT; 1h 29min
> ago
>
>   Process: 8216 ExecStartPre=/usr/bin/vdsm-tool --vvverbose --append
> --logfile=/var/log/vdsm/upgrade.log upgrade-unified-persistence
> (code=exited, status=0/SUCCESS)
>
> Main PID: 8231 (vdsm-tool)
>
>CGroup: /system.slice/vdsm-network.service
>
>├─8231 /usr/bin/python /usr/bin/vdsm-tool restore-nets
>
>└─8240 /usr/bin/python /usr/share/vdsm/vdsm-restore-net-config
>
>
>
> Jul 18 10:42:57 t0894bmh1001.stores.target.com systemd[1]: Starting
> Virtual Desktop Server Manager network restoration...
>
>
>
> Thanks,
>
> Tony
>
> *From:* Pavel Gashev [mailto:p...@acronis.com]
> *Sent:* Tuesday, July 18, 2017 11:17 AM
> *To:* Anthony.Fillmore ; users@ovirt.org
> *Cc:* Brandon.Markgraf ; Sandeep.Mendiratta <
> sandeep.mendira...@target.com>
> *Subject:* [EXTERNAL] Re: [ovirt-users] Host stuck unresponsive after
> Network Outage
>
>
>
> Anthony,
>
>
>
> Output of “systemctl status -l vdsm-network” would help.
>
>
>
>
>
> *From: * on behalf of "Anthony.Fillmore" <
> anthony.fillm...@target.com>
> *Date: *Tuesday, 18 July 2017 at 18:13
> *To: *"users@ovirt.org" 
> *Cc: *"Brandon.Markgraf" ,
> "Sandeep.Mendiratta" 
> *Subject: *[ovirt-users] Host stuck unresponsive after Network Outage
>
>
>
> Hey Ovirt Users and Team,
>
>
>
> I have a host that I am unable to recover post a network outage.  The host
> is stuck in unresponsive mode, even though the host is on the network, able
> to SSH and seems to be healthy.  I’ve tried several things to recover the
> host in Ovirt, but have had no success so far.  I’d like to reach out to
> the community before blowing away and rebuilding the host.
>
>
>
> *Environment*: I have an Ovengine server with about 26 Datacenters, with
> 2 to 3 hosts per Datacenter.  My Ovengine server is hosted centrally, with
> my hosts being bare-metal and distributed throughout my environment.
>   Ovengine is version 4.0.6.
>
>
>
> *What I’ve tried: *put into maintenance mode, rebooted the host.
> Confirmed host was rebooted and tried to active, goes back to
> unresponsive.   Attempted a reinstall, which fails.
>
>
>
> *Checking from the host perspective, I can see the following problems: *
>
>
>
> [boxname~]# systemctl status vdsmd
>
> ● vdsmd.service - Virtual Desktop Server Manager
>
>Loaded: loaded (/usr/lib/systemd/system/vdsmd.service; enabled; vendor
> preset: enabled)
>
>Active: inactive (dead)
>
>
>
> Jul 14 12:34:28 boxname systemd[1]: Dependency failed for Virtual Desktop
> Server Manager.
>
> Jul 14 12:34:28 boxname systemd[1]: Job vdsmd.service/start failed with
> result 'dependency'.
>
>
>
> *Going a bit deeper, the results of journalctl –xe: *
>
>
>
> [root@boxname ~]# journalctl -xe
>
> -- Defined-By: systemd
>
> -- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
>
> --
>
> -- Unit libvirtd.service has begun shutting down.
>
> Jul 18 09:07:31 boxname systemd[1]: Stopped Virtualization daemon.
>
> -- Subject: Unit libvirtd.service has finished shutting down
>
> -- Defined-By: systemd
>
> -- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
>
> --
>
> -- Unit libvirtd.service has finished shutting down.
>
> Jul 18 09:07:31 boxname systemd[1]: Reloading.
>
> Jul 18 09:07:31 boxname systemd[1]: Binding to IPv6 address not available
> since kernel does not support IPv6.
>
> Jul 18 09:07:31 boxname systemd[1]: [/usr/lib/systemd/system/rpcbind.socket:6]
> Failed to parse address value, ignoring: [::
>
> Jul 18 09:07:31 boxname systemd[1]: Started Auxiliary vdsm service for
> running helper functions as root.
>
> -- Subject: Unit supervdsmd.service has finished start-up
>
> -- Defined-By: systemd
>
> -- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
>
> --
>
> -- Unit supervdsmd.service has finished starting up.
>
> --
>
> -- The start-up result is done.
>
> Jul 18 09:07:31 boxname systemd[1]: Starting Auxiliary vdsm service for
> running helper functions as root...
>
> -- Subject: Unit supervdsmd.service has begun start-up
>
> -- Defined-By: systemd
>
> -- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
>
> --
>
> -- Unit supervdsmd.service has begun starting up.
>
> Jul 18 09:07:31 boxname systemd[1]: Starting Virtualization

Re: [ovirt-users] Ovirt adding routes

2017-06-26 Thread Alan Griffiths

Thanks for the clarification, I see now why it's not working. In the GUI
there is no gateway configured for ovirtmgmt network on my single host.
However I can't add one as the network is "in use" by the HostedEngine.
Other than adding a second host is there anyway to work around this?

On 18 June 2017 at 08:11, Edward Haas <eh...@redhat.com> wrote:

> Hi Alan,
>
> The oVirt host agent (VDSM) has a multi-gateway/sourceroute feature which
> allows gateways to be specified per network, in addition to the host level
> routes.
> By default and depending on which version you use, only the ovirtmgmt
> (management) network defines the host default route but all networks
> (including ovirtmgmt) have a gateway definition which is set on a per
> network base.
>
> The way network based routes are defined is using different routing tables
> and rules.
> For more information, please see the feature page:
> http://www.ovirt.org/develop/release-management/features/
> network/multiple-gateways
>
> It should not block or interfere with your traffic, unless you are doing
> something unexpected, like having the default that collides the the one
> defined using ovirtmgmt network.
>
> Thanks,
> Edy.
>
>
> On Tue, Jun 13, 2017 at 6:28 PM, Alan Griffiths <apgriffith...@gmail.com>
> wrote:
>
>> Hi,
>>
>> When installing an ovirt host I got these routes automatically added
>>
>> default dev ovirtmgmt  table 2886865805  scope link
>> 172.18.19.128/26 via 172.18.19.141 dev ovirtmgmt  table 2886865805
>>
>> What is their intended purpose? It seems to be stopping packets from
>> being correctly routed to the local gateway.
>>
>> Thanks,
>>
>> Alan
>>
>> ___
>> Users mailing list
>> Users@ovirt.org
>> http://lists.ovirt.org/mailman/listinfo/users
>>
>>
>
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

[ovirt-users] Ovirt adding routes

2017-06-13 Thread Alan Griffiths

Hi,

When installing an ovirt host I got these routes automatically added

default dev ovirtmgmt  table 2886865805  scope link
172.18.19.128/26 via 172.18.19.141 dev ovirtmgmt  table 2886865805

What is their intended purpose? It seems to be stopping packets from being
correctly routed to the local gateway.

Thanks,

Alan
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] KVM Import with Thin Provisioning

2017-05-30 Thread Alan Griffiths

https://bugzilla.redhat.com/show_bug.cgi?id=1456801

On 29 May 2017 at 12:17, Tomas Jelinek <tjeli...@redhat.com> wrote:

>
>
> On Fri, May 26, 2017 at 9:09 PM, Alan Griffiths <apgriffith...@gmail.com>
> wrote:
>
>> Hi,
>>
>> I don't seem to be able create thin provision disks when importing from
>> KVM. Once import is complete the disk allocation policy is reported as
>> thin, but the actual size is in fact slightly larger than the virtual size.
>>
>> For example, original qcow2 file size - 6G. Virtual size - 1024G.
>> Imported actual size (according to Engine GUI) 1126G.
>>
>> Is this a known issue?
>>
>
> yes, this is a known issue. The fix depends on
> https://bugzilla.redhat.com/show_bug.cgi?id=1332019 which will be
> available only for oVirt 4.2 when we will able to consume it.
>
> But in order to not to forget about it, could you please open a bug about
> your issue?
>
>
>>
>> Running 4.0.4.
>>
>> Thanks,
>>
>> Alan
>>
>> ___
>> Users mailing list
>> Users@ovirt.org
>> http://lists.ovirt.org/mailman/listinfo/users
>>
>>
>
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

[ovirt-users] KVM Import with Thin Provisioning

2017-05-26 Thread Alan Griffiths

Hi,

I don't seem to be able create thin provision disks when importing from
KVM. Once import is complete the disk allocation policy is reported as
thin, but the actual size is in fact slightly larger than the virtual size.

For example, original qcow2 file size - 6G. Virtual size - 1024G. Imported
actual size (according to Engine GUI) 1126G.

Is this a known issue?

Running 4.0.4.

Thanks,

Alan
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

[ovirt-users] Resolving host non_responsive

2017-05-03 Thread Alan Griffiths

Hi,

Following a short network outage a couple of HE hosts are reported as
non_responsive in the engine. Storage was not affected and the VMs continue
to run on those hosts. Is it possible to bring the hosts back under
management without disrupting the running of the VMs? Is it as simple as
confirming host has rebooted?

Thanks,

Alan
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] Recent Install Docs?

2017-03-30 Thread Alan Griffiths

I believe that is the required setup - dedicated storage domain for HE.
It's certainly the case on 4.0, I haven't played with 4.1 yet.

For docs you can always check the RHV set, they are generally applicable to
oVirt.

https://access.redhat.com/documentation/en-us/red_hat_
virtualization/4.1-beta/html/self-hosted_engine_guide/


On 30 March 2017 at 18:17, Charles Tassell  wrote:

> Hello,
>
>   Are there any more recent install docs than what's on the website?
> Those all seem to be back from the 3.x days and don't really deal with the
> modern setup of using a hosted engine.
>
>   More specifically, I've noticed that when deploying a hosted engine I
> can't import the storage domain that the engine is on. When I try I get
> errors like "Can't import the storage domain, connection already exists"
> Because I can't import my storage domain, I can't initialize the cluster,
> so I can't really get anywhere with the setup.  I had this same problem on
> 4.0 (using 4.1 now) and I "fixed" it by wiping the cluster and creating two
> sets of storage: a small 50G one that holds the hosted engine, and then
> another one that holds all my VMs.  I don't want to do that with my new
> cluster if I can at all avoid it.
>
>
> ___
> Users mailing list
> Users@ovirt.org
> http://lists.ovirt.org/mailman/listinfo/users
>
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

[ovirt-users] Guest Agent Running unconfined on Centos 7

2017-02-10 Thread Alan Griffiths

Hi,

I'm running ovirt-guest-agent from Centos 7 EPEL and I notice that it's
running unconfined rather than within its own domain.

I see there is a rhev_agentd_exec_t type, which I attempted to assign to
ovirt-guest-agent.py but it still starts up as unconfined. Is there a
supported process for getting ovirt-guest into its own domain? Or a reason
why it's not possible?

Thanks,

Alan
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

[ovirt-users] Extend HE Disk

2016-12-08 Thread Alan Griffiths

Hi,

I can see it's possible to edit CPU and memory allocation of HE in the GUI,
but it doesn't seem possible to edit the disk. If I try I get a "VM not
managed by engine" error.

>From this post last year it implied that this feature was due in 3.6.

http://lists.ovirt.org/pipermail/users/2015-March/031783.html

Is there a method of doing this? I'm running 4.0.5.5-1.el7.centos

Thanks,

Alan
___
Users mailing list
Users@ovirt.org
http://lists.phx.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] SSL Certificates

2016-11-02 Thread Alan Griffiths

The file locations are described on this page

http://www.ovirt.org/develop/release-management/features/infra/pki/

If running 4.0 you may also need to follow the steps described in this bug
report

https://bugzilla.redhat.com/show_bug.cgi?id=1336838



On 2 November 2016 at 03:56, Gary Pedretty  wrote:

> Where do you install a real non self-signed certificate  for use in the
> Ovirt Web Management Console.
>
> Gary
> 
> Gary Pedrettyg...@ravnalaska.net
> 
> Systems Manager  www.flyravn.com
> Ravn Alaska   /\907-450-7251
> 5245 Airport Industrial Road /  \/\ 907-450-7238 fax
> Fairbanks, Alaska  99709/\  /\ \ Second greatest commandment
> Serving All of Alaska  /  \/  /\  \ \/\   “Love your neighbor as
> Really loving the record green up date! Summmer!!   yourself” Matt 22:39
> 
>
>
>
>
>
>
>
>
>
>
>
>
>
> ___
> Users mailing list
> Users@ovirt.org
> http://lists.ovirt.org/mailman/listinfo/users
>
>
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

[ovirt-users] Storage Domain High Latency

2016-10-11 Thread Alan Griffiths

Hi,

One of my hosts is periodically reporting high latency to a storage domain
(FC). There is almost no load on the SAN so the issue must be either fault,
mis-configuration or internal ovirt issue.

Can anyone enlighten me on how ovirt/vdsm goes about calculating the
storage latency? As I'm struggling to find anything in the logs.

Thanks,

Alan
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] Replace Engine Self-Signed Certificate

2016-10-11 Thread Alan Griffiths

Thanks, it's working now.

On 10 October 2016 at 20:32, Rogério Ceni Coelho <
rogeriocenicoe...@gmail.com> wrote:

> Take a look. Documentation imcomplete.
>
> https://bugzilla.redhat.com/show_bug.cgi?id=1336838
>
>
>
> Em seg, 10 de out de 2016 às 12:17, Alan Griffiths <
> apgriffith...@gmail.com> escreveu:
>
>> Hi,
>>
>> I'm trying to replace the self-signed certificate in the engine.
>>
>> I updated the four files listed here
>>
>> http://www.ovirt.org/develop/release-management/features/infra/pki/
>>
>> But on restarting Apache and logging in I get the following error,
>> "sun.security.validator.ValidatorException: PKIX path building failed:
>> sun.security.provider.certpath.SunCertPathBuilderException: unable to
>> find valid certification path to requested target"
>>
>> What am I missing?
>>
>> Thanks,
>>
>> Alan
>>
>>
>> ___
>> Users mailing list
>> Users@ovirt.org
>> http://lists.ovirt.org/mailman/listinfo/users
>>
>
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

[ovirt-users] Replace Engine Self-Signed Certificate

2016-10-10 Thread Alan Griffiths

Hi,

I'm trying to replace the self-signed certificate in the engine.

I updated the four files listed here

http://www.ovirt.org/develop/release-management/features/infra/pki/

But on restarting Apache and logging in I get the following error,
"sun.security.validator.ValidatorException: PKIX path building failed:
sun.security.provider.certpath.SunCertPathBuilderException: unable to find
valid certification path to requested target"

What am I missing?

Thanks,

Alan
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

[ovirt-users] oVirt 3.6.4 / PXE guest boot issues

2016-10-04 Thread Alan Griffiths

A explanation/work-around for this issue raised back in April.

It seems that if, in UCS, you configure a vNIC with a single native VLAN it
will still add an 802.1q header with tag 0 - possibly to do with QoS. And
this extra header prevents iPXE from parsing the DHCP response.

The solution for me was to present all VLANs on a single trunked vNIC to
the blade and configure VLAN tagging as per normal. The result is the tags
are stripped off the packets before being passed to the VM and DHCP now
works.

The same issue applies to VM-FEX as packets coming off the VF will have the
802.1q header. The only solution I can see here is to configure a bridged
interface for initial build of the VM and then switch to VM-FEX afterwards.

I found a discussion on the iPXE mailing list about addressing the vlan 0
issue, but I could see no agreed solution.

http://lists.ipxe.org/pipermail/ipxe-devel/2016-April/004901.html

Alan
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

[ovirt-users] Resizing Disks on Active VMs

2016-08-01 Thread Alan Griffiths

Hi,

I'm currently testing 4.0 and trying understand what the capabilities are
regards re-sizing of volumes on running VMs.

>From reading the documentation it appears that I should be able to extend a
volume on a running VM, but I find that all the fields are greyed out in
the Edit Virtual Disk dialogue box. In order to get access to the fields I
have to power down the VM.

Is this expected behavior?

I'm running 4.0.1 with a GlusterFS data store.

Thanks,

Alan
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] oVirt 3.6.4 / PXE guest boot issues

2016-04-05 Thread Alan Griffiths

Hi,

I'm seeing the same PXE boot issue with 3.6.4 on Centos 7. Booting from ISO 
DHCP works fine. With PXE I can see the offer coming back from the DHCP server 
but the VM just seems to ignore it. I also tried swapping the ROMs as per 
previous post, but had no effect.

Alan



This communication is private and confidential and may contain information that 
is proprietary, privileged or otherwise legally exempt from disclosure. If you 
have received this message in error, please notify the sender immediately by 
e-mail and delete all copies of the message. In accordance with our guidelines, 
emails sent or received may be monitored.Inmarsat plc, Registered No 4886072 
and Inmarsat Global Limited, Registered No. 3675885. Both Registered in England 
and Wales with Registered Office at 99 City Road, London EC1Y 1AX

_
This e-mail has been scanned for viruses by Verizon Business Internet Managed 
Scanning Services - powered by MessageLabs.___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

37 matches

Mail list logo