[ovirt-users] ovirt AD issue

2021-02-04 Thread Jason Keltz
A while back, I had reconfigured my oVirt engine to auth based on my 
Samba AD server, and everything was working perfectly fine. oVirt 
version 4.3.10.4-1.


Today, I tried to login with my account into engine and I see:

server_error: The connection reader was unable to successfully complete 
TLS negotiation: 
SSLHandshakeException(sun.security.validator.ValidatorException: No 
trusted certificate found), ldapSDKVersion=4.0.7, 
revision=b28fb50058dfe2864171df2448ad2ad2b4c2ad58


I recently added a secondary domain controller with Samba, and I realize 
now that there is an error.  Since I didn't pre-initialize samba with a 
TLS certificate, it generated a new CA, and certificate and key for the 
second server.  Since I'm not using the same CA as the first server, 
ovirt engine (which only has the CA of the first server) won't be able 
to talk to the second server... no problem I will fix that eventually.


However, when I re-ran "ovirt-engine-extension-aaa-ldap-setup", and 
followed the exact steps I did before, ovirt is connecting to the first 
server, failing with the above error, then connecting to the second 
server, and the same error.  The CA hasn't changed for the first server, 
nor has the certificate/key.  I verified that the CA certificate that I 
am giving ovirt is matching with the exact CA certificate of the first 
server.


How can I debug further?

Jason.
___
Users mailing list -- users@ovirt.org
To unsubscribe send an email to users-le...@ovirt.org
Privacy Statement: https://www.ovirt.org/privacy-policy.html
oVirt Code of Conduct: 
https://www.ovirt.org/community/about/community-guidelines/
List Archives: 
https://lists.ovirt.org/archives/list/users@ovirt.org/message/YL54RUH43FH64GJITZFRSZZEDIKRGIAB/


[ovirt-users] [ANN] oVirt 4.4.4 is now generally available

2020-12-21 Thread Jason Keltz


On 12/21/2020 8:22 AM, Sandro Bonazzola wrote:



  oVirt 4.4.4 is now generally available


The oVirt project is excited to announce the general availability of 
oVirt 4.4.4 , as of December 21st, 2020.



...



This release is available now on x86_64 architecture for:

 *

Red Hat Enterprise Linux 8.3

 *

CentOS Linux (or similar) 8.3

 *

CentOS Stream (tech preview)


Sandro,

I have a question about "Red Hat Enterprise Linux" compatibility with 
oVirt.  I've always used CentOS in the past along with oVirt.  I'm 
running CentOS 7 along with oVirt 4.3.  I really want to upgrade to 
oVirt 4.4, but I'm not comfortable with the future vision for CentOS as 
it stands for my virtualization platform.  If I was to move to RHEL for 
my oVirt systems, but still stick with the "self supported" model, it's 
not clear whether  I can get away with using "RHEL Workstation" for my 4 
hosts ($179 USD each), or whether I need to purchase "Red Hat Enterprise 
Linux Server" ($349 USD each).  Any feedback would be appreciated.


Thanks!

Jason.

PS: I had sent the above with my other email accidentally .. list 
moderator can delete.


___
Users mailing list -- users@ovirt.org
To unsubscribe send an email to users-le...@ovirt.org
Privacy Statement: https://www.ovirt.org/privacy-policy.html
oVirt Code of Conduct: 
https://www.ovirt.org/community/about/community-guidelines/
List Archives: 
https://lists.ovirt.org/archives/list/users@ovirt.org/message/XFFF6LASXL3VVLZUQY6TYITUN6FHPE4Y/


[ovirt-users] Re: [ANN] oVirt 4.4.4 is now generally available

2020-12-21 Thread Jason Keltz

On 12/21/2020 8:22 AM, Sandro Bonazzola wrote:



  oVirt 4.4.4 is now generally available


The oVirt project is excited to announce the general availability of 
oVirt 4.4.4 , as of December 21st, 2020.



...



This release is available now on x86_64 architecture for:

 *

Red Hat Enterprise Linux 8.3

 *

CentOS Linux (or similar) 8.3

 *

CentOS Stream (tech preview)


Sandro,

I have a question about "Red Hat Enterprise Linux" compatibility with 
oVirt.  I've always used CentOS in the past along with oVirt.  I'm 
running CentOS 7 along with oVirt 4.3.  I really want to upgrade to 
oVirt 4.4, but I'm not comfortable with the future vision for CentOS as 
it stands for my virtualization platform.  If I was to move to RHEL for 
my oVirt systems, but still stick with the "self supported" model, it's 
not clear whether  I can get away with using "RHEL Workstation" for my 4 
hosts ($179 USD each), or whether I need to purchase "Red Hat Enterprise 
Linux Server" ($349 USD each).  Any feedback would be appreciated.


Thanks!

Jason.

___
Users mailing list -- users@ovirt.org
To unsubscribe send an email to users-le...@ovirt.org
Privacy Statement: https://www.ovirt.org/privacy-policy.html
oVirt Code of Conduct: 
https://www.ovirt.org/community/about/community-guidelines/
List Archives: 
https://lists.ovirt.org/archives/list/users@ovirt.org/message/TB6TOM2RGRJGXXPZL3NDLK77TGACAHIG/


[ovirt-users] errors upgrading ovirt 4.3.1 to 4.3.2

2019-04-05 Thread Jason Keltz

Hi.

I have a few issues after a recent upgrade from 4.3.1 to 4.3.2:

1) Power management is no longer working.  I'm using Dell drac7. This 
has always worked previously.  When I click on the "Test" button, I get: 
"Testing in progress.  It will take a few seconds. Please wait" but then 
it just sits there and never returns.


2) After rekickstarting one of my hosts, when I click on it, and choose 
"Host Console",  I get "Authentication failed: invalid-hostkey".  If I 
click "Try again", I'm taken to a page with "404 - Page not found Click 
here to continue".  The page not found is likely a bug.  Now, if I visit 
cockpit directly on the host via its own URL, it works just fine.  Given 
that I deleted the host and re-added to engine, it's really not clear to 
me how to tell engine to refresh.  I figured after rekickstarting the 
host, the problem would surely go away, but it did not.


3) From time to time, I am seeing the following error appear in engine: 
"Uncaught exception occurred. Please try reloading the page. Details: 
(TypeError): oab (...) is null Please have your administrator check the 
UI logs".  Another bug ...


Engine is standalone engine, not hosted.

Jason.
___
Users mailing list -- users@ovirt.org
To unsubscribe send an email to users-le...@ovirt.org
Privacy Statement: https://www.ovirt.org/site/privacy-policy/
oVirt Code of Conduct: 
https://www.ovirt.org/community/about/community-guidelines/
List Archives: 
https://lists.ovirt.org/archives/list/users@ovirt.org/message/Z4JIEXM4WALJTISKCTZC7WSNX7IWSXSK/


[ovirt-users] missing firewalld services on ovirt engine

2019-03-11 Thread Jason Keltz

Hi.

I've just converted my standalone ovirt engine from iptables to 
firewalld.  The configuration of the internal zone includes:



  
  
  
  
  
  
  
  
  
  
  


I'm wondering why the ovirt ports for , 6100, 7410, and 54323 etc. 
aren't encapsulated in a service file installed by ovirt?  Is this 
because I had initially installed iptables?  I suspect the answer is no 
because on my ovirt hosts (which I also converted to firewalld), I was 
able to find all the proper service files:



 
  
  
  
  
  
  
  
  
I'm also wondering whether ovirt will tell me if I go to upgrade any 
additional ports that need to be added for additional services?


Thanks!

Jason.
___
Users mailing list -- users@ovirt.org
To unsubscribe send an email to users-le...@ovirt.org
Privacy Statement: https://www.ovirt.org/site/privacy-policy/
oVirt Code of Conduct: 
https://www.ovirt.org/community/about/community-guidelines/
List Archives: 
https://lists.ovirt.org/archives/list/users@ovirt.org/message/ONXBX36FOW6NASF6TKQELP35WA6PDTYU/


[ovirt-users] Re: after upgrade from 4.2.3 to 4.2.5, problems with consoles + cockpit

2018-08-20 Thread Jason Keltz


On 08/20/2018 09:36 AM, Jason Keltz wrote:

Hi..

After an upgrade from 4.2.3 to 4.2.5 last week, I notice that I have a 
console + cockpit problem.  Immediately following the upgrade, 
everything seemed to be working fine.  However, today, a couple of 
days after the upgrade, when I try to view any CentOS VM console,  
virt-viewer starts, and I see  "Connected to graphic server", but 
there's no console output.  This happens on all Linux VMs, though on 
my two windows VMs, the console still works.  If I restart a Linux VM, 
I get the console back again, but what made me lose access to all the 
consoles?    In addition,  if I right click on one of my 4 hosts, and 
choose "Host Console", it connects to cockpit which reports: "No VM is 
running or defined on this host" even though there are plenty.  I 
brought one host into maintenance mode, and rebooted it.  I then 
started a few VMs there, and cockpit still doesn't show anything 
running.  All of the hosts have all available ovirt updates, and are 
running the latest CentOS 7 kernel + O/S updates.  Any ideas?  There 
is no issue with firewall.


One interesting point to add ---  For one server running CentOS 6 and 2 
servers running CentOS 7.4, I still had console.  Any servers that had 
been upgraded to the latest kernel + CentOS 7.5 updates were the ones 
where console was not accessible.  However, console *was* accessible on 
those servers at the time they were upgraded.


Jason.

___
Users mailing list -- users@ovirt.org
To unsubscribe send an email to users-le...@ovirt.org
Privacy Statement: https://www.ovirt.org/site/privacy-policy/
oVirt Code of Conduct: 
https://www.ovirt.org/community/about/community-guidelines/
List Archives: 
https://lists.ovirt.org/archives/list/users@ovirt.org/message/FT4RHNRYVHMFV2NUFHJ7SJMYKYQH5TAR/


[ovirt-users] after upgrade from 4.2.3 to 4.2.5, problems with consoles + cockpit

2018-08-20 Thread Jason Keltz

Hi..

After an upgrade from 4.2.3 to 4.2.5 last week, I notice that I have a 
console + cockpit problem.  Immediately following the upgrade, 
everything seemed to be working fine.  However, today, a couple of days 
after the upgrade, when I try to view any CentOS VM console,  
virt-viewer starts, and I see  "Connected to graphic server", but 
there's no console output.  This happens on all Linux VMs, though on my 
two windows VMs, the console still works.  If I restart a Linux VM, I 
get the console back again, but what made me lose access to all the 
consoles?    In addition,  if I right click on one of my 4 hosts, and 
choose "Host Console", it connects to cockpit which reports: "No VM is 
running or defined on this host" even though there are plenty.  I 
brought one host into maintenance mode, and rebooted it.  I then started 
a few VMs there, and cockpit still doesn't show anything running.  All 
of the hosts have all available ovirt updates, and are running the 
latest CentOS 7 kernel + O/S updates.  Any ideas?  There is no issue 
with firewall.


Jason.
___
Users mailing list -- users@ovirt.org
To unsubscribe send an email to users-le...@ovirt.org
Privacy Statement: https://www.ovirt.org/site/privacy-policy/
oVirt Code of Conduct: 
https://www.ovirt.org/community/about/community-guidelines/
List Archives: 
https://lists.ovirt.org/archives/list/users@ovirt.org/message/MI3EBKRWT7LW2RLYH7ENLSBDVXOPNWC6/


Re: [ovirt-users] Console button greyed out (4.2)

2018-02-20 Thread Jason Keltz


On 02/20/2018 12:17 PM, Michal Skrivanek wrote:
On 19 Feb 2018, at 23:36, Jason Keltz <j...@cse.yorku.ca 
<mailto:j...@cse.yorku.ca>> wrote:


Hi Michal,

On 2/15/2018 12:05 PM, Michal Skrivanek wrote:


On 15 Feb 2018, at 16:37, Jason Keltz<j...@cse.yorku.ca>  wrote:

On 02/15/2018 08:48 AM,nico...@devels.es  wrote:

Hi,

We upgraded one of our infrastructures to 4.2.0 recently and since then some of our 
machines have the "Console" button greyed-out in the Admin UI, like they were 
disabled.

I changed their compatibility to 4.2 but with no luck, as they're still 
disabled.

Is there a way to know why is that, and how to solve it?

I'm attaching a screenshot.

Hi Nicolas.
I had the same problem with most of my VMs after the upgrade from 4.1 to 4.2.
See bugzilla here:https://bugzilla.redhat.com/show_bug.cgi?id=1528868
(which admittedly was a mesh of a bunch of different issues that occurred)

yeah, that’s not a good idea to mix more issues:)
Seemshttps://bugzilla.redhat.com/show_bug.cgi?id=1528868#c26  is the last one 
relevant to the grayed out console problem in this email thread.

it’s also possible to check "VM Devices” subtab and list the graphical devices. 
If this is the same problem as from Nicolas then it would list cirrus and it would 
be great if you can confirm the conditionas are similar (i.e. originally a 3.6 VM)
I believe it was originally a 3.6 VM.  Is there anywhere I can verify 
this info? If not, it would be helpful if oVirt kept track of the 
version that created the VM for cases just like this.


Hi,
well, we keep the date and who did that, but we can’t really keep all 
the logs forever. Well, you can if you archive them somewhere, but I 
guess that’s impractical for such a long time:-D


I wasn't really thinking in terms of logs.  I was thinking a database 
field that tracks the ovirt version that created the VM.




 VM Device subtab: (no Cirrus)



so this is a screenshot from VM where the button is grayed out when 
you start it?

Hm..it doesn’t look wrong.


Yes.


And then - if possible - describe some history of what happened. When was the 
VM created, when was cluster updated, when the system was upgraded and to what 
versions.
All I know is that everything was working fine, then I updated to 
4.2, updated cluster version, and then most of my consoles were not 
available.  I can't remember if this happened before the cluster 
upgrade or not.  I suspect it was most and not all VMs since some of 
them had been created later than 3.6, and this was  an older one.  I 
only have this one VM left in this state because I had deleted the 
other VMs and recreated them one at a time...
I will wait to see if you want me to try Vineet's solution of making 
it headless,


Thanks.
Can you get engine.log and vdsm log when you attempt to start that VM 
? just the relevant part is enough.



Sure.. I restarted the VM (called "rs").

engine.log: http://www.eecs.yorku.ca/~jas/ovirt-debug/02202018/engine.log

vdsm log: http://www.eecs.yorku.ca/~jas/ovirt-debug/02202018/vdsm.log

Jason.

___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users


Re: [ovirt-users] Console button greyed out (4.2)

2018-02-19 Thread Jason Keltz

Hi Michal,

On 2/15/2018 12:05 PM, Michal Skrivanek wrote:


On 15 Feb 2018, at 16:37, Jason Keltz <j...@cse.yorku.ca> wrote:

On 02/15/2018 08:48 AM, nico...@devels.es wrote:

Hi,

We upgraded one of our infrastructures to 4.2.0 recently and since then some of our 
machines have the "Console" button greyed-out in the Admin UI, like they were 
disabled.

I changed their compatibility to 4.2 but with no luck, as they're still 
disabled.

Is there a way to know why is that, and how to solve it?

I'm attaching a screenshot.

Hi Nicolas.
I had the same problem with most of my VMs after the upgrade from 4.1 to 4.2.
See bugzilla here: https://bugzilla.redhat.com/show_bug.cgi?id=1528868
(which admittedly was a mesh of a bunch of different issues that occurred)

yeah, that’s not a good idea to mix more issues:)
Seems https://bugzilla.redhat.com/show_bug.cgi?id=1528868#c26 is the last one 
relevant to the grayed out console problem in this email thread.

it’s also possible to check "VM Devices” subtab and list the graphical devices. 
If this is the same problem as from Nicolas then it would list cirrus and it would 
be great if you can confirm the conditionas are similar (i.e. originally a 3.6 VM)
I believe it was originally a 3.6 VM.  Is there anywhere I can verify 
this info? If not, it would be helpful if oVirt kept track of the 
version that created the VM for cases just like this.


 VM Device subtab: (no Cirrus)


And then - if possible - describe some history of what happened. When was the 
VM created, when was cluster updated, when the system was upgraded and to what 
versions.
All I know is that everything was working fine, then I updated to 4.2, 
updated cluster version, and then most of my consoles were not 
available.  I can't remember if this happened before the cluster upgrade 
or not.  I suspect it was most and not all VMs since some of them had 
been created later than 3.6, and this was  an older one.  I only have 
this one VM left in this state because I had deleted the other VMs and 
recreated them one at a time...
I will wait to see if you want me to try Vineet's solution of making it 
headless,

The before bringing it back up, unchecked headless in the VM

We then had to do a Run-Once which failed
Then did a normal Run.

Console was available, and all hardware came back fine.

... but I won't try that yet in case you need additional information 
from the VM first.


Jason.
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users


Re: [ovirt-users] Console button greyed out (4.2)

2018-02-15 Thread Jason Keltz

On 02/15/2018 08:48 AM, nico...@devels.es wrote:

Hi,

We upgraded one of our infrastructures to 4.2.0 recently and since 
then some of our machines have the "Console" button greyed-out in the 
Admin UI, like they were disabled.


I changed their compatibility to 4.2 but with no luck, as they're 
still disabled.


Is there a way to know why is that, and how to solve it?

I'm attaching a screenshot.


Hi Nicolas.
I had the same problem with most of my VMs after the upgrade from 4.1 to 
4.2.

See bugzilla here: https://bugzilla.redhat.com/show_bug.cgi?id=1528868
(which admittedly was a mesh of a bunch of different issues that occurred)
Red Hat was never really able to figure out why, and I think they pretty 
much just dropped the issue because it seemed like it only happened for 
me.  In order to resolve it, I had to delete the VMs (not the disk of 
course), and recreate them, and then I got the console option back.
It's "good" to see that it's not just me that had this problem. There's 
a bug to be found there somewhere!!


Jason.
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users


Re: [ovirt-users] took the plunge to 4.2 but not so sure it was a good idea

2017-12-24 Thread Jason Keltz

Quoting Yaniv Kaul <yk...@redhat.com>:


On Sun, Dec 24, 2017 at 4:34 AM, Jason Keltz <j...@cse.yorku.ca> wrote:



On 12/23/2017 5:38 PM, Jason Keltz wrote:


Hi..

I took the plunge to 4.2, but I think maybe I should have waited a bit...




Can you specify what did you upgrade, and in which order? Engine, hosts?
Cluster level, etc.?



I was running 4.1.8 everywhere. I upgraded engine (standalone) to 4.2,  
then the 4 hosts. I stopped ovirt-engine, added the new repo for 4.2,  
ran the yum update of ovirt setup, ran engine-setup and that process  
worked flawlessly. No errors. I had just upgraded to 4.1.8 a few days  
ago, so all my ovirt infrastructure was running latest ovirt and I  
also upgraded engine and hosts to latest CentOS and latest kernel with  
the last 4.1.8 update.  I then upgraded cluster level. All the VMs  
were going to be upgraded as they were rebooted, and since it's the  
reboot that breaks console, and since a reinstall brings it back, I'm  
going to assume it's the switch from 4.1 to 4.2 cluster that breaks  
it.  If I submit this as a bug then what log/logs would I submit?







Initially, after upgrade to 4.2, the status of many of my hosts changed
from "server" to "desktop".  That's okay - I can change them back.




You mean the VM type?


Yes.  VM type. Most of the VMs switched from desktop to server after  
the update.



My first VM, "archive", I had the ability to access console after the
upgrade.  I rebooted archive, and I lost the ability (option is grayed
out).  The VM boots, but I need access to the console.

My second VM is called "dist".That one, ovirt says is running, but I
can't access it, can't ping it, and there's no console either, so I
literally can't get to it. I can reboot it, and shut it down, but it would
be helpful to be able to access it.   What to do?

I reinstalled "dist" because I needed the VM to be accessible on the

network.  I was going to try detatching the disk from the existing dist
server, and attaching it to a new dist VM, but I ended up inadvertently
deleting the disk image.  I can't believe that under "storage" you can't
detatch a disk from a VM - you can only delete the disk.

After reinstalling dist, I got back console, and network access!  I tried
rebooting it several times, and console remains... so the loss of console
has something to do with switching from a 4.1 VM to 4.2.

I've very afraid to reboot my engine because it seems like when I reboot

hosts, I lose access to console.

I rebooted one more VM for which I had console access, and again, I've

lost it (at least network access remains). Now that this situation is
repeatable, I'm going one of the ovirt gurus can send me the magical DB
command to fix it.Probably not a solution to reinstall my 37 VMs from
kickstart.. that would be a headache.

In addition, when I try to check for "host updates", I get an error that

it can't check for host updates.  I ran a yum update on the hosts (after
upgrading repo to 4.2 and doing a yum update) and all I'm looking for it to
do is clear status, but it doesn't seem to work.

The error in engine.log when I try to update any of the hosts is:


2017-12-23 19:11:36,479-05 INFO [org.ovirt.engine.core.bll.hos
tdeploy.HostUpgradeCheckCommand] (default task-156)
[ae11a704-3b40-45d3-9850-932f6ed91ed9] Running command:
HostUpgradeCheckCommand internal: false. Entities affected :  ID:
45f8b331-842e-48e7-9df8-56adddb93836 Type: VDSAction group
EDIT_HOST_CONFIGURATION with role type ADMIN
2017-12-23 19:11:36,496-05 INFO [org.ovirt.engine.core.dal.dbb
roker.auditloghandling.AuditLogDirector] (default task-156) [] EVENT_ID:
HOST_AVAILABLE_UPDATES_STARTED(884), Started to check for available
updates on host virt1.
2017-12-23 19:11:36,500-05 INFO [org.ovirt.engine.core.bll.hos
tdeploy.HostUpgradeCheckInternalCommand]  
(EE-ManagedThreadFactory-commandCoordinator-Thread-7)

[ae11a704-3b40-45d3-9850-932f6ed91ed9] Running command:
HostUpgradeCheckInternalCommand internal: true. Entities affected : ID:
45f8b331-842e-48e7-9df8-56adddb93836 Type: VDS
2017-12-23 19:11:36,504-05 INFO  
[org.ovirt.engine.core.common.utils.ansible.AnsibleExecutor]

(EE-ManagedThreadFactory-commandCoordinator-Thread-7)
[ae11a704-3b40-45d3-9850-932f6ed91ed9] Executing Ansible command:
ANSIBLE_STDOUT_CALLBACK=hostupgradeplugin [/usr/bin/ansible-playbook,
--check, --private-key=/etc/pki/ovirt-engine/keys/engine_id_rsa,
--inventory=/tmp/ansible-inventory1039100972039373314,
/usr/share/ovirt-engine/playbooks/ovirt-host-upgrade.yml] [Logfile: null]
2017-12-23 19:11:37,897-05 INFO  
[org.ovirt.engine.core.common.utils.ansible.AnsibleExecutor]

(EE-ManagedThreadFactory-commandCoordinator-Thread-7)
[ae11a704-3b40-45d3-9850-932f6ed91ed9] Ansible playbook command has
exited with value: 4
2017-12-23 19:11:37,897-05 ERROR  
[org.ovirt.engine.core.bll.host.HostUpgradeManager]

(EE-ManagedThreadFactory-comma

Re: [ovirt-users] took the plunge to 4.2 but not so sure it was a good idea

2017-12-23 Thread Jason Keltz


On 12/23/2017 5:38 PM, Jason Keltz wrote:

Hi..

I took the plunge to 4.2, but I think maybe I should have waited a bit...

Initially, after upgrade to 4.2, the status of many of my hosts 
changed from "server" to "desktop".  That's okay - I can change them 
back.


My first VM, "archive", I had the ability to access console after the 
upgrade.  I rebooted archive, and I lost the ability (option is grayed 
out).  The VM boots, but I need access to the console.


My second VM is called "dist".    That one, ovirt says is running, but 
I can't access it, can't ping it, and there's no console either, so I 
literally can't get to it. I can reboot it, and shut it down, but it 
would be helpful to be able to access it.   What to do?


I reinstalled "dist" because I needed the VM to be accessible on the 
network.  I was going to try detatching the disk from the existing dist 
server, and attaching it to a new dist VM, but I ended up inadvertently 
deleting the disk image.  I can't believe that under "storage" you can't 
detatch a disk from a VM - you can only delete the disk.


After reinstalling dist, I got back console, and network access!  I 
tried rebooting it several times, and console remains... so the loss of 
console has something to do with switching from a 4.1 VM to 4.2.


I've very afraid to reboot my engine because it seems like when I 
reboot hosts, I lose access to console.


I rebooted one more VM for which I had console access, and again, I've 
lost it (at least network access remains). Now that this situation is 
repeatable, I'm going one of the ovirt gurus can send me the magical DB 
command to fix it.    Probably not a solution to reinstall my 37 VMs 
from kickstart.. that would be a headache.


In addition, when I try to check for "host updates", I get an error 
that it can't check for host updates.  I ran a yum update on the hosts 
(after upgrading repo to 4.2 and doing a yum update) and all I'm 
looking for it to do is clear status, but it doesn't seem to work.



The error in engine.log when I try to update any of the hosts is:

2017-12-23 19:11:36,479-05 INFO 
[org.ovirt.engine.core.bll.hostdeploy.HostUpgradeCheckCommand] (default 
task-156) [ae11a704-3b40-45d3-9850-932f6ed91ed9] Running command: 
HostUpgradeCheckCommand internal: false. Entities affected :  ID: 
45f8b331-842e-48e7-9df8-56adddb93836 Type: VDSAction group 
EDIT_HOST_CONFIGURATION with role type ADMIN
2017-12-23 19:11:36,496-05 INFO 
[org.ovirt.engine.core.dal.dbbroker.auditloghandling.AuditLogDirector] 
(default task-156) [] EVENT_ID: HOST_AVAILABLE_UPDATES_STARTED(884), 
Started to check for available updates on host virt1.
2017-12-23 19:11:36,500-05 INFO 
[org.ovirt.engine.core.bll.hostdeploy.HostUpgradeCheckInternalCommand] 
(EE-ManagedThreadFactory-commandCoordinator-Thread-7) 
[ae11a704-3b40-45d3-9850-932f6ed91ed9] Running command: 
HostUpgradeCheckInternalCommand internal: true. Entities affected : ID: 
45f8b331-842e-48e7-9df8-56adddb93836 Type: VDS
2017-12-23 19:11:36,504-05 INFO 
[org.ovirt.engine.core.common.utils.ansible.AnsibleExecutor] 
(EE-ManagedThreadFactory-commandCoordinator-Thread-7) 
[ae11a704-3b40-45d3-9850-932f6ed91ed9] Executing Ansible command: 
ANSIBLE_STDOUT_CALLBACK=hostupgradeplugin [/usr/bin/ansible-playbook, 
--check, --private-key=/etc/pki/ovirt-engine/keys/engine_id_rsa, 
--inventory=/tmp/ansible-inventory1039100972039373314, 
/usr/share/ovirt-engine/playbooks/ovirt-host-upgrade.yml] [Logfile: null]
2017-12-23 19:11:37,897-05 INFO 
[org.ovirt.engine.core.common.utils.ansible.AnsibleExecutor] 
(EE-ManagedThreadFactory-commandCoordinator-Thread-7) 
[ae11a704-3b40-45d3-9850-932f6ed91ed9] Ansible playbook command has 
exited with value: 4
2017-12-23 19:11:37,897-05 ERROR 
[org.ovirt.engine.core.bll.host.HostUpgradeManager] 
(EE-ManagedThreadFactory-commandCoordinator-Thread-7) 
[ae11a704-3b40-45d3-9850-932f6ed91ed9] Failed to run check-update of 
host 'virt1-mgmt'.
2017-12-23 19:11:37,897-05 ERROR 
[org.ovirt.engine.core.bll.hostdeploy.HostUpdatesChecker] 
(EE-ManagedThreadFactory-commandCoordinator-Thread-7) 
[ae11a704-3b40-45d3-9850-932f6ed91ed9] Failed to check if updates are 
available for host 'virt1' with error message 'Failed to run 
check-update of host 'virt1-mgmt'.'
2017-12-23 19:11:37,904-05 ERROR 
[org.ovirt.engine.core.dal.dbbroker.auditloghandling.AuditLogDirector] 
(EE-ManagedThreadFactory-commandCoordinator-Thread-7) 
[ae11a704-3b40-45d3-9850-932f6ed91ed9] EVENT_ID: 
HOST_AVAILABLE_UPDATES_FAILED(839), Failed to check for available 
updates on host virt1 with message 'Failed to run check-update of host 
'virt1-mgmt'.'.


Jason.
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users


[ovirt-users] took the plunge to 4.2 but not so sure it was a good idea

2017-12-23 Thread Jason Keltz

Hi..

I took the plunge to 4.2, but I think maybe I should have waited a bit...

Initially, after upgrade to 4.2, the status of many of my hosts changed 
from "server" to "desktop".  That's okay - I can change them back.


My first VM, "archive", I had the ability to access console after the 
upgrade.  I rebooted archive, and I lost the ability (option is grayed 
out).  The VM boots, but I need access to the console.


My second VM is called "dist".    That one, ovirt says is running, but I 
can't access it, can't ping it, and there's no console either, so I 
literally can't get to it. I can reboot it, and shut it down, but it 
would be helpful to be able to access it.   What to do?


I've very afraid to reboot my engine because it seems like when I reboot 
hosts, I lose access to console.


In addition, when I try to check for "host updates", I get an error that 
it can't check for host updates.  I ran a yum update on the hosts (after 
upgrading repo to 4.2 and doing a yum update) and all I'm looking for it 
to do is clear status, but it doesn't seem to work.


Let me know the exact log files to provide, and I will provide details.

Thanks!

Jason.


___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users


Re: [ovirt-users] Ovirt causing strange network issues?

2017-10-03 Thread Jason Keltz

Derek,
Have you used tcpdump to check what network traffic is coming out of your 
box? Is it possible that it is some kind of DoS attack from outside in or 
that your VM was compromised and is attacking other external hosts?


Hope you get to the bottom of it!
Jason.

Sent with AquaMail for Android
http://www.aqua-mail.com


On October 2, 2017 4:56:54 PM Derek Atkins  wrote:


Hi,

I'm at my wits end so I'm tossing this here in the hopes that SOMEONE
will be able to help me.

tl;dr: Ovirt is doing something on my network that is causing my fiber
modem to go from 3-5ms to 300-1000+ms round trip times.  I know it's
ovirt because when I unplug ovirt from my network the issue goes away;
when I plug it back in, the issue recurs.

Long version:

I've been running Ovirt 4.0.6 happily on CentOS 7.3 for several months
on a single host machine. Indeed, the host had an uptime of 200+ days
and was working great until approximately midnight, September 21/22
(just over a week ago).  I was on an airplane halfway across the
Atlantic at that time, so it wasn't anything I did.

My network is configured as:

  fiber modem <-> edgerouter <-> switch <-> everything else

ovirt is living in the "everything else" area.

When I sit with a laptop connected to either the everything else range
or even directly connected to the fiber modem, I run 'mtr' and see
network times (starting at the fiber modem) that bounce all over the
place.  When I unplug ovirt I see consistent 3-5ms times.  Plug it back
in, voom, back up to badness.

I've spent several hours plugging and unplugging different devices
trying to isolate the issue.  The only "device" that has any effect is
my ovirt box.

I have tried to debug this in several ways, but really the only thing
that seems to have helped at all is shutting down all the VMs and the
hosted engine.  Once nothing else is running (but the host itself), only
then does the network seem to return to normal.

I'm really at my wits end on this; I have no idea what is causing this
or what might have changed to cause the issue right at that time.  I
also can't imagine what ovirt is doing over the network that could cause
the modem, two physical hops away, to lose its mind in this way.  But my
experiementation is definitely showing a direct correlation.

Help!!

-derek

--
   Derek Atkins 617-623-3745
   de...@ihtfp.com www.ihtfp.com
   Computer and Internet Security Consultant
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users




___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users


Re: [ovirt-users] xfs fragmentation problem caused data domain to hang

2017-10-02 Thread Jason Keltz


On 10/02/2017 11:05 AM, Jason Keltz wrote:

On 10/02/2017 11:00 AM, Yaniv Kaul wrote:



On Mon, Oct 2, 2017 at 5:57 PM, Jason Keltz <j...@cse.yorku.ca 
<mailto:j...@cse.yorku.ca>> wrote:



On 10/02/2017 10:51 AM, Yaniv Kaul wrote:



On Mon, Oct 2, 2017 at 5:14 PM, Jason Keltz <j...@cse.yorku.ca
<mailto:j...@cse.yorku.ca>> wrote:


On 10/02/2017 01:22 AM, Yaniv Kaul wrote:



On Mon, Oct 2, 2017 at 5:11 AM, Jason Keltz
<j...@cse.yorku.ca <mailto:j...@cse.yorku.ca>> wrote:

Hi.

For my data domain, I have one NFS server with a large
RAID filesystem (9 TB).
I'm only using 2 TB of that at the moment. Today, my
NFS server  hung with
the following error:

xfs: possible memory allocation deadlock in kmem_alloc


Can you share more of the log so we'll see what happened
before and after?
Y.


Here is engine-log from yesterday.. the problem started
around 14:29 PM.
http://www.eecs.yorku.ca/~jas/ovirt-debug/10012017/engine-log.txt

<http://www.eecs.yorku.ca/%7Ejas/ovirt-debug/10012017/engine-log.txt>

Here is the vdsm log on one of the virtualization
hosts, virt01:
http://www.eecs.yorku.ca/~jas/ovirt-debug/10012017/vdsm.log.2
<http://www.eecs.yorku.ca/%7Ejas/ovirt-debug/10012017/vdsm.log.2>

Doing further investigation, I found that the XFS error
messages didn't start yesterday.  You'll see they
started at the very end of the day on September 23.  See:

http://www.eecs.yorku.ca/~jas/ovirt-debug/messages-20170924
<http://www.eecs.yorku.ca/%7Ejas/ovirt-debug/messages-20170924>



Our storage guys do NOT think it's an XFS fragmentation
issue, but we'll be looking at it.


This is an interesting thread to read because the problem sounds quite 
similar:


http://oss.sgi.com/archives/xfs/2016-03/msg00447.html

In particular, quoted from that:

XFS maintains the full extent list for an active inode in memory,
As it is, yes, the memory allocation problem is with the in-core
extent tree, and we've known about it for some time. The issue is
that as memory gets fragmented, the top level indirection array
grows too large to be allocated as a contiguous chunk. When this
happens really depends on memory load, uptime and the way the extent
tree is being modified.


So in my case, I have a bunch of big XFS disk images for virtual disks.  
As the files are big with many extents, keeping all that information in 
memory at the same time may be the culprit.   Having many extents per se 
isn't the problem, but having enough memory to be able to store all the 
information simultaneously may be. Possible solutions would be to 
increase the default extent size of the volume (which I'm not sure how 
to do), defragment the disk, and hence less extents, or potentially add 
more memory to the file server.  It has 64G.



Hmmm... almost sorry to hear that because that would be easy
to "fix"...



They continued on the 24th, then on the 26th... I think
there were a few "hangs" on those times that people
were complaining about, but we didn't catch the
problem. However, the errors hit big time yesterday at
14:27 PM... see here:

http://www.eecs.yorku.ca/~jas/ovirt-debug/messages-20171001
<http://www.eecs.yorku.ca/%7Ejas/ovirt-debug/messages-20171001>

If you want any other logs, I'm happy to provide them. 
I just don't know exactly what to provide.


Do you know if I can run the XFS defrag command live?
Rather than on a disk by disk, I'd rather just do it on
the whole filesystem.  There really aren't that many
files since it's just ovirt disk images.  However, I
don't understand the implications to running VMs.  I
wouldn't want to do anything to create more downtime.


Should be enough to copy the disks to make them less
fragmented.

Yes, but this requires downtime.. but there's plenty of
additional storage, so this would fix things well.



Live storage migration could be used.
Y.





I had upgraded the engine server + 4 virtualization hosts
from 4.1.1 to current on September 20 along with upgrading
them from CentOS 7.3 to CentOS 7.4.  virtfs, the NFS file
server, was running CentOS 7.3 and kernel
vmlinuz-3.10.0-514.16.1.el7.x86_64. Only yesterday, did I
upgrade it to CentOS 7.4 and hence kernel
vmlinuz-3.10.0-693.2.2.el7.x86_64.

I believe the problem is fully XFS related, and not ovirt at
all. Although, I must admit, ovirt didn't help e

Re: [ovirt-users] xfs fragmentation problem caused data domain to hang

2017-10-02 Thread Jason Keltz

On 10/02/2017 11:00 AM, Yaniv Kaul wrote:



On Mon, Oct 2, 2017 at 5:57 PM, Jason Keltz <j...@cse.yorku.ca 
<mailto:j...@cse.yorku.ca>> wrote:



On 10/02/2017 10:51 AM, Yaniv Kaul wrote:



On Mon, Oct 2, 2017 at 5:14 PM, Jason Keltz <j...@cse.yorku.ca
<mailto:j...@cse.yorku.ca>> wrote:


On 10/02/2017 01:22 AM, Yaniv Kaul wrote:



On Mon, Oct 2, 2017 at 5:11 AM, Jason Keltz
<j...@cse.yorku.ca <mailto:j...@cse.yorku.ca>> wrote:

Hi.

For my data domain, I have one NFS server with a large
RAID filesystem (9 TB).
I'm only using 2 TB of that at the moment. Today, my NFS
server  hung with
the following error:

xfs: possible memory allocation deadlock in kmem_alloc


Can you share more of the log so we'll see what happened
before and after?
Y.


Here is engine-log from yesterday.. the problem started
around 14:29 PM.
http://www.eecs.yorku.ca/~jas/ovirt-debug/10012017/engine-log.txt

<http://www.eecs.yorku.ca/%7Ejas/ovirt-debug/10012017/engine-log.txt>

Here is the vdsm log on one of the virtualization hosts,
virt01:
http://www.eecs.yorku.ca/~jas/ovirt-debug/10012017/vdsm.log.2
<http://www.eecs.yorku.ca/%7Ejas/ovirt-debug/10012017/vdsm.log.2>

Doing further investigation, I found that the XFS error
messages didn't start yesterday.  You'll see they
started at the very end of the day on September 23. See:

http://www.eecs.yorku.ca/~jas/ovirt-debug/messages-20170924
<http://www.eecs.yorku.ca/%7Ejas/ovirt-debug/messages-20170924>



Our storage guys do NOT think it's an XFS fragmentation
issue, but we'll be looking at it.

Hmmm... almost sorry to hear that because that would be easy
to "fix"...



They continued on the 24th, then on the 26th... I think
there were a few "hangs" on those times that people were
complaining about, but we didn't catch the problem.
However, the errors hit big time yesterday at 14:27
PM... see here:

http://www.eecs.yorku.ca/~jas/ovirt-debug/messages-20171001
<http://www.eecs.yorku.ca/%7Ejas/ovirt-debug/messages-20171001>

If you want any other logs, I'm happy to provide them. I
just don't know exactly what to provide.

Do you know if I can run the XFS defrag command live?
Rather than on a disk by disk, I'd rather just do it on
the whole filesystem. There really aren't that many
files since it's just ovirt disk images.  However, I
don't understand the implications to running VMs.  I
wouldn't want to do anything to create more downtime.


Should be enough to copy the disks to make them less fragmented.

Yes, but this requires downtime.. but there's plenty of
additional storage, so this would fix things well.



Live storage migration could be used.
Y.





I had upgraded the engine server + 4 virtualization hosts
from 4.1.1 to current on September 20 along with upgrading
them from CentOS 7.3 to CentOS 7.4.  virtfs, the NFS file
server, was running CentOS 7.3 and kernel
vmlinuz-3.10.0-514.16.1.el7.x86_64. Only yesterday, did I
upgrade it to CentOS 7.4 and hence kernel
vmlinuz-3.10.0-693.2.2.el7.x86_64.

I believe the problem is fully XFS related, and not ovirt at
all.   Although, I must admit, ovirt didn't help either. When
I rebooted the file server, the iso and export domains were
immediately active, but the data domain took quite a long
time.  I kept trying to activate it, and it couldn't do it. 
I couldn't make a host an SPM.  I found that the data domain

directory on the virtualization host was a "stale NFS file
handle".  I rebooted one of the virtualization hosts (virt1),
and tried to make it the SPM.  Again, it wouldn't work. 
Finally, I ended up turning everything into maintenance mode,
then activating just it, and I was able to make it the SPM. 
I was then able to bring everything up.  I would have

expected ovirt to handle the problem a little more
gracefully, and give me more information because I was
sweating thinking I had to restore all the VMs!


Stale NFS is on our todo list to handle. Quite challenging.

Thanks..



I didn't think when I chose XFS as the filesystem for my
virtualization NFS server that I would have to defragment the
filesystem manually.  This is like the old days of running
Norton SpeedDisk to defrag my 386...


We ar

[ovirt-users] xfs fragmentation problem caused data domain to hang

2017-10-01 Thread Jason Keltz

Hi.

For my data domain, I have one NFS server with a large RAID filesystem (9 TB).
I'm only using 2 TB of that at the moment. Today, my NFS server  hung with
the following error:


xfs: possible memory allocation deadlock in kmem_alloc


All 4 virtualization hosts of course had problems since there was no
longer any storage.

In the end, it seems like the problem is related to XFS fragmentation...

I read this great blog here:

https://blog.codecentric.de/en/2017/04/xfs-possible-memory-allocation-deadlock-kmem_alloc/

In short, I tried this:

# xfs_db -r -c "frag -f" /dev/sdb1
actual 4314253, ideal 43107, fragmentation factor 99.00%

Apparently the fragmentation factor doesn't mean much, but the fact that
"actual" number of extents is considerably higher than "ideal" extents seems 
that it
may be the problem.

I saw that many of my virtual disks that are written to a lot have, of course,
a lot of extents...

For example, on our main web server disk image, there were 247,597
extents alone!  I took the web server down, and ran the XFS defrag
command on the disk...

# xfs_fsr -v 9a634692-1302-471f-a92e-c978b2b67fd0
9a634692-1302-471f-a92e-c978b2b67fd0
extents before:247597 after:429 DONE 9a634692-1302-471f-a92e-c978b2b67fd0

247,597 before and 429 after!  WOW!

Are virtual disks a problem with XFS?  Why isn't this memory allocation
deadlock issue more prevalent.  I do see this article mentioned on many
web posts.  I don't specifically see any recommendation to *not* use
XFS for the data domain though.

I was running CentOS 7.3 on the file server, but before rebooting the server,
I upgraded to the latest kernel and CentOS 7.4 in the hopes that if there
was a kernel issue, that this would solve it.

I took a few virtual systems down, and ran the defrag on the disks.  However,
with over 30 virtual systems, I don't really want to do this individually.
I was wondering if I could run xfs_fsr on all the disks LIVE?  It says in the
manual that you can run it live, but I can't see how this would be good when
a system is using that disk, and I don't want to deal with major
corruption across the board. Any thoughts?

Thanks,

Jason.
 


___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users


[ovirt-users] unhappiness with ovirt engine after upgrading file server handling storage domain

2017-05-10 Thread Jason Keltz

Hi.

I recently upgraded my oVirt infrastructure to the latest 
4.1.1.8-1.el7.centos, which went smoothly.  Thanks oVirt team! This 
morning, I upgraded my NFS file server which manages the storage 
domain.  I stopped ovirt engine, did a yum update to bring the server 
from its older CentOS 7.2 release to CentOS 7.3, rebooted it, then 
restarted engine.   At that point, engine was unhappy because our 4 
virtualization hosts had a total of 30 VMs all waiting to reconnect to 
storage.  The status of all the VMs went to unknown in engine.  It took 
almost 2 hours before everything was completely normal again.  It seems 
that the hosts were available long before engine updated status.  I'm 
assuming it's better to restart engine when I know that NFS has resumed 
on all the 30 virtalized hosts.  However, it's hard to know when that's 
happened, without trying to connect manually to all the hosts.  Is there 
a way to warn engine that you're about to mess with the storage domain, 
and you don't want it to do anything drastic? Sort of like a 
"maintenance mode" for storage?I would hate for it to start trying 
to power off hosts via power management or migrate hosts when it just 
needs to wait a bit...


Thanks!

Jason.

___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users


Re: [ovirt-users] several ovirt questions - CPU allocation, and use threads as CPU

2015-11-19 Thread Jason Keltz


On 11/19/2015 06:00 AM, Martin Sivak wrote:

Hi Jason,


How do I go about seeing how many CPUs I've allocated across all the VMs on a 
host?
If shared CPUs are possible, can I specify VMs that are allowed to shared CPUs 
versus
  VMs that reqiure dedicated CPUs?

Unfortunately the UI is lacking in this area. We do not currently have
any overview page.

I will submit an RFE when I get a chance.


Also we do not currently support dedicated CPU to VM mapping. You can
use CPU pinning to select the CPUs that should be used, but the CPU
can be used for any other VM too (so it is a limitation for the VM
assignment, not for the CPU assignment).

There might be a workaround for this using the isolcpus
(http://www.linuxtopia.org/online_books/linux_kernel/kernel_configuration/re46.html)
kernel boot option and then puting VMs on those CPUs using pinning.
But we have never tested this.

Ok.

What happens if I allocate more cores than what I actually have?

We won't allow your VM to start if it requires more cores than
physically available on the destination host.

Actually, I think I wasn't clear with my message.  If I have only 4 
cores total, and I try to allocate 5 cores to one VM, I would expect the 
VM wouldn't start.  What I want to understand is what happens when I try 
to run 3 x 4 core VMs on a 4 core system.  By default, they would all 
share the 4 cores?  oVirt would never tell me that I am out of capacity 
as long as the VMs that I'm running are all under the total number of 
cores in the system?



If I specify say, a dual CPU system, would that system show up as 4 cores (2 
real cores and 2 hyper-threaded cores)

CPU pinning and core reporting always use thread IDs so it makes no
difference there.

But the scheduling takes this option into account when computing the
load or when checking if enough cores are available (useful with
relation to your previous question).
You didn't mention whether I'm at an advantage to enable "Use Threads as 
CPUs" or to leave it off?


Would you care to open a bug about the CPU pinning overview? It might
be a nice RFE considering we have something similar for NUMA already.

Sure!

Thanks!

Jason.

On Tue, Nov 17, 2015 at 4:52 AM, Jason Keltz <jason.ke...@gmail.com> wrote:

Hi.

When I go to the "Clusters" in ovirt engine, I can see the total number of
VMs in the cluster.   If I open up "Hosts", I can see how many VMs are
running on each host.  I can see the memory consumption as well.  How do I
go about seeing how many CPUs I've allocated across all the VMs on a host?
What happens if I allocate more cores than what I actually have? If shared
CPUs are possible, can I specify VMs that are allowed to shared CPUs versus
VMs that reqiure dedicated CPUs?  Finally, I presently have "Use Threads as
CPUs" off.  I don't remember if that was the default, or whether I selected
that option during installation.  Is there any disadvantage to turning it
on?  I realize that those other cores aren't "real" cores - they're the
hyper-threading course,  but it's not clear how ovirt would handle those
cores.  If I specify say, a dual CPU system, would that system show up as 4
cores (2 real cores and 2 hyper-threaded cores) ?

Thanks for any help..

Jason.


___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users



___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users


[ovirt-users] several ovirt questions - CPU allocation, and use threads as CPU

2015-11-16 Thread Jason Keltz

Hi.

When I go to the "Clusters" in ovirt engine, I can see the total number 
of VMs in the cluster.   If I open up "Hosts", I can see how many VMs 
are running on each host.  I can see the memory consumption as well.  
How do I go about seeing how many CPUs I've allocated across all the VMs 
on a host?  What happens if I allocate more cores than what I actually 
have? If shared CPUs are possible, can I specify VMs that are allowed to 
shared CPUs versus VMs that reqiure dedicated CPUs?  Finally, I 
presently have "Use Threads as CPUs" off.  I don't remember if that was 
the default, or whether I selected that option during installation.  Is 
there any disadvantage to turning it on?  I realize that those other 
cores aren't "real" cores - they're the hyper-threading course,  but 
it's not clear how ovirt would handle those cores.  If I specify say, a 
dual CPU system, would that system show up as 4 cores (2 real cores and 
2 hyper-threaded cores) ?


Thanks for any help..

Jason.


___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users


Re: [ovirt-users] upgrade from 3.5 to 3.6 causing problems with migration

2015-11-09 Thread Jason Keltz

On 11/9/2015 6:20 PM, Martin Polednik wrote:

On 09/11/15 14:00 -0500, Jason Keltz wrote:

Hi Shmuel,

Thanks very much for looking into my problem!

I installed 3.6 on the engine.  I rebooted the engine.
The 3 hosts were still running vdsm from 3.5.  I checked back in the 
yum log, and it was 4.16.26-0.el7.
On the first host upgrade (virt1), I made a mistake.  After bringing 
in the 3.6 repo, I upgraded the packages with just "yum update". 
However, I know that I should have put the host into maintenance mode 
first.  After the updates installed, I put the host into maintenance 
mode, and it migrated the VMs off, during which I saw more than one 
failed VM migration.
I'm willing to accept the failures there because I should have put 
the host into maintenance mode first.  Live and learn!
I had two other hosts to do this right.  For virt2, and virt3, I put 
the hosts into maintenance mode first.  However, the same problem 
occurred with failed migrations.  I proceeded anyway, brought the 
failed VMs back up elsewhere, applied the updates, and rebooted the 
hosts.
So now, 3.6 is installed on the engine and the 3 hosts, and they are 
all rebooted.
I tried another migration, and again, there were failures, so this 
isn't specifically related to just 3.6.
By the way, I'm using ovirtmgmt for migrations.  virt1, virt2, and 
virt3 have a dedicated 10G link via Intel X540 to a 10G switch. 
engine is on that network as well, but it's a 1G link.
I was able to run iperf tests between the nodes, and saw nearly 10G 
speed.  During the failed migrations, I also don't have any problem 
with ovirtmgmt, so I don't think the network is an issue...


I found this bug in bugzilla over the weekend:

https://bugzilla.redhat.com/show_bug.cgi?id=1142776

I was nearly positive that this had something to do with the failed 
migrations.  As a final test, I decided to migrate the VMs from one 
host to another, one at a time.  I was nearly done migrating all the 
VMs from virt3 to virt1.   I had migrated 5 VMs all successfully, one 
at a time, without any failures.  When I migrated the 6th, boom - it 
didn't migrate, and the VM was down.  It was a pretty basic VM as 
well, with very little traffic.


I included on the bug report above an additional link with the 
engine, virt1, virt2, and virt3 logs for Saturday where I was doing 
this experimentation because there's a couple more failures 
recorded.  I'll include that link here:


http://www.eecs.yorku.ca/~jas/ovirt-debug/11072015

The last VM that I attempted to transfer one at a time was "webapp".  
It was transferred from virt3 to virt1.


I'm really puzzled that more people haven't experienced this issue.   
I've disabled the load balancing feature because I'm really concerned 
that if it load balances my VMs, then they might not come back up!  I 
don't *think* this was happening when I was all purely 3.5, but I 
can't remember doing big migrations.  I most certainly was able to 
put a host into maintenance mode without having VMs go down!


In another email, Dan Kenisberg says that "It seems that 3.6's 
vdsm-4.17.10.1 cannot consume a Random Number Generator device that 
was created on 3.5.".  Thanks also to Dan for looking into that as 
well!   I'm still waiting for more details though before opening 
additional bug reports because this puzzles me... if this were the 
case, then ALL of the VMs were created on 3.5, and ALL with random 
number generator device, and all would fail migration, but they 
don't.   I have a feeling that there are a few issues at play here.


Hello and sorry for dropping in so late.

The issue is that 3.5 engine created RNG device without sending the
device key (which should've been 'rng' but it wasn't properly
documented in the API as fixed in [1]). This caused the
getUnderlyingRngDevice method to fail matching the device (fixed in
[2]) and it would therefore be treated as unknown device (where the
notion of 'source' isn't known). 3.6 engine should handle it correctly
[3].

The implication is that when VM is created in 3.5 environment and
moved to 3.6 environment, the matching will work but there will be 2
RNG devices for the single one. Same goes for migration.

I'm not sure about the fix yet, to rescue the 3.6 VM we would have to
remove the duplicate device without specParams (meaning that address
would be lost) or remove the original device but adding it's
specParams to the new device. A temporary fix would be creating a hook
that does this.

[1] https://gerrit.ovirt.org/#/c/43166/
[2] https://gerrit.ovirt.org/#/c/40095/
[3] https://gerrit.ovirt.org/#/c/43165/



Martin,

Thanks for your message and for looking at the debug logs.

What I don't understand is why in my last test case, I was able to 
transition 5 VMs from one host to another, completely successfully, and 
only on the 6th, the problem occurred.? Why would this RNG issue not 
have come up with every single transition? What is it that made it 
happen on the

Re: [ovirt-users] upgrade from 3.5 to 3.6 causing problems with migration

2015-11-09 Thread Jason Keltz

Hi Shmuel,

Thanks very much for looking into my problem!

I installed 3.6 on the engine.  I rebooted the engine.
The 3 hosts were still running vdsm from 3.5.  I checked back in the yum 
log, and it was 4.16.26-0.el7.
On the first host upgrade (virt1), I made a mistake.  After bringing in 
the 3.6 repo, I upgraded the packages with just "yum update". However, I 
know that I should have put the host into maintenance mode first.  After 
the updates installed, I put the host into maintenance mode, and it 
migrated the VMs off, during which I saw more than one failed VM migration.
I'm willing to accept the failures there because I should have put the 
host into maintenance mode first.  Live and learn!
I had two other hosts to do this right.  For virt2, and virt3, I put the 
hosts into maintenance mode first.  However, the same problem occurred 
with failed migrations.  I proceeded anyway, brought the failed VMs back 
up elsewhere, applied the updates, and rebooted the hosts.
So now, 3.6 is installed on the engine and the 3 hosts, and they are all 
rebooted.
I tried another migration, and again, there were failures, so this isn't 
specifically related to just 3.6.
By the way, I'm using ovirtmgmt for migrations.  virt1, virt2, and virt3 
have a dedicated 10G link via Intel X540 to a 10G switch. engine is on 
that network as well, but it's a 1G link.
I was able to run iperf tests between the nodes, and saw nearly 10G 
speed.  During the failed migrations, I also don't have any problem with 
ovirtmgmt, so I don't think the network is an issue...


I found this bug in bugzilla over the weekend:

https://bugzilla.redhat.com/show_bug.cgi?id=1142776

I was nearly positive that this had something to do with the failed 
migrations.  As a final test, I decided to migrate the VMs from one host 
to another, one at a time.  I was nearly done migrating all the VMs from 
virt3 to virt1.   I had migrated 5 VMs all successfully, one at a time, 
without any failures.  When I migrated the 6th, boom - it didn't 
migrate, and the VM was down.  It was a pretty basic VM as well, with 
very little traffic.


I included on the bug report above an additional link with the engine, 
virt1, virt2, and virt3 logs for Saturday where I was doing this 
experimentation because there's a couple more failures recorded.  I'll 
include that link here:


http://www.eecs.yorku.ca/~jas/ovirt-debug/11072015

The last VM that I attempted to transfer one at a time was "webapp".  It 
was transferred from virt3 to virt1.


I'm really puzzled that more people haven't experienced this issue.   
I've disabled the load balancing feature because I'm really concerned 
that if it load balances my VMs, then they might not come back up!  I 
don't *think* this was happening when I was all purely 3.5, but I can't 
remember doing big migrations.  I most certainly was able to put a host 
into maintenance mode without having VMs go down!


In another email, Dan Kenisberg says that "It seems that 3.6's 
vdsm-4.17.10.1 cannot consume a Random Number Generator device that was 
created on 3.5.".  Thanks also to Dan for looking into that as well!   
I'm still waiting for more details though before opening additional bug 
reports because this puzzles me... if this were the case, then ALL of 
the VMs were created on 3.5, and ALL with random number generator 
device, and all would fail migration, but they don't.   I have a feeling 
that there are a few issues at play here.


Jason.

On 11/09/2015 11:13 AM, Shmuel Melamud wrote:

Hi!

I'm trying to reproduce your issue. Can you help me with the exact 
scenario?


1. You had 3.5 running. What version of VDSM was on the hosts?
2. You replaced the engine and restarted it. Now it is 3.6, right?
3. You put a host into maintenance. Failure occured when VMs were 
migrating from it? Or you put the host into maintenance, replaced VDSM 
on it and failure occured when VMs were migrating to it from other hosts?


Shmuel

On Fri, Nov 6, 2015 at 6:21 PM, Jason Keltz <j...@cse.yorku.ca 
<mailto:j...@cse.yorku.ca>> wrote:


Hi.

Last night, I upgraded my engine from 3.5 to 3.6.  That went
flawlessly.
Today, I'm trying to upgrade the vdsm on the hosts from 3.5 to 3.6
(along with applying other RHEL7.1 updates) However, when I'm
trying to put each host into maintenance mode, and migrations
start to occur, they all seem to FAIL now!  Even worse, when they
fail, it leaves the hosts DOWN!  If there's a failure, I'd expect
the host to simply abort the migration  Any help in debugging
this would be VERY much appreciated!

2015-11-06 10:09:16,065 ERROR
[org.ovirt.engine.core.dal.dbbroker.auditloghandling.AuditLogDirector]
(org.ovirt.thread.pool-8-thread-4) [] Correlation ID:
658ba478, Job ID: 524e8c44-04e0-42d3-89f9-9f4e4d397583, Call
Stack: null, Custom Event ID: -1, Message: Migration failed 
(VM: eportfolio, Source

[ovirt-users] experimenting with host device passthrough in ovirt 3.6

2015-11-09 Thread Jason Keltz

Hi.

I'd like to experiment with host device passthrough in ovirt 3.6.
I have a temperature sensor that connects up to a serial port.
I've plugged the device into one of my virt hosts, and through 
/dev/ttyS1, I can read it.


# dmesg | grep ttyS1
[1.140221] 00:04: ttyS1 at I/O 0x2f8 (irq = 3) is a 16550A

ls -l /sys/class/tty/ttyS1/device/driver reveals:


total 0
drwxr-xr-x. 2 root root0 Nov  7 19:01 .
drwxr-xr-x. 7 root root0 Nov  7 19:01 ..
lrwxrwxrwx. 1 root root0 Nov  9 11:32 00:04 -> 
../../../../devices/pnp0/00:04
lrwxrwxrwx. 1 root root0 Nov  9 11:32 00:05 -> 
../../../../devices/pnp0/00:05

--w---. 1 root root 4096 Nov  9 11:32 bind
--w---. 1 root root 4096 Nov  7 19:01 uevent
--w---. 1 root root 4096 Nov  9 11:32 unbind



# ls -al /sys/devices/pnp0/00\:04/
total 0
drwxr-xr-x.  4 root root0 Nov  7 19:01 .
drwxr-xr-x. 17 root root0 Nov  7 19:01 ..
lrwxrwxrwx.  1 root root0 Nov  7 19:01 driver -> 
../../../bus/pnp/drivers/serial
lrwxrwxrwx.  1 root root0 Nov  9 11:34 firmware_node -> 
../../LNXSYSTM:00/device:00/PNP0A08:00/device:18/PNP0501:00

-r--r--r--.  1 root root 4096 Nov  9 11:32 id
-r--r--r--.  1 root root 4096 Nov  9 11:34 options
drwxr-xr-x.  2 root root0 Nov  7 19:01 power
-rw-r--r--.  1 root root 4096 Nov  9 11:32 resources
lrwxrwxrwx.  1 root root0 Nov  7 19:01 subsystem -> ../../../bus/pnp
drwxr-xr-x.  3 root root0 Nov  7 19:01 tty
-rw-r--r--.  1 root root 4096 Nov  7 19:01 uevent


I don't necessarily see this device listed in the host passtshrough.
In addition, since I'm able to connect to the serial device right now on 
the host, this would mean that I need to "blacklist" that device from 
the host so that when it boots, it doesn't load the driver?


Thanks for any help..

Jason.


--
Jason Keltz
Manager of Development
Department of Electrical Engineering and Computer Science
York University, Toronto, Canada
Tel: 416-736-2100 x. 33570
Fax: 416-736-5872

___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users


Re: [ovirt-users] upgrade from 3.5 to 3.6 causing problems with migration

2015-11-06 Thread Jason Keltz

On 11/06/2015 02:02 PM, Simone Tiraboschi wrote:



On Fri, Nov 6, 2015 at 5:21 PM, Jason Keltz <j...@cse.yorku.ca 
<mailto:j...@cse.yorku.ca>> wrote:


Hi.

Last night, I upgraded my engine from 3.5 to 3.6.  That went
flawlessly.
Today, I'm trying to upgrade the vdsm on the hosts from 3.5 to 3.6
(along with applying other RHEL7.1 updates) However, when I'm
trying to put each host into maintenance mode, and migrations
start to occur, they all seem to FAIL now!  Even worse, when they
fail, it leaves the hosts DOWN!  If there's a failure, I'd expect
the host to simply abort the migration  Any help in debugging
this would be VERY much appreciated!

2015-11-06 10:09:16,065 ERROR
[org.ovirt.engine.core.dal.dbbroker.auditloghandling.AuditLogDirector]
(org.ovirt.thread.pool-8-thread-4) [] Correlation ID:
658ba478, Job ID: 524e8c44-04e0-42d3-89f9-9f4e4d397583, Call
Stack: null, Custom Event ID: -1, Message: Migration failed 
(VM: eportfolio, Source: virt1).

2015-11-06 10:10:17,112 ERROR
[org.ovirt.engine.core.dal.dbbroker.auditloghandling.AuditLogDirector]
(org.ovirt.thread.pool-8-thread-22) [2f0dee16] Correlation ID:
7da3ac1b, Job ID: 93c0b1f2-4c8e-48cf-9e63-c1ba91be425f, Call
Stack: null, Custom Event ID: -1, Message: Migration failed 
(VM: ftp1, Source: virt1).

2015-11-06 10:15:08,273 ERROR
[org.ovirt.engine.core.dal.dbbroker.auditloghandling.AuditLogDirector]
(org.ovirt.thread.pool-8-thread-45) [] Correlation ID:
5394ef76, Job ID: 994065fc-a142-4821-934a-c2297d86ec12, Call
Stack: null, Custom Event ID: -1, Message: Migration failed 
while Host is in 'preparing for maintenance' state.

2015-11-06 10:19:13,712 ERROR
[org.ovirt.engine.core.dal.dbbroker.auditloghandling.AuditLogDirector]
(org.ovirt.thread.pool-8-thread-36) [] Correlation ID:
6e422728, Job ID: 994065fc-a142-4821-934a-c2297d86ec12, Call
Stack: null, Custom Event ID: -1, Message: Migration failed 
while Host is in 'preparing for maintenance' state.

2015-11-06 10:42:37,852 ERROR
[org.ovirt.engine.core.dal.dbbroker.auditloghandling.AuditLogDirector]
(org.ovirt.thread.pool-8-thread-12) [] Correlation ID:
e7f6300, Job ID: 1ea16622-0fa0-4e92-89e5-9dc235c03ef8, Call
Stack: null, Custom Event ID: -1, Message: Migration failed 
(VM: ipa, Source: virt1).

2015-11-06 10:43:59,732 ERROR
[org.ovirt.engine.core.dal.dbbroker.auditloghandling.AuditLogDirector]
(org.ovirt.thread.pool-8-thread-40) [] Correlation ID:
39cfdf9, Job ID: 72be29bc-a02b-4a90-b5ec-8b995c2fa692, Call
Stack: null, Custom Event ID: -1, Message: Migration failed 
(VM: labtesteval, Source: virt1).

2015-11-06 10:52:11,893 ERROR
[org.ovirt.engine.core.dal.dbbroker.auditloghandling.AuditLogDirector]
(org.ovirt.thread.pool-8-thread-23) [] Correlation ID:
5c435149, Job ID: 1dcd1e14-baa6-44bc-a853-5d33107b759c, Call
Stack: null, Custom Event ID: -1, Message: Migration failed 
(VM: www-vhost, Source: virt1).




The complete engine log, virt1, virt2, and virt3 vdsm logs are here:

http://www.eecs.yorku.ca/~jas/ovirt-debug/11062015
<http://www.eecs.yorku.ca/%7Ejas/ovirt-debug/11062015>


Is vdsmd service still active on that hosts?


Hi Simone..

Yes..

virt1:
sh-4.2# systemctl -l status vdsmd
vdsmd.service - Virtual Desktop Server Manager
   Loaded: loaded (/usr/lib/systemd/system/vdsmd.service; enabled)
   Active: active (running) since Thu 2015-11-05 22:47:46 EST; 15h ago
 Main PID: 16520 (vdsm)
   CGroup: /system.slice/vdsmd.service
   ├─16520 /usr/bin/python /usr/share/vdsm/vdsm
   ├─30038 /usr/libexec/ioprocess --read-pipe-fd 67 
--write-pipe-fd 66 --max-threads 10 --max-queued-requests 10
   ├─30055 /usr/libexec/ioprocess --read-pipe-fd 76 
--write-pipe-fd 75 --max-threads 10 --max-queued-requests 10
   └─30062 /usr/libexec/ioprocess --read-pipe-fd 81 
--write-pipe-fd 84 --max-threads 10 --max-queued-requests 10


Nov 06 10:09:15 virt1.cs.yorku.ca vdsm[16520]: vdsm root WARNING File: 
/var/lib/libvirt/qemu/channels/62ff4ada-ee98-491e-bfb5-7adda7b513ee.com.redhat.rhevm.vdsm 
already removed
Nov 06 10:09:15 virt1.cs.yorku.ca vdsm[16520]: vdsm root WARNING File: 
/var/lib/libvirt/qemu/channels/62ff4ada-ee98-491e-bfb5-7adda7b513ee.org.qemu.guest_agent.0 
already removed
Nov 06 10:10:15 virt1.cs.yorku.ca vdsm[16520]: vdsm root WARNING File: 
/var/lib/libvirt/qemu/channels/aa487207-7ff4-465a-9d9b-2a103d50dc77.com.redhat.rhevm.vdsm 
already removed
Nov 06 10:10:15 virt1.cs.yorku.ca vdsm[16520]: vdsm root WARNING File: 
/var/lib/libvirt/qemu/channels/aa487207-7ff4-465a-9d9b-2a103d50dc77.org.qemu.guest_agent.0 
already removed
Nov 06 10:42:36 virt1.cs.yorku.ca vdsm

[ovirt-users] upgrade from 3.5 to 3.6 causing problems with migration

2015-11-06 Thread Jason Keltz

Hi.

Last night, I upgraded my engine from 3.5 to 3.6.  That went flawlessly.
Today, I'm trying to upgrade the vdsm on the hosts from 3.5 to 3.6 
(along with applying other RHEL7.1 updates)  However, when I'm trying to 
put each host into maintenance mode, and migrations start to occur, they 
all seem to FAIL now!  Even worse, when they fail, it leaves the hosts 
DOWN!  If there's a failure, I'd expect the host to simply abort the 
migration  Any help in debugging this would be VERY much appreciated!


2015-11-06 10:09:16,065 ERROR 
[org.ovirt.engine.core.dal.dbbroker.auditloghandling.AuditLogDirector] 
(org.ovirt.thread.pool-8-thread-4) [] Correlation ID: 658ba478, Job 
ID: 524e8c44-04e0-42d3-89f9-9f4e4d397583, Call Stack: null, Custom 
Event ID: -1, Message: Migration failed  (VM: eportfolio, Source: virt1).
2015-11-06 10:10:17,112 ERROR 
[org.ovirt.engine.core.dal.dbbroker.auditloghandling.AuditLogDirector] 
(org.ovirt.thread.pool-8-thread-22) [2f0dee16] Correlation ID: 
7da3ac1b, Job ID: 93c0b1f2-4c8e-48cf-9e63-c1ba91be425f, Call Stack: 
null, Custom Event ID: -1, Message: Migration failed  (VM: ftp1, 
Source: virt1).
2015-11-06 10:15:08,273 ERROR 
[org.ovirt.engine.core.dal.dbbroker.auditloghandling.AuditLogDirector] 
(org.ovirt.thread.pool-8-thread-45) [] Correlation ID: 5394ef76, Job 
ID: 994065fc-a142-4821-934a-c2297d86ec12, Call Stack: null, Custom 
Event ID: -1, Message: Migration failed  while Host is in 'preparing 
for maintenance' state.
2015-11-06 10:19:13,712 ERROR 
[org.ovirt.engine.core.dal.dbbroker.auditloghandling.AuditLogDirector] 
(org.ovirt.thread.pool-8-thread-36) [] Correlation ID: 6e422728, Job 
ID: 994065fc-a142-4821-934a-c2297d86ec12, Call Stack: null, Custom 
Event ID: -1, Message: Migration failed  while Host is in 'preparing 
for maintenance' state.
2015-11-06 10:42:37,852 ERROR 
[org.ovirt.engine.core.dal.dbbroker.auditloghandling.AuditLogDirector] 
(org.ovirt.thread.pool-8-thread-12) [] Correlation ID: e7f6300, Job 
ID: 1ea16622-0fa0-4e92-89e5-9dc235c03ef8, Call Stack: null, Custom 
Event ID: -1, Message: Migration failed  (VM: ipa, Source: virt1).
2015-11-06 10:43:59,732 ERROR 
[org.ovirt.engine.core.dal.dbbroker.auditloghandling.AuditLogDirector] 
(org.ovirt.thread.pool-8-thread-40) [] Correlation ID: 39cfdf9, Job 
ID: 72be29bc-a02b-4a90-b5ec-8b995c2fa692, Call Stack: null, Custom 
Event ID: -1, Message: Migration failed  (VM: labtesteval, Source: virt1).
2015-11-06 10:52:11,893 ERROR 
[org.ovirt.engine.core.dal.dbbroker.auditloghandling.AuditLogDirector] 
(org.ovirt.thread.pool-8-thread-23) [] Correlation ID: 5c435149, Job 
ID: 1dcd1e14-baa6-44bc-a853-5d33107b759c, Call Stack: null, Custom 
Event ID: -1, Message: Migration failed  (VM: www-vhost, Source: virt1).



The complete engine log, virt1, virt2, and virt3 vdsm logs are here:

http://www.eecs.yorku.ca/~jas/ovirt-debug/11062015

Jason.

___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users


[ovirt-users] empty IP Address and FQDN for all Virtual Machines in engine

2015-11-01 Thread Jason Keltz

Hi.

I notice that the IP Address and FQDN fields for all of my VMs (mostly 
CentOS 6) in engine are empty.   This doesn't seem to affect any 
operation.   Why would this be?


Thanks,

Jason.
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users


[ovirt-users] Question about upgrading ovirt 3.5.3 to 3.5.4

2015-09-09 Thread Jason Keltz

Hi.

I have a system consisting of an engine + several hosts running 3.5.3, 
and I want to upgrade everything to 3.5.4.   According to the release 
notes, all I should do is:



# yum update "ovirt-engine-setup*"
# engine-setup


I did this with engine, and it seemed to upgrade okay.

I'm puzzled whether this applies to the hosts as well?  The release 
notes aren't clear to me in that respect.


Thanks for any assistance!

Jason.

___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users


Re: [ovirt-users] Question about upgrading ovirt 3.5.3 to 3.5.4

2015-09-09 Thread Jason Keltz


On 09/09/2015 03:22 PM, Alon Bar-Lev wrote:


- Original Message -

From: "Jason Keltz" <j...@cse.yorku.ca>
To: "users" <users@ovirt.org>
Sent: Wednesday, September 9, 2015 10:08:31 PM
Subject: [ovirt-users] Question about upgrading ovirt 3.5.3 to 3.5.4

Hi.

I have a system consisting of an engine + several hosts running 3.5.3,
and I want to upgrade everything to 3.5.4.   According to the release
notes, all I should do is:


# yum update "ovirt-engine-setup*"
# engine-setup

I did this with engine, and it seemed to upgrade okay.

I'm puzzled whether this applies to the hosts as well?  The release
notes aren't clear to me in that respect.

Thanks for any assistance!

At host you can run "yum update" or "yum update vdsm" if you like to update 
specific.

Thanks!  The maintainer of the release notes should probably clarify 
this point in the notes.  Now I know! :)


Jas.

___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users


Re: [ovirt-users] [ATN] LDAP Users please read

2015-08-07 Thread Jason Keltz


On 08/06/2015 01:50 PM, Alon Bar-Lev wrote:


- Original Message -

From: Jason Keltz j...@cse.yorku.ca
To: users@ovirt.org
Sent: Thursday, August 6, 2015 7:47:26 PM
Subject: Re: [ovirt-users] [ATN] LDAP Users please read

On 04.08.2015 09:56, Alon Bar-Lev wrote:

Hello LDAP Users,

If you migrated from 3.4 or if you used engine-managed-domains to add LDAP
support into engine - this message is for you.

In 3.5 we introduced a new LDAP provider[1][2], it is superset of the
previous implementation, highlights includes:
* Better response times.
* Simplicity, Use of LDAP protocol only - kerberos is no longer needed.
* More LDAP implementations are supported.
* Flexible configuration, can be customized on site to support special
setups.
* Supportability, better logs and feedbacks to enable remote support.
* Variety of fallback policies, examples: srvrecord, failover,
round-robin and more.
* Active Directory: supports multiple domain in forest.

In 3.5 the previous LDAP provider is marked as legacy, users' issues will
be resolved by migration to the new provider.

Upgrade to 4.0 will not be possible if legacy provider is being used.

The new provider is working without any issue for quite some time, we
would like to eliminate the remaining usage of the legacy provider as
soon as possible.

A tool was created[3] to automate the process, it should perform
everything in safe and automatic process, while enables customization if
such required. The one prerequisite that we could not automate easily is
obtaining the CA certificate used by the LDAP server to communicate using
SSL/TLS, you should acquire this manually and provide it as parameter.

We (Ondra CCed and I) will help anyone that is experiencing issues with
the process, please do not delay migration to the point it becomes
emergency.

Let's define a virtual goal -- in 1 month no legacy LDAP usage anywhere.

Regards,
Alon Bar-Lev.

[1] http://www.ovirt.org/Features/AAA
[2]
https://gerrit.ovirt.org/gitweb?p=ovirt-engine-extension-aaa-ldap.git;a=blob;f=README;hb=ovirt-engine-extension-aaa-ldap-1.0

Sorry Alon..

I'm puzzled.  I setup RHEL IPA server to act as an authentication
front-end for my ovirt installation.  It also acts as an IPA server for
all the servers involved in my ovirt installation.

I enabled my engine installation to authenticate with my IPA server like
this:

engine# engine-manage-domains  add --domain=EECS.YORKU.CA --provider=ipa
--user=ovirtadmin

Your new system refers to only LDAP, and not Kerberos, other than saying
that it obsoletes the legacy Kerberos/LDAP implementation.   Will
Kerberos support now be obsolete?  Since I've already invested the time
to get engine working with IPA and Kerberos, I don't really see the
point in changing things now, but I'd also rather deal with this now,
rather than down the line when I want to upgrade and find that my
existing installation is no longer compatible.Sooo -- does this
change still affect my current installation? Should I migrate? What do I
migrate to? and How?

Not at all.

The IPA provides several services, at least LDAP, DNS, Kerberos:

These two are not actually related and used for two different purposes:

1. LDAP - a protocol to access a repository (database) holding entity 
information.

2. DNS - a protocol to locate resources within network.

3. Kerberos - single sign on infrastructure, enables to create trust between 
entities and single server, while after successful authentication, entity can 
access other entities without presenting credentials.

Why do we use LDAP? LDAP is standard [simple(?)] protocol to acquire entity 
information.

Why do we use Kerberos? Mainly for users will not require to enter their 
passwords over and over to access services (SSO), and to not expose their 
credentials to services.

For various of incorrect reasons the legacy LDAP provider implementation used 
Kerberos to authenticate between the engine machine and the LDAP server. This 
actually breaks one of the major kerberos principals - do not expose the 
credentials to service. In our case the engine machine is the service and the 
user and password are sent to the engine machine so it can issue Kerberos 
ticket instead of it accepting restricted ticket from the user.

Moreover, using two protocols in order to perform authentication and 
authorization introduces complexity, performance impact and probably depend on 
one other service DNS srvrecord. So we need true services to be configured 
correctly and operating in order to be able to perform a task that can be 
performed using LDAP only.

In practice, if a service has access to user credentials (user/password) it can 
communicate directly using LDAP to the entity repository to very if these 
correct. This is similar to how Kerberos behaves in IPA environment, as 
password is actually stored in the repository.

The new implementation does exactly that, it uses only LDAP protocol to perform

Re: [ovirt-users] [ATN] LDAP Users please read

2015-08-06 Thread Jason Keltz

On 04.08.2015 09:56, Alon Bar-Lev wrote:

Hello LDAP Users,

If you migrated from 3.4 or if you used engine-managed-domains to add LDAP 
support into engine - this message is for you.

In 3.5 we introduced a new LDAP provider[1][2], it is superset of the previous 
implementation, highlights includes:
   * Better response times.
   * Simplicity, Use of LDAP protocol only - kerberos is no longer needed.
   * More LDAP implementations are supported.
   * Flexible configuration, can be customized on site to support special 
setups.
   * Supportability, better logs and feedbacks to enable remote support.
   * Variety of fallback policies, examples: srvrecord, failover, round-robin 
and more.
   * Active Directory: supports multiple domain in forest.

In 3.5 the previous LDAP provider is marked as legacy, users' issues will be 
resolved by migration to the new provider.

Upgrade to 4.0 will not be possible if legacy provider is being used.

The new provider is working without any issue for quite some time, we would 
like to eliminate the remaining usage of the legacy provider as soon as 
possible.

A tool was created[3] to automate the process, it should perform everything in 
safe and automatic process, while enables customization if such required. The 
one prerequisite that we could not automate easily is obtaining the CA 
certificate used by the LDAP server to communicate using SSL/TLS, you should 
acquire this manually and provide it as parameter.

We (Ondra CCed and I) will help anyone that is experiencing issues with the 
process, please do not delay migration to the point it becomes emergency.

Let's define a virtual goal -- in 1 month no legacy LDAP usage anywhere.

Regards,
Alon Bar-Lev.

[1] http://www.ovirt.org/Features/AAA
[2] 
https://gerrit.ovirt.org/gitweb?p=ovirt-engine-extension-aaa-ldap.git;a=blob;f=README;hb=ovirt-engine-extension-aaa-ldap-1.0

Sorry Alon..

I'm puzzled.  I setup RHEL IPA server to act as an authentication 
front-end for my ovirt installation.  It also acts as an IPA server for 
all the servers involved in my ovirt installation.


I enabled my engine installation to authenticate with my IPA server like 
this:

engine# engine-manage-domains  add --domain=EECS.YORKU.CA --provider=ipa 
--user=ovirtadmin
Your new system refers to only LDAP, and not Kerberos, other than saying 
that it obsoletes the legacy Kerberos/LDAP implementation.   Will 
Kerberos support now be obsolete?  Since I've already invested the time 
to get engine working with IPA and Kerberos, I don't really see the 
point in changing things now, but I'd also rather deal with this now, 
rather than down the line when I want to upgrade and find that my 
existing installation is no longer compatible.Sooo -- does this 
change still affect my current installation? Should I migrate? What do I 
migrate to? and How?


Thanks!

Jason.


___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users


Re: [ovirt-users] problems with power management using idrac7 on r620

2015-06-17 Thread Jason Keltz
Hi Marek.

Actually its the idrac that I believe has the memory leak.  Dell wants to
know how often ovirt is querying the idrac for status and whether the delay
is configurable.

Jason.
On Jun 17, 2015 2:42 AM, Marek marx Grac mg...@redhat.com wrote:



 On 06/16/2015 09:37 AM, Eli Mesika wrote:

 CCing Marek Grac

 - Original Message -

 From: Jason Keltz jason.ke...@gmail.com
 To: users users@ovirt.org
 Cc: Eli Mesika emes...@redhat.com
 Sent: Monday, June 15, 2015 11:08:35 PM
 Subject: problems with power management using idrac7 on r620

 Hi.

 I've been having problem with power management using iDRAC 7 EXPRESS on
 a Dell R620.  This uses a shared LOM as opposed to Enterprise that has a
 dedicated one.   Every now and then, idrac simply stops responding to
 ping, so it can't respond to status commands from the proxy.  If I send
 a reboot with ipmitool mc reset cold command, the idrac reboots and
 comes back, but after the problem has occurred, even after a reboot, it
 responds to ping, but drops 80+% of packets.  The only way I can solve
 the problem is to physically restart the server.This isn't just
 happening on  one R620 - it's happening on all of my ovirt hosts.  I
 highly suspect it has to do with a memory leak, and being monitored by
 engine causes the problem.I had applied a recent firmware upgrade
 that was supposed to solve this kind of problem, but it doesn't.  In
 other to provide Dell with more details, can someone tell me how often
 each host is being queried for status?  I can't seem to find that info.
 The idrac on my file server doesn't seem to exhibit the same problem,
 and I suspect that is because it isn't being queried.

 Hi,

 fence agent for IPMI is based on ipmitool. So if ping/ipmitool is not
 working there is not much to do about it. I don't know enough about oVirt
 engine but there is no real place where fence agent can memory leak because
 it does not run as daemon.

 m,

___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users


Re: [ovirt-users] problems with power management using idrac7 on r620

2015-06-17 Thread Jason Keltz

Hi Eli..
Thank you!
I checked and health check is not enabled So the problem causing the 
idrac to go away is not status monitoring from ovirt after all...Hmm... 
Makes me wonder if actually enabling it will prevent the problem from 
happening.


Jas

Sent with AquaMail for Android
http://www.aqua-mail.com


On June 17, 2015 5:19:28 AM Eli Mesika emes...@redhat.com wrote:




- Original Message -
 From: Jason Keltz jason.ke...@gmail.com
 To: Marek marx Grac mg...@redhat.com
 Cc: Eli Mesika emes...@redhat.com, users users@ovirt.org
 Sent: Wednesday, June 17, 2015 12:02:48 PM
 Subject: Re: problems with power management using idrac7 on r620

 Hi Marek.

 Actually its the idrac that I believe has the memory leak.  Dell wants to
 know how often ovirt is querying the idrac for status and whether the delay
 is configurable.

Well oVirt does not query the status automatically by default
There is a feature that enables that
http://www.ovirt.org/Features/PMHealthCheck
Basically this feature depends on 2 configuration values :

PMHealthCheckEnabled that shoul be true if the feature is enabled
PMHealthCheckIntervalInSec which is defaulted to 3600 Sec , so it is 
checked in that case once in an hour


So, first please check if this is enabled in your environment

engine-config -g PMHealthCheckEnabled

engine-config -g PMHealthCheckIntervalInSec

Other scenario when status is used is when host becomes non-responsive

In case that host become non responsive :

After a grace period that depends on the host load and if it is SPM or not 
a soft-fence attempt (vdsmd service restart) is issued
If the soft-fence attempt fails we will do a real fencing (if power 
management is configured correctly on the host and a proxy host is found)

We are sending a STOP command
We are sending by default 18 status command , one each 10 sec until we get 
'off' status from the agent

We are sending a START command
We are sending by default 18 status command , one each 10 sec until we get 
'on' status from the agent


Those depends on the following configuration variables :

FenceStopStatusRetries - default 18
FenceStopStatusDelayBetweenRetriesInSec - default 10
FenceStartStatusRetries - default 18
FenceStartStatusDelayBetweenRetriesInSec - default 10

This can be changed using the engine-config tool (requires restart to take 
affect)





 Jason.
 On Jun 17, 2015 2:42 AM, Marek marx Grac mg...@redhat.com wrote:

 
 
  On 06/16/2015 09:37 AM, Eli Mesika wrote:
 
  CCing Marek Grac
 
  - Original Message -
 
  From: Jason Keltz jason.ke...@gmail.com
  To: users users@ovirt.org
  Cc: Eli Mesika emes...@redhat.com
  Sent: Monday, June 15, 2015 11:08:35 PM
  Subject: problems with power management using idrac7 on r620
 
  Hi.
 
  I've been having problem with power management using iDRAC 7 EXPRESS on
  a Dell R620.  This uses a shared LOM as opposed to Enterprise that has a
  dedicated one.   Every now and then, idrac simply stops responding to
  ping, so it can't respond to status commands from the proxy.  If I send
  a reboot with ipmitool mc reset cold command, the idrac reboots and
  comes back, but after the problem has occurred, even after a reboot, it
  responds to ping, but drops 80+% of packets.  The only way I can solve
  the problem is to physically restart the server.This isn't just
  happening on  one R620 - it's happening on all of my ovirt hosts.  I
  highly suspect it has to do with a memory leak, and being monitored by
  engine causes the problem.I had applied a recent firmware upgrade
  that was supposed to solve this kind of problem, but it doesn't.  In
  other to provide Dell with more details, can someone tell me how often
  each host is being queried for status?  I can't seem to find that info.
  The idrac on my file server doesn't seem to exhibit the same problem,
  and I suspect that is because it isn't being queried.
 
  Hi,
 
  fence agent for IPMI is based on ipmitool. So if ping/ipmitool is not
  working there is not much to do about it. I don't know enough about oVirt
  engine but there is no real place where fence agent can memory leak because
  it does not run as daemon.
 
  m,
 

___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users




___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users


[ovirt-users] problems with power management using idrac7 on r620

2015-06-15 Thread Jason Keltz

Hi.

I've been having problem with power management using iDRAC 7 EXPRESS on 
a Dell R620.  This uses a shared LOM as opposed to Enterprise that has a 
dedicated one.   Every now and then, idrac simply stops responding to 
ping, so it can't respond to status commands from the proxy.  If I send 
a reboot with ipmitool mc reset cold command, the idrac reboots and 
comes back, but after the problem has occurred, even after a reboot, it 
responds to ping, but drops 80+% of packets.  The only way I can solve 
the problem is to physically restart the server.This isn't just 
happening on  one R620 - it's happening on all of my ovirt hosts.  I 
highly suspect it has to do with a memory leak, and being monitored by 
engine causes the problem.I had applied a recent firmware upgrade 
that was supposed to solve this kind of problem, but it doesn't.  In 
other to provide Dell with more details, can someone tell me how often 
each host is being queried for status?  I can't seem to find that info.  
The idrac on my file server doesn't seem to exhibit the same problem, 
and I suspect that is because it isn't being queried.


Thanks,

Jason.
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users


Re: [ovirt-users] oVirt IDrac7

2015-05-30 Thread Jason Keltz

On 29/05/2015 6:58 PM, Juan Carlos YJ. Lin wrote:
I configured iDrac7 on dell server, have acces by hppts, IPMI active, 
but when test power configuration to node, comes success,unknown, then 
get alert with node power fance test fail.
Dell R720 and dell R420 Centos 6 with same issue, I missconfigure 
something?


Hi Juan,

If you're using ovirt  3.5.2, then you should try to include as 
options: privlvl=OPERATOR,lanplus=1,delay=10

If you're ovirt = 3.5.2, then you probably only need: lanplus=1

Under CentOS 7.0, and 3.5.2, the default worked because 3.5.2 was the 
first release to include the default options for idrac7, but when 
fence-agents was updated with CentOS 7.1 release, lanplus alone is no 
longer valid syntax.  lanplus=1 is.  A bug is reported to this effect.


I hope this helps!

Jason.
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users


Re: [ovirt-users] adding LINKDELAY to ovirtmgmt when vdsm configures it

2015-05-07 Thread Jason Keltz


On 05/06/2015 10:48 AM, Jason Keltz wrote:

Hi.

Is it possible through engine to specify configuration parameters for 
network interfaces that must be passed through on initialization?  For 
example, I need em1 and em2 configured with LINKDELAY=10.  I can add 
it after the fact, but I don't want to do that.  I want vdsm to 
configure the interface with that setup already the first time.


Jason.


Argh x 10.

I have 2 x Intel 10G ports on an Intel X540 adapter.  If I kickstart a 
brand new host, and configure em1 with LINKDELAY=10, the system boots, 
and gets an IP via DHCP.  If I then add the host through engine, vdsm 
reconfigures em1 and removes LINKDELAY.  Now, since the network adapter 
takes a little extra time to initialize, install fails.  If I add 
LINKDELAY=10 back manually to 
/etc/sysconfig/network-scripts/ifcfg-em1, VDSM will happily remove it on 
the next reboot.  If I modify 
/var/lib/vdsm/persistence/netconf/nets/ovirtmgmt, and insert: 
linkdelay:10, and reboot, vdsm fills it in for me as I'd expect, but 
it's too late - engine thinks the install already failed!  I can delete 
the failed install host, and re-do the install.  This time it will 
work, but then my instructions are messy... Install the host, let it 
fail, modify a file manually, re-install... clearly, not clear!!   
Finally, as a last attempt, I've tried to copy 
/var/lib/vdsm/persistence/netconf/nets and bonds to the host during 
kickstart, hoping that when vdsm initialized, it would see those files 
there, and I'd have all 4 networks configured already for me. The result 
is weird.  ovirtmgmt configured fine including LINKDELAY=10.The 
other ones did not.I suspect it's a bad idea to write directly to 
/var/lib/vdsm/persistence/netconf ... What I want to do doesn't seem 
like it should be too complicated...


Ideally, when you add a host through engine, you should be able to 
specify custom network parameters.  Likewise, when you add the other 
interfaces, you should be able to do the same.  Any ideas how to solve 
this problem?


Jason.


___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users


[ovirt-users] adding LINKDELAY to ovirtmgmt when vdsm configures it

2015-05-06 Thread Jason Keltz

Hi.

Is it possible through engine to specify configuration parameters for 
network interfaces that must be passed through on initialization?  For 
example, I need em1 and em2 configured with LINKDELAY=10.  I can add 
it after the fact, but I don't want to do that.  I want vdsm to 
configure the interface with that setup already the first time.


Jason.

___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users


[ovirt-users] status of ovirt 3.5.1 with centos 7.1

2015-04-23 Thread Jason Keltz

Hi.
I wanted to check on the status of ovirt 3.5.1 with CentOS 7.1.  I'm 
pretty sure the current 3.5.1 engine has problems with CentOS 7.1 (?), 
but not sure about vdsm?  I know that 3.5.2 will resolve issues with 
engine...
(I'm asking because I've kickstarted CentOS 7.1 as a host, and am having 
a few problems (eg. unable to talk to power management) and want to 
avoid debugging if it's already known to be broken... :)


Thanks!

Jason.

___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users


Re: [ovirt-users] status of ovirt 3.5.1 with centos 7.1

2015-04-23 Thread Jason Keltz

On 23/04/2015 5:18 PM, Chris Adams wrote:

Once upon a time, Jason Keltz j...@cse.yorku.ca said:

(I'm asking because I've kickstarted CentOS 7.1 as a host, and am
having a few problems (eg. unable to talk to power management) and
want to avoid debugging if it's already known to be broken... :)

The power management appears to be a bug between vdsm and the fence
agents.  Are you using fence_ipmilan?  It seems to not be seeing
options.

Otherwise, I'm running CentOS 7.1 + ovirt 3.5.1 on hosts okay.
engine as well?  I thought I'd read something about that not working 
here... and I think I remember reading a blurb in the release notes for 
3.5.2 about fixing compatibility with CentOS 7.1.



My work-around (quick-n-dirty hack until I have more time to look and
file an appropriate bug) for fence_ipmilan is the following script in
/usr/local/sbin (I just need the lanplus option, adjust as needed):


#!/bin/sh

cat -  /tmp/ipmi.$$
echo -e '\nlanplus=1'  /tmp/ipmi.$$
cat /tmp/ipmi.$$ | /usr/sbin/fence_ipmilan.real $@
rm -f /tmp/ipmi.$$


Yep .. It's for an idrac7... I need lanplus and a few other options as 
well (which are apprently integrated into 3.5.2)..   It was working 
perfectly with ovirt-node, but now that I've switched from node to using 
my own CentOS 7.1 install, the problem was introdued. It's not clear if 
the same problem would occur if I was running CentOS 7.  There were a 
lot of errors in the engine log.  I will look into more detail tomorrow.


Thanks Chris!

Jason.

___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users


[ovirt-users] Windows 7 install problem

2015-04-16 Thread Jason Keltz
I believe I'm following the instructions for installing a Windows 7 test 
VM from the ovirt quick start guide, yet it's not working.
I create the VM, then when I go to Run Once, select Atttach Floppy 
[sysprep] and Attach CD, then click OK, the VM stops with an error: 
Failed to run VM wintest.


engine:

2015-04-16 10:49:01,678 INFO 
[org.ovirt.engine.core.bll.RunVmOnceCommand] (ajp--127.0.0.1-8702-12) 
[5704c4a] Lock Acquired to object EngineLock [exclusiveLocks= key: 
454a5771-2780-4a0b-904a-e2caf08f7bdc value: VM

, sharedLocks= ]
2015-04-16 10:49:01,706 INFO 
[org.ovirt.engine.core.vdsbroker.IsVmDuringInitiatingVDSCommand] 
(ajp--127.0.0.1-8702-12) START, IsVmDuringInitiatingVDSCommand( vmId = 
454a5771-2780-4a0b-904a-e2caf08f7bdc), log id: 3691d118
2015-04-16 10:49:01,707 INFO 
[org.ovirt.engine.core.vdsbroker.IsVmDuringInitiatingVDSCommand] 
(ajp--127.0.0.1-8702-12) FINISH, IsVmDuringInitiatingVDSCommand, return: 
false, log id: 3691d118
2015-04-16 10:49:01,801 INFO 
[org.ovirt.engine.core.bll.RunVmOnceCommand] (ajp--127.0.0.1-8702-12) 
Running command: RunVmOnceCommand internal: false. Entities affected :  
ID: 454a5771-2780-4a0b-904a-e2caf08f7bdc Type: VMAction group 
VM_BASIC_OPERATIONS with role type USER
2015-04-16 10:49:01,874 INFO 
[org.ovirt.engine.core.bll.scheduling.policyunits.HaReservationWeightPolicyUnit] 
(ajp--127.0.0.1-8702-12) Started HA reservation scoring method
2015-04-16 10:49:01,905 INFO [org.ovirt.engine.core.bll.RunVmCommand] 
(ajp--127.0.0.1-8702-12) Running VM with attached cd 
en_windows_7_professional_x64_dvd_x15-65805.iso
2015-04-16 10:49:01,923 INFO 
[org.ovirt.engine.core.vdsbroker.UpdateVmDynamicDataVDSCommand] 
(ajp--127.0.0.1-8702-12) START, UpdateVmDynamicDataVDSCommand(HostName = 
virt2, HostId = 1d1d1fbb-3067-4703-8b51-e0a231d344e6, 
vmDynamic=org.ovirt.engine.core.common.businessentities.VmDynamic@1689f4a7), 
log id: 7d1288a3
2015-04-16 10:49:01,934 INFO 
[org.ovirt.engine.core.vdsbroker.UpdateVmDynamicDataVDSCommand] 
(ajp--127.0.0.1-8702-12) FINISH, UpdateVmDynamicDataVDSCommand, log id: 
7d1288a3
2015-04-16 10:49:01,956 INFO 
[org.ovirt.engine.core.vdsbroker.vdsbroker.IsoPrefixVDSCommand] 
(ajp--127.0.0.1-8702-12) START, IsoPrefixVDSCommand(HostName = virt2, 
HostId = 1d1d1fbb-3067-4703-8b51-e0a231d344e6, 
storagePoolId=a5a001c7-bf45-444d-8e9c-884e6fedec24), log id: 527f003c
2015-04-16 10:49:01,957 INFO 
[org.ovirt.engine.core.vdsbroker.vdsbroker.IsoPrefixVDSCommand] 
(ajp--127.0.0.1-8702-12) FINISH, IsoPrefixVDSCommand, return: 
/rhev/data-center/mnt/virtfs-fs:_nfs_iso/16f88659-d139-49a4-b537-7b5db9b9b1c3/images/----, 
log id: 527f003c
2015-04-16 10:49:01,975 INFO 
[org.ovirt.engine.core.vdsbroker.CreateVmVDSCommand] 
(ajp--127.0.0.1-8702-12) START, CreateVmVDSCommand(HostName = virt2, 
HostId = 1d1d1fbb-3067-4703-8b51-e0a231d344e6, 
vmId=454a5771-2780-4a0b-904a-e2caf08f7bdc, vm=VM [wintest]), log id: 
3dd1813c
2015-04-16 10:49:01,979 WARN 
[org.ovirt.engine.core.vdsbroker.vdsbroker.SysprepHandler] 
(ajp--127.0.0.1-8702-12) Could not find value for key user. Going to use 
default value of:
2015-04-16 10:49:01,996 INFO 
[org.ovirt.engine.core.vdsbroker.vdsbroker.CreateVmFromSysPrepVDSCommand] (ajp--127.0.0.1-8702-12) 
START, CreateVmFromSysPrepVDSCommand(HostName = virt2, HostId = 
1d1d1fbb-3067-4703-8b51-e0a231d344e6, 
vmId=454a5771-2780-4a0b-904a-e2caf08f7bdc, vm=VM [wintest]), log id: 
4640cbb3
2015-04-16 10:49:02,017 INFO 
[org.ovirt.engine.core.vdsbroker.vdsbroker.CreateVDSCommand] 
(ajp--127.0.0.1-8702-12) 
org.ovirt.engine.core.vdsbroker.vdsbroker.CreateVmFromSysPrepVDSCommand 
kvmEnable=true,keyboardLayout=en-us,nice=0,displayNetwork=yorku,copyPasteEnable=true,timeOffset=3600,transparentHugePages=true,vmId=454a5771-2780-4a0b-904a-e2caf08f7bdc,acpiEnable=true,custom={},spiceSslCipherSuite=DEFAULT,memSize=2048,smp=2,emulatedMachine=rhel6.5.0,vmType=kvm,memGuaranteedSize=1365,display=qxl,smartcardEnable=false,bootMenuEnable=false,spiceSecureChannels=smain,sinputs,scursor,splayback,srecord,sdisplay,susbredir,ssmartcard,smpCoresPerSocket=1,maxVCpus=16,hypervEnable=true,devices=[{shared=false, 
iface=fdc, index=0, 

[ovirt-users] benefit to spice-xpi plugin over native spice and remote-viewer

2015-04-06 Thread Jason Keltz

Hi.

I'm wondering if someone can explain the benefit to using the spice-xpi 
plugin to access a console versus using remote-viewer natively from 
the browser, specifically on a RHEL system?  In particular, if you have 
the virt-viewer package installed, and not spice-xpi, and you go to 
visit a console, then the client downloads the configuration file, 
/tmp/console.vv, and calls remote-viewer /tmp/console.vv.  On the 
other hand, if you have spice-xpi installed, it seems that the client 
doesn't need to download the configuration file first, but calls 
remote-viewer --spice-controller.  In both cases, it appears to me 
that the result is the same.  However, using spice-xpi, there seems to 
be an additional 4 seconds delay before I get to the console.  The time 
doesn't really matter.  I'm just wondering if there's a benefit to using 
spice-xpi?


Jason.

___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users


[ovirt-users] Migration failed, No available host found

2015-04-06 Thread Jason Keltz

Hi.

I have 3 nodes in one cluster and 1 VM running on node2.  I'm trying to 
move the VM to node 1 or node 3, and it fails with the error: Migration 
failed, No available host found


I'm unable to decipher engine.log to determine the cause of the 
problem.  Below is what seems to be the relevant lines from the log.  
Any help would be appreciated.


Thank you!

Jason.

---

2015-04-06 08:31:56,554 INFO 
[org.ovirt.engine.core.bll.MigrateVmCommand] (ajp--127.0.0.1-8702-5) 
[3b191496] Lock Acquired to object EngineLock [exclusiveLocks= key: 
9de649ca-c9a9-4ba7-bb2c-61c44e2819af value: VM

, sharedLocks= ]
2015-04-06 08:31:56,686 INFO 
[org.ovirt.engine.core.bll.MigrateVmCommand] 
(org.ovirt.thread.pool-8-thread-20) [3b191496] Running command: 
MigrateVmCommand internal: false. Entities affected :  ID: 
9de649ca-c9a9-4ba7-bb2c-61c44e2819af Type: VMAction group MIGRATE_VM 
with role type USER,  ID: 9de649ca-c9a9-4ba7-bb2c-61c44e2819af Type: 
VMAction group EDIT_VM_PROPERTIES with role type USER,  ID: 
8d432949-e03c-4950-a91a-160727f7bdf2 Type: VdsGroupsAction group 
CREATE_VM with role type USER
2015-04-06 08:31:56,703 INFO 
[org.ovirt.engine.core.bll.scheduling.policyunits.HaReservationWeightPolicyUnit] 
(org.ovirt.thread.pool-8-thread-20) [3b191496] Started HA reservation 
scoring method
2015-04-06 08:31:56,727 INFO 
[org.ovirt.engine.core.vdsbroker.MigrateVDSCommand] 
(org.ovirt.thread.pool-8-thread-20) [3b191496] START, 
MigrateVDSCommand(HostName = virt2, HostId = 
1d1d1fbb-3067-4703-8b51-e0a231d344e6, 
vmId=9de649ca-c9a9-4ba7-bb2c-61c44e2819af, srcHost=192.168.0.35, 
dstVdsId=3429b1fc-36d5-4078-831c-a5b4370a8bfc, 
dstHost=192.168.0.36:54321, migrationMethod=ONLINE, 
tunnelMigration=false, migrationDowntime=0), log id: 7555acbd
2015-04-06 08:31:56,728 INFO 
[org.ovirt.engine.core.vdsbroker.vdsbroker.MigrateBrokerVDSCommand] 
(org.ovirt.thread.pool-8-thread-20) [3b191496] START, 
MigrateBrokerVDSCommand(HostName = virt2, HostId = 
1d1d1fbb-3067-4703-8b51-e0a231d344e6, 
vmId=9de649ca-c9a9-4ba7-bb2c-61c44e2819af, srcHost=192.168.0.35, 
dstVdsId=3429b1fc-36d5-4078-831c-a5b4370a8bfc, 
dstHost=192.168.0.36:54321, migrationMethod=ONLINE, 
tunnelMigration=false, migrationDowntime=0), log id: 6d98fb94
2015-04-06 08:31:56,734 INFO 
[org.ovirt.engine.core.vdsbroker.vdsbroker.MigrateBrokerVDSCommand] 
(org.ovirt.thread.pool-8-thread-20) [3b191496] FINISH, 
MigrateBrokerVDSCommand, log id: 6d98fb94
2015-04-06 08:31:56,769 INFO 
[org.ovirt.engine.core.vdsbroker.MigrateVDSCommand] 
(org.ovirt.thread.pool-8-thread-20) [3b191496] FINISH, 
MigrateVDSCommand, return: MigratingFrom, log id: 7555acbd
2015-04-06 08:31:56,778 INFO 
[org.ovirt.engine.core.dal.dbbroker.auditloghandling.AuditLogDirector] 
(org.ovirt.thread.pool-8-thread-20) [3b191496] Correlation ID: 3b191496, 
Job ID: 0f8c2d21-201e-454f-9876-dce9a1ca56fd, Call Stack: null, Custom 
Event ID: -1, Message: Migration started (VM: nindigo, Source: virt2, 
Destination: virt3, User: admin@internal).
2015-04-06 08:33:17,633 INFO 
[org.ovirt.engine.core.vdsbroker.VdsUpdateRunTimeInfo] 
(DefaultQuartzScheduler_Worker-35) [71f97a52] VM nindigo 
9de649ca-c9a9-4ba7-bb2c-61c44e2819af moved from MigratingFrom -- Up
2015-04-06 08:33:17,633 INFO 
[org.ovirt.engine.core.vdsbroker.VdsUpdateRunTimeInfo] 
(DefaultQuartzScheduler_Worker-35) [71f97a52] Adding VM 
9de649ca-c9a9-4ba7-bb2c-61c44e2819af to re-run list
2015-04-06 08:33:17,661 ERROR 
[org.ovirt.engine.core.vdsbroker.VdsUpdateRunTimeInfo] 
(DefaultQuartzScheduler_Worker-35) [71f97a52] Rerun vm 
9de649ca-c9a9-4ba7-bb2c-61c44e2819af. Called from vds virt2
2015-04-06 08:33:17,666 INFO 
[org.ovirt.engine.core.vdsbroker.vdsbroker.MigrateStatusVDSCommand] 
(org.ovirt.thread.pool-8-thread-38) [71f97a52] START, 
MigrateStatusVDSCommand(HostName = virt2, HostId = 
1d1d1fbb-3067-4703-8b51-e0a231d344e6, 
vmId=9de649ca-c9a9-4ba7-bb2c-61c44e2819af), log id: 6c3c9923
2015-04-06 08:33:17,669 ERROR 
[org.ovirt.engine.core.vdsbroker.vdsbroker.MigrateStatusVDSCommand] 
(org.ovirt.thread.pool-8-thread-38) [71f97a52] Failed in 
MigrateStatusVDS method
2015-04-06 08:33:17,670 INFO 
[org.ovirt.engine.core.vdsbroker.vdsbroker.MigrateStatusVDSCommand] 
(org.ovirt.thread.pool-8-thread-38) [71f97a52] Command 
org.ovirt.engine.core.vdsbroker.vdsbroker.MigrateStatusVDSCommand return 
value
 StatusOnlyReturnForXmlRpc [mStatus=StatusForXmlRpc [mCode=12, 
mMessage=Fatal error during migration]]
2015-04-06 08:33:17,670 INFO 
[org.ovirt.engine.core.vdsbroker.vdsbroker.MigrateStatusVDSCommand] 
(org.ovirt.thread.pool-8-thread-38) [71f97a52] HostName = virt2
2015-04-06 08:33:17,670 ERROR 
[org.ovirt.engine.core.vdsbroker.vdsbroker.MigrateStatusVDSCommand] 
(org.ovirt.thread.pool-8-thread-38) [71f97a52] Command 
MigrateStatusVDSCommand(HostName = virt2, HostId = 
1d1d1fbb-3067-4703-8b51-e0a231d344e6, 
vmId=9de649ca-c9a9-4ba7-bb2c-61c44e2819af) execution failed. Exception: 
VDSErrorException: VDSGenericException: VDSErrorException: Failed to 

Re: [ovirt-users] Migration failed, No available host found

2015-04-06 Thread Jason Keltz

Hi Artyom,

Here are the vdsm logs from  virt1, virt2 (where the node is running), 
and virt3.

The logs from virt2 look suspicious, but still not sure the problem.

http://goo.gl/GjbWUP

Jason.

On 04/06/2015 09:42 AM, Artyom Lukianov wrote:

Engine try to migrate vm on some available host, but migration failed, so 
engine try another host. From some reason migration failed on all hosts:
(org.ovirt.thread.pool-8-thread-38) [71f97a52] Command
MigrateStatusVDSCommand(HostName = virt2, HostId =
1d1d1fbb-3067-4703-8b51-e0a231d344e6,
vmId=9de649ca-c9a9-4ba7-bb2c-61c44e2819af) execution failed. Exception:
VDSErrorException: VDSGenericException: VDSErrorException: Failed to
MigrateStatusVDS, error = Fatal error during migration, code = 12

For future investigation we need vdsm logs(/var/log/vdsm/vdsm.log) from source 
and also from destination hosts.
Thanks


- Original Message -
From: Jason Keltz j...@cse.yorku.ca
To: users users@ovirt.org
Sent: Monday, April 6, 2015 3:47:23 PM
Subject: [ovirt-users] Migration failed, No available host found

Hi.

I have 3 nodes in one cluster and 1 VM running on node2.  I'm trying to
move the VM to node 1 or node 3, and it fails with the error: Migration
failed, No available host found

I'm unable to decipher engine.log to determine the cause of the
problem.  Below is what seems to be the relevant lines from the log.
Any help would be appreciated.

Thank you!

Jason.

---

2015-04-06 08:31:56,554 INFO
[org.ovirt.engine.core.bll.MigrateVmCommand] (ajp--127.0.0.1-8702-5)
[3b191496] Lock Acquired to object EngineLock [exclusiveLocks= key:
9de649ca-c9a9-4ba7-bb2c-61c44e2819af value: VM
, sharedLocks= ]
2015-04-06 08:31:56,686 INFO
[org.ovirt.engine.core.bll.MigrateVmCommand]
(org.ovirt.thread.pool-8-thread-20) [3b191496] Running command:
MigrateVmCommand internal: false. Entities affected :  ID:
9de649ca-c9a9-4ba7-bb2c-61c44e2819af Type: VMAction group MIGRATE_VM
with role type USER,  ID: 9de649ca-c9a9-4ba7-bb2c-61c44e2819af Type:
VMAction group EDIT_VM_PROPERTIES with role type USER,  ID:
8d432949-e03c-4950-a91a-160727f7bdf2 Type: VdsGroupsAction group
CREATE_VM with role type USER
2015-04-06 08:31:56,703 INFO
[org.ovirt.engine.core.bll.scheduling.policyunits.HaReservationWeightPolicyUnit]
(org.ovirt.thread.pool-8-thread-20) [3b191496] Started HA reservation
scoring method
2015-04-06 08:31:56,727 INFO
[org.ovirt.engine.core.vdsbroker.MigrateVDSCommand]
(org.ovirt.thread.pool-8-thread-20) [3b191496] START,
MigrateVDSCommand(HostName = virt2, HostId =
1d1d1fbb-3067-4703-8b51-e0a231d344e6,
vmId=9de649ca-c9a9-4ba7-bb2c-61c44e2819af, srcHost=192.168.0.35,
dstVdsId=3429b1fc-36d5-4078-831c-a5b4370a8bfc,
dstHost=192.168.0.36:54321, migrationMethod=ONLINE,
tunnelMigration=false, migrationDowntime=0), log id: 7555acbd
2015-04-06 08:31:56,728 INFO
[org.ovirt.engine.core.vdsbroker.vdsbroker.MigrateBrokerVDSCommand]
(org.ovirt.thread.pool-8-thread-20) [3b191496] START,
MigrateBrokerVDSCommand(HostName = virt2, HostId =
1d1d1fbb-3067-4703-8b51-e0a231d344e6,
vmId=9de649ca-c9a9-4ba7-bb2c-61c44e2819af, srcHost=192.168.0.35,
dstVdsId=3429b1fc-36d5-4078-831c-a5b4370a8bfc,
dstHost=192.168.0.36:54321, migrationMethod=ONLINE,
tunnelMigration=false, migrationDowntime=0), log id: 6d98fb94
2015-04-06 08:31:56,734 INFO
[org.ovirt.engine.core.vdsbroker.vdsbroker.MigrateBrokerVDSCommand]
(org.ovirt.thread.pool-8-thread-20) [3b191496] FINISH,
MigrateBrokerVDSCommand, log id: 6d98fb94
2015-04-06 08:31:56,769 INFO
[org.ovirt.engine.core.vdsbroker.MigrateVDSCommand]
(org.ovirt.thread.pool-8-thread-20) [3b191496] FINISH,
MigrateVDSCommand, return: MigratingFrom, log id: 7555acbd
2015-04-06 08:31:56,778 INFO
[org.ovirt.engine.core.dal.dbbroker.auditloghandling.AuditLogDirector]
(org.ovirt.thread.pool-8-thread-20) [3b191496] Correlation ID: 3b191496,
Job ID: 0f8c2d21-201e-454f-9876-dce9a1ca56fd, Call Stack: null, Custom
Event ID: -1, Message: Migration started (VM: nindigo, Source: virt2,
Destination: virt3, User: admin@internal).
2015-04-06 08:33:17,633 INFO
[org.ovirt.engine.core.vdsbroker.VdsUpdateRunTimeInfo]
(DefaultQuartzScheduler_Worker-35) [71f97a52] VM nindigo
9de649ca-c9a9-4ba7-bb2c-61c44e2819af moved from MigratingFrom -- Up
2015-04-06 08:33:17,633 INFO
[org.ovirt.engine.core.vdsbroker.VdsUpdateRunTimeInfo]
(DefaultQuartzScheduler_Worker-35) [71f97a52] Adding VM
9de649ca-c9a9-4ba7-bb2c-61c44e2819af to re-run list
2015-04-06 08:33:17,661 ERROR
[org.ovirt.engine.core.vdsbroker.VdsUpdateRunTimeInfo]
(DefaultQuartzScheduler_Worker-35) [71f97a52] Rerun vm
9de649ca-c9a9-4ba7-bb2c-61c44e2819af. Called from vds virt2
2015-04-06 08:33:17,666 INFO
[org.ovirt.engine.core.vdsbroker.vdsbroker.MigrateStatusVDSCommand]
(org.ovirt.thread.pool-8-thread-38) [71f97a52] START,
MigrateStatusVDSCommand(HostName = virt2, HostId =
1d1d1fbb-3067-4703-8b51-e0a231d344e6,
vmId=9de649ca-c9a9-4ba7-bb2c-61c44e2819af), log id: 6c3c9923
2015-04-06 08:33:17,669 ERROR

Re: [ovirt-users] Migration failed, No available host found

2015-04-06 Thread Jason Keltz

Hi Artyom,

The problems were caused by an issue with MTU on the hosts.  I have 
rectified the issue and can now migrate hosts.


Jason.

On 04/06/2015 10:57 AM, Jason Keltz wrote:

Hi Artyom,

Here are the vdsm logs from  virt1, virt2 (where the node is running), 
and virt3.

The logs from virt2 look suspicious, but still not sure the problem.

http://goo.gl/GjbWUP

Jason.

On 04/06/2015 09:42 AM, Artyom Lukianov wrote:
Engine try to migrate vm on some available host, but migration 
failed, so engine try another host. From some reason migration failed 
on all hosts:

(org.ovirt.thread.pool-8-thread-38) [71f97a52] Command
MigrateStatusVDSCommand(HostName = virt2, HostId =
1d1d1fbb-3067-4703-8b51-e0a231d344e6,
vmId=9de649ca-c9a9-4ba7-bb2c-61c44e2819af) execution failed. Exception:
VDSErrorException: VDSGenericException: VDSErrorException: Failed to
MigrateStatusVDS, error = Fatal error during migration, code = 12

For future investigation we need vdsm logs(/var/log/vdsm/vdsm.log) 
from source and also from destination hosts.

Thanks


- Original Message -
From: Jason Keltz j...@cse.yorku.ca
To: users users@ovirt.org
Sent: Monday, April 6, 2015 3:47:23 PM
Subject: [ovirt-users] Migration failed, No available host found

Hi.

I have 3 nodes in one cluster and 1 VM running on node2.  I'm trying to
move the VM to node 1 or node 3, and it fails with the error: Migration
failed, No available host found

I'm unable to decipher engine.log to determine the cause of the
problem.  Below is what seems to be the relevant lines from the log.
Any help would be appreciated.

Thank you!

Jason.

---

2015-04-06 08:31:56,554 INFO
[org.ovirt.engine.core.bll.MigrateVmCommand] (ajp--127.0.0.1-8702-5)
[3b191496] Lock Acquired to object EngineLock [exclusiveLocks= key:
9de649ca-c9a9-4ba7-bb2c-61c44e2819af value: VM
, sharedLocks= ]
2015-04-06 08:31:56,686 INFO
[org.ovirt.engine.core.bll.MigrateVmCommand]
(org.ovirt.thread.pool-8-thread-20) [3b191496] Running command:
MigrateVmCommand internal: false. Entities affected :  ID:
9de649ca-c9a9-4ba7-bb2c-61c44e2819af Type: VMAction group MIGRATE_VM
with role type USER,  ID: 9de649ca-c9a9-4ba7-bb2c-61c44e2819af Type:
VMAction group EDIT_VM_PROPERTIES with role type USER,  ID:
8d432949-e03c-4950-a91a-160727f7bdf2 Type: VdsGroupsAction group
CREATE_VM with role type USER
2015-04-06 08:31:56,703 INFO
[org.ovirt.engine.core.bll.scheduling.policyunits.HaReservationWeightPolicyUnit] 


(org.ovirt.thread.pool-8-thread-20) [3b191496] Started HA reservation
scoring method
2015-04-06 08:31:56,727 INFO
[org.ovirt.engine.core.vdsbroker.MigrateVDSCommand]
(org.ovirt.thread.pool-8-thread-20) [3b191496] START,
MigrateVDSCommand(HostName = virt2, HostId =
1d1d1fbb-3067-4703-8b51-e0a231d344e6,
vmId=9de649ca-c9a9-4ba7-bb2c-61c44e2819af, srcHost=192.168.0.35,
dstVdsId=3429b1fc-36d5-4078-831c-a5b4370a8bfc,
dstHost=192.168.0.36:54321, migrationMethod=ONLINE,
tunnelMigration=false, migrationDowntime=0), log id: 7555acbd
2015-04-06 08:31:56,728 INFO
[org.ovirt.engine.core.vdsbroker.vdsbroker.MigrateBrokerVDSCommand]
(org.ovirt.thread.pool-8-thread-20) [3b191496] START,
MigrateBrokerVDSCommand(HostName = virt2, HostId =
1d1d1fbb-3067-4703-8b51-e0a231d344e6,
vmId=9de649ca-c9a9-4ba7-bb2c-61c44e2819af, srcHost=192.168.0.35,
dstVdsId=3429b1fc-36d5-4078-831c-a5b4370a8bfc,
dstHost=192.168.0.36:54321, migrationMethod=ONLINE,
tunnelMigration=false, migrationDowntime=0), log id: 6d98fb94
2015-04-06 08:31:56,734 INFO
[org.ovirt.engine.core.vdsbroker.vdsbroker.MigrateBrokerVDSCommand]
(org.ovirt.thread.pool-8-thread-20) [3b191496] FINISH,
MigrateBrokerVDSCommand, log id: 6d98fb94
2015-04-06 08:31:56,769 INFO
[org.ovirt.engine.core.vdsbroker.MigrateVDSCommand]
(org.ovirt.thread.pool-8-thread-20) [3b191496] FINISH,
MigrateVDSCommand, return: MigratingFrom, log id: 7555acbd
2015-04-06 08:31:56,778 INFO
[org.ovirt.engine.core.dal.dbbroker.auditloghandling.AuditLogDirector]
(org.ovirt.thread.pool-8-thread-20) [3b191496] Correlation ID: 3b191496,
Job ID: 0f8c2d21-201e-454f-9876-dce9a1ca56fd, Call Stack: null, Custom
Event ID: -1, Message: Migration started (VM: nindigo, Source: virt2,
Destination: virt3, User: admin@internal).
2015-04-06 08:33:17,633 INFO
[org.ovirt.engine.core.vdsbroker.VdsUpdateRunTimeInfo]
(DefaultQuartzScheduler_Worker-35) [71f97a52] VM nindigo
9de649ca-c9a9-4ba7-bb2c-61c44e2819af moved from MigratingFrom -- Up
2015-04-06 08:33:17,633 INFO
[org.ovirt.engine.core.vdsbroker.VdsUpdateRunTimeInfo]
(DefaultQuartzScheduler_Worker-35) [71f97a52] Adding VM
9de649ca-c9a9-4ba7-bb2c-61c44e2819af to re-run list
2015-04-06 08:33:17,661 ERROR
[org.ovirt.engine.core.vdsbroker.VdsUpdateRunTimeInfo]
(DefaultQuartzScheduler_Worker-35) [71f97a52] Rerun vm
9de649ca-c9a9-4ba7-bb2c-61c44e2819af. Called from vds virt2
2015-04-06 08:33:17,666 INFO
[org.ovirt.engine.core.vdsbroker.vdsbroker.MigrateStatusVDSCommand]
(org.ovirt.thread.pool-8-thread-38) [71f97a52] START,
MigrateStatusVDSCommand(HostName = virt2, HostId

Re: [ovirt-users] virtual machine does not boot from its hard disk

2015-04-05 Thread Jason Keltz

On 05/04/2015 10:35 AM, Shmuel Melamud wrote:

Hi!


I have kickstarted my first CentOS 6 host under ovirt.  When it boots,
the VM tries to PXE boot again rather than going to the hard disk.

If I look under Boot Options in my VM, there's only:

* First Device: Hard Disk
* Second Device: [None]

If I  Enable boot menu then I can Hit F12 when the machine boots and
select the disk.

I suspect this is a bug, or am I missing something?

Seems I've managed to reproduce this bug. Does your scenario looks similar to 
this: https://bugzilla.redhat.com/show_bug.cgi?id=1209038 ?



Yup.  That would be the exact scenerio...

Jason.

___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users


Re: [ovirt-users] accessing SPICE console when host not on management network

2015-04-02 Thread Jason Keltz
You call all of that configuration for accessing consoles, easy? :) :)  
Engine should be able to set up the proxy automatically...   I haven't 
used squid, so I have to look in more detail at the configuration that 
you've provided.


I did find some other functionality which would have been much much 
(much!)  easier for me to use had it worked.  I was able to Edit each 
host, go to the Console tab, then click Override display address, 
and for display address enter the name of the node.  I did this for each 
of my 3 nodes.  In theory, this should solve the problem.  Now, when 
accessing the console via remote viewer, the file that is sent from the 
engine includes the external IP of the node, so everything should work, 
but it does not...

Here's what I see:

(remote-viewer:20327): remote-viewer-DEBUG: Couldn't load 
configuration: File is empty


(remote-viewer:20327): GSpice-WARNING **: Connection refused

(firefox:20235): Gtk-WARNING **: Unable to retrieve the file info for 
`file:///tmp/console.vv': Error stating file '/tmp/console.vv': No 
such file or directory


If I choose to save the file instead of opening it directly via remote 
viewer, it does contain the proper hostname.   I can't telnet to port 
5900 on the virt host though, which is odd.  I thought it might be 
because the hypervisor firewall restricted the access, so I temporarily 
cleared all the firewall rules on the one host.  That didn't work either.


If I could make this work, it would solve the problem for me.

Jason.


On 04/02/2015 01:59 PM, shimano wrote:
You can use Spice Proxy. The easiest way is to run proxy on Squid. I 
recommend connect via VPN.


Here is a part of my Squid's configuration to connect Spice consoles 
from VPN 10.25.0.0/16 http://10.25.0.0/16 and LAN 192.168.0.0/16 
http://192.168.0.0/16 to oVirt's hosts on 192.168.2.0/24 
http://192.168.2.0/24:


acl manager proto cache_object
acl localhost src 127.0.0.1/32 http://127.0.0.1/32 ::1
acl to_localhost dst 127.0.0.0/8 http://127.0.0.0/8 0.0.0.0/32 
http://0.0.0.0/32 ::1

acl localnet src 192.168.0.0/16 http://192.168.0.0/16
acl localnet src 10.25.0.0/16 http://10.25.0.0/16
acl Safe_ports port 80 # http
acl CONNECT method CONNECT
http_access allow localnet
http_access allow manager localhost
http_access deny manager
http_access deny !Safe_ports
acl spice_servers dst 192.168.2.0/24 http://192.168.2.0/24
http_access allow spice_servers
http_access allow localnet
http_access allow localhost
http_access allow all
http_port 3128
hierarchy_stoplist cgi-bin ?
cache_dir ufs /var/spool/squid 100 16 256
cache_mem 32 MB
coredump_dir /var/spool/squid
refresh_pattern ^ftp:   144020% 10080
refresh_pattern ^gopher:14400%  1440
refresh_pattern -i (/cgi-bin/|\?) 0 0%  0
refresh_pattern .   0   20% 4320
cache_effective_user squid
cache_effective_group squid

You have to configure Spice Proxy on oVirt Engine by `engine-config -s 
SpiceProxyDefault=someProxy`. Here is my solution:


root@host021:~ engine-config -a |grep SpiceProxyDefault
SpiceProxyDefault: http://10.25.2.21:3128/ version: general

You can use Proxy on your public IP if you don't like to use VPN, but 
remember to make sure that your machines are secured enough.


2015-04-02 18:06 GMT+02:00 Jason Keltz j...@cse.yorku.ca 
mailto:j...@cse.yorku.ca:


I'm trying to figure out the most reasonable method for me to
access the console on my ovirt installation.
Each node has ovirtmgmt, storage, and external network connectivity.
The standalone engine host has ovirtmgmt, and external network.
I connect to engine via the external network, right click on a VM
and try to access the console.  If I use the Remote Viewer
method, the connection fails.  This is because my client on the
external network doesn't have access to ovirtmgmt.
I can access the spice-html5 client, and that basically works,
though it's crashed more than once.  I suspect that Remote Viewer
will be more stable.
So my question is - what is the best way for me to connect to the
console from the external network?
Either, I have to start up my client on a machine that has an IP
on ovirtmgmt (eg. remote login to engine, and run firefox there?)
or I have to route external packets from my host to say, the
engine host, and run IP forwarding there? probably not too secure...
or I have to figure out a way to make ovirt use the external
network for display traffic... that would probably be best (?) but
I can't seem to figure out whether it's possible.
In particular since the external network is a VM network (it's
actually 2 x 1 G links bound via LACP), and not part of ovirt
infrastructure, it's not clear if I can use it for display and VM
external connectivity as well.

Any thoughts would be much appreciated.

Jason.

___
Users mailing list
Users

[ovirt-users] accessing SPICE console when host not on management network

2015-04-02 Thread Jason Keltz
I'm trying to figure out the most reasonable method for me to access the 
console on my ovirt installation.

Each node has ovirtmgmt, storage, and external network connectivity.
The standalone engine host has ovirtmgmt, and external network.
I connect to engine via the external network, right click on a VM and 
try to access the console.  If I use the Remote Viewer method, the 
connection fails.  This is because my client on the external network 
doesn't have access to ovirtmgmt.
I can access the spice-html5 client, and that basically works, though 
it's crashed more than once.  I suspect that Remote Viewer will be more 
stable.
So my question is - what is the best way for me to connect to the 
console from the external network?
Either, I have to start up my client on a machine that has an IP on 
ovirtmgmt (eg. remote login to engine, and run firefox there?)
or I have to route external packets from my host to say, the engine 
host, and run IP forwarding there? probably not too secure...
or I have to figure out a way to make ovirt use the external network for 
display traffic... that would probably be best (?) but I can't seem to 
figure out whether it's possible.
In particular since the external network is a VM network (it's actually 
2 x 1 G links bound via LACP), and not part of ovirt infrastructure, 
it's not clear if I can use it for display and VM external connectivity 
as well.


Any thoughts would be much appreciated.

Jason.

___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users


[ovirt-users] virtual machine does not boot from its hard disk

2015-04-02 Thread Jason Keltz
I have kickstarted my first CentOS 6 host under ovirt.  When it boots, 
the VM tries to PXE boot again rather than going to the hard disk.


If I look under Boot Options in my VM, there's only:

  * First Device: Hard Disk
  * Second Device: [None]

If I  Enable boot menu then I can Hit F12 when the machine boots and 
select the disk.


I suspect this is a bug, or am I missing something?

In addition, can you configure which of the network interface does PXE 
boot? or ovirt will always try all of them until it finds one that 
works?  It would seem natural to me to have another column under 
Network Interfaces labelled PXE where you decide which of the 
interfaces have PXE enabled.


Jason.


___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users


Re: [ovirt-users] virtual machine does not boot from its hard disk

2015-04-02 Thread Jason Keltz
This is not the problem because I can hit F12, choose the disk, and the 
machine boots fine.
I *had* set the machine to PXE boot before hard disk, but after undoing 
that, the configuration seems to have held.


Jason.

On 04/02/2015 02:05 PM, shimano wrote:
Make sure that KickStart installed correct boot sector (on correct 
partition). For example boot Hiren's CD on VM and check that Grub 
trying to boot correct /boot partition and your /boot partition is 
active (bootable).



2015-04-02 18:28 GMT+02:00 Jason Keltz j...@cse.yorku.ca 
mailto:j...@cse.yorku.ca:


I have kickstarted my first CentOS 6 host under ovirt.  When it
boots, the VM tries to PXE boot again rather than going to the
hard disk.

If I look under Boot Options in my VM, there's only:

  * First Device: Hard Disk
  * Second Device: [None]

If I  Enable boot menu then I can Hit F12 when the machine boots
and select the disk.

I suspect this is a bug, or am I missing something?

In addition, can you configure which of the network interface does
PXE boot? or ovirt will always try all of them until it finds one
that works?  It would seem natural to me to have another column
under Network Interfaces labelled PXE where you decide which
of the interfaces have PXE enabled.

Jason.


___
Users mailing list
Users@ovirt.org mailto:Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users




___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users


___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users


[ovirt-users] Add network interface to self hosted engine

2015-03-26 Thread Jason Keltz

Hi.
Is it possible to add a network interface from the node to self hosted 
engine after it is setup?


Jason.

Sent with AquaMail for Android
http://www.aqua-mail.com


___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users


[ovirt-users] Hosted Engine on oVirt Node Hypervisor

2015-03-22 Thread Jason Keltz
I'm setting up some new oVirt infrastructure, and wanted to give hosted 
engine a try.  I downloaded and installed the oVirt Node Hypervisor ISO 
(3.5-0.999.201502231653.el7.centos) on one of 3 nodes.  One of the 
options in the hypervisor menu is Hosted Engine.  This requires an 
Engine ISO/OVA URL for download.  The thing is - as far as I can tell, 
there is no download link for this ISO/OVA on the ovirt release web 
site.  I also can't find anything in the documentation that refers to it 
(or even this menu in the hypervisor). I did find this after some searching:


http://jenkins.ovirt.org/user/fabiand/my-views/view/Node/job/ovirt-appliance_engine-3.5_master_merged/oVirt-Engine-Appliance-CentOS-x86_64-7-20150319.424.ova

(Now replaced with a build from 0322).  I asked on the ovirt IRC channel 
and was told that this might work, but because of new functionality 
introduced recently that it also might not. If the feature is available 
in the node ISO, shouldn't there be an appropriate release of the hosted 
engine ISO/OVA that works hand in hand with the node that I've 
downloaded?   If it's not there because it isn't ready, isn't this 
functionality something that should be added to maybe a beta node 
release and tested before being released into the stable node hypervisor 
release?


I asked on the IRC channel whether it might be possible for me to 
kickstart my own engine from the node.  I ran into trouble with that as 
well.   On the installed node, I can only configure one network 
interface.  This is, of course, intended to enable ovirtmgmt for 
communication with engine which would take over and configure everything 
else for you.  Of course, when you don't yet have engine installed and 
need to get it, this leads to a chicken and egg problem.  To kickstart 
engine on node, I need an IP (from mgmt), an image (I guess it could 
come from the mgmt network), but then I also need access to the external 
network (on another NIC) to be able to install the appropriate ovirt yum 
repository, and download the engine!  If I installed my own node 
manually instead if using ISO, I guess I could configure the network, 
and make it work, but I'm trying to take advantage of the work that has 
already been put into node to make this all possible.


Anyway, I'm certainly interested in any feedback from users who have 
been able to make this work.  I guess I could kickstart one node as an 
engine, create the virtual image there, suck the ova down to the mgmt 
server, install node, then use node to re-suck down the hosted engine 
image, but it just seems like a lot of extra work.  Somehow I think it's 
intended to be a little more straightforward than that.


Jason.

___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users


Re: [Users] new oVirt installation recommendations

2013-10-08 Thread Jason Keltz

On 10/07/2013 02:35 PM, Itamar Heim wrote:

On 10/07/2013 06:13 PM, Jason Keltz wrote:

I've been experimenting with oVirt 3.2 on some old hardware, and am now
preparing to buy new hardware for using oVirt 3.3 in production.  I'm
interested in any feedback about what I plan to purchase.  I want to
keep the setup as simple as possible.  Our current environment consists
of mostly CentOS 6.4 systems.

The combined oVirt engine and file server will be a Dell  R720 with dual
Xeon E5-2660 and 64 GB of memory.   The server would have an LSI 9207-8i
HBA connected to the SAS backplane.The R720 enclosure has 16 x 2.5
disk slots.  I would get 2 x 500 GB NLSAS drives for mirrored md rood
(raid1), use 12 slots for RAID10 SAS 10K rpm drives (either 600 GB or
900 GB), and have an additional 2 spares.   Data storage would be
virtual machines, and some associated data.  The O/S would be CentOS 
6.4.


The nodes would be 3 x Dell R620, dual Xeon E5-2690, 128 GB memory, each
with just a single, small NL SAS root drive.  There would be no other
local storage.  All VMs would use the file server as the datastore.  The
nodes would run oVirt node.

In terms of networking, each machine would have 4 ports - 2 x 1 Gb
(bonded) giving machines access to public network (that we do not
control).  The 2 x 10 Gb copper would be connected to a locally
installed copper 10G switch that we fully control - 1 port used for
storage, and  1 for management/consoles/VM migration.

A few additional notes ...

I chose to stick with software raid MD on the file server, mostly for
cost, and simplicity.  I have a lot of experience good with MD, and
performance seems reasonable.

I would have gone SSD for the file server root disk, but the cost from
Dell for their SSD is prohibitive, and I want the whole system to be
included in the warranty.  NLSAS is the cheapest disk that will have
support for the duration of the warranty period (with Dell servers, SATA
drives are only warranted for 1  year).

The nodes with 1 NLSAS drive... I've thought about replacing that with
simply an SD card.  It's not clear if this the best solution, or how
much space I would need on that card.  At least when I configure via the
Dell web site, the biggest SD card it seems I can purchase with a server
is 2 GB which doesn't seem like very much! I guess people guy bigger
cards separately.   I know a disk will work, and give me more than
enough space and no hassle.

I've chosen to keep the setup simple by using NFS on the file server,
but I see a whole lot of people here experimenting with the new Gluster
capabilities in oVirt 3.3.  It's not clear if that's being used in
production, or how reliable that would be.  I really can't find
information on performance tests, etc with Gluster and oVirt, in
particular, with comparison of NFS and Gluster.   Would there be a


gluster is still not available for centos 6.4, and there are some 
issues with snapshots around it still for libgfapi.

for posixfs, its supported since 3.2.


Ok. I guess it's probably best that I stick with NFS for this time around.


performance advantage to using Gluster here? How would it work? by
adding disk to the nodes, and getting rid of the file server (or at
least turning the file server into a smaller engine only server)?  How
would this impact the nodes in terms of their ability to handle VMs?
(performance?)  I presently have no experience with Gluster whatsoever,
though I'm certainly never against learning something new, especially
should it benefit my project.  Unfortunately, as I'm positive everyone
can attest for is that it's just trouble finding the number of hours in
the day :)  There's one thing for sure - Gluster itself, while maybe not
TOO complicated is still more complicated than an NFS only setup.


I don't have details on this, and hope others have.
but you are correct its an entirely different deployment architecture 
between a central nfs server, and distributed storage on the nodes.


It would be helpful if the documentation for oVirt had more information 
on this.




As I've mentioned before, we don't use LDAP for authentication, so I'll
be restricted to one admin user at the moment unless I setup a separate
infrastructure for oVirt authentication. That will be fine for a little
while.  I understand that work may be underway for pluggable
authentication with oVirt.  I'm not sure if that ties into any of the
items on Itamar's list though. Itamar? :)  I was hoping to see that
pluggable authentication model sooner rather than later so that I could
write something to work with our custom auth system.


well, you could also launch an openldap/ipa/ad/etc. in a VM. of course 
if it has issues you'd need admin@internal to fix it.


I was thinking of doing this if I had to, but it's still a lot of 
headache for a few logins.

Is the pluggable authentication coming in a new version of oVirt?


In terms of power management - my existing machines are using a Raritan
KVM with Raritan power

Re: [Users] new oVirt installation recommendations

2013-10-08 Thread Jason Keltz

On 10/08/2013 10:43 AM, David Sloane wrote:

Regarding power management, if you get DRAC (Enterprise or Basic, not sure) you 
should be able to do out-of-band power management.

If you're going to spend the money for three R620's with 128 GB of RAM each and 
dual cpu's, you might be a little better off with a 2nd root HDD for redundancy.
I would have done that, but oVirt node doesn't support md raid1 at this 
time.  As far as I understand, there is no redundancy on the node root disk.


Jason.


___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users


Re: [Users] new oVirt installation recommendations

2013-10-08 Thread Jason Keltz

On 10/08/2013 02:38 PM, Itamar Heim wrote:

On 10/08/2013 05:53 PM, Jason Keltz wrote:

On 10/08/2013 10:43 AM, David Sloane wrote:

Regarding power management, if you get DRAC (Enterprise or Basic, not
sure) you should be able to do out-of-band power management.

If you're going to spend the money for three R620's with 128 GB of RAM
each and dual cpu's, you might be a little better off with a 2nd root
HDD for redundancy.

I would have done that, but oVirt node doesn't support md raid1 at this
time.  As far as I understand, there is no redundancy on the node root
disk.


for things not supported by node, but supported by a full blown OS 
(fedora/centos), you can always use that option (full blown OS rather 
than node)


Absolutely.. but installing a whole O/S just to get the ability to 
mirror the root disk is a bit overkill :)
I might use the hardware RAID option...  I do wish that the node 
supported md... md raid1 (or heck, even lvm raid1) works great...


Jason.

___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users


[Users] new oVirt installation recommendations

2013-10-07 Thread Jason Keltz
I've been experimenting with oVirt 3.2 on some old hardware, and am now 
preparing to buy new hardware for using oVirt 3.3 in production.  I'm 
interested in any feedback about what I plan to purchase.  I want to 
keep the setup as simple as possible.  Our current environment consists 
of mostly CentOS 6.4 systems.


The combined oVirt engine and file server will be a Dell  R720 with dual 
Xeon E5-2660 and 64 GB of memory.   The server would have an LSI 9207-8i 
HBA connected to the SAS backplane.The R720 enclosure has 16 x 2.5 
disk slots.  I would get 2 x 500 GB NLSAS drives for mirrored md rood 
(raid1), use 12 slots for RAID10 SAS 10K rpm drives (either 600 GB or 
900 GB), and have an additional 2 spares.   Data storage would be 
virtual machines, and some associated data.  The O/S would be CentOS 6.4.


The nodes would be 3 x Dell R620, dual Xeon E5-2690, 128 GB memory, each 
with just a single, small NL SAS root drive.  There would be no other 
local storage.  All VMs would use the file server as the datastore.  The 
nodes would run oVirt node.


In terms of networking, each machine would have 4 ports - 2 x 1 Gb 
(bonded) giving machines access to public network (that we do not 
control).  The 2 x 10 Gb copper would be connected to a locally 
installed copper 10G switch that we fully control - 1 port used for 
storage, and  1 for management/consoles/VM migration.


A few additional notes ...

I chose to stick with software raid MD on the file server, mostly for 
cost, and simplicity.  I have a lot of experience good with MD, and 
performance seems reasonable.


I would have gone SSD for the file server root disk, but the cost from 
Dell for their SSD is prohibitive, and I want the whole system to be 
included in the warranty.  NLSAS is the cheapest disk that will have 
support for the duration of the warranty period (with Dell servers, SATA 
drives are only warranted for 1  year).


The nodes with 1 NLSAS drive... I've thought about replacing that with 
simply an SD card.  It's not clear if this the best solution, or how 
much space I would need on that card.  At least when I configure via the 
Dell web site, the biggest SD card it seems I can purchase with a server 
is 2 GB which doesn't seem like very much! I guess people guy bigger 
cards separately.   I know a disk will work, and give me more than 
enough space and no hassle.


I've chosen to keep the setup simple by using NFS on the file server, 
but I see a whole lot of people here experimenting with the new Gluster 
capabilities in oVirt 3.3.  It's not clear if that's being used in 
production, or how reliable that would be.  I really can't find 
information on performance tests, etc with Gluster and oVirt, in 
particular, with comparison of NFS and Gluster.   Would there be a 
performance advantage to using Gluster here? How would it work? by 
adding disk to the nodes, and getting rid of the file server (or at 
least turning the file server into a smaller engine only server)?  How 
would this impact the nodes in terms of their ability to handle VMs? 
(performance?)  I presently have no experience with Gluster whatsoever, 
though I'm certainly never against learning something new, especially 
should it benefit my project.  Unfortunately, as I'm positive everyone 
can attest for is that it's just trouble finding the number of hours in 
the day :)  There's one thing for sure - Gluster itself, while maybe not 
TOO complicated is still more complicated than an NFS only setup.


As I've mentioned before, we don't use LDAP for authentication, so I'll 
be restricted to one admin user at the moment unless I setup a separate 
infrastructure for oVirt authentication. That will be fine for a little 
while.  I understand that work may be underway for pluggable 
authentication with oVirt.  I'm not sure if that ties into any of the 
items on Itamar's list though. Itamar? :)  I was hoping to see that 
pluggable authentication model sooner rather than later so that I could 
write something to work with our custom auth system.


In terms of power management - my existing machines are using a Raritan 
KVM with Raritan power management dongles and power bars. I haven't had 
an opportunity to see if oVirt can manage the devices, but I guess if 
oVirt can't do it, I can continue to manage power through the KVM interface.


Any feedback would be much appreciated.

Thanks for your time.

Jason Keltz

___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users


Re: [Users] Is the feature Local Authentication abandoned?

2013-08-26 Thread Jason Keltz

On 08/24/2013 04:44 AM, Alon Bar-Lev wrote:


- Original Message -

From: lofyer lof...@gmail.com
To: Alon Bar-Lev alo...@redhat.com
Cc: users@ovirt.org
Sent: Saturday, August 24, 2013 11:07:10 AM
Subject: Re: [Users] Is the feature Local Authentication abandoned?

On 2013/8/24 15:56, Alon Bar-Lev wrote:

- Original Message -

From: lofyer lof...@gmail.com
To: Alon Bar-Lev alo...@redhat.com
Cc: users@ovirt.org
Sent: Saturday, August 24, 2013 10:47:21 AM
Subject: Re: [Users] Is the feature Local Authentication abandoned?

On 2013/8/24 15:46, Alon Bar-Lev wrote:

- Original Message -

From: lofyer lof...@gmail.com
To: users@ovirt.org
Sent: Saturday, August 24, 2013 10:36:12 AM
Subject: [Users] Is the feature Local Authentication abandoned?

Is the feature Local Authentication abandoned in 3.3?
If not, what should I do to use it?

Question is unclear.

What do you call Local Authentication, after setup can't you login
using
admin user?

Sorry for that.
I mean, use users in /etc/passwd to login.


I never knew this is was an option.

Or you mean something new that was planned somewhere?

I am against of using native authentication for applications, as it enables
more privileges that users should have.

The proper way to do that is to use directory services, such as LDAP and
integrate the nss of system and application to use that directory.

Regards,
Alon

I saw this from**http://www.ovirt.org/Features/Local_Authentication%E2%80%8E
So I thought it would be available now..

It seems that I have to use ldap now.


In future you will be able to write plugin for authentication and authorization 
to do whatever you like.

This is still work in progress as far as I can see[1].

Alon

[1] 
http://gerrit.ovirt.org/#/q/status:open+project:ovirt-engine+branch:master+topic:ldap_independence,n,z
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users


While I think this is a great future addition, I really believe that the 
default oVirt installation should include some form of integrated basic 
authentication using the integrated DB!  I was really surprised to see 
this functionality missing.  With the integrated DB, I have no idea why 
the functionality isn't there.  I know - it's all about priorities.  
While LDAP is common, still - not everyone uses it!  If I was buying 
RHEV, the lack of the basic built in authentication would have been a 
show stopper for me.  Do I *really* need to use LDAP when I've got a 
total of about 4 people maintaining everything?  In fact, even if I 
*was* using LDAP, the virtualization infrastructure has enough of its 
own complexity that I'd rather separate it from LDAP - one less thing to 
go wrong.   If I was buying RHEV, the lack of basic authentication would 
have been a showstopper for me.


Jason.

___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users


Re: [Users] Setup Host Network dialog - actions availability [ux][BZ#984737]

2013-08-22 Thread Jason Keltz

On 08/22/2013 01:43 PM, Lior Vernia wrote:


On 22/08/13 20:04, Einav Cohen wrote:

Hi,

This is about attempting to address the difficulty of finding the edit-action in
the Setup Host Network dialog, as documented in Bug 984737 - usability: 
webadmin
difficulty in assigning client ip, no gateway possible in bugzilla.
We have a suggestion from Eldan (see attached 
HostSetupNetworks-HoverPopUp.png)
which was described in the BZ (comment #3) and seemed acceptable by the reporter
(comment #4), however IIUC - one of the main pain points described in the BZ was
the fact that the user could not find the option to Edit the connection 
properties
since he was looking in the wrong place, and needed to hover on the correct 
place,
in order to find that option.
So although the idea is somewhat helpful, my concern is that this solution is 
not
enough (comment #5).

Another proposal from Malini (comment #6) is to add an actions drop-down menu 
in
the form of a small gear icon-button - see attached 
HostSetupNetworks-DropDownMenu.png.
This proposal addresses my concern, however I have a question about another 
concern
with this solution:
would the actions-drop-down menu-items panel be revealed appear upon click or 
upon
hover?

if it will be upon hover, it might seem weird/be conflicted/be somewhat 
confusing
with the hover functionality that reveals the logical-network details pop-up.
The suggestion from Lior did include redesigning the tooltip frame to 
include an Edit command, which is certainly more intuitive than a 
pencil.   That being said, I do agree that the gear solution which has 
been proposed is *more* intuitive and honestly more in line with what I 
was expecting.  I didn't complain about Lior's response even though it 
didn't completely address my issue because it came from a designer, and 
I realized, looking at my desktop, that configurable elements often *do 
not* have hints that they are configurable.



If this proposal is accepted (see my comments below about both
proposals), one solution might be to get rid of the network details
tooltip. Most people probably don't use MTU, and the rest is just
explaining the network role icons; so maybe not that useful.


if it will be upon click, it means that in order to edit a logical network, two
clicks will be required in order to get to the edit dialog, as opposed to one 
click
in the current state and in Eldan's suggestion.
maybe having two clicks in order to get to the edit dialog is acceptable, 
however
there may be some solutions for that:

one possible solution would be to combine both attached suggestions, i.e. the 
actions
within the hover pop-up, as well as the actions drop-down menu, however it 
means that
there will be some redundancy of the actions availability.

That sounds bad to me regardless of the other alternatives.


another possible solution is to keep only the gear + down-arrow icon (or maybe 
only
the down-arrow icon), without the actual drop-down menu there, just in order to 
indicate
that there are some options available in that area, and have Eldan's pop-up 
appear when
hovering on that icon (or even on the entire logical-network area, as happens 
today with
the current details pop-up)

thoughts?

I like the gear icon because it's noticeable and easily recognizable.
However, keep in mind that bonds should also have the same icon to keep
a consistent design. Now imagine a configuration with several bonds on
the left-hand-side and quite a few networks on the right-hand-side; I'm
no designer, but it could get cluttered with all those gear icons.

It MIGHT be preferable to use the other design (tooltip with action bar)
and risk the odd person not easily finding it (no disrespect intended,
Jason). I have no idea, however, if it's gonna be just the odd person or
most people. I'd love to hear others' opinions.
Having not used bridging/multiple VLANS prior to my experimentation with 
ovirt, it's always been the network interface itself that I have 
configured with IP/subnet/etc (eg. 
/etc/sysconfig/network-scripts/ifcfg-eth0).  Most of my machines 
(hundreds) have single network interfaces, and I've never needed to use 
bonding/bridging/etc which kept my network configuration very simple.  
After experimenting with oVirt, and doing my share of reading, I 
certainly understand the concept of logical networks and their 
configuration with oVirt, and yes, it all makes a lot of sense NOW 
(well, except for the fact that really when it comes down to it, the 
Linux configuration for anything but basic networking is, in my opinion, 
anything but intuitive.)  Nonetheless, please keep in mind that a 
concept which might be completely crystal clear to someone who uses it 
on a daily basis might be a little less intuitive to someone who is 
using it for the first time.  Fortunately, I've got *plenty* of patience. :)


Regards,
Einav



Thanks for your help!

Jason.

___
Users mailing list
Users@ovirt.org

[Users] VLANs and oVirt 3.1

2013-07-24 Thread Jason Keltz

I'm experimenting with VLANs in my oVirt test setup with 3.1.

My ovirtmgmt, and storage network are each on a basic switch with no VLANs.
On the other hand, my public network has several VLANs available to me.  
The network operations team created a trunk for me with 2 x 1 GbT ports, 
aggregated with LACP, and passed it on with all VLANs.
In oVirt, if I bind the two network interfaces, and, and assign one IP 
to the bind (mode 4) without specifying a VLAN, everything works fine 
(untagged VLANS are assigned ID 494 which is what I want).
On the other hand, if I specify VLAN 494 in the logical network setup 
(or any of the other VLANs), it fails.  I don't see any traffic.

Network operations says that all VLANs are passed on the trunk.

How can I debug?

Jason.


___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users


[Users] VLANs and oVirt 3.1

2013-07-23 Thread Jason Keltz
In my test setup for oVirt 3.1, I have 3 switches -- two basic ones with 
no VLAN support for mgmt, and storage, and a building switch with VLAN 
support.  The network operations team has configured a trunk with 2 dual 
1 Gb links on the building switch.  If I configure the two network 
interfaces in oVirt  with binding mode 4, and assign a logical network 
to the link without specifying a VLAN, it works fine.  I'm told the 
default untagged VLAN is 494 (which is what I want).  On the other hand, 
if I simply hard-code VLAN 494 in the logical network setup, it doesn't 
work - I get no network traffic. I'm told that the switch is setup 
correctly, and the problem is on my side.  How can I debug?


Thanks,

Jason.

___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users


Re: [Users] VLANs and oVirt 3.1

2013-07-23 Thread Jason Keltz

On Tue, 23 Jul 2013, Martin Goldstone wrote:




On 23 Jul 2013 21:34, Jason Keltz j...@cse.yorku.ca wrote:

 In my test setup for oVirt 3.1, I have 3 switches -- two basic ones with
no VLAN support for mgmt, and storage, and a building switch with VLAN
support.  The network operations team has configured a trunk with 2 dual 1
Gb links on the building switch.  If I configure the two network interfaces
in oVirt  with binding mode 4, and assign a logical network to the link
without specifying a VLAN, it works fine.  I'm told the default untagged
VLAN is 494 (which is what I want).  On the other hand, if I simply
hard-code VLAN 494 in the logical network setup, it doesn't work - I get no
network traffic. I'm told that the switch is setup correctly, and the
problem is on my side.  How can I debug?

 Thanks,

 Jason.


That sounds normal to me. Traffic coming in on the native untagged VLAN
wouldn't appear on the VLAN interface. I have a similar set up, and I've
assigned an unused VLAN as the native VLAN on the trunk, added the VLANs I
care about to the allowed VLANs list, and created the appropriate tagged
logical networks.


Thanks, Martin. I thought that the native VLAN would come through on the 
VLAN interface as well.  While this would explain why I couldn't get at 
VLAN 494, it wouldn't explain why I couldn't get at another of the VLANS 
on the same link -- still no traffic.  I do a tcpdump and see nothing (but 
the LACP stats show the link is up).


Jason.___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users


[Users] missing node iso

2013-07-22 Thread Jason Keltz

Should http://resources.ovirt.org/releases/stable/iso/ be empty!?

Jason.

___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users


[Users] ovirt LACP/port aggregation fails to initialize on node boot

2013-07-18 Thread Jason Keltz
I'm experimenting with LACP/port aggregation on my public network 
interface in my oVirt test setup. My goal is to bind two 1G ports 
together.  Our network operations team configured two 1G switch ports 
appropriately, and I set up the bond between eth0 and eth1 on the node 
using the engine.  I can't configure the IP of the interface statically 
because then I don't get the option to set a gateway, which I need for 
our public network.  Using DHCP worked before enabling LACP (which 
acquires the gateway from the DHCP record).  After enabling LACP, when 
the node boots, it doesn't get an address. The node gets hostname 
localhost.  I have to login to the admin, hit F2, ifdown PublicNet 
ifup PublicNet, but then it works!  There's obviously some minor delay 
issue during node initialization, but there should be some way to tell 
it to wait a bit longer?


Jason.

--
Jason Keltz
Manager of Development
Department of Electrical Engineering and Computer Science
York University, Toronto, Canada
Tel: 416-736-2100 x. 33570
Fax: 416-736-5872

___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users


Re: [Users] NIC problem with ovirt node

2013-07-13 Thread Jason Keltz

Quoting Itamar Heim ih...@redhat.com:


On 07/12/2013 11:27 PM, Jason Keltz wrote:

On 12/07/2013 1:27 PM, Mike Burns wrote:

On 07/12/2013 01:22 PM, Jason Keltz wrote:


:)   but when I'm in the engine, I can click on the node, and see that
it's up.  I can click on network interfaces, and see that one is
up, and
the other are down.  I can create networks on the engine, and I can
assign the nodes interfaces to those networks, but for the life of
me, I
can't figure out where I assign an IP to the nodes interfaces!!
Surely,
the place to do that would be under the Host tab, yet it doesn't
seem
to be there...


Host Tab - Network Interfaces - click on Setup Host Networks

On the popup, hover over the logical network (not the nic) and a
little pencil or pen (or some other graphic) that is used for
editing.  Click on that and you'll get another popup where you can
choose static/dhcp and set gateway, ip and netmask.


Thank you *so* much!  I did not see the little pencil!!!


please open a bug to improve the usability if you couldn't see it...



I will do this.



Happy to help (and yes it was hard to see...)


Actually, Mike -- two of my networks were private and didn't need a
gateway... but two are public, and need a gateway!  Unfortunately, the
interface seems to be missing that option!?  It lets you configure an
IP, and a subnet mask, but where's the option for specifying a gateway
if you're specifying static addresses... (my guess is that it picks up
the gateway if you're using DHCP).


multiple gateways?
something like this?
http://www.ovirt.org/Features/Multiple_Gateways


Yes.  Sort of -- simpler actually.
I have 4 network interfaces in each node.
My management network consists of a 1 Gbit switch connected to all  
the servers in our machine room.  Here, I don't need to specify a  
gateway since servers on this network talk to only each other.   
Actually, I'm surprised I can't rename ovirtmgmt to something else to  
generalize it as just a management network, but it's not a big deal,  
I guess.
My Storage network consists of a 1 Gbit switch now - 10 Gbit soon.   
Again, I don't need to specify a gateway here.
Finally, the last 2 NICs are connected to the external network - a  
building switch that another Department controls.  Here, I definately  
need to specify a gateway, but of course with the current setup, I  
can't.  I will either have to hard code the gateway for these  
connections, or use DHCP.
Since there is only one gateway for the external connectivity, all  
on the same VLAN, I don't think I need the more complicated iproute2  
setup here.  I prefer to stay away from that if I can...


I'm surprised this isn't a more common configuration.

Jason.
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users


Re: [Users] Unable to view console via SPICE method on EL6.

2013-07-13 Thread Jason Keltz

Quoting Jason Keltz j...@cse.yorku.ca:


Quoting Itamar Heim ih...@redhat.com:


On 07/13/2013 06:52 AM, Jason Keltz wrote:

I'm running with theEL6 release of ovirt-engine:

ovirt-engine.noarch 3.2.2-1.1.el6  @ovirt-stable

After creating a virtual machine, I cannot view the console if protocol
is set to SPICE.  If the protocol is set to VNC, I can view the
console, but it's not very convenient since I have to load a separate
VNC viewer, and enter the IP and port of the engine, and a randomly
generated password each time. How does one make console work via SPICE?
Is this a known issue because RHEL6 wouldn't have all the updated
libraries of later a later Fedora release?


which client are you using?


Actually, I realize the problem now... my client was a Windows client.
The server is EL6, the VM is EL6.  I'll try with a Linux client later.
I'm sure it will work.  It's not clear whether SPICE will also require
entering a randomly generated password.  The problem is the randomly
generated password.  There's probably a way to fix that as well... I
just need to look more.  oVirt is terrific, but finding all the
information from a variety of sources and putting it all together can
be tricky .. but I like a challenge! :)


Actually, I had another thought after clicking send You know, I  
sit writing this email on a Chromium device where SPICE won't work,  
and neither will VNC (at least to my knowledge).  Even if I had access  
to VNC here, I still couldn't see the console because I'm not  
connected to the management network (without some fancy SSH  
tunneling).  It would sure be nice if there was a truly multiplatform  
way of handling the oVirt consoles, and having the viewer integrated  
so that as long as I can login to the engine, I can view, no matter  
where I am.  Dreaming? :) I don't think so - I just woke up! :)


Jason.
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users


[Users] NIC problem with ovirt node

2013-07-12 Thread Jason Keltz

I've just installed my first ovirt node using the 2.6.1 image.
I have 5 network interfaces in the machine .. ovirt sees them as:

em1, em2, em3, em4, and rename6!

That last one seems a little odd, but that's a different issue, I 
guess.  From dmesg..



[4.650156] systemd-udevd[213]: renamed network interface eth2 to em4
[4.656189] systemd-udevd[212]: renamed network interface eth0 to em3
[4.662193] systemd-udevd[209]: renamed network interface eth1 to em2
[4.670385] systemd-udevd[214]: Tried to rename network interface 
eth3, but the target name em2 already exists! The names that udev 
rules assign to network interfaces must be changed. Avoid names that 
collide with kernel created ones. A workaround will be attempted now, 
but this WILL BREAK in a future release! See 
https://bugs.freedesktop.org/show_bug.cgi?id=56929#c3
[4.675179] systemd-udevd[214]: renamed network interface eth3 to 
rename6


What IS a big deal is that every time I configure one network interface, 
the others go back to unconfigured.  I'm told this is because I should 
only configure one on the ovirt-node, and then use the engine to 
configure the rest.  Okay -- does it say that somewhere that I missed? 
:)   but when I'm in the engine, I can click on the node, and see that 
it's up.  I can click on network interfaces, and see that one is up, and 
the other are down.  I can create networks on the engine, and I can 
assign the nodes interfaces to those networks, but for the life of me, I 
can't figure out where I assign an IP to the nodes interfaces!!   
Surely, the place to do that would be under the Host tab, yet it 
doesn't seem to be there...


Any help would be much appreciated.

Jason.
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users


Re: [Users] NIC problem with ovirt node

2013-07-12 Thread Jason Keltz

On 12/07/2013 1:27 PM, Mike Burns wrote:

On 07/12/2013 01:22 PM, Jason Keltz wrote:


:)   but when I'm in the engine, I can click on the node, and see that
it's up.  I can click on network interfaces, and see that one is 
up, and

the other are down.  I can create networks on the engine, and I can
assign the nodes interfaces to those networks, but for the life of 
me, I
can't figure out where I assign an IP to the nodes interfaces!! 
Surely,
the place to do that would be under the Host tab, yet it doesn't 
seem

to be there...


Host Tab - Network Interfaces - click on Setup Host Networks

On the popup, hover over the logical network (not the nic) and a
little pencil or pen (or some other graphic) that is used for
editing.  Click on that and you'll get another popup where you can
choose static/dhcp and set gateway, ip and netmask.


Thank you *so* much!  I did not see the little pencil!!!


Happy to help (and yes it was hard to see...)

Actually, Mike -- two of my networks were private and didn't need a 
gateway... but two are public, and need a gateway!  Unfortunately, the 
interface seems to be missing that option!?  It lets you configure an 
IP, and a subnet mask, but where's the option for specifying a gateway 
if you're specifying static addresses... (my guess is that it picks up 
the gateway if you're using DHCP).


Jason.
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users


[Users] adding biosdevname=0 to kernel grub line on ovirt-node persistent

2013-07-12 Thread Jason Keltz

Hi.

I'm wondering if it's possible to modify the kernel line (in my case, 
appending biosdevname=0) on an installed ovirt-node?  Adding it during 
boot works - I'd just like to know how to make the change persistent.


Thanks,

Jason.
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users


[Users] Unable to view console via SPICE method on EL6.

2013-07-12 Thread Jason Keltz

I'm running with theEL6 release of ovirt-engine:

ovirt-engine.noarch 3.2.2-1.1.el6  @ovirt-stable

After creating a virtual machine, I cannot view the console if protocol 
is set to SPICE.  If the protocol is set to VNC, I can view the 
console, but it's not very convenient since I have to load a separate 
VNC viewer, and enter the IP and port of the engine, and a randomly 
generated password each time. How does one make console work via SPICE?  
Is this a known issue because RHEL6 wouldn't have all the updated 
libraries of later a later Fedora release?


Jason.

___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users


[Users] RAID1 mirror on ovirt-node + engine nfs server

2013-07-06 Thread Jason Keltz

Hi.

I've been reading about ovirt, and ready to try my own experiments with 
it.  I have two small questions..


When an ovirt-node is installed from the standard ISO, there's no 
mention in the documentation about setting up a RAID1 mirror for the 
root disk on the node.  I'm sure that once I get around to working out 
kickstarting the node, I could easily install the raid1 mirror, but I'm 
just wondering why I don't see that in the default ISO. Maybe I'm just 
missing something.  Is redundancy of the disk on the node not 
important?  Sure, if the node goes down, I guess the VMs could be run on 
other nodes, but if we can prevent the node from going down in the first 
place, then why not?


I also have a question about the storage backend.  In particular, I have 
a pretty powerful server that I intend to use as the NFS server, and a 
few servers to use as nodes.  On the other hand, I don't have a powerful 
machine (at the moment) to use for the ovirt-engine.  Would it be poor 
practice to run the ovirt-engine ON the NFS server?  During engine 
setup, I see that you can setup an NFS share for ISOs from the 
ovirt-engine, but I don't think there's mention of just generalized 
storage there.  I suspect it's poor practice, but I thought I'd ask 
anyway.   My setup will be relatively small (say, 4 nodes), and this 
would let me reduce 1 general server from the infrastructure (dedicated 
ovirt-engine).


Thanks! :)

Jason.

ps: At the moment, I am not subscribed to users - please cc: me on 
responses.

___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users