Re: [ovirt-users] Network configuration validation error

[Jiri Belka]

> This option relevant only for the upgrade from 3.6 to 4.0(engine had
> different OS major versions), it all other cases the upgrade flow very
> similar to upgrade flow of standard engine environment.
> 
> 
> 1. Put hosted-engine environment to GlobalMaintenance(you can do it via
> UI)
> 2. Update engine packages(# yum update -y)
> 3. Run engine-setup
> 4. Disable GlobalMaintenance
>
> Could someone explain me at least what "Cluster PROD is at version 4.2 which
> is not supported by this upgrade flow. Please fix it before upgrading."
> means ? As far as I know 4.2 is the most recent branch available, isn't it ?

I have no idea where did you get

"Cluster PROD is at version 4.2 which is not supported by this upgrade flow. 
Please fix it before upgrading."

Please do not cut output and provide exact one.

IIUC you should do 'yum update ovirt\*setup\*' and then 'engine-setup'
and only after it would finish successfully you would do 'yum -y update'.
Maybe that's your problem?

Jiri
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] After upgrading to 4.1.4 unable to start VM or migrate them

[Jiri Belka]

> Ok I found the ERROR:
> After upgrade the schedule policy was "none", I dont know why it was moved to
> none but to fix the problem I did following:
> Edit Cluster->Scheduling Policy-> Select Policy: vm_evently_distributed
> Now I can run/migrate the VMs.
> 
> I think there should be a some bug in the upgrade process.

Well, if you would like to help us to find the cause then we need to know more 
details.

- what was your original version?
- what was your original scheduling policy on the cluster
- could you provide
  * /var/log/ovirt-engine/setup/ovirt-engine-setup-20170801112218-piffzl.log
  * /var/log/ovirt-engine/engine.log

You have backup of your original engine DB in /var/lib/ovirt-engine/backups/,
thus you can import this DB via psql into a temporary DB and inspect the DB
for original settings.

Ideally you can submit a BZ at 
https://bugzilla.redhat.com/enter_bug.cgi?classification=oVirt

j.

> Sorry, I forgot to mention the error.
> This error throws every time when I try to start the VM:
> 
> 2017-07-31 16:51:07,297+02 ERROR [org.ovirt.engine.core.bll.RunVmCommand]
> (default task-239) [7848103c-98dc-45d1-b99a-4713e3b8e956] Error during
> ValidateFailure.: java.lang.NullPointerException
> at
> org.ovirt.engine.core.bll.scheduling.SchedulingManager.canSchedule(SchedulingManager.java:526)
> [bll.jar:]
> at
> org.ovirt.engine.core.bll.validator.RunVmValidator.canRunVm(RunVmValidator.java:157)
> [bll.jar:]
> at org.ovirt.engine.core.bll.RunVmCommand.validate(RunVmCommand.java:967)
> [bll.jar:]
> at
> org.ovirt.engine.core.bll.CommandBase.internalValidate(CommandBase.java:836)
> [bll.jar:]
> at org.ovirt.engine.core.bll.CommandBase.validateOnly(CommandBase.java:365)
> [bll.jar:]
> at
> org.ovirt.engine.core.bll.PrevalidatingMultipleActionsRunner.canRunActions(PrevalidatingMultipleActionsRunner.java:113)
> [bll.jar:]
> at
> org.ovirt.engine.core.bll.PrevalidatingMultipleActionsRunner.invokeCommands(PrevalidatingMultipleActionsRunner.java:99)
> [bll.jar:]
> at
> org.ovirt.engine.core.bll.PrevalidatingMultipleActionsRunner.execute(PrevalidatingMultipleActionsRunner.java:76)
> [bll.jar:]
> at org.ovirt.engine.core.bll.Backend.runMultipleActionsImpl(Backend.java:640)
> [bll.jar:]
> at org.ovirt.engine.core.bll.Backend.runMultipleActions(Backend.java:610)
> [bll.jar:]
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> [rt.jar:1.8.0_141]
> at
> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
> [rt.jar:1.8.0_141]
> at
> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
> [rt.jar:1.8.0_141]
> at java.lang.reflect.Method.invoke(Method.java:498) [rt.jar:1.8.0_141]
> at
> org.jboss.as.ee.component.ManagedReferenceMethodInterceptor.processInvocation(ManagedReferenceMethodInterceptor.java:52)
> at
> org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:340)
> at
> org.jboss.invocation.InterceptorContext$Invocation.proceed(InterceptorContext.java:437)
> at
> org.jboss.as.weld.ejb.Jsr299BindingsInterceptor.delegateInterception(Jsr299BindingsInterceptor.java:70)
> [wildfly-weld-10.1.0.Final.jar:10.1.0.Final]
> at
> org.jboss.as.weld.ejb.Jsr299BindingsInterceptor.doMethodInterception(Jsr299BindingsInterceptor.java:80)
> [wildfly-weld-10.1.0.Final.jar:10.1.0.Final]
> at
> org.jboss.as.weld.ejb.Jsr299BindingsInterceptor.processInvocation(Jsr299BindingsInterceptor.java:93)
> [wildfly-weld-10.1.0.Final.jar:10.1.0.Final]
> at
> org.jboss.as.ee.component.interceptors.UserInterceptorFactory$1.processInvocation(UserInterceptorFactory.java:63)
> at
> org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:340)
> at
> org.jboss.invocation.InterceptorContext$Invocation.proceed(InterceptorContext.java:437)
> at
> org.ovirt.engine.core.bll.interceptors.CorrelationIdTrackerInterceptor.aroundInvoke(CorrelationIdTrackerInterceptor.java:13)
> [bll.jar:]
> at sun.reflect.GeneratedMethodAccessor95.invoke(Unknown Source) [:1.8.0_141]
> at
> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
> [rt.jar:1.8.0_141]
> at java.lang.reflect.Method.invoke(Method.java:498) [rt.jar:1.8.0_141]
> at
> org.jboss.as.ee.component.ManagedReferenceLifecycleMethodInterceptor.processInvocation(ManagedReferenceLifecycleMethodInterceptor.java:89)
> at
> org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:340)
> at org.jboss.as.ejb3.component.in
> vocationmetrics.ExecutionTimeInterceptor.processInvocation(ExecutionTimeInterceptor.java:43)
> [wildfly-ejb3-10.1.0.Final.jar:10.1.0.Final]
> at
> org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:340)
> at
> org.jboss.invocation.InterceptorContext$Invocation.proceed(InterceptorContext.java:437)
> at
> org.jboss.weld.ejb.AbstractEJBRequestScopeActivationInterceptor.aroundInvoke(AbstractEJBRequestScopeActivationInterceptor.java:73)
> [weld-core-impl-2.3.5.Final.jar:2.3.5.Final]
> at
> 

Re: [ovirt-users] Guest Agent Running unconfined on Centos 7

[Jiri Belka]

- Original Message -
> From: "Alan Griffiths" 
> To: "Ovirt Users" 
> Sent: Friday, February 10, 2017 4:25:28 PM
> Subject: [ovirt-users] Guest Agent Running unconfined on Centos 7
> 
> Hi,
> 
> I'm running ovirt-guest-agent from Centos 7 EPEL and I notice that it's
> running unconfined rather than within its own domain.
> 
> I see there is a rhev_agentd_exec_t type, which I attempted to assign to
> ovirt-guest-agent.py but it still starts up as unconfined. Is there a
> supported process for getting ovirt-guest into its own domain? Or a reason
> why it's not possible?
> 
> Thanks,
> 
> Alan

Hm, it seems many ovirt services run unconfined. For ovirt GA, it seems
there's missing glue between systemd -> python -> GA script.

Vinzenz, any idea?

j.
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] vm display effect

[Jiri Belka]

Do you have SPICE console and SPICE agents installed?

- Original Message -
From: "qinglong dong" 
To: "users" 
Sent: Thursday, February 16, 2017 4:18:22 AM
Subject: [ovirt-users] vm display effect

Hi, all 
I have used windows vm created by ovirt for a long time. I found that the vm 
display effect was not very good in some cases. For example, The codes came out 
word by word when using some c ode browsing tools. And sometimes online video 
playing was not very fluent. 
Anyone coiuld give some advices to improve this? Thanks! 

___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] Ovirt console ticket time threshold and password

[Jiri Belka]

I doubt you can have it "static" and open consoles from Admin/User Portals.
You can submit a feature request but IMO this feature goes against all AAA
implemented in oVirt.

Anyway, what about a libvirt/vdsm hook for following?

~~~
virsh # qemu-monitor-command 10 --hmp 'set_password spice foobar keep'
virsh # qemu-monitor-command 10 --hmp 'expire_password spice never'
virsh # qemu-monitor-command 10 --hmp 'info spice'
Server:
 address: 0:5908
migrated: false
auth: spice
compiled: 0.12.4
  mouse-mode: server
Channels: none
~~~

$ remote-viewer spice://${host}?port=5908

j.
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] Ovirt console ticket time threshold and password

[Jiri Belka]

Without console password everybody could vnc/spice to a console port on your 
host.
I suppose you don't want this in multi-user environment.

j.

- Original Message -
From: "rightkicktech.gmail.com" 
To: "Ovirt Users Mailing List" 
Sent: Saturday, January 28, 2017 11:23:53 AM
Subject: [ovirt-users] Ovirt console ticket time threshold and password

Hi all, 

Is there any standard recommended way to alter the default value of 120 secs 
set on spice console? 
Also, can the password be disabled if needed? There are several hacks floating 
arround, but none seems clean. 

Thanx, 
Alex 


-- 
Sent from my Android device with K-9 Mail. Please excuse my brevity. 

___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] oVirt 4 with custom SSL-certificate and SPICE HTML5 browser client -> WebSocket error: Can't connect to websocket on URL: wss://ovirt.engine.fqdn:6100/

[Jiri Belka]

IMO you "owe" explanation what was wrong, so other users
could learn from your mistakes and this mailing-list archive
would thus be beneficial for them when searching for help ;)

Anyway, that's great news!

j.

- Original Message -
From: "aleksey maksimov" <aleksey.maksi...@it-kb.ru>
To: "Jiri Belka" <jbe...@redhat.com>
Cc: "users" <users@ovirt.org>
Sent: Tuesday, August 16, 2016 2:59:21 PM
Subject: Re: [ovirt-users] oVirt 4 with custom SSL-certificate and SPICE HTML5 
browser client -> WebSocket error: Can't connect to websocket on URL: 
wss://ovirt.engine.fqdn:6100/

Thank you, Jiri ! 
I did everything step by step and SPICE HTML5 browser client now works.

16.08.2016, 10:46, "Jiri Belka" <jbe...@redhat.com>:
> So,
>
> I used this for my own ca test:
>
> OWN CA AND OWN ENGINE KEY/CRT
> =
>
> 0> CA
>
> # awk '/my-/ || $1 ~ /^[^#]*_default/' /etc/pki/tls/openssl.cnf
> certificate = $dir/my-ca.crt # The CA certificate
> crl = $dir/my-ca.crl # The current CRL
> private_key = $dir/private/my-ca.key # The private key
> countryName_default = CZ
> stateOrProvinceName_default = Jihomoravsky kraj
> localityName_default = Brno
> 0.organizationName_default = Shoot them in the head, s. r. o.
>
> touch /etc/pki/CA/index.txt
> echo 01 > /etc/pki/CA/serial
> cd /etc/pki/CA
> (umask 077 ; openssl genrsa -out private/my-ca.key -des3 2048 )
> openssl req -new -x509 -key private/my-ca.key -days 365 > my-ca.crt
>
> 0> engine cert
>
> openssl genrsa -out my-engine.key 4096
> openssl req -new -out my-engine.csr -key my-engine.key
> openssl ca -in my-engine.csr -out my-engine.crt
> # use 'mypass' for p12 bundle export !!!
> openssl pkcs12 -export -out my-engine.p12 -inkey my-engine.key -in 
> my-engine.crt -chain -CAfile /etc/pki/CA/my-ca.crt
>
> 0> existing engine keys/certs/p12 replacement
>
> (follow 
> $engine_url/ovirt-engine/docs/manual/en_US/html/Administration_Guide/appe-Red_Hat_Enterprise_Virtualization_and_SSL.html)
>
> rm -f /etc/pki/ovirt-engine/apache-ca.pem
> cp my-engine.crt /etc/pki/ovirt-engine/apache-ca.pem
> cp my-engine.p12 /etc/pki/ovirt-engine/keys/apache.p12
> openssl pkcs12 -in /etc/pki/ovirt-engine/keys/apache.p12 -nocerts -nodes > 
> /etc/pki/ovirt-engine/keys/apache.key.nopass
> openssl pkcs12 -in /etc/pki/ovirt-engine/keys/apache.p12 -nokeys > 
> /etc/pki/ovirt-engine/certs/apache.cer
> install -o ovirt -g ovirt -m 600 /dev/null 
> /etc/ovirt-engine/engine.conf.d/99-custom-truststore.conf
> # 'changeit' is default java truststore pass on EL
> cat > /etc/ovirt-engine/engine.conf.d/99-custom-truststore.conf << EOF
> ENGINE_HTTPS_PKI_TRUST_STORE="/etc/pki/java/cacerts"
> ENGINE_HTTPS_PKI_TRUST_STORE_PASSWORD="changeit"
> EOF
>
> 0> add custom CA into system truststore after backup
>
> cp /etc/pki/CA/my-ca.crt /etc/pki/ca-trust/source/anchors/CA.crt
> update-ca-trust
>
> 0> check if system truststore knows about custom CA
>
> openssl x509 -in /etc/pki/ca-trust/source/anchors/CA.crt -fingerprint -sha1 
> -noout
> # 'changeit' is default java truststore pass on EL
> keytool -list -keystore /etc/pki/java/cacerts -storepass changeit | grep "$( 
> openssl x509 -in /etc/pki/ca-trust/source/anchors/CA.crt -fingerprint -sha1 
> -noout | sed -e '/SHA1/s/.*=//;' )"
> grep -IR "$(sed -n '2p' /etc/pki/ca-trust/source/anchors/CA.crt)" 
> /etc/pki/ca-trust/extracted/
>
> 0> engine-setup pki configuration check
>
> engine-setup # see if 'PKI CONFIGURATION' section passed without errors
>
> (doctext here https://bugzilla.redhat.com/show_bug.cgi?id=1336838)
>
> And this for websocket proxy:
>
> # cat /etc/ovirt-engine/ovirt-websocket-proxy.conf.d/10-setup.conf
> PROXY_PORT=6100
> SSL_CERTIFICATE=/etc/pki/ovirt-engine/apache-ca.pem
> SSL_KEY=/etc/pki/ovirt-engine/keys/apache.key.nopass
> CERT_FOR_DATA_VERIFICATION=/etc/pki/ovirt-engine/certs/engine.cer
> SSL_ONLY=True
>
> You can start manually websocket proxy:
>
> /usr/share/ovirt-engine/services/ovirt-websocket-proxy/ovirt-websocket-proxy.py
>  --help
> Usage: ovirt-websocket-proxy.py [options] start
>
> Options:
>   -h, --help show this help message and exit
>   -d, --debug debug mode
>   --pidfile=FILE pid file to use
>   --background Go into the background
>   --systemd=SYSTEMD Systemd type simple|notify
>   --redirect-output Redirect output of daemon
>
> It is also handy to do:
>
> openssl s_client -connect $websocketproxy_host:6100
>
> j.
>
> - Original Message -
> From: "aleksey maksimov" <aleksey.maksi...@it-kb.ru>
> To: &quo

Re: [ovirt-users] oVirt 4 with custom SSL-certificate and SPICE HTML5 browser client -> WebSocket error: Can't connect to websocket on URL: wss://ovirt.engine.fqdn:6100/

[Jiri Belka]

So,

I used this for my own ca test:

OWN CA AND OWN ENGINE KEY/CRT
=


0> CA

# awk '/my-/ || $1 ~ /^[^#]*_default/' /etc/pki/tls/openssl.cnf
certificate = $dir/my-ca.crt# The CA certificate
crl = $dir/my-ca.crl# The current CRL
private_key = $dir/private/my-ca.key # The private key
countryName_default = CZ
stateOrProvinceName_default = Jihomoravsky kraj
localityName_default= Brno
0.organizationName_default  = Shoot them in the head, s. r. o.

touch /etc/pki/CA/index.txt
echo 01 > /etc/pki/CA/serial
cd /etc/pki/CA
(umask 077 ; openssl genrsa -out private/my-ca.key -des3 2048 )
openssl req -new -x509 -key private/my-ca.key -days 365 > my-ca.crt


0> engine cert

openssl genrsa -out my-engine.key 4096
openssl req -new -out my-engine.csr -key my-engine.key
openssl ca -in my-engine.csr -out my-engine.crt
# use 'mypass' for p12 bundle export !!!
openssl pkcs12 -export -out my-engine.p12 -inkey my-engine.key -in 
my-engine.crt -chain -CAfile /etc/pki/CA/my-ca.crt


0> existing engine keys/certs/p12 replacement

(follow 
$engine_url/ovirt-engine/docs/manual/en_US/html/Administration_Guide/appe-Red_Hat_Enterprise_Virtualization_and_SSL.html)

rm -f /etc/pki/ovirt-engine/apache-ca.pem
cp my-engine.crt /etc/pki/ovirt-engine/apache-ca.pem
cp my-engine.p12 /etc/pki/ovirt-engine/keys/apache.p12
openssl pkcs12 -in /etc/pki/ovirt-engine/keys/apache.p12 -nocerts -nodes > 
/etc/pki/ovirt-engine/keys/apache.key.nopass
openssl pkcs12 -in /etc/pki/ovirt-engine/keys/apache.p12 -nokeys > 
/etc/pki/ovirt-engine/certs/apache.cer
install -o ovirt -g ovirt -m 600 /dev/null 
/etc/ovirt-engine/engine.conf.d/99-custom-truststore.conf
# 'changeit' is default java truststore pass on EL
cat > /etc/ovirt-engine/engine.conf.d/99-custom-truststore.conf << EOF
ENGINE_HTTPS_PKI_TRUST_STORE="/etc/pki/java/cacerts"
ENGINE_HTTPS_PKI_TRUST_STORE_PASSWORD="changeit"
EOF


0> add custom CA into system truststore after backup

cp /etc/pki/CA/my-ca.crt /etc/pki/ca-trust/source/anchors/CA.crt
update-ca-trust


0> check if system truststore knows about custom CA

openssl x509 -in /etc/pki/ca-trust/source/anchors/CA.crt -fingerprint -sha1 
-noout
# 'changeit' is default java truststore pass on EL
keytool -list -keystore /etc/pki/java/cacerts -storepass changeit | grep "$( 
openssl x509 -in /etc/pki/ca-trust/source/anchors/CA.crt -fingerprint -sha1 
-noout | sed -e '/SHA1/s/.*=//;' )"
grep -IR "$(sed -n '2p' /etc/pki/ca-trust/source/anchors/CA.crt)" 
/etc/pki/ca-trust/extracted/


0> engine-setup pki configuration check

engine-setup # see if 'PKI CONFIGURATION' section passed without errors

(doctext here https://bugzilla.redhat.com/show_bug.cgi?id=1336838)

And this for websocket proxy:

# cat /etc/ovirt-engine/ovirt-websocket-proxy.conf.d/10-setup.conf
PROXY_PORT=6100
SSL_CERTIFICATE=/etc/pki/ovirt-engine/apache-ca.pem
SSL_KEY=/etc/pki/ovirt-engine/keys/apache.key.nopass
CERT_FOR_DATA_VERIFICATION=/etc/pki/ovirt-engine/certs/engine.cer
SSL_ONLY=True

You can start manually websocket proxy:

/usr/share/ovirt-engine/services/ovirt-websocket-proxy/ovirt-websocket-proxy.py 
--help
Usage: ovirt-websocket-proxy.py [options] start

Options:
  -h, --help show this help message and exit
  -d, --debugdebug mode
  --pidfile=FILE pid file to use
  --background   Go into the background
  --systemd=SYSTEMD  Systemd type simple|notify
  --redirect-output  Redirect output of daemon

It is also handy to do:

openssl s_client -connect $websocketproxy_host:6100

j.

- Original Message -
From: "aleksey maksimov" <aleksey.maksi...@it-kb.ru>
To: "Jiri Belka" <jbe...@redhat.com>
Cc: "users" <users@ovirt.org>
Sent: Tuesday, August 16, 2016 9:33:54 AM
Subject: Re: [ovirt-users] oVirt 4 with custom SSL-certificate and SPICE HTML5 
browser client -> WebSocket error: Can't connect to websocket on URL: 
wss://ovirt.engine.fqdn:6100/


Jiri, I did not hide information. Tell me what the log file should show and I 
will show

16.08.2016, 10:29, "Jiri Belka" <jbe...@redhat.com>:
> It does have logs, filenames "hide" real data.
>
> You should reveal logs and what each file is and
> which exact commands you were executing.
>
> Vague statements won't help much. It does work for me,
> there much be something strange in your setup but we
> cannot know what without details.
>
> j.
>
> - Original Message -
> From: "aleksey maksimov" <aleksey.maksi...@it-kb.ru>
> To: "Jiri Belka" <jbe...@redhat.com>
> Cc: "users" <users@ovirt.org>
> Sent: Monday, August 15, 2016 6:18:48 PM
> Subject: Re: [ovirt-users] oVirt 4 with custom SSL-certificate and SPICE 
> HTML5 browser client -> WebSocket error

Re: [ovirt-users] oVirt 4 with custom SSL-certificate and SPICE HTML5 browser client -> WebSocket error: Can't connect to websocket on URL: wss://ovirt.engine.fqdn:6100/

[Jiri Belka]

It does have logs, filenames "hide" real data.

You should reveal logs and what each file is and
which exact commands you were executing.

Vague statements won't help much. It does work for me,
there much be something strange in your setup but we
cannot know what without details.

j.

- Original Message -
From: "aleksey maksimov" <aleksey.maksi...@it-kb.ru>
To: "Jiri Belka" <jbe...@redhat.com>
Cc: "users" <users@ovirt.org>
Sent: Monday, August 15, 2016 6:18:48 PM
Subject: Re: [ovirt-users] oVirt 4 with custom SSL-certificate and SPICE HTML5 
browser client -> WebSocket error: Can't connect to websocket on URL: 
wss://ovirt.engine.fqdn:6100/

I tried a version of Nicolás. 
No success :((

1) I create full bundle cert file:

# cat /etc/pki/ovirt-engine/certs/apache.cer 
/etc/pki/ovirt-engine/apache-ca.pem > 
/etc/pki/ovirt-engine/certs/apache-with-ca.cer
# openssl verify /etc/pki/ovirt-engine/certs/apache-with-ca.cer

/etc/pki/ovirt-engine/certs/apache-with-ca.cer: OK

2) I changed config file:

# cat /etc/ovirt-engine/ovirt-websocket-proxy.conf.d/10-setup.conf

PROXY_PORT=6100
SSL_CERTIFICATE=/etc/pki/ovirt-engine/certs/apache-with-ca.cer
SSL_KEY=/etc/pki/ovirt-engine/keys/apache.key.nopass
SSL_ONLY=True
FORCE_DATA_VERIFICATION=False

3) I restarted the service

# service ovirt-websocket-proxy restart

Problem still exists :(
Any ideas how to trablshut problem?

14.08.2016, 08:59, "aleksey.maksi...@it-kb.ru" <aleksey.maksi...@it-kb.ru>:
> Hi Jiri.
> But your variant does not work, too
>
> # cat /etc/ovirt-engine/ovirt-websocket-proxy.conf.d/10-setup.conf
> PROXY_PORT=6100
> SSL_CERTIFICATE=/etc/pki/ovirt-engine/apache-ca.pem
> SSL_KEY=/etc/pki/ovirt-engine/keys/apache.key.nopass
> CERT_FOR_DATA_VERIFICATION=/etc/pki/ovirt-engine/certs/engine.cer
> SSL_ONLY=True
>
> Some error:
> WebSocket error: Can't connect to websocket on URL: 
> wss://ovirt.engine.fqdn:6100/eyJ...0=[object Event]
>
> any ideas how to trablshut problem?
>
> 14.08.2016, 01:53, "Jiri Belka" <jbe...@redhat.com>:
>>  I have different files for those variables, maybe this is the case?
>>
>>  Review again.
>>
>>  j.
>>
>>  - Original Message -
>>  From: "aleksey maksimov" <aleksey.maksi...@it-kb.ru>
>>  To: "Jiri Belka" <jbe...@redhat.com>
>>  Cc: "users" <users@ovirt.org>
>>  Sent: Saturday, August 13, 2016 4:57:45 PM
>>  Subject: Re: [ovirt-users] oVirt 4 with custom SSL-certificate and SPICE 
>> HTML5 browser client -> WebSocket error: Can't connect to websocket on URL: 
>> wss://ovirt.engine.fqdn:6100/
>>
>>  I changed my file 
>> /etc/ovirt-engine/ovirt-websocket-proxy.conf.d/10-setup.conf to:
>>
>>  PROXY_PORT=6100
>>  #SSL_CERTIFICATE=/etc/pki/ovirt-engine/certs/websocket-proxy.cer
>>  #SSL_KEY=/etc/pki/ovirt-engine/keys/websocket-proxy.key.nopass
>>  #CERT_FOR_DATA_VERIFICATION=/etc/pki/ovirt-engine/certs/engine.cer
>>  SSL_CERTIFICATE=/etc/pki/ovirt-engine/certs/apache.cer
>>  SSL_KEY=/etc/pki/ovirt-engine/keys/apache.key.nopass
>>  CERT_FOR_DATA_VERIFICATION=/etc/pki/ovirt-engine/apache-ca.pem
>>  SSL_ONLY=True
>>
>>  ...and restart HostedEngine VM.
>>  Problem still exists.
>>
>>  13.08.2016, 17:52, "aleksey.maksi...@it-kb.ru" <aleksey.maksi...@it-kb.ru>:
>>>   It does not work for me. any ideas?
>>>
>>>   02.08.2016, 17:22, "Jiri Belka" <jbe...@redhat.com>:
>>>>    This works for me:
>>>>
>>>>    # cat /etc/ovirt-engine/ovirt-websocket-proxy.conf.d/10-setup.conf
>>>>    PROXY_PORT=6100
>>>>    SSL_CERTIFICATE=/etc/pki/ovirt-engine/apache-ca.pem
>>>>    SSL_KEY=/etc/pki/ovirt-engine/keys/apache.key.nopass
>>>>    CERT_FOR_DATA_VERIFICATION=/etc/pki/ovirt-engine/certs/engine.cer
>>>>    SSL_ONLY=True
>>>>
>>>>    - Original Message -
>>>>    From: "aleksey maksimov" <aleksey.maksi...@it-kb.ru>
>>>>    To: "users" <users@ovirt.org>
>>>>    Sent: Monday, August 1, 2016 12:13:38 PM
>>>>    Subject: [ovirt-users] oVirt 4 with custom SSL-certificate and SPICE 
>>>> HTML5 browser client -> WebSocket error: Can't connect to websocket on 
>>>> URL: wss://ovirt.engine.fqdn:6100/
>>>>
>>>>    Hello oVirt guru`s !
>>>>
>>>>    I have successfully replaced the oVirt 4 site SSL-certificate according 
>>>> to the instructions from "Replacing oVirt SSL Certificate"
>>>>    section in &

Re: [ovirt-users] oVirt 4 with custom SSL-certificate and SPICE HTML5 browser client -> WebSocket error: Can't connect to websocket on URL: wss://ovirt.engine.fqdn:6100/

[Jiri Belka]

This works for me:

# cat /etc/ovirt-engine/ovirt-websocket-proxy.conf.d/10-setup.conf 
PROXY_PORT=6100
SSL_CERTIFICATE=/etc/pki/ovirt-engine/apache-ca.pem
SSL_KEY=/etc/pki/ovirt-engine/keys/apache.key.nopass
CERT_FOR_DATA_VERIFICATION=/etc/pki/ovirt-engine/certs/engine.cer
SSL_ONLY=True

- Original Message -
From: "aleksey maksimov" 
To: "users" 
Sent: Monday, August 1, 2016 12:13:38 PM
Subject: [ovirt-users] oVirt 4 with custom SSL-certificate and SPICE HTML5  
browser client -> WebSocket error: Can't connect to websocket   on URL: 
wss://ovirt.engine.fqdn:6100/

Hello oVirt guru`s !

I have successfully replaced the oVirt 4 site SSL-certificate according to the 
instructions from "Replacing oVirt SSL Certificate" 
section in "oVirt Administration Guide"
http://www.ovirt.org/documentation/admin-guide/administration-guide/

3 files have been replaced:

/etc/pki/ovirt-engine/certs/apache.cer
/etc/pki/ovirt-engine/keys/apache.key.nopass
/etc/pki/ovirt-engine/apache-ca.pem

Now the oVirt site using my certificate and everything works fine, but when I 
try to use SPICE HTML5 browser client in Firefox or Chrome I see a gray screen 
and message under the button "Toggle messages output":
 
WebSocket error: Can't connect to websocket on URL: 
wss://ovirt.engine.fqdn:6100/eyJ...0=[object Event]


Before replacing certificates SPICE HTML5 browser client works.
Native SPICE client works fine.

Tell me what to do with SPICE HTML5 browser client?
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] remote-viewer on OSX

[Jiri Belka]

I'm not OSX user but virt-viewer works on OpenBSD
fine, so it can't be difficult to make it running.

You need libvirt working (just for 'remote'), spice-gtk,
gtk-vnc and couple of python modules.

http://cvsweb.openbsd.org/cgi-bin/cvsweb/ports/x11/virt-viewer/Makefile?rev=1.26=text/x-cvsweb-markup

- Original Message -
From: "Karli Sjöberg" 
To: "Gianluca Cecchi" 
Cc: "users" 
Sent: Wednesday, July 27, 2016 12:09:54 PM
Subject: Re: [ovirt-users] remote-viewer on OSX




Den 27 jul 2016 11:48 fm skrev Gianluca Cecchi : 
> 
> Hello, 
> I'm going to provide access to ovirt VMs to people who are using OSX 
> At this moment I don't have access to any OSX environment to crosscheck, but 
> is still that complex/intricate? 

As far as I know, no more work has been done on this front. 

/K 

> http://www.ovirt.org/documentation/admin-guide/virt/spice-remote-viewer-on-os-x/
>  
> 
> Thanks, 
> Gianluca 

___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] ERROR [org.ovirt.vdsm.jsonrpc.client.reactors.Reactor] (SSL Stomp Reactor) [] Unable to process messages

[Jiri Belka]

> > Unfortunately, upgrading to 4.0.1RC didn't solve the problem. Actually,
> > the error changed to 'General SSLEngine problem', but the result was the
> > same, like this:
> > 
> > 2016-07-13 09:52:22,010 INFO
> > [org.ovirt.vdsm.jsonrpc.client.reactors.ReactorClient] (SSL Stomp
> > Reactor) [] Connecting to /10.X.X.X
> > 2016-07-13 09:52:22,018 ERROR
> > [org.ovirt.vdsm.jsonrpc.client.reactors.Reactor] (SSL Stomp Reactor) []
> > Unable to process messages: General SSLEngine problem
> > 
> > It's worth mentioning that we're using our own SSL certificates (not
> > self-signed), and I imported the combined certificate into the
> > /etc/pki/ovirt-engine/.truststore key file. Not sure if related, but
> > just in case.
> > 
> > I had to downgrade to 3.6.7. I'm attaching requested logs, if you need
> > anything else don't hesitate to ask.
> 
> 
> FYI I migrated my 3.6 env (engine + 1 host) to 4.0 and the host is up
> and running fine on datacenter/cluster 4.0 compat level.
> 
> FYA there's a BZ about engine certs
> https://bugzilla.redhat.com/show_bug.cgi?id=1336838

Ah, I forgot to mention that I used my own CA and thus custom certificate
for Apache httpd.

j.
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] ERROR [org.ovirt.vdsm.jsonrpc.client.reactors.Reactor] (SSL Stomp Reactor) [] Unable to process messages

[Jiri Belka]

> Hi,
> 
> Unfortunately, upgrading to 4.0.1RC didn't solve the problem. Actually,
> the error changed to 'General SSLEngine problem', but the result was the
> same, like this:
> 
> 2016-07-13 09:52:22,010 INFO
> [org.ovirt.vdsm.jsonrpc.client.reactors.ReactorClient] (SSL Stomp
> Reactor) [] Connecting to /10.X.X.X
> 2016-07-13 09:52:22,018 ERROR
> [org.ovirt.vdsm.jsonrpc.client.reactors.Reactor] (SSL Stomp Reactor) []
> Unable to process messages: General SSLEngine problem
> 
> It's worth mentioning that we're using our own SSL certificates (not
> self-signed), and I imported the combined certificate into the
> /etc/pki/ovirt-engine/.truststore key file. Not sure if related, but
> just in case.
> 
> I had to downgrade to 3.6.7. I'm attaching requested logs, if you need
> anything else don't hesitate to ask.


FYI I migrated my 3.6 env (engine + 1 host) to 4.0 and the host is up
and running fine on datacenter/cluster 4.0 compat level.

FYA there's a BZ about engine certs 
https://bugzilla.redhat.com/show_bug.cgi?id=1336838

j.
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] restore of backup fail when Migrating to ovirt-engine 4.0

[Jiri Belka]

> [.. cutting all bogus as it is unreadable, even with html mails..]
> 
> On Tue, Jun 28, 2016 at 4:00 PM, Yaniv Dary  wrote:
> 
> > Do you have any 3.5 clusters? You can only upgrade to 4.0, if all the
> > cluster are 3.6 compatibility.

> >>
> >> #engine-backup --mode=restore --no-restore-permissions --provision-db
> >> --provision-dwh-db --provision-reports-db --file=engine-backup.tar.gz
> >> --log=engine-backup-restore.log
> >>
> >> Success with the restore!
> >>
> >> Thanks for pointing me out. What I did was just following the
> >> documentation, right or wrong.
> >>
> >> But when I run "Engine-setup" I got stucked with
> >>
> >> "[ INFO  ] Stage: Setup validation
> >> [WARNING] Less than 16384MB of memory is available
> >> [ ERROR ] Failed to execute stage 'Setup validation': Trying to upgrade
> >> from unsupported versions: 3.5
> >> [ INFO  ] Stage: Clean up
> >>   Log file is located at
> >> /var/log/ovirt-engine/setup/ovirt-engine-setup-20160628120936-ix7pb8.log
> >> [ INFO  ] Generating answer file
> >> '/var/lib/ovirt-engine/setup/answers/20160628121149-setup.conf'
> >> [ INFO  ] Stage: Pre-termination
> >> [ INFO  ] Stage: Termination
> >> [ ERROR ] Execution of setup failed"
> >>

3.6 EL6 migration to 4.0 EL7 works OK for me with following steps:

1. 3.6 EL6 engine (3.6 dc/clstr level)
2. 3.6 EL6 engine-backup and do backup
3. 4.0 EL7 clean install
4. 4.0 EL7 engine-backup and do restore
5. 4.0 EL7 engine-setup

What are the problematic steps on other side?

Do we have a problem if 3.6 EL6 engine does have dc/clstr level set to '3.5'?

j.
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

[ovirt-users] [ovirt-cli] query snapshot in preview of a vm

[Jiri Belka]

I can't figure out how to do nice ovirt-shell command to query current
snapshot in preview of a vm (to commit it later).

This works:

~~~
list snapshots --parent-vm-name jb-w2k8r2 --kwargs "description=Active VM 
before the preview" --show-all | egrep "^(id|description|type)"
id : 
08535a3e-dc9e-42c0-b611-6fea4a0318c9
description: Active VM before the preview
type   : preview
~~~

But why the following does not work?

~~~
list snapshots --parent-vm-name jb-w2k8r2 --kwargs "type=preview"
~~~

It returns nothing.

j.
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] Domain ordering in the user portal login form

[Jiri Belka]

> I have 3.6, what file should I modify in
> 
> /etc/ovirt-engine/extensions.d/?

See how it works here
https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Virtualization/3.5/html-single/Administration_Guide/index.html#sect-Directory_Users

j.___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] Change host using php api

[Jiri Belka]

> I would like to change the host of a vm using the api call. I tried it by
> using the following xml but didn't work
> 
> 
> 
> 
> 
> 
> compute11
> 
> 
> 
> 
> 
> 
> Could you please check it ?

Check what? '...didn't work' is too broad description.
Share more info.

j.
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] Unable to boot from CD ROM using api

[Jiri Belka]

> We are using ovirt 3.5 version and trying to change the boot device to CD ROM
> and boot from it using the ovirt api. I am able to change the boot order but
> i am unable to boot the vm from the CDROM using api. But i am able to do the
> same from the ovirt panel. The following are the steps that i follow
> 
> 1. Shut down the vm
> 2. Attach the iso image
> 3. Start the vm in run once mode using api with the following xml
> 
> " "
> 
> Could you please check if any issues with this ? Also, I am able to view the
> attached image from the ovirt panel.

And output from curl/wget (whatever you use) does show what?

j.
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] ipv6 in guests not worknig

[Jiri Belka]

> [root@dipovirt01 ~]# cat /etc/sysctl.d/ipv6.conf
> net.ipv6.conf.all.forwarding = 1
> net.ipv6.conf.default.forwarding = 1

imo the above is only needed for "routing", not bridging.

any news?

j.
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] Domain ordering in the user portal login form

[Jiri Belka]

> From: "Cristian Mammoli" 
> To: "users" 
> Sent: Tuesday, October 27, 2015 10:20:10 AM
> Subject: [ovirt-users] Domain ordering in the user portal login form
> 
> Hi, is there a way to set the default domain in the user portal drop
> down menu?
> 
> Thanks

Generally it is alphabetically sorted. But if you use recent
oVirt (what is your version, quite important info) you can
define "name" of this domain profile.

In 3.6 check /etc/ovirt-engine/extensions.d/ dir.

j.
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] Keep on loading while importing a vm

[Jiri Belka]

> While importing a vm from vmware in the Ovirt3.6 its keep on loading and
> nothing comes up ,can someone help me in that ?

Via v2v tool? If so check http://libguestfs.org/virt-v2v.1.html
for contacts.

j.
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] Ovirt Guest VM network | vnet to id

[Jiri Belka]

> I have an query regarding guest VM network name...in the host every VM
> network has the name of vnet0,vnet1 etc...is there any way to change to them
> from vnet to interface id ??

I understand your point but in "cloud"(-like) environments there's no
use for explicit hardcoded names.

You better use different approach:

- use engine's restapi and query for VM network and than for its underlying
  hosts/netifaces
- use libvirt directly

I would go with the former as you already use oVirt.

See http://www.ovirt.org/REST-Api or
https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Virtualization/3.5/html/Technical_Guide/chap-REST_API_Quick_Start_Example.html

Have fun.

j.
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] Ovirt and Shorewall

[Jiri Belka]

> From: "Johan Vermeulen" 
> To: "users" 
> Sent: Wednesday, October 28, 2015 4:13:49 PM
> Subject: [ovirt-users] Ovirt and Shorewall

> Hello All,

> I'm still experimenting with Ovirt-setup.
> Because Centos/Rhel7 now have Firewalld, and because I still have some
> Centos6
> machines with Iptables, I was kinda hoping to use Shorewall on both.

> Is there any support/documentation for this in the Ovirt-world?

On RHEL 7, ovirt 3.6 puts vdsm ("hypervisor" host) firewall rules
as xml file into firewalld directory.

It is open-source, check engine-setup source and maybe you can propose
diffs for another fw frontend support.

j.
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] Problem starting up new VM created from a template.

[Jiri Belka]

> Hello,
> 
> I'm having troubles with a new VM created from a template. I did run sysprep
> in the windows 2008R2 machine before creating a template from it. I have
> already used this template multiple times and even this time it initially
> started up just fine but not a second time.
> 
> This is what I see that is troublesome in the vdsm.log file when I try to
> start up the VM.
> 
> Thread-105499::ERROR::2015-10-28
> 10:45:31,899::vm::2344::vm.Vm::(_startUnderlyingVm)
> vmId=`20dfe9dc-74c7-46c0-9708-19200de8e958`::The vm start process failed
> Traceback (most recent call last):
> File "/usr/share/vdsm/virt/vm.py", line 2284, in _startUnderlyingVm
> self._run()
> File "/usr/share/vdsm/virt/vm.py", line 3279, in _run
> self.preparePaths(devices[DISK_DEVICES])
> File "/usr/share/vdsm/virt/vm.py", line 2366, in preparePaths
> drive['path'] = self.cif.prepareVolumePath(drive, self.id )
> File "/usr/share/vdsm/clientIF.py", line 309, in prepareVolumePath
> vmId, device, params['vmPayload'])
> File "/usr/share/vdsm/clientIF.py", line 353, in
> _prepareVolumePathFromPayload
> return func(vmId, payload['file'], payload.get('volId'))
> File "/usr/share/vdsm/supervdsm.py", line 50, in __call__
> return callMethod()
> File "/usr/share/vdsm/supervdsm.py", line 48, in 
> **kwargs)
> File "", line 2, in mkFloppyFs
> File "/usr/lib64/python2.6/multiprocessing/managers.py", line 740, in
> _callmethod
> raise convert_to_error(kind, result)
> OSError: [Errno 5] could not create floppy file: code 1, out mkfs.msdos 3.0.9
> (31 Jan 2010)
> 
> err mkfs.msdos: unable to create
> /var/run/vdsm/payload/20dfe9dc-74c7-46c0-9708-19200de8e958.b490e14021f685d85d57d325b7f66520.img
> 
> Thread-105499::DEBUG::2015-10-28
> 10:45:31,901::vm::2799::vm.Vm::(setDownStatus)
> vmId=`20dfe9dc-74c7-46c0-9708-19200de8e958`::Changed state to Down: [Errno
> 5] could not create floppy file: code 1, out mkfs.msdos 3.0.9 (31 Jan 2010)
> 
> err mkfs.msdos: unable to create
> /var/run/vdsm/payload/20dfe9dc-74c7-46c0-9708-19200de8e958.b490e14021f685d85d57d325b7f66520.img
> (code=1)
> Thread-90::DEBUG::2015-10-28
> 10:45:32,271::libvirtconnection::143::root::(wrapper) Unknown libvirterror:
> ecode: 80 edom: 20 level: 2 message: metadata not found: Requested metadata
> element is not present
> JsonRpc (StompReactor)::DEBUG::2015-10-28
> 10:45:34,264::stompReactor::98::Broker.StompAdapter::(handle_frame) Handling
> message 
> JsonRpcServer::DEBUG::2015-10-28
> 10:45:34,265::__init__::530::jsonrpc.JsonRpcServer::(serve_requests) Waiting
> for request
> Thread-105501::DEBUG::2015-10-28
> 10:45:34,271::stompReactor::163::yajsonrpc.StompServer::(send) Sending
> response

Selinux or ownership on that path?

j.
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] It is possible to use vdsClient / virsh to start VMs in the event that engine is down?

[Jiri Belka]

> I do not see a way to start vm's in the event that an engine is down. I see
> vdsClient -s 0 destroy works to shut them down.

Yes, engine is SPOF. They invented hosted engine solution which pretends
to bringe HA for engine but...

I have no idea why it does not use JBoss based features like clustering.

> Also, is it still possible to use non-read-only virsh commands? i tried using
> saslpasswd2 to create an account, but that did not seem to work.

You are doing something wrong then. Auth for virsh works ok, you just
have to know how libvirt works with that sasl :)

# grep ^sasldb /etc/sasl2/libvirt.conf 
sasldb_path: /etc/libvirt/passwd.db

# saslpasswd2 -c -a libvirt testovic
...
# strings /etc/libvirt/passwd.db | grep ^testovic
testovic

j.
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] ovirt-shell login problems

[Jiri Belka]

> i'm trying to connect to the engine using ovirt-shell, but i get [SSL:
> UNKNOWN_PROTOCOL] unknown protocol (_ssl.c:590).
> Here is the command i use:
> ovirt-shell -c --url " https://192.168.0.101:80/ovirt-engine/api " --user
> "admin@internal" -A ovirt_ca.pem
> 
> And the debugging mode with -d doesn't provide any additional output.
> The CA cert file have i grabbed using the method mentioned at [1] using wget
> -O ${CA_FILE}
> http://${OVIRT}/ovirt-engine/services/pki-resource?resource=ca-certificate=X509-PEM-CA

Try to use /etc/pki/ovirt-engine/ca.pem from engine host. Does it work?

j.
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] poor graphic performances with spice

[Jiri Belka]

> From: "Nathanaël Blanchet" 
> To: users@ovirt.org
> Sent: Wednesday, October 28, 2015 5:06:54 PM
> Subject: [ovirt-users] poor graphic performances with spice
> 
> Hello,
> 
> I'm studying a possibility to use ovirt as a vdi solution with centos or
> fedora guests. But using spice is awfull and graphics are very slow (in
> particulary videos). Qxl drivers are installed and spice-vdagent works
> as expected on the guest side.
> However, it is amazing to see that glxgears benchmarks are good...
> I wonder how it is possible to adopt such a vdi solution when the user
> experience is so bad.
> I may miss something and may need recommandations of experimented vdi
> users :)
> Thank you for your help.

It's open-source. Your diffs are welcome.

All right, how do you define slow? What is your actual setup/components
and their versions?

j.
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] Installation failed

[Jiri Belka]

> Trying to add a node to our setup, but since today I'm getting an error when
> adding. It looks like starting vdsm-network failed to start, due to this
> error:

> Oct 26 16:46:59 hv01.ovirt.gs.cloud.lan python[27521]: DIGEST-MD5
> parse_server_challenge()
> Oct 26 16:46:59 hv01.ovirt.gs.cloud.lan python[27521]: DIGEST-MD5
> ask_user_info()
> Oct 26 16:46:59 hv01.ovirt.gs.cloud.lan python[27521]: DIGEST-MD5
> make_client_response()
> Oct 26 16:46:59 hv01.ovirt.gs.cloud.lan python[27521]: DIGEST-MD5 client step
> 3
> Oct 26 16:46:59 hv01.ovirt.gs.cloud.lan python[27521]: DIGEST-MD5 client mech
> dispose
> Oct 26 16:46:59 hv01.ovirt.gs.cloud.lan python[27521]: DIGEST-MD5 common mech
> dispose
> Oct 26 16:46:59 hv01.ovirt.gs.cloud.lan vdsm-tool[27521]: libvirt: error : no
> connection driver available for qemu:///system
> Oct 26 16:46:59 hv01.ovirt.gs.cloud.lan systemd[1]: vdsm-network.service:
> control process exited, code=exited status=1
> Oct 26 16:46:59 hv01.ovirt.gs.cloud.lan systemd[1]: Failed to start Virtual
> Desktop Server Manager network restoration.
> Oct 26 16:46:59 hv01.ovirt.gs.cloud.lan systemd[1]: Unit vdsm-network.service
> entered failed state.

I would uninstall vsdm*, libvirt*, qemu*, remove all config remnants and
install it again and re-add host into engine.

j.
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] Feature request: bind mounting filesystems

[Jiri Belka]

> From: "Steve Kilduff" 
> To: users@ovirt.org
> Sent: Tuesday, September 1, 2015 5:01:10 PM
> Subject: [ovirt-users]  Feature request: bind mounting filesystems
> 
> Hi,
> 
> Bind mounting paths would be a great feature. It would hopefully make storage
> backends transparent and not tie us to nfs or gluster. Idea is shared
> storage is available on all servers at /mnt/share, ovirt would bind mount
> this source on all servers.
> 
> Maybe this even works, but in that case I cant find documentation or
> examples.

You are late ;)

https://bugzilla.redhat.com/show_bug.cgi?id=1257506

j.
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] Migration from all-in-one to self hosted engine tips?

[Jiri Belka]

> From: "Gianluca Cecchi" 
> To: "users" 
> Sent: Tuesday, September 1, 2015 8:48:09 AM
> Subject: [ovirt-users] Migration from all-in-one to self hosted engine tips?
> 
> Hello,
> considering that all-in-one could become deprecated, any tips in migrating
> 
> from:
> workstation with Fedora 20 + oVirt 3.5.3 All-In-One and local disks
> 
> to (when 3.6 released):
> same workstation with Fedora 22 + oVirt 3.6.0 Self Hosted Engine
> 
> ?
> 
> I already tested direct migration from Fedora 20 to Fedora 22 on another
> workstation (without oVirt). Only bugs found in that case:
> - default kernel after migration is not the updated one (and had a bug with
> Intel ICH8 sound modules) --> update of grub2 default kernel solves it
> - nvidia kernel modules don't load and no graphic environment available due
> to this
> --> solved booting in init 3 and making a "depmod -a" and then kernel modules
> are correctly loaded
> 
> So it would be nice to get any suggestion, that I can eventually test on a
> dev environment.

tl;dr all but check

https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Virtualization/3.5/html/Installation_Guide/Migrating_to_a_Self-Hosted_Environment.html

i personally migrated our env to above setup based on this documentation.

j.
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] Migrating old VMWare VM to oVirt?

[Jiri Belka]

> From: "Chris Adams" 
> To: users@ovirt.org
> Sent: Tuesday, September 1, 2015 5:04:10 PM
> Subject: [ovirt-users] Migrating old VMWare VM to oVirt?
> 
> I have an ancient VM that I need to migrate to oVirt if possible.  It is
> Windows 2000 Server on VMWare ESXi 4.1 (yeah, I know, please don't
> laugh).
> 
> Is there any possiblity of making this work?  Reinstalling the Windows
> system (or upgrading) is just not practical at this time, and I need to
> get this thing off of the old VMWare box.

check v2v 
https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/6/html-single/V2V_Guide/#subsect-convert-a-esx-guest

(in fact rhevm is ovirt)

j.
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] Using both shared and local storage

[Jiri Belka]

> No, it doesn't work as expected. I would expect to have an option to attach
> to any Virtual Machine storage which is either shared or local.

It does work as expected, do your homework first to know how oVirt does
work. Your expectation are just your expectations.

Question: How would you migrate a VM in a cluster with local storage?

Wouldn't glusterfs solve the issue? It can use those SSDs... (Not expert
in glusters here...).

j.

> For example, I have database server so I could put on shared storage and
> use local, SSD disk for data. I don't care if system is on "slow" network
> storage but with a lot of space and in the same time, I can use limited,
> but fast SSD space for data only.
> 
> So, is this possible or not?
> 
> [...]
> > > Currently at the company, we are testing oVirt 3.5 as a cloud platform.
> > > We have 4 nodes and GlusterFS as a shared storage.
> > > Every node has another SSD disk, currently not used. What we would like
> > is to
> > > attach that local storage to particular host, so that some virtual
> > machines
> > > can be on local and some on shared storage.
> > > If I try to create local storage, it works, but then host is in separate
> > Data
> > > Center.
> > > If I try to add POSIX FS to node in existing Data Center, then all other
> > > hosts stop working, since they can't access that local storage (kind of
> > > expected).
> > >
> > > So, long story short - does shared and local storage mix and how?
> > >
> > > Thank you very much!
> >
> > Works as expected, doesn't it? What do you want to exactly achieve
> > with local storage?
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] Daily online VM backups

[Jiri Belka]

> From: "gregor" 
> To: Users@ovirt.org
> Sent: Sunday, August 30, 2015 11:01:49 AM
> Subject: [ovirt-users] Daily online VM backups
> 
> Hi,
> 
> what is the best way to make daily backups of my VM's without shutting
> them down?
> 
> I found the Backup-Restore API and other stuff but no running
> tool/script which I can use. I plan to integrate it into backuppc. Or is
> there any "Best practice guide for backup"? ;-)
> 
> In the meantime I integrated engine-backup into backuppc as a pre-script.

IIUC you know the technical part of the topic but you want
somebody will write for you backup scripts?

j.
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] ovirt-engine 3.5.3: Access external provider via http proxy

[Jiri Belka]

> From: "Carlo Rodrigues" 
> To: users@ovirt.org
> Sent: Saturday, August 22, 2015 12:23:52 AM
> Subject: [ovirt-users] ovirt-engine 3.5.3: Access external provider via http  
> proxy
> 
> Hello,
> 
> I just installed oVirt 3.5.3 in a private network with no NAT.
> 
> Obviously oVirt can't communicate with glance.ovirt.org.
> 
> Is there a way to use an HTTP proxy like squid to connect to the outside
> world?

OVESETUP_RHEVM_SUPPORT/redhatSupportProxyPort=none:None
OVESETUP_RHEVM_SUPPORT/redhatSupportProxy=none:None
OVESETUP_RHEVM_SUPPORT/redhatSupportProxyUser=none:None
OVESETUP_RHEVM_SUPPORT/configureRedhatSupportPlugin=bool:False
OVESETUP_RHEVM_SUPPORT/redhatSupportProxyPassword=none:None
OVESETUP_RHEVM_SUPPORT/redhatSupportProxyEnabled=bool:False

Please submit RFE BZ in bugzilla for a feature which would
enable routing all tcp/ip connections out of oVirt environment
itself via HTTP (or SOCKS) proxy.

(Meanwhile you could hack java process and include -D option
for http proxy but this would probably break all tcp/ip connections.)

Thx!

j.
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] Using both shared and local storage

[Jiri Belka]

> From: "Damir Marković" <dam...@nordeus.eu>
> To: "Jiri Belka" <jbe...@redhat.com>
> Cc: users@ovirt.org
> Sent: Monday, August 31, 2015 2:02:10 PM
> Subject: Re: [ovirt-users] Using both shared and local storage
> 
> Thank you for your help, Jiri!
> 
> My expectations are based on experience with other cloud platforms and
> since oVirt doesn't work like that, we simply won't use it. :-)
> My post was simply for purpose to see if I am missing something, but you
> confirmed that I am not.
> 
> Once again, thank you a lot!

It is similar as assigning physical network card and then doing migration
of virtual VM.

Before NPIV for FC, I used to assign physical FC card to LPARs
(IBM PowerVM virtualization solution) but then it was not possible
to move the LPAR (VM). But it was supported.

If you feel strong that it should be possible to have a VM with a disk
on shared storage and on local storage as well, just create a RFE
in oVirt bugzilla.

I could imagine only use for this, having some "old static" data on
such local disk which was synced ouf of oVirt env.

j.
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] Graceful shutdown on power loss

[Jiri Belka]

 From: John Gardeniers jgardeni...@objectmastery.com
 To: users users@ovirt.org
 Sent: Friday, August 7, 2015 7:38:00 AM
 Subject: [ovirt-users] Graceful shutdown on power loss
 
 I'm looking into the best way to shut down our VM environment if a power
 outage looks like draining the UPS batteries. Is there API documentation
 covering this or does someone know of a article somewhere on the topic?
 We're currently running v3.5 engine and v3.4 hypervisors with gluster
 v3.4 storage. Our setup uses RHEV rather than Ovirt, in case that makes
 a difference.

You don't say much about your setup. Does your UPS hw have network
card or serial/usb?

Anyway I suppose you have to cook your own solution which would get
data from your UPS boxes and shutdown the VMs via restapi.

j.
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] Migrate to CentOS7 on new hardware

[Jiri Belka]

- Original Message -
 From: andreas ewert andreas.ew...@cbc.de
 To: users@ovirt.org
 Sent: Friday, August 7, 2015 1:12:03 PM
 Subject: [ovirt-users] Migrate to CentOS7 on new hardware
 
 Hello,
 
 I want to migrate my oVirt Hypervisors to CentOS7. My strategy is to install
 new boxes with CentOS7 and add them to the OVirt Cluster.
 But I get this message in engine.log:
 
 2015-08-07 13:01:35,388 WARN
 [org.ovirt.engine.core.dal.dbbroker.auditloghandling.AuditLogDirector]
 (DefaultQuartzScheduler_Worker-55) [5b9014cb] Correlation ID: 5b9014cb, Job
 ID: eddd1466-307f-400e-8d9b-b8cd67c2433c, Call Stack: null, Custom Event ID:
 -1, Message: Not possible to mix RHEL 6.x and 7.x hosts in one cluster.
 Tried adding RHEL - 7 - 1.1503.el7.centos.2.8 host to a cluster with RHEL -
 6 - 6.el6.centos.12.2 hosts.
 
 I use oVirt Engine Version: 3.5.2.1-1.el6

IIRC recent version also migration between cluster but with warning
message. I don't remember if it was in 3.5 or 3.6 but it's doable.
There should be some button in migrate dialog which shows more options.

j.
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] iSCSI question... LUNS-Targets balnk

[Jiri Belka]

 From: Alan Murrell li...@murrell.ca
 To: users@ovirt.org
 Sent: Thursday, August 6, 2015 7:54:06 PM
 Subject: [ovirt-users] iSCSI question... LUNS-Targets balnk
 
 Hello,
 
 I am hoping someone here has had experience in setting up an iSCSI
 target using 'targetcli'.   I followed the following guide:
 http://www.certdepot.net/rhel7-configure-iscsi-target-initiator-persistently/.
 This is on my single host (with hosted engine currently running; I am using
 a seperate HDD for the iSCSI
 storage)
 
 The iSCSI initiator of my host, from it's information page in oVirt,
 is iqn.1994-05.com.redhat:ba4cc8b3368e, so I created an ACL with
 that name.  Here is a result of the listing in the 'acls' directory
 for my IQN:
 
 --- START ---
 /iscsi/iqn.20...gt1/tpg1/acls ls
 o- acls ..
 [ACLs: 1]
o- iqn.1994-05.com.redhat:ba4cc8b3368e ..
 [Mapped LUNs: 1]
| o- mapped_lun0  [lun0
 block/block1 (rw)]
 --- END ---
 
 So it appears as though my host's initiator is mapped to my LUN 0.
 
 When I go in to oVirt and add iSCSI storage, the Discover finds my
 target, and I can even log in successfully, however when I click on
 the LUNS-Targets side tab, there are no LUNs listed, so I cannot
 add any iSCSI storage.
 
 Any ideas on why the LUN is not showing up?

Have you tried to attach LUN on anything else then oVirt?
This way you could find out if it is oVirt or a general issue.

j.
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] Hosted Engine on SAS storage array

[Jiri Belka]

 From: Cristian Mammoli c.mamm...@apra.it
 To: users users@ovirt.org
 Sent: Thursday, August 6, 2015 6:19:55 PM
 Subject: [ovirt-users] Hosted Engine on SAS storage array
 
 I see oVirt 3.6 support HE on fibre channel, what if I have a SAS SAN?
 Is it supported as well?

Does 'SAS storage array' means serial-attached scsi disks which
are located out of your engine box?

If so then it would be (from OS perspective) a DAS (direct attached
storage), wouldn't it?

Local storage is not helpful if you want to use multiple hosts.
Or at least I'm not aware of any solution for sharing DAS.

If 'SAS storage array' means some reservation via SCSI commands
whic is supported by storage box, then I would say - no it's
not supported.

But I could be mistaken.

j.
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] automatic migration on power failure

[Jiri Belka]

 [...] HA option on VM also works fine, but it only
 restarts on
 the same host. below is our current setup.

If the host is down how could engine's HA feature start
VMs on same host (the one which is down)?

HA should start VMs on any other host in same cluster.

Maybe you have to describe more details...

j.
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] [Reports] Virtual machine Network usage statistics

[Jiri Belka]

 From: Lionel Caignec caig...@cines.fr
 To: users@ovirt.org
 Sent: Wednesday, July 29, 2015 8:21:19 AM
 Subject: [ovirt-users] [Reports] Virtual machine Network usage statistics
 
 Hi,
 
 i've recently installed ovirt-engine-report, and i've a little problem with
 reports about VM.
 All graphs from Network inteface usage for VM are empty.
 Is it some configuration to do to get this data?
 All data for cpu/memory are ok.

If I could recommend you, forget about reports. I know no one
who likes it. You better feed your own metrics database yourself
and get some reports from it via other tool.

I do not orient well in this area but there's Grafana, InfluxDB,
graphite...

http://grafana.org/

j.
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] usb redirection in native mode does not work in linked clones

[Jiri Belka]

 From: Cristian Mammoli c.mamm...@apra.it
 To: users@ovirt.org
 Sent: Monday, July 27, 2015 5:35:45 PM
 Subject: [ovirt-users] usb redirection in native mode does not work in
 linked clones
 
 
 Hi, linked clones with usb redirection in native mode does not start:
 
 engine error:
 VM TestPoolAuto-1 is down with error. Exit message: internal error:
 process exited while connecting to monitor: qemu-kvm: -device
 piix3-usb-uhci,id=usb,bus=pci.0,addr=0x1.0x2: Duplicate ID 'usb' for
 device .

We have had this issue fixed in the past. What is version of your
oVirt environment? (That means - upgrade first, test and then let's
see.).

j.
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] upgrade to ovirt 3.5.3, vm quantity wrong!!

[Jiri Belka]

 From: CheungPaul eq2...@msn.com
 To: users@ovirt.org
 Sent: Monday, August 3, 2015 3:30:42 AM
 Subject: [ovirt-users] upgrade to ovirt 3.5.3, vm   quantity wrong!!
 
 Dear All ,
 
 last week I upgrade ovirt 3.5.0 to 3.5.3 I hope it could fix some bug, but I
 met this problem
 
 look: all I running is 11 vm on this host, but it shows 17, do you guys know
 how to fixed it?

Have you tried to get number of VMs via RESTAPI for comparison?
Have you tried to `ps aux | grep qemu-kvm' on the hosts and compare
the number of found VM processes?

j.
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] Is there a software-way to configure power management in oVirt?

[Jiri Belka]

 From: lof...@lofyer.org
 To: users@ovirt.org
 Sent: Friday, July 31, 2015 3:58:39 AM
 Subject: [ovirt-users] Is there a software-way to configure power management  
 in oVirt?
 
 Is there a software-way to configure power management in oVirt?
 Not all my clients have got IPMI.

There's SSH soft fencing called by default but yeah, it needs working
IP/sshd on hosts.

What do you want to achieve? You want to cycle virtual hosts?
If so check fence-agents-rhevm-4.0.11-17.el7.x86_64 which is one
of vdsm deps.

If you want something else, then steal rhevm fence agent code
and modify to suit your needs.

FYI I submitted this BZ for soft fencing agents
https://bugzilla.redhat.com/show_bug.cgi?id=1251469

j.
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] Ubuntu guest doesn't reboot properly

[Jiri Belka]

 From: Alan Murrell li...@murrell.ca
 To: users users@ovirt.org
 Sent: Sunday, July 26, 2015 11:34:40 AM
 Subject: [ovirt-users] Ubuntu guest doesn't reboot properly
 
 I have an Ubuntu 14.04 guest (actually Zentyal server).  Guest additions
 are installed from respository (and even displays the extra info like IP
 address, host name, memory use) in the oVirt dash board.
 
 Whenever I either reboot the guest or shut it down, it never seems to
 come up properly.  It shows that it is powered on and it responds to
 ping, but I cannot SSH in (says connection refused).  The SPICE console
 display just shows black with some slightly coloured bars in the upper
 left of the screen, so I am unable to determine what stage of the boot
 process it is on and/or if it is even at a login screen.
 
 I have a Windows 7 guest VM that reboots with no issue.  I currently do
 not have another Linux guest VM to test with, but I plan on installing a
 Debian guest, CentOS guest, as well as a vanilla Ubuntu 14.04 guest to
 see if it is a Linux thing, and Ubuntu thing, or just something odd with
 the Zentyal spin of Ubuntu.
 
 I will report on my results (it may take a bit), but I wanted to check
 here to see if anyone else has already troubleshot this and what the
 findings and conclusions were?

There's ovirt guest agent log in /var/log, please check it out.
Also check vdsm.log on host to see if reboot was in operation.
And last thing - what version do you have of your environment?
Are all using latest versions? If not, update first...

j.
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] reinstall hosted-engine with ovirt 3.5?

[Jiri Belka]

IIUC what you wrote, then there is backup available inside
your engine VM as the backup is usual part of upgrade.

Get the backup files from old engine VM, do fresh install
with ovirt engine appliance and restore DB.

j.

- Original Message -
From: Alastair Neil ajneil.t...@gmail.com
To: Jiri Belka jbe...@redhat.com
Cc: Ovirt Users users@ovirt.org
Sent: Friday, July 17, 2015 6:10:54 PM
Subject: Re: [ovirt-users] reinstall hosted-engine with ovirt 3.5?

is there a mechanism to import the appliance image into the hosted engine?
I am not sure how I would do this since I have no live access to my engine
DB.


On 17 July 2015 at 06:56, Jiri Belka jbe...@redhat.com wrote:

  From: Alastair Neil ajneil.t...@gmail.com
  To: Ovirt Users users@ovirt.org
  Sent: Thursday, July 16, 2015 5:38:41 PM
  Subject: [ovirt-users] reinstall hosted-engine with ovirt 3.5?
 
  Due to a moment of idiocy I accidentally upgraded my hosted-engine vm to
  Fedora 22 and now ovirt-engine will not start, I was able to get
 postgesql
  up an running so I was able to make a backup of the engine. As far as I
 know
  Ovirt 3.5 is not supported on F22, so my options seem limited.
 
  1, update to the 3.6 prerelease
  2, reinstall the VM, if I were doing this I would use CentOS 7
 
 
  my preference would be to fresh install the hosted-engine. I am guessing
 the
  way to go about this would be to shutdown the HE broker and agent
 daemons on
  all the nodes, possibly clean the metadata? and the do a hosted engine
  deploy as though migrating from an external engine.
 
  Can anyone comment if this is reasonable?

 You can give a try to ovirt engine appliance and then restore
 from backup ;)

 j.

___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] Create Template error

[Jiri Belka]

 From: Konstantinos Christidis kochr...@ekt.gr
 To: users@ovirt.org
 Sent: Tuesday, July 14, 2015 11:26:18 PM
 Subject: [ovirt-users] Create Template error
 
 Hello,
 
 Clone VM or Make Template took several minutes and failed with this error
 Failed with error ENGINE and code 5001
 Full error engone log http://ur1.ca/n4iiu
 
 oVirt / CentOS7 and local PostgreSQL.

File a bug report with attached logs.

j.
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] reinstall hosted-engine with ovirt 3.5?

[Jiri Belka]

 From: Alastair Neil ajneil.t...@gmail.com
 To: Ovirt Users users@ovirt.org
 Sent: Thursday, July 16, 2015 5:38:41 PM
 Subject: [ovirt-users] reinstall hosted-engine with ovirt 3.5?
 
 Due to a moment of idiocy I accidentally upgraded my hosted-engine vm to
 Fedora 22 and now ovirt-engine will not start, I was able to get postgesql
 up an running so I was able to make a backup of the engine. As far as I know
 Ovirt 3.5 is not supported on F22, so my options seem limited.
 
 1, update to the 3.6 prerelease
 2, reinstall the VM, if I were doing this I would use CentOS 7
 
 
 my preference would be to fresh install the hosted-engine. I am guessing the
 way to go about this would be to shutdown the HE broker and agent daemons on
 all the nodes, possibly clean the metadata? and the do a hosted engine
 deploy as though migrating from an external engine.
 
 Can anyone comment if this is reasonable?

You can give a try to ovirt engine appliance and then restore
from backup ;)

j.
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] Problem with Mac Spoof Filter

[Jiri Belka]

 From: InterNetX - Juergen Gotteswinter j...@internetx.com
 To: users@ovirt.org
 Sent: Thursday, July 16, 2015 3:21:15 PM
 Subject: [ovirt-users] Problem with Mac Spoof Filter
 
 Hi,
 
 seems like the Setting EnableMACAntiSpoofingFilterRules only applies to
 the main IP of a VM, additional IP Adresses on Alias Interfaces (eth0:x)
 are not included in the generated ebtables ruleset.
 
 Is there any Workaround / Setting / whatever to allow more than one IP
 without completly disabling this Filter?
 
 Thanks,
 
 Juergen

IIUC this works with hwaddr only:

virsh # nwfilter-dumpxml vdsm-no-mac-spoofing
filter name='vdsm-no-mac-spoofing' chain='root'
  uuidcd70b235-b0f7-461e-9080-7e6d750e2c70/uuid
  filterref filter='no-mac-spoofing'/
  filterref filter='no-arp-mac-spoofing'/
/filter

virsh # nwfilter-dumpxml no-mac-spoofing
filter name='no-mac-spoofing' chain='mac' priority='-800'
  uuidb7bbb2e5-2208-47cb-a0e6-1d0a81b5e515/uuid
  rule action='return' direction='out' priority='500'
mac srcmacaddr='$MAC'/
  /rule
  rule action='drop' direction='out' priority='500'
mac/
  /rule
/filter

virsh # nwfilter-dumpxml no-arp-mac-spoofing
filter name='no-arp-mac-spoofing' chain='arp-mac' priority='-520'
  uuid454abfeb-259c-4868-bf64-de1315a97aa6/uuid
  rule action='return' direction='out' priority='350'
arp arpsrcmacaddr='$MAC'/
  /rule
  rule action='drop' direction='out' priority='1000'/
/filter

j.
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] Unable to shutdown, poweroff or delete a VM

[Jiri Belka]

 From: Mark Steele mste...@telvue.com
 To: users@ovirt.org
 Sent: Thursday, July 9, 2015 1:30:11 PM
 Subject: [ovirt-users] Unable to shutdown, poweroff or delete a VM
 
 We are running oVirt Version 3.5.0.1-1.el6.
 
 I have a VM on one of my hosts that appears to be stuck. The VM shows
 running, however I am unable to successfully shutdown, powerdown, or
 otherwise change the status of the VM.
 
 It is not pinging. The guest OS is Ubuntu 14.04 and the ovirt agent is
 installed.
 
 I have attempted to stop the vm from the ovirt-shell as well and get the
 following errors for each command:
 
 
 
 [oVirt shell ( connected )]# action vm connect-turbo-stage-03 stop
 
 == ERROR
 ===
 
 
 status: 400
 
 reason: Bad Request
 
 detail: Unexpected exception
 
 
 
 
 [oVirt shell ( connected )]# remove vm connect-turbo-stage-03
 
 == ERROR
 ===
 
 status: 409
 
 reason: Conflict
 
 detail: Cannot remove VM. VM is running.
 
 
 
 
 [oVirt shell ( connected )]# action vm connect-turbo-stage-03 detach
 
 
 
 
 == ERROR
 ===
 
 status: 400
 
 reason: Bad Request
 
 detail: User is not authorized to perform this action.
 
 

Check engine.log and if relevant submit a BZ.

j.
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] Can not kill vm

[Jiri Belka]

 Hi！
 I find a way to fix this!
 /etc/init.d/vdsmd stop
 kill -9 libvirtd pid
 /etc/init.d/vdsmd start
 tks!

stopping vdsm or libvirtd is irrelevant. maybe you should learn
about `pkill' which doesn't need to specify pid :)

j.
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] Get CPU and Memory Usage for VM and Host using ovirt java sdk

[Jiri Belka]

 1)I would like to know if there is a way to fetch the “CPU and Memory Usage
 for VM “ and CPU and Memory Usage for a Host in the RHEVM environment using
 ovirt sdk in java.
 
 I am using ovirt-engine-sdk-java-3.5.0.5.jar.
 
 Can you please provide me with the java example if possible.
 
 The cpu and memory usage of the VM in the rhevm is as highlighted in the
 picture below.
 
 2) Autostart attribute for a VM in RHEVM.
 
 Earlier when I was using libvirt 0.5.1 jar in a kvm system,I found that
 autostart attribute [vm. getAutostart ] is provided in the libvirt java sdk.
 
 “Autostart is a Boolean value which indicates whether the network is
 configured to
 
 be automatically started when the host machine boots”
 
 Is there any such attribute for a VM in RHEVM,if yes is there a way to fetch
 the auto start value using ovirt java sdk.

Have you checked http://www.ovirt.org/Java-sdk ?

j.___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] vdsm lvm filter

[Jiri Belka]

 I've got a setup with with ovirt and an equallogic iscsi. Im using the dell
 hit drivers. Install all good, after a reboot the storage won't come up.
 From the vdsm logs i can see the volume groups can't be found. in the lvm
 vgs command the following filter is used: [ '\''r|.*|'\'' ] .
 If I change the LVMCONF_TEMPLATE in /usr/share/vdsm/storage/lvm.py and add
 the filter [ a|^/dev/eql/ovirt.*| ], the volume group is found and storage
 will be attached.
 
 How is the lvm filter constructed? And how can i make sure my volume groups
 are found without editing /usr/share/vdsm/storage/lvm.py?

A shoot from darkness...:

   134  USER_DEV_LIST = filter(None, config.get(irs, 
lvm_dev_whitelist).split(,))
   135  
   136  
   137  def _buildFilter(devices):
   138  strippeds = set(d.strip() for d in devices)
   139  strippeds.discard('')  # Who has put a blank here?
   140  strippeds = sorted(strippeds)
   141  dmPaths = [dev.replace(r'\x', r'\\x') for dev in strippeds]
   142  filt = '|'.join(dmPaths)
   143  if len(filt)  0:
   144  filt = 'a| + filt + |', 
   145  
   146  filt = filter = [  + filt + 'r|.*|' ]
   147  return filt
   148  
   149  
   150  def _buildConfig(devList):
   151  flt = _buildFilter(chain(devList, USER_DEV_LIST))
   152  conf = LVMCONF_TEMPLATE % flt
   153  return conf.replace(\n,  )

So maybe lvm_dev_whitelist option in vdsm.conf ?

j.
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] [ovirt 3.5.1] Attach sysprep floppy from the API

[Jiri Belka]

 I would like to attach a sysprep floppy to a Windows VM.
 
 Currently, I am able to configure the sysprep custom script from the API
 :
 
 PUT https://HOSTNAME/api/vms/{id}
 vm
  initialization
 custom_script{my content}/custom_script
  /initialization
 /vm
 
 After that, when I start the VM from the Web UI in RunOnce mode, I can
 attach the sysprep floppy to the VM.
 
 But how can I attach the sysprep floppy and start the VM in RunOnce mode
 from the API ?

iiuc it's payload stuff, see http://www.ovirt.org/Features/VMPayload

j.
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] oVirt timeouts

[Jiri Belka]

 pls, howto change oVirt timeouts for status :
 1) node ( brick) is power down / up
 2) volume status for node(brick) is up/down
 
 They are too long ( I'm expecting a few sec. not a lot of minutes )
 If it has some spacial reason, let me know about, pls.

I don't do glusterfs here but see *_options tables in the DB
or engine-config -a output.

j.
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] Ovirt PXE boot wierdness

[Jiri Belka]

  I have the engine running on separate HW with eth0 being the
  management interface
  
  I have 2 compute nodes with eth0 being the management interface and
  eth1 having a vlan trunk with all of the VM networks
  
  If I install a guest from the CD image it all works fine and picks
  up an IP from the DHCP server. However if I switch the boot order
  to PXE first the gPXE DHCP request times out. Using tcpdump I can
  see the DHCP discovery packets get as far out as the physical trunk
  interfact eth1 (i.e. it gets past all of the virtual interfaces)
  but any other machines in that same VLAN don't see the DHCP request
  and neither does the DHCP server.
  
  My network settings are: Name: TestCluster External Provider: NO
  Network label: TC Enable VLAN tagging: 306 VM network: YES MTU:
  Default 1500
  
  
  Under 'Setup Host Networks' Boot Protocol: DHCP
  
  Any ideas?

Is it really gPXE (which is not maintained anymore) or iPXE? If the
former try to download iPXE, see ipxe.org.

What about iptables?

j.
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

[ovirt-users] FYI FreeBSD on POWER8

[Jiri Belka]

http://adrianchadd.blogspot.cz/2015/02/freebsd-on-power8-its-alive.html

...FreeBSD now boots inside of the hypervisor environment and seems
stable enough to do development on.

-- 
A: Because it messes up the order in which people normally read text.
Q: Why is top-posting such a bad thing?
A: Top-posting.
Q: What is the most annoying thing on usenet and in e-mail?
~~ http://en.wikipedia.org/wiki/Posting_style
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] Thinking loud about VM's serial console access

[Jiri Belka]

On Sat, 18 Oct 2014 14:39:12 -0400 (EDT)
Alon Bar-Lev alo...@redhat.com wrote:

 
 Please read [1].
 
 I am unsure about concurrent access, this should be done using ssh bridge and 
 now low level solution.
 
 Thanks,
 Alon
 
 [1] http://www.ovirt.org/Features/Serial_Console

How will it behave when:

- VM is being snapshotted?
- VM is being migrated?
- VM is suspended?
- VM is being (cold)rebooted?

At least for last two I suppose the serial console session will be
interrupted.

VMWare uses extended communication to inform virtual serial port
concentrator about various action of a VM, thus proxy doesn't drop
serial connections.

http://www.vmware.com/support/developer/vc-sdk/visdk41pubs/vsp41_usingproxy_virtual_serial_ports.pdf

j.
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] Thinking loud about VM's serial console access

[Jiri Belka]

On Mon, 20 Oct 2014 08:40:34 -0400 (EDT)
Alon Bar-Lev alo...@redhat.com wrote:

 
 
 - Original Message -
  From: Jiri Belka jbe...@redhat.com
  To: Alon Bar-Lev alo...@redhat.com
  Cc: users@ovirt.org
  Sent: Monday, October 20, 2014 2:40:01 PM
  Subject: Re: [ovirt-users] Thinking loud about VM's serial console access
  
  On Sat, 18 Oct 2014 14:39:12 -0400 (EDT)
  Alon Bar-Lev alo...@redhat.com wrote:
  
   
   Please read [1].
   
   I am unsure about concurrent access, this should be done using ssh bridge
   and now low level solution.
   
   Thanks,
   Alon
   
   [1] http://www.ovirt.org/Features/Serial_Console
  
  How will it behave when:
  
  - VM is being snapshotted?
  - VM is being migrated?
  - VM is suspended?
  - VM is being (cold)rebooted?
  
  At least for last two I suppose the serial console session will be
  interrupted.
  
  VMWare uses extended communication to inform virtual serial port
  concentrator about various action of a VM, thus proxy doesn't drop
  serial connections.
 
 there is no reason why the proxy cannot retry for a while and reconnect to 
 the new instance.
 however this will not be provided at first nor it is that important as client 
 can always implement reconnect at its side, and handle this just like any 
 other network failure.

OK, I'm reading this as you haven't tested it with these actions.

With real serial console one doesn't need to re-plug cable to get the
console... Thus I'm not interested anymore in the topic.

j.
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

[ovirt-users] Thinking loud about VM's serial console access

[Jiri Belka]

Hi,

on KVM forum VM's serial console access was raised. I'd like to make
some comments, hopefully it would help to think about how we would
access VM's serial consoles in oVirt.

1. encrypted access (ssh preferable) is a must

2. not to type any automatically generated password to access
   serial console should be possible (like for spice)

   i can imagine a centralized console server could be used to
   manage all serial console accesses. usually such console servers are
   access via ssh and then a connection is spawned and sysadmin's ssh
   session is connected to remote serial console without any action

3. not to see a interactive menu should be possible

   there can be serial console output parser/monitor persistently
   running to catch kernel outputs and alerts in console. if kernel
   crashes, the output is on console and thus a monitoring can catch it

4. access to VM's serial console should not require to know where a VM
   is running (thus to know host fqdn/IP)

   this is obvious, a sysadmin wants to just get serial console without
   manual kung-fu

5. multi-user access to one VM's serial console

   in some paranoid environment there must be two people working
   together, each controlling other. whatever. multi-user concurrency
   should be possible, there can be passive serial console output
   parser/monitor and sysadmin's interactive session

Hopefully the above will contribute to implementation design. All above
is possible with open source tools while using real hw serial consoles,
thus it would be expected that implementation for VM's serial console
would work similarly.

FYI I created RFE for qemu for TLS mode for chardev socket
 https://bugzilla.redhat.com/show_bug.cgi?id=1154115, so there could be
a way not to use ssh to host as this has been not preferred by
alonbl@ for other functionality in the past :)

j.
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] Thinking loud about VM's serial console access

[Jiri Belka]

 I have posted a ready script and a VDSM hook for this exact use case a
 couple of years ago.
 
 http://www.ovirt.org/Features/Serial_Console_in_CLI
 
 The actual locateVM.py script is missing from there, but it's an elementary
 API script that will receive a VM name, find the VM's host location and
 start the shell

Hi,

well this is no way IMHO.

1. libvirt/virsh doesn't provide concurrent access to console
2. during migration there would be probably some issue with pty device
3. looks scary to do ssh via root to host (ssh via root should be eliminated
   as much as possible)

Avocent has been selling to enteprise customers their console servers for ages,
and they also have been selling a virtual console server appliance to operate
with VMWare vCenter technology. The way how they do it is that VM's IP-enabled 
serial
devices act as clients and connect to virtual serial port concentrator over 
network.

This way there's active session opened during migration and VSPC allows 
temporary
disconnected IP-enabled serial devices from its clients.

I think we should do similar. If this is supposed to be a standard and vendors
sell applicances for this, why not to use it?

There's OSS alternative to Avocent virtual serial port concentrator, but it
still acts only as plain concentrator, not as full console server.

Some reading:

https://github.com/isnotajoke/vSPC.py
http://kb.vmware.com/selfservice/microsites/search.do?language=en_UScmd=displayKCexternalId=1022303
http://www.emersonnetworkpower.com/en-US/Products/InfrastructureManagement/SerialConsoles/Pages/AvocentACSv6000VirtualAdvancedConsoleServer.aspx

 On Fri, Oct 17, 2014 at 11:15 AM, Jiri Belka jbe...@redhat.com wrote:
 
  Hi,
 
  on KVM forum VM's serial console access was raised. I'd like to make
  some comments, hopefully it would help to think about how we would
  access VM's serial consoles in oVirt.
 
  1. encrypted access (ssh preferable) is a must
 
  2. not to type any automatically generated password to access
 serial console should be possible (like for spice)
 
 i can imagine a centralized console server could be used to
 manage all serial console accesses. usually such console servers are
 access via ssh and then a connection is spawned and sysadmin's ssh
 session is connected to remote serial console without any action
 
  3. not to see a interactive menu should be possible
 
 there can be serial console output parser/monitor persistently
 running to catch kernel outputs and alerts in console. if kernel
 crashes, the output is on console and thus a monitoring can catch it
 
  4. access to VM's serial console should not require to know where a VM
 is running (thus to know host fqdn/IP)
 
 this is obvious, a sysadmin wants to just get serial console without
 manual kung-fu
 
  5. multi-user access to one VM's serial console
 
 in some paranoid environment there must be two people working
 together, each controlling other. whatever. multi-user concurrency
 should be possible, there can be passive serial console output
 parser/monitor and sysadmin's interactive session
 
  Hopefully the above will contribute to implementation design. All above
  is possible with open source tools while using real hw serial consoles,
  thus it would be expected that implementation for VM's serial console
  would work similarly.
 
  FYI I created RFE for qemu for TLS mode for chardev socket
   https://bugzilla.redhat.com/show_bug.cgi?id=1154115, so there could be
  a way not to use ssh to host as this has been not preferred by
  alonbl@ for other functionality in the past :)
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] [ovirt-devel] oVirt 3.5 test day 2 results

[Jiri Belka]

  '...no so usable', this is joke. It's real design failure. Do not take
  this personally but whoever approved this did bad job.
 
 No, of course: I'm not so proud of it too. :-)
 
 A previous attempt used ssh and scp to do all automatically but it was 
 rejected being judged not so secure.
 Avoiding to use ssh and scp so seams a strong requirement; if you have any 
 better idea feel free to propose it.

I will not repeat myself again in details, all setup should be done from
Admin portal, same was one adds a host.

Anyway, job spent time on this work is useless. I hope it will be moved
to trash bin, this is ridiculous.

What is obvious is that who designed this is not UNIX sysadmin oriented
junkie.

j.
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] [ovirt-devel] oVirt 3.5 test day 2 results

[Jiri Belka]

On Thu, 31 Jul 2014 08:26:20 +0200
Jiri Belka jbe...@redhat.com wrote:

   '...no so usable', this is joke. It's real design failure. Do not take
   this personally but whoever approved this did bad job.
  
  No, of course: I'm not so proud of it too. :-)
  
  A previous attempt used ssh and scp to do all automatically but it was 
  rejected being judged not so secure.
  Avoiding to use ssh and scp so seams a strong requirement; if you have any 
  better idea feel free to propose it.
 
 I will not repeat myself again in details, all setup should be done from
 Admin portal, same was one adds a host.
 
 Anyway, job spent time on this work is useless. I hope it will be moved
 to trash bin, this is ridiculous.
 
 What is obvious is that who designed this is not UNIX sysadmin oriented
 junkie.

FYA https://bugzilla.redhat.com/show_bug.cgi?id=1116017
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

[ovirt-users] ftp.snt.utwente.nl mirror doesn't have ovirt via rsync

[Jiri Belka]

Hi,

could anybody responsible contact owners of this mirror and ask them to
make oVirt available via rsync?

j.

~~~

Welcome to the ftp.snt.utwente.nl archive.
This service is provided to you by:
   
Studenten Net Twente (SNT)http://www.snt.utwente.nl/ 
the University of Twente  http://www.utwente.nl/  

This system may be used 24 hours a day, 7 days a week.

All transfers are logged with your hostname and email address.
If you don't like this policy, disconnect now!

We are available on:
  http://ftp.snt.utwente.nl/
   ftp://ftp.snt.utwente.nl/
 rsync://ftp.snt.utwente.nl/


Sponsors:
Quarantainenet BV http://www.quarantainenet.nl
Byte  http://www.byte.nl
Murphy Software B.V.  http://www.murphy.nl
Virtu Secure Webservices  http://www.virtu.nl
Utwente Faculty of TNWhttp://www.tnw.utwente.nl
Sjoerd van Groning
Daan van de Linde


DISCLAIMER: Neither University of Twente nor SNT are liable for any
use, storage or transmission of any files stored on this archive. Since 
much of our archive is mirrored from other servers, we can not check 
all files for virusinfections.  Please proceed with caution.

If you have any problems or comments about this archive, please send
them via e-mail to ftpcom_at_snt.utwente.nl. Please also let us know 
if there is something we don't have that you think we should!




gentoo-x86-portage  Gentoo Linux Portage tree
gentoo-portage  Gentoo Linux Portage tree
gentoo  Gentoo Linux Distribution
fedora  Fedora Linux Distribution
mandrakeMandrake Linux Distribution
mandrake-isoMandrake Linux Distribution Iso's
debian  Debian Linux Distribution
debian-archive  Debian Linux Distribution Archive
debian-ipv6 Debian Linux IPv6 Distribution
debian-non-US   Debian Linux Non-US Distribution
backports   Debian Linux Distribution
debian-backportsDebian Linux Distribution
deepin  LinuxDeepin Packages
deepin-cd   LinuxDeepin Release CD Images
freebsd FreeBSD Distribution
openbsd OpenBSD Distribution
netbsd  NetBSD Distribution
freedos FreeDOS Distribution
linux-kernelLinux Kernel Mirror
slackware   Slackware Linux Distribution
suseSuse Linux Distribution
cpanComprehensive Perl Archive Network
xfree86 XFree86
apache  Apache Webserver
archlinux   Arch Linux mirror
mageia  Mageia Project mirror
cygwin-ftp  cygwin ftp area
eximExim Mailer
gnu The GNU Project
gnupg   GNU Privacy Guard
kameKAME Project
usagi   UniverSAl playGround for Ipv6
kde K Desktop Environment
mozilla Mozilla Current Release Only
mozilla-current Mozilla Current Release Only
mozilla-releasesMozilla Software Releases
muttMutt E-Mail Client
mysql   MySQL Database
openoffice  OpenOffice.org
openoffice-extended OpenOffice.org extended data
samba   Samba
rsync   Rsync
gnoppix Gnoppix
ubuntu-releases ISO images of the Ubuntu releases
ubuntu-archive  Packages in the Ubuntu Archive
tex CTAN community mirror for Tex
tdf The Document Foundation
xbmcMain XBMC File Repository
~~~
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

[ovirt-users] broken mirror - ftp.nluug.nl

[Jiri Belka]

Hi,

could anybody responsible contact owners of this mirror to repair it?

same via http...

j.

~~~
# rsync --progress -a -vv --exclude-from=ovirt-3.5-pre.exclude \
  rsync://ftp.nluug.nl/ovirt/ovirt-3.5-pre/ ./ 21 | tail rsync:
send_files failed to open
/ovirt-3.5-pre/rpm/el6/repodata/ebecd4b94e21b74ab316613e1d7b691b1bbdf94458f2379a360e832ab02aa9ab-filelists.sqlite.bz2
 (in
ovirt): Permission denied (13) rsync: send_files failed to open
/ovirt-3.5-pre/rpm/el6/repodata/f0b68ae5785cc196d864a69fd412f9ec8b8e55f5e502cebce8763f8d88efee86-primary.xml.gz
 (in
ovirt): Permission denied (13) rsync: send_files failed to open
/ovirt-3.5-pre/rpm/el6/repodata/f19a6460fde53ec087366afb6dea696d1633dc516d3474e26d47fd32ec3da34d-filelists.xml.gz
 (in
ovirt): Permission denied (13) rsync: send_files failed to open
/ovirt-3.5-pre/rpm/el6/repodata/f6a676be4d0abe84266175744759247c560f5de70cb410abefdf52ec2f60dcb9-filelists.xml.gz
 (in
ovirt): Permission denied (13) rsync: send_files failed to open
/ovirt-3.5-pre/rpm/el6/repodata/f71afa837e0bff24395d6a8ba4660613182c2d6eba648504d4f367b793bb8a6a-primary.sqlite.bz2
 (in
ovirt): Permission denied (13) rsync: send_files failed to open
/ovirt-3.5-pre/rpm/el6/repodata/fd1d726943a4c01da84af9ba56e7abc284e9fda283d4eb959e0835f7ca29eef5-primary.sqlite.bz2
 (in
ovirt): Permission denied (13)

sent 5418 bytes  received 86056 bytes  12196.53 bytes/sec
total size is 3353996928  speedup is 3.12
rsync error: some files/attrs were not transferred (see previous
errors) (code 23) at main.c(1505) [generator=3.0.6]
~~~
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

[ovirt-users] oVirt mirror health report

[Jiri Belka]

Hi,

oVirt mirrors are not really great, could you consider to make a health
status reporting - out of sync, broken,...?

This way you could remove bogus mirrors which would just make people
upset.

Inspiration: http://spacehopper.org/mirmon/

j.
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] [ovirt-devel] oVirt 3.5 test day 2 results

[Jiri Belka]

On Wed, 30 Jul 2014 09:04:10 -0400 (EDT)
Simone Tiraboschi stira...@redhat.com wrote:

 We choose that way to avoid to ask to the user to provide the root password 
 of the engine host, in order to automatically copying files via SCP or 
 executing commands over ssh on the remote host, for security reasons.
 I agree with you that due to that assumption this result is not so usable.

'...no so usable', this is joke. It's real design failure. Do not take
this personally but whoever approved this did bad job.

j.
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] Using Virtio-SCSI passthough on SCSI - Devices

[Jiri Belka]

On Fri, 25 Apr 2014 13:40:09 +
Daniel Helgenberger daniel.helgenber...@m-box.de wrote:

 Hello,
 
 does anyone have an idea on how to accomplish this? In my particular
 setup, I need a FC tape drive passed though to the vm.
 Note, passing throuh FC - LUNs works flawlessly. 
 
 If I understood Virtio -SCSI correctly, this should be possible from
 libvirt's part.

I can be wrong but my understanding is that dm-mpio works on block
layer thus it does not support multipath for tapes/cd-devices.

But I could be wrong, I got this info from an OpenBSD paper comparing
SCSI multipath implementation.

j.
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [Users] php on jboss

[Jiri Belka]

On Mon, 24 Mar 2014 09:23:39 -0400 (EDT)
Alon Bar-Lev alo...@redhat.com wrote:

 You can put custom files under /usr/share/ovirt-engine/files it will be 
 available for you at: http:///ovirt-engine/files

unix-style nitpicking...

hier(7):

   /usr   This  directory is usually mounted from a separate
   partition.  It should hold only sharable, read-only data, so
   that it can be mounted by various machines running Linux.

 Of course we do not support cgi-bin but plain files... but it may address 
 your needs.
 
 Please make sure you have your own subdirectory under files, so no conflicts.

j.
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [Users] [RFI] GUI Changes for oVirt 4.0

[Jiri Belka]

On Tue, 18 Mar 2014 10:47:16 +
Sven Kieske s.kie...@mittwald.de wrote:

 So there are to many ways you can configure the same setting.

100% agree, duplicity between the tree and main tabs is crazy.

If I could wish anything, I would keep the tree but I would make it
more nice and clever - one tree for physical schema, another one for
virtual schema (minic tagging, creating groups for related things).

Plus I would like to have right pane to show me quickly general
overview about things selected in left tree (example: If I would be in
a virtual folder called 'webapp' consisting of couple of related VMs, I
would love to see in right pane the list of VMs, graphs about CPU
usage, network usage, storage usage...; more details about the objects
could be implemented in some tab inside right pane - example: default
right pane would display info as written above, but details about CPU,
storage would be in separate tabs...).

However, bad decision would be like nightmare for ages, one likes main
tabs, another one likes the tree :)

j.
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [Users] Best practice for securing oVirt's NFS mounts

[Jiri Belka]

On Tue, 11 Mar 2014 10:23:19 -0700
Prakash Surya sur...@llnl.gov wrote:

 Hi,
 
 All the documentation I've seen states that the oVirt NFS storage should
 use the all_squash,anonuid=36,anongid=36 options. Obviously this isn't
 secure, so I'm curious how others have locked down their NFS storage? Is
 the best option to just limit access to these NFS exports to the IP
 addresses of the hypervisor nodes (and maybe the engine)? Is there a
 better way to go about this?

Run vlans and have some active monitoring for physical ports up|down
states etc... If you cannot control your environment then ask yourself
if you trust your infrastructure provider at all.

You can run kerberized NFS etc... but what about kerberos security? The
beginning is trust towards your infrastructure.

j.
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [Users] test day help -- console

[Jiri Belka]

On Wed, 12 Feb 2014 12:10:47 -0500 (EST)
Greg Sheremeta gsher...@redhat.com wrote:

 
 
 - Original Message -
  From: Jiri Belka jbe...@redhat.com
  To: Greg Sheremeta gsher...@redhat.com
  Cc: users users@ovirt.org
  Sent: Wednesday, February 12, 2014 4:17:29 AM
  Subject: Re: [Users] test day help -- console
  
  On Tue, 11 Feb 2014 17:57:52 -0500 (EST)
  Greg Sheremeta gsher...@redhat.com wrote:
  
   I'm having a tough time getting a VM console working via VNC. I set a VM 
   to
   use VNC, and I installed virt-viewer.
   
   1. When I try to open a .vv file with virt-viewer, I get an error Cannot
   find guest domain /var/tmp/console.vv
   2. Using a VNC client to connect to the host with the password in the .vv
   file just immediately disconnects it -- no error message.
   3. noVNC just gives me an empty popup with a gray background.
  
  virt-viewer works ok even on my OpenBSD machine at home.
  
  First check version, if old, compile/upgrade yourself. Updating to
  latest spice-gtk, gtk-vnc, virt-viewer recently solved virt-viewer
  core dumps when I had RHEL with GNOME and qxl driver.
  
  j.
  
 
 What version do you have?
 
 Greg

Latest today or some days ago (checking project's website) is 0.6.0.

j.
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [Users] snapshots not shown in webadmin on 3.3.3

[Jiri Belka]

On Wed, 12 Feb 2014 16:41:06 -0500 (EST)
Eli Mesika emes...@redhat.com wrote:

 
 
 - Original Message -
  From: Juan Pablo Lorier jplor...@gmail.com
  To: users users@ovirt.org
  Sent: Wednesday, February 12, 2014 6:37:28 PM
  Subject: [Users] snapshots not shown in webadmin on 3.3.3
  
  Hi,
  
  I've updated to 3.3.3 last week and now I find that the snapshots are
  not shown in webadmin. I've taken some new ones to see if it was due to
  the migration, but though they finish correctly, they are not shown in
  the webadmin tab.
  Is there a way to list the snapshots other than the webadmin?
 
 Juan
 I had reproduced that in 3.4 beta 2 , can you please open a bug on that ?
 Thanks
 
 Eli

If this is just Web UI issue than it is known for long time. But there's
no clear reproducer (BZ was filled for RHEVM 3.3). This has something
to do with Firefox cache. With clear FF profile snapshots are visible.
But after some time when are not visible until full reload of the page.

j.
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [Users] test day help -- console

[Jiri Belka]

On Tue, 11 Feb 2014 17:57:52 -0500 (EST)
Greg Sheremeta gsher...@redhat.com wrote:

 I'm having a tough time getting a VM console working via VNC. I set a VM to 
 use VNC, and I installed virt-viewer.
 
 1. When I try to open a .vv file with virt-viewer, I get an error Cannot 
 find guest domain /var/tmp/console.vv
 2. Using a VNC client to connect to the host with the password in the .vv 
 file just immediately disconnects it -- no error message.
 3. noVNC just gives me an empty popup with a gray background.

virt-viewer works ok even on my OpenBSD machine at home.

First check version, if old, compile/upgrade yourself. Updating to
latest spice-gtk, gtk-vnc, virt-viewer recently solved virt-viewer
core dumps when I had RHEL with GNOME and qxl driver.

j.
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [Users] HA and SPM host

[Jiri Belka]

On Tue, 11 Jun 2013 12:16:28 -0400
Marc Seward linuxuse...@gmail.com wrote:

 Hi all,
 
 In a 2 hypervisor setup,if host1 is fenced(host1 is also the SPM host) and
 it has HA VMs running on it,would these VMs be started on host2 only after
 host2 is elected as the SPM host?

It would first try to migrate VMs and if this won't work if would fence
SPM host and start HA VMs on other (now new SPM) host.

j.
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [Users] I accidentally the whole database. Or: Can I re-import a running vm into the engine-db?

[Jiri Belka]

On Tue, 4 Jun 2013 03:30:42 -0400 (EDT)
Omer Frenkel ofren...@redhat.com wrote:

 
 well im not sure if there is a tool that does it automatically, 
 but you can try the following (never tried this before, but should work):
 on the host that run the vms:
 * run vdsClient 0 getAllVmStats (or vdsClient -s 0 getAllVmStats if you are 
 using secure connection)
 * find in the result the vm id (first line) and the image id for each disk of 
 the vms
 * find under /rhev/data-center/{dc-id}/mastersd/master/vms/{vm-d}/ the ovf 
 file which contains the vm info
 * find the vm disk images on the storage domains
 * use ovirt-image-uploader to upload the vm to an export domain (you need to 
 look how exactly to do this one.. :) )
 * import the vm.

UUIDs can be discovered from qemu-kvm process args too.

jbelka
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [Users] deduplication

[Jiri Belka]

On Tue, 28 May 2013 14:29:05 +0100 (WEST)
supo...@logicworks.pt wrote:

 That's why I'm making this questions, to demystify some buzzwords around 
 here. 
 But if you have a strong and good technology why not create buzzwords to get 
 into as many people as possible? without trapped them. 
 Share a disk containing static data is a good idea, do you know from where 
 I can start? 

Everything depends on your needs, design planning. Maybe then sharing
disk would be better to share via NFS/iscsi. Of course if you have many
VMs each of them is different you will fail. But if you have mostly
homogeneous environment you can think about this approach. Sure you have
to have plan for upgrading base static shared OS data, you have to
have plan how to install additional software (different destination
than /usr or /usr/local)... If you already have your own build host
which builds for you OS packages and you have already your own plan for
deployment, you have done first steps. If you depend on upgrading each
machine separately from Internet, then first you should plan your
environment, configuration management etc.

Well, in many times people do not do any planning, they just think some
good technology would save their poor design.

j.
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [Users] deduplication

[Jiri Belka]

On Tue, 28 May 2013 13:00:36 +0200
Jiri Belka jbe...@redhat.com wrote:

 On Sat, 25 May 2013 15:02:40 +0100 (WEST)
 supo...@logicworks.pt wrote:
 
  is deduplication possible? 

 If we would talk about OSS systems then Dragon Fly BSD's hammerfs or
 Open Indiana ZFS (FreeBSD has it too) support deduplication and such
 filesystems are exported as NFS (so can be used as data domain).

If you would not use Linux (as they broke having /usr as separate
filesystem) and you would design your unix-like VMs correctly, you can
share a disk containing static data like /usr, /usr/local between
VMs as a kind of deduplication without being trapped by buzzword
technologies.

j.
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [Users] users quota and limit ips

[Jiri Belka]

On Thu, 18 Apr 2013 16:15:38 +0200
Andrej Bagon andrej.ba...@arnes.si wrote:

 Hi all,
 
 we are wondering how can we limit a user to use IPs we give him and not
 others.
 Best is understood from an example:
 - we give a user a quota (with x CPU, y memory and z disk space)
 - a user can create one VirtualMachine with all the resources, or more
 VirtualMachines with smaller resources.
 - we want to give a user a pool of IPs. He should not use other IPs. If
 he uses other IP it should not be routable.
 
 Is there a solution for this problem?

Normal solution:

* mirror port on your switch which is forwarded to a NIDS
  and search for unauthoried IPs MACs pairs

Software foo can to everything solution:

* libvirt know nwfilter
* vdsm has hooks

thus combination of your own nwfilters, custom properties and vdsm
hooks.

Or raise a RFE so we could assing nwfilters to a VM.
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

[Users] snapshots, checkpoints etc...

[Jiri Belka]

Probably not the best list for this question but anyway...

* snapshot as it is done with 'savevm' from qemu monitor saves disk,
  cpu, memory state of running VM... but

  1. it must be qcow2 image
  2. it pauses the VM for couple of seconds

  is this right?

* snapshots is only for block devices, are done offline

* live snapshot is only for block devices, can be done online

* snapshot tree with branches is not supported now

  am I right?

So my understanding there is no way to have a photo, in qemu language
_checkpoint_, in VMWare language _snapshot_ without interupting the VM.
Am I right? Any comments?

This topic is quite confusing while searching Internet.

jbelka
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [Users] GlusterFS 3.4

[Jiri Belka]

On Tue, 26 Mar 2013 12:14:54 +
martin.krali...@accenture.com wrote:

 Hi,
 
 I have got issue with adding new host to ovirt 3.2.1 (Fedora 18) because host 
 required GlusterFS 3.4, but there is not include in ovirt or fedora repo and 
 version 3.4 is available only as alpha? Available is only GlusterFS 3.3.1
 Error message: Failed to install Host name. Yum 
 [u'vdsm-gluster-4.10.3-10.fc18.noarch requires glusterfs = 3.4.0'].
 Host OS: Fedora 18 64b

Is it problem to add repo?

http://download.gluster.org/pub/gluster/glusterfs/qa-releases/3.4.0alpha/Fedora/fedora-18/x86_64/
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [Users] Ovirt Guest Tools/ spice-guest tools

[Jiri Belka]

On Mon, 25 Mar 2013 18:57:28 +0530
Abhi Sharma me.always.availa...@gmail.com wrote:

 Hello David,
 i am getting error during join domain in red hat enterprise virtulization 3
 .
 i tried every thing but i am not able to resolve error.
 
 error is :-
 Error: Authentication Failed. Please verify the fully qualified domain name
 that is used for authentication is correct.. Problematic domain is:
 tgstg49.example.com
 Failure while applying Kerberos configuration. Details: Authentication
 Failed. Please verify the fully qualified domain name that is used for
 authentication is correct.

So you want to say you have a problem to integrade your linux client
into Windows AD?

I use following:

authconfig --disablecache --enablewinbind --enablewinbindauth \
--smbsecurity=ads --smbworkgroup=$MYDOMAIN \
--smbrealm=$MYFULLDOMAINREALM -- enablewinbindusedefaultdomain \
--winbindtemplatehomedir=/home/%D/%U \
--winbindtemplateshell=/bin/bash --enablekrb5 \
--krb5realm=$MYFULLDOMAINREALM  --enablekrb5kdcdns \
--enablekrb5realmdns --enablelocauthorize --enablemkhomedir \
--enablepamaccess  --updateall

net ads join osName=RHEL osVer=6 -U $someuser@$MYDOMAINREALM
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [Users] what is volume in ovirt

[Jiri Belka]

On Fri, 22 Mar 2013 17:33:44 +0800 (CST)
bigclouds bigclo...@163.com wrote:

 Hi,all
 please  explain what is volumes in ovirt,
 1. especially 
 STRIPE,DISTRIBUTED_STRIPE,REPLICATE,DISTRIBUTED_REPLICATE,DISTRIBUTE
 2. bricks
 
 
 thanks

google for glusterfs
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

[Users] openvswitch intergration status

[Jiri Belka]

Hi,

is there a plan to integrate openvswitch, if so what's status?

Basic bridging sucks, and now everything is virtual, no? :)

Maybe some benefits:

* decreases cost for special (legacy) enterprise switches
* virtualization buzzword included
* one can simulate switch in ovirt
  (that was my start to investigate, i wanted to have a trunk port
  pointing to virtualized FW and couple of vlans with guests, not
  possible right now in ovirt, each vlan = one iface)
* there's backward compatibility
  - see http://packages.debian.org/sid/openvswitch-brcompat

Let's be hype :D

jbelka
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

[Users] Tip for oVirt marketing improvement - HA and features comparison

[Jiri Belka]

Hi,

a Czech company running vCloud has a nice webpage with little schema of
hw architecture which changes if you click on a hw item making it as
failed, then it shows redundant paths to continue funcionality.

It also has nice feature (even old) comparison between
VMWare/Hyper-V/Xen/KVM.

Check 2/3 part of http://www.master.cz/cloud-hosting/

Something like this was be nce for oVirt.

jbelka

___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [Users] Migrating engine-setup to otopi

[Jiri Belka]

On Thu, 14 Mar 2013 06:13:39 -0400 (EDT)
Alex Lourie alou...@redhat.com wrote:

 Hi All 
 
 Recent development of the otopi [1] framework allows us to migrate the 
 engine-setup,
 upgrade and cleanup (and potentially other) utilities to implementation as an 
 otopi
 plugin.
 
 Potential benefits of such a move are:
 
 1. Be able to port engine to other distributions.

Really? Beside this topic I see hardcoded usernames in scripts...

http://gerrit.ovirt.org/#/c/12551/2/backend/manager/dbscripts/dbfunctions.sh,unified

Anyway, everything what is not RPM/YUM specific and more portable
is good way...

jbelka
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [Users] Migrating engine-setup to otopi

[Jiri Belka]

On Thu, 14 Mar 2013 07:06:04 -0400 (EDT)
Alex Lourie alou...@redhat.com wrote:

   1. Be able to port engine to other distributions.
  
  Really? Beside this topic I see hardcoded usernames in scripts...
  
  http://gerrit.ovirt.org/#/c/12551/2/backend/manager/dbscripts/dbfunctions.sh,unified
 
 These usernames are not hard-coded. There are default values present which 
 are kept for
 local installations, but with remote DB setup the user is prompted to provide 
 a username
 of her/his own.

Not everywhere are postgresql dirs owned by postgres, on some BSDs it is
_postgresql.

jbelka

___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [Users] Features requests for the setup/configuration utilities - feedback requested

[Jiri Belka]

On Thu, 14 Mar 2013 12:12:25 +0002
Alex Lourie alou...@redhat.com wrote:

 Hi All
 
 As we are working on the configuration utilities (engine-setup, 
 engine-upgrade and engine-cleanup), we would like to get as much 
 community involvement as possible. As such, we'd like to hear the 
 wishes of the community in regards with those tools.

1. do not think yum is everywhere, make package upgrade extensible
   by some subclasses (apt-get, pkg_add...)
2. usernames are not same everywhere
   postgres is not everywhere
3. do not make absolute symlinks, some packaging tools scream
4. do not use #!/bin/bash but #!/bin/sh, in 99,9% people are not using
   anything special from bash anyway

jbelka
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [Users] Features requests for the setup/configuration utilities - feedback requested

[Jiri Belka]

I'll talk about RHEVM but it's probably related to oVirt too.

As rhevm installs all deps, I'm curious why versionlock.list is
populated after rhevm-setup and _not_dirrectly during installation
(maybe because you would need to hardcode versions into rhevm
package?). It took me tens of minutes to figure out why is upgrade
working differently now, just because I did _NOT_ do rhevm-setup after
clean install because I was thinking I know what files are important
and was restoring them from a tarball.

I think running rhevm-setup if you just want to restore is stupid. If
we would know 100% which files are involved, just install, restore from
backup, restore DB should be sufficient, without loosing time with
rhevm-setup which just writes there and here... :)

jbelka
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [Users] Features requests for the setup/configuration utilities - feedback requested

[Jiri Belka]

On Thu, 14 Mar 2013 14:44:48 +0002
Alex Lourie alou...@redhat.com wrote:

 Hi Jiri
 
 On Thu, Mar 14, 2013 at 4:30 PM, Jiri Belka jbe...@redhat.com wrote:
  I'll talk about RHEVM but it's probably related to oVirt too.
  
  As rhevm installs all deps, I'm curious why versionlock.list is
  populated after rhevm-setup and _not_dirrectly during installation
  (maybe because you would need to hardcode versions into rhevm
  package?). It took me tens of minutes to figure out why is upgrade
  working differently now, just because I did _NOT_ do rhevm-setup after
  clean install because I was thinking I know what files are important
  and was restoring them from a tarball.
  
  I think running rhevm-setup if you just want to restore is stupid. If
  we would know 100% which files are involved, just install, restore 
  from
  backup, restore DB should be sufficient, without loosing time with
  rhevm-setup which just writes there and here... :)
  
 
 I don't really follow you here. What are you restoring with rhevm-setup?

My previous (wrong) procedure to restore old version was:

rhevm-cleanup, yum remove rhevm\*, rm -rf $dirs, yum install rhevm\*,
tar xvzpf /backup.tgz, ./restore.sh for DB...

which was not fully correct as I haven't
known /etc/yum/plugin.d/versionlock.list is touched by rhevm-setup as
well and thus yum was working very strange during next normal
upgrade.
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [Users] Is it possible to change the DB password for local postgresql?

[Jiri Belka]

On Thu, 14 Mar 2013 17:17:18 +0100
Ernest Beinrohr ernest.beinr...@axonpro.sk wrote:

 On 13.03.2013 11:57, Alon Bar-Lev wrote:
  You need to change the /etc/sysconfig/ovirt-engine password as well.
   ^^^ world readable,
very funny. Are we back in 80ies when /etc/passwd had passwords and was
world readable (and under attacks all the time)?

___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [Users] oVirt support for backup/restore

[Jiri Belka]

On Mon, 04 Mar 2013 12:10:54 +0100
Ricky Schneberger ri...@schneberger.se wrote:

 Hi,
 
 How can I do if I want to schedule a daily live-snapshot of a VM for
 backup purpose?
 
 I have backup software inside my VMs (Netvault), but in some cases I
 just want to do daily snapshots and use them as backups.
 
 

Live snapshot does not save memory state, IIRC. So either shutdown all
VMs or do not think about this as solid backup solution.
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [Users] oVirt support for backup/restore

[Jiri Belka]

On Mon, 04 Mar 2013 12:52:53 +0100
Ricky Schneberger ri...@schneberger.se wrote:

  Live snapshot does not save memory state, IIRC. So either shutdown all
  VMs or do not think about this as solid backup solution.
  
 
 Hi, If I dont think about it as a solid solution, is it doable?
 Even with a manual live snapshot I will lack this memory state, right?
 
 All I want if I must restore a snapshot is to get the WM up on track in
 an earlier state.

The snapshot like in VMWare world which saves even memory is called
checkpoint in qemu-kvm world. And IIRC it is not implemented yet.

Live snapshot is doable, no problem. The problem can be your design. As
you know a lot of apps do not write to filesystem immediately, so
snapshot backup is useless. So either shutdown/think twice or forget it.

But others can have different view... Backup is thing you _must_ trust,
if you design is broken, the consequences are terrific! If your goal is
to have fast disaster recovery, then why not to have backup machine or
some clustered solution?

jbelka
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [Users] Pools and pre-started VM in 3.2

[Jiri Belka]

On Tue, 26 Feb 2013 16:10:00 +0100
Gianluca Cecchi gianluca.cec...@gmail.com wrote:

 Hello,
 
 f18 node + f18 engine, both in 3.2 final.
 If I create a pool, the prestarted VM field is grayed out.
 See:
 https://docs.google.com/file/d/0BwoPbcrMv8mvN3d2a0drb0szYk0/edit?usp=sharing
 
 After creation of this 5-VM pool,  I can go and edit it and set 2 in
 prestarted field, and after several seconds 2 VM are correctly started
 by engine.
 
 Do I have to configure any engine parameter to be able to set
 prestarted VM at pool creation? Or is this the expected behavior to
 set only on edit?

Works as design, when creating a pool you still do not know/have
all VMs, so you cannot guarantee they would be prestarted.

So when the pool is really created, then you edit and defined number
of prestarted VMs.

Am I right?

jbelka
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [Users] oVirt 3.2 and Solaris 10 guests

[Jiri Belka]

On Thu, 14 Feb 2013 10:49:13 -0500
Jean-Francois Saucier jsauc...@gmail.com wrote:

  oVirt 3.2:
  -netdev tap,fd=25,id=hostnet0 -device
 
  rtl8139,netdev=hostnet0,id=net0,mac=00:1a:4a:00:64:9e,bus=pci.0,addr=0x3,bootindex=3
^^^ - realtek, really? Try e1000 which is usually much
more reliable or virtio iface. I personally always had terrible
experience with emulated rtl8139 by qemu-kvm, e1000 was OK.
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [Users] OS-independent ovirt-engine distribution archive

[Jiri Belka]

On Tue, 15 Jan 2013 08:57:16 +0100
Jiri Belka jbe...@redhat.com wrote:

 On Wed, 9 Jan 2013 09:43:55 -0500 (EST)
 Alon Bar-Lev alo...@redhat.com wrote:
 
  Hello Moran,
  
  It should be not that difficult to add jenkins job to build a
  package using 'make' and pack it up as tarball. What do you think?
  
  Alon
 
 Any news?

Ping again :)

jbelka
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [Users] How to connect to console after another user logged out

[Jiri Belka]

On Sun, 3 Feb 2013 23:43:21 +0100
Gianluca Cecchi gianluca.cec...@gmail.com wrote:

 Hello,
 I have 3.2 beta and a Fedra 18 VM configured with spice access.
 One user connects to portal and access it, then terminates his session
 and closes the spice console window and log out from portal.
 Another user connects to portal and tries to connect to the same VM
 that is still powered on.
 
 It receives this message:
 
 Error:
 
 F18:
 
 Console connection denied. Another user has already accessed the
 console of this VM. The VM should be rebooted to allow another user to
 access it, or changed by an admin to not enforce reboot between users
 accessing its console.

Check VM properties - Console - Advanced params -  Disable strict
user checking.

jbelka
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

[Users] hierarchy map of ovirt environment

[Jiri Belka]

Hello,

in vSphere you can have 'views' like Storage views, Network views...

Example:

  http://i.techrepublic.com.com/blogs/sept-2010-virtualizationtips-tip4-figc.jpg

This is very useful, typical scenario is when delivery manager asks
sysadmins about potential impact on VMs when a scheduled update of a
switch/storage box goes wrong.

It's easy in vSphere, just check 'views' and you will see it.

Something like this possible in oVirt?

It would be nice to have it as 'map', also as 'result' of searching,
something like...

  vms: network.name = foo and network.risk = down

jbelka

___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [Users] Network reconfiguration in ovirt 3.1

[Jiri Belka]

On Mon, 14 Jan 2013 13:36:04 +0200
Itamar Heim ih...@redhat.com wrote:

 On 12/27/2012 03:48 PM, Dan Kenigsberg wrote:
 ...
  http://www.ovirt.org/Features/Normalized_ovirtmgmt_Initialization

I was reading about QinQ yesterday and discovered it is one
of featurse that the project would like to see in oVirt.

Now I'm curious, as NetworkManager has been around for couple of
years and still it is not finished, why oVirt want to depend
of this tool?

Wouldn't be better to use libvirt networking features for
portability as well and/or talk to libvirt devs to implement
features which you would like to see?

jbelka
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [Users] OS-independent ovirt-engine distribution archive

[Jiri Belka]

On Wed, 9 Jan 2013 09:43:55 -0500 (EST)
Alon Bar-Lev alo...@redhat.com wrote:

 Hello Moran,
 
 It should be not that difficult to add jenkins job to build a package
 using 'make' and pack it up as tarball. What do you think?
 
 Alon

Any news?

jbelka
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users