Re: [ovirt-users] No master storage domain, force select?

2018-01-29 Thread Jure Kranjc
Hi,

Sorry for not replying earlier. 

The case was that there were problems with very slow or unresponsive FC 
storage. All the statuses were down (DC, hosts, storages). As the storage got 
back up to speed, none of the storage domains were master. When trying to 
activate any, the interface wanted me to activate the master one first, but the 
master didn't exist.

 

I compared the database backup with current database and edited table 
storage_domains. I have set one data domain to storage_domain_type = »0«. That 
meant master domain. From there on, everything went back up (storage domains, 
hosts, cluster, dc).

 

Thanks.

 

Od: Fred Rolland [mailto:froll...@redhat.com] 
Poslano: četrtek, 18. januar 2018 10:48
Za: Jure Kranjc <jure.kra...@arnes.si>
Kp: users <users@ovirt.org>
Zadeva: Re: [ovirt-users] No master storage domain, force select?

 

Hi,

What is the status of the Data Center? 

What is the status of the hosts?

Is there a host selected as SPM?

 

Also attach the engine/vdsm logs.

 

 

Thanks,

Fred

 

On Thu, Jan 18, 2018 at 7:26 AM, Jure Kranjc <jure.kra...@arnes.si 
<mailto:jure.kra...@arnes.si> > wrote:

Hello,

is there a way to force select master storage domain? I have three data 
domains, we had some storage problems and now none of the domains is master. I 
cannot activate any because I should first activate the master one. Any help 
appreciated.



___
Users mailing list
Users@ovirt.org <mailto:Users@ovirt.org> 
http://lists.ovirt.org/mailman/listinfo/users

 

___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users


[ovirt-users] No master storage domain, force select?

2018-01-17 Thread Jure Kranjc

Hello,

is there a way to force select master storage domain? I have three data 
domains, we had some storage problems and now none of the domains is 
master. I cannot activate any because I should first activate the master 
one. Any help appreciated.





smime.p7s
Description: S/MIME Cryptographic Signature
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users


Re: [ovirt-users] oVirt-shell command to move a disk

2016-07-13 Thread Jure Kranjc

On 01. 12. 2014 14:40, Nicolas Ecarnot wrote:

Le 01/12/2014 13:23, Juan Hernández a écrit :

On 12/01/2014 12:51 PM, Michael Pasternak wrote:

not sure what sdk version 3.4.4 is, but according to log, latest
official for 3.4 is 3.4.1.1-1
(make you have it installed)



There are two issues here. First is that the "move" disk operation on
the top level collection isn't correctly documented in the RSDL
metadata. As a result the Python SDK and the CLI don't support this
operation. You can however use the same operation in the context of 
the VM:


   # action disk {disk:id} move --vm-identifier {vm:id}
--storage_domain-name={storagedomain:name}

Please open a bug requesting a fix for this.


Done!

https://bugzilla.redhat.com/show_bug.cgi?id=1169376


The other issue is that the 3.4 version doesn't support specifying disks
by alias, only by id. This has been fixed in 3.5.

So, all in all, at the moment you will need a command like this:

   # action disk c6aab66a-b551-4cc5-8628-efe9622c0dce move
--vm-identifier myvm --storage_domain-name mysd


Your workaround is working : thank you.


Hi,

i know this is an old thread but i need to move a bunch of disks from 
one storage domain to another. I am unable to move disks with 
ovirt-shell as it seems it does not support moving disks when quota 
enabled and enforced on datacenter. Is that correct? Any help appreciated.


ovirt shell
action disk 689ce8fe-0d40-47e1-a933-7bae5ed0812b move 
--storage_domain-name NLSAS_PRIM

  status: 400
  reason: Bad Request
  detail: Cannot move Virtual Machine Disk. Quota is not valid.

I can move disks normally via webadmin.
Using ovirt-engine-cli-3.6.2.0-1.fc23.noarch, 
ovirt-engine-3.5.6.2-1.el6.noarch


___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users


Re: [ovirt-users] Ip spoofing

2014-07-09 Thread Jure Kranjc

  
  
Hi,
  
  I don't know if this is much help but here is our setup which
  works in a way that users cannot spoof public IP from inside VM.
  We've set up a MAC pool range on engine and a DHCP server on one
  VM, this server assigns IPs according to VMs MACs.
  We use CentOS6 nodes (and engine 3.3.5). The node always sees the
  VM's NIC by it's ovirt MAC, even if user changes it from inside
  VM.
  Now the solution was ebtables (bridge tables). We've set rules on
  bridge to public network which drops packets if they don't come
  from legit MAC/IP combination. Example:
  
  -A FORWARD -p IPv4 -s 0:1a:4a:f9:xx:xx --ip-src ! IPADDRofVM -j
  DROP
  
  Any comments on the setup are appriceated.
  JureKr

  On 06/19/2014 10:23 AM, Punit Dambiwal wrote:


  Hi,


I have setup Ovirt with glusterfs...I have some concern
  about the network part


1. Is there any way to restrict the Guest VM...so that it
  can be assign with single ip address...and in anyhow the user
  can not manipulate the IP address from inside the VM (that
  means user can not change the ip address inside the VM).


Thanks,
Punit 
  
  
  
  
  ___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users



  


___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users


[Users] Live migration of Windows guests with VirtIO disk interface

2014-02-25 Thread Jure Kranjc

Hello,

this topic is quite old but I got the same problem recently and couldn't 
find reliable information.. Here is the question:


Is live migration of Windows guests, which use VirtIO disk interface 
possible in latest stable release (3.3.3) and latest libvirt on EL6?


We are currently using 3.3.1 on EL6 and plan to upgrade to 3.3.3 this 
week. We can't live migrate Windows guests, which use VirtIO disk 
interface and scsi driver 0.1.59. Further on, Windows server 2012 
doesn't update from virtio 0.1-74 iso as the drivers look the same to 
it. Windows with IDE interface migrate OK but the performance is much 
worse, so that isn't an option.
I can later provide log files and package versions, but before I do 
that, I just want to ask users if I am missing something. Thanks.


Jure Kranjc

On 07/16/2013 02:10 PM, Itamar Heim wrote:


Hi,

I have an ovirt 3.1 build. I have 3 hosts and a few virtual machines
setup that I am using for testing. I am using gluster storage setup
as a distribution between the 3 hosts. I can migrate linux guests
across my 3 hosts, but I cannot migrate windows hosts. I get
“Migration failed due to
Error: Fatal error during migration. The event id is 65. Is there
something additional that needs to be done to windows guests for
them to support live migration? 



___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users


Re: [Users] Disk quota and templates bug?

2013-06-04 Thread Jure Kranjc

Hi,

Yes, the user which tries to create a VM is a quota consumer, his quota 
is defined on a datacenter. Storage quota for that perticular user is 
set for 'all storage domains' (tried setting storage quota only on 
storage domain, same result). We noticed that the bug only shows when we 
create a VM from a template with thin provisioned disk. If template's 
disk is preallocated, newly created disks are assigned ok (doesn't 
matter if new VM's disk is preallocated or thin provisioned).

Let me know if you need more info.
JureKr

On 2.6.2013 14:37, Ofri Masad wrote:

Hi Jure,

The opened bug is not suppose to be in version 3.2.2
I've tried to reproduce the bug in 3.2.2 but could not reproduce it.

I would like to get to the bottom of this and in order to do so I'll need your 
help with a detailed description of the bug.
few things I would like to make sure:
  - The user which tries to create the VM from template is defined quota 
consumer for at least one quota.
  - The user quota include resource allocation to the storage domain which 
holds the VM disk.

thanks in advance,
Ofri

- Original Message -

From: Doron Fediuck dfedi...@redhat.com
To: Greg Padgett gpadg...@redhat.com
Cc: users@ovirt.org
Sent: Thursday, May 30, 2013 9:31:50 AM
Subject: Re: [Users] Disk quota and templates bug?

- Original Message -

From: Greg Padgett gpadg...@redhat.com
To: Jure Kranjc jure.kra...@arnes.si
Cc: users@ovirt.org, Doron Fediuck dfedi...@redhat.com
Sent: Thursday, May 30, 2013 3:02:34 AM
Subject: Re: [Users] Disk quota and templates bug?

On 05/29/2013 10:05 AM, Jure Kranjc wrote:

Hi,
we've encountered an quota allocation problem which seems like a bug.
Using engine 3.2.2. on CentOS, datacenter in enforced quota mode.
Scenario:

- Create a virtual machine, seal it and create template from it. Assign
some quota to it.
- Create a new user, set new quota limits to his username
- This user creates a new VM from this template. In new server/desktop
dialog, resource allocation, new disk gets set to user's quota (user only
has permission for it's own quota). Create VM.
- When VM is created it inherits the templates quota and not user's, as
it
should. So user is using templates disk quota. Quota for memory and vcpu
works ok.

No errors in engine.log.
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Hi Jure,

Thanks for reporting this.  I'm not well-versed enough with storage quotas
to assess, but adding Doron who should be able to help.

Thanks,
Greg



Hi Guys,
This is indeed a bug which was reported a few weeks ago.
It should be handled for 3.3.0.
As a work around you should be able to modify the quota allocation
after the VM is created.
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users



___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users


[Users] Disk quota and templates bug?

2013-05-29 Thread Jure Kranjc

Hi,
we've encountered an quota allocation problem which seems like a bug.
Using engine 3.2.2. on CentOS, datacenter in enforced quota mode. Scenario:

- Create a virtual machine, seal it and create template from it. Assign 
some quota to it.

- Create a new user, set new quota limits to his username
- This user creates a new VM from this template. In new server/desktop 
dialog, resource allocation, new disk gets set to user's quota (user 
only has permission for it's own quota). Create VM.
- When VM is created it inherits the templates quota and not user's, as 
it should. So user is using templates disk quota. Quota for memory and 
vcpu works ok.


No errors in engine.log.
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users


Re: [Users] ldap simple

2013-03-19 Thread Jure Kranjc

  
  
Hi.

Further testing...
- Setup: one ldap server with added user to match ovirt searches
(while adding user in webadmin),
- Fedora 18, engine 3.2.1, openldap-server, simple authentication,
no firewalls,
- with packet inspection we can see ldap responding with requested
attributes
- still, there are errors in logs, see below, and no users are
listed in webadmin, engine fails to parse given attributes
- engine-manage-domains -action="" returns "Invalid
credentials" even though binding is ok and ldap is replying with
data.

Can anyone point us to some documentation on this topic?
Is really AD the only good solution for user management?

engine.log
2013-03-19 15:16:53,042 ERROR
[org.ovirt.engine.core.bll.adbroker.LDAPTemplateWrapper]
(ajp--127.0.0.1-8702-3) Error in running LDAP query. BaseDN is ,
filter is (((objectClass=person))
(|(givenname=test)(sn=test)(uid=test)(uid=test))). Exception message
is: null
2013-03-19 15:16:53,043 ERROR
[org.ovirt.engine.core.bll.adbroker.DirectorySearcher]
(ajp--127.0.0.1-8702-3) Failed ldap search server
ldap://ldaphost.domain.si:389 due to null. We should try the next
server

server.log
2013-03-19 15:17:24,113 ERROR
[org.springframework.ldap.control.AbstractRequestControlDirContextProcessor]
(ajp--127.0.0.1-8702-6) No matching response control found for paged
results - looking for 'class
javax.naming.ldap.PagedResultsResponseControl



On 03/18/2013 09:09 AM, Yair Zaslavsky
  wrote:


  
  Hi,
We're issuing a RootDSE query (once per LDAP domain
  configured).
We try to obtain from it the "defaultNamingContext"
  attribute.
If does not exist - we try to obtain ""NamingContexts"
We store the result at a "domainDn" (we have a data
  structure which maps domains to information objects, one of
  the fields at the information object is the DN of the domain)
   field, and we use it to compose the full ldap URL we send the
  queries to.

  
  
  From:
"Andrej Bagon" andrej.ba...@arnes.si
To: "Itamar Heim" ih...@redhat.com
Cc: users@ovirt.org, "Yair Zaslavsky"
yzasl...@redhat.com, "Oved Ourfalli"
oourf...@redhat.com
Sent: Monday, March 18, 2013 9:07:06 AM
Subject: Re: [Users] ldap simple

Hi,

the system is trying to bind to ldap as:
bind request:
uid=cn=ovirt,cn=Users,cn=Accounts,dc=ourdomain,dc=si

I dont know how it knows dc=ourdomain,dc=si
It should be
bind request: cn=ovirt,ou=system,dc=ourdomain,dc=si" -b
"dc=arnes,dc=si

The same with the search: we have users in form as:
edupersonprincipalname=usern...@users.ourdomain.si,dc=users,dc=ourdomain,dc=si

values in database:
select * from vdc_options where option_name in
('DomainName','LdapServers','LDAPSecurityAuthentication','LDAPProviderTypes','AdUserName','AdUserPassword')

order by option_id;
 option_id |    option_name | 
option_value  | version 
---+++-
    10 | AdUserName |
users.ourdomain.si:ovirt   | general
    11 | AdUserPassword
|users.ourdomain.si:adminpassword   | general
    69 | DomainName | users.ourdomain.si
    | general
   130 | LDAPSecurityAuthentication|
users.ourdomain.si:SIMPLE  | general
   132 | LdapServers    |
users.ourdomain.si:server.ourdomain.si | general
   133 | LDAPProviderTypes  |
users.ourdomain.si:rhds    | general
(6 rows)

Best Regards,
Andrej Bagon


On 03/15/2013 12:09 PM, Itamar Heim wrote:
On
  03/14/2013 01:58 PM, Andrej Bagon wrote: 
  Hi, 

is it possible to change the bind request that is sent
to the ldap 
server? The default
uid=user,cn=Users,cn=Accounts,cn=our,cn=domain is 
not suitable. 
  
  
  can you please explain why / what you would like to change
  it to? 
  (not sure possible now, but there is work to make it more
  configurable/pluggable) 
  


  
   

Re: [Users] ldap simple

2013-03-19 Thread Jure Kranjc
389 DS is so far working as expected. Thank you for your clarification, 
somehow missed that out.


On 19.3.2013 21:56, Itamar Heim wrote:

On 03/19/2013 05:26 PM, Yair Zaslavsky wrote:

Why openldap server?
We do not support openldap at the moment.


hopefully, the changes to auth part will make it for 3.3 to cover 
that, but depends on progress there.







*From: *Jure Kranjc jure.kra...@arnes.si
*To: *users@ovirt.org
*Sent: *Tuesday, March 19, 2013 3:50:49 PM
*Subject: *Re: [Users] ldap simple

Hi.

Further testing...
- Setup: one ldap server with added user to match ovirt searches
(while adding user in webadmin),
- Fedora 18, engine 3.2.1, openldap-server, simple authentication,
no firewalls,
- with packet inspection we can see ldap responding with requested
attributes
- still, there are errors in logs, see below, and no users are
listed in webadmin, engine fails to parse given attributes
- engine-manage-domains -action=validate returns Invalid
credentials even though binding is ok and ldap is replying with 
data.


Can anyone point us to some documentation on this topic?
Is really AD the only good solution for user management?

engine.log
2013-03-19 15:16:53,042 ERROR
[org.ovirt.engine.core.bll.adbroker.LDAPTemplateWrapper]
(ajp--127.0.0.1-8702-3) Error in running LDAP query. BaseDN is ,
filter is (((objectClass=person))
(|(givenname=test)(sn=test)(uid=test)(uid=test))). Exception message
is: null
2013-03-19 15:16:53,043 ERROR
[org.ovirt.engine.core.bll.adbroker.DirectorySearcher]
(ajp--127.0.0.1-8702-3) Failed ldap search server
ldap://ldaphost.domain.si:389 due to null. We should try the next 
server


server.log
2013-03-19 15:17:24,113 ERROR
[org.springframework.ldap.control.AbstractRequestControlDirContextProcessor]
(ajp--127.0.0.1-8702-6) No matching response control found for paged
results - looking for 'class
javax.naming.ldap.PagedResultsResponseControl



On 03/18/2013 09:09 AM, Yair Zaslavsky wrote:

Hi,
We're issuing a RootDSE query (once per LDAP domain configured).
We try to obtain from it the defaultNamingContext attribute.
If does not exist - we try to obtain NamingContexts
We store the result at a domainDn (we have a data structure
which maps domains to information objects, one of the fields at
the information object is the DN of the domain)  field, and we
use it to compose the full ldap URL we send the queries to.




*From: *Andrej Bagon andrej.ba...@arnes.si
*To: *Itamar Heim ih...@redhat.com
*Cc: *users@ovirt.org, Yair Zaslavsky
yzasl...@redhat.com, Oved Ourfalli oourf...@redhat.com
*Sent: *Monday, March 18, 2013 9:07:06 AM
*Subject: *Re: [Users] ldap simple

Hi,

the system is trying to bind to ldap as:
bind request:
uid=cn=ovirt,cn=Users,cn=Accounts,dc=ourdomain,dc=si

I dont know how it knows dc=ourdomain,dc=si
It should be
bind request: cn=ovirt,ou=system,dc=ourdomain,dc=si -b
dc=arnes,dc=si

The same with the search: we have users in form as:
edupersonprincipalname=usern...@users.ourdomain.si
mailto:edupersonprincipalname=aba...@guest.arnes.si,dc=users,dc=ourdomain,dc=si

values in database:
select * from vdc_options where option_name in
('DomainName','LdapServers','LDAPSecurityAuthentication','LDAPProviderTypes','AdUserName','AdUserPassword')
order by option_id;
  option_id |option_name |
option_value  | version
---+++-
 10 | AdUserName |
users.ourdomain.si:ovirt   | general
 11 | AdUserPassword
|users.ourdomain.si:adminpassword   | general
 69 | DomainName |
users.ourdomain.si | general
130 | LDAPSecurityAuthentication|
users.ourdomain.si:SIMPLE  | general
132 | LdapServers|
users.ourdomain.si:server.ourdomain.si | general
133 | LDAPProviderTypes  |
users.ourdomain.si:rhds| general
(6 rows)

Best Regards,
Andrej Bagon


On 03/15/2013 12:09 PM, Itamar Heim wrote:

On 03/14/2013 01:58 PM, Andrej Bagon wrote:

Hi,

is it possible to change the bind request that is
sent

Re: [Users] OpenLDAP Simple Authentication in Ovirt Engine

2013-03-12 Thread Jure Kranjc

  
  
Sorry for late reply.
  So I'm testing SIMPLE auth on RHDS LDAP. Setup was made manually
  with modifying values in db:
  ('DomainName','LdapServers','LDAPSecurityAuthentication','LDAPProviderTypes','AdUserName','AdUserPassword','AdUserId')
  
  When trying to search for a user in webadmin (with admin@internal
  login), I noticed that engine tries to bind to user, defined in
  db, but the username is modified with
  ("uid='usernameFromDB',ou=People,dc=domain,dc=tld"). Looks like
  this is hardcoded. Am I missing some other settings in db? Can
  this be modified? Otherwise this would require changes in ldap
  structure which is in our case impossible. 
  
  The ear didn't deploy when username in db included commas (when
  trying to add username like 'cn=xx,ou=system,dc...').
  
  

On 02/28/2013 01:32 PM, Roy Golan
  wrote:

On
  02/28/2013 11:04 AM, Jure Kranjc wrote:
  
  I was also testing simple auth without
success. Our ldap doesn't support kerberos so we're stuck.
Engine log doesn't report anything, and the server log shows:


2013-02-28 09:53:52,850 INFO  [org.jboss.as.server]
(DeploymentScanner-threads - 2) JBAS015870: Deploy of deployment
"engine.ear" was rolled back with failure message {"JBAS014671:
Failed services" =
{"jboss.deployment.subunit.\"engine.ear\".\"engine-bll.jar\".component.UsersDomainsCacheManagerService.START"
= "org.jboss.msc.service.StartException in service
jboss.deployment.subunit.\"engine.ear\".\"engine-bll.jar\".component.UsersDomainsCacheManagerService.START:
Failed to start service"}}


We're using 3.1 on CentOS, rpms from dev.centos.org repo.


  
  
  lets debug kerberos:
  
  
  vi /var/lib/jboss/jboss-as/bin/run.conf
  
  add this at the bottom
  
  
  JAVA_OPTS="$JAVA_OPTS -Dsun.security.krb5.debug=true"
  
  
  restart jboss
  
  
  Its weird that the ear didn't deploy. Please paste engine.log and
  server.log
  
  
  

On 02/28/2013 09:33 AM, Yair Zaslavsky wrote:

Hi Eduardo,
  
  We mainly focus on supporting Kerberos authentication at the
  moment
  
  Can you switch to kerberos authentication?
  
  
  
  
  - Original Message -
  
  From: "Eduardo Ramos"
edua...@freedominterface.org

To: users@ovirt.org

Sent: Wednesday, February 27, 2013 11:04:17 PM

Subject: Re: [Users] OpenLDAP Simple Authentication in Ovirt
Engine


Anyone has made success with that?



On 12/10/2012 10:18 AM, Eduardo Ramos wrote:

Hi dudes!
  
  
  I was following the model below, but without success. That
  is my
  
  db:
  
  
  
  engine=# select * from vdc_options where option_name in
  
  ('DomainName','LdapServers','LDAPSecurityAuthentication','LDAPProviderTypes','AdUserName','AdUserPassword','AdUserId');
  
    option_id |    option_name | option_value
  
  | version
  
  ---+++-
  
  
   63 | DomainName | ovirt
  
    |
  general
  
    8 | AdUserName |
  
  ovirt:admin   
  |
  
  general
  
      113 | LDAPProviderTypes  |
  
  ovirt:ipa 
  |
  
  general
  
      112 | LdapServers    |
  
  ovirt:172.16.21.240   
  |
  
  general
  
      110 | LDAPSecurityAuthentication |
  
  ovirt:SIMPLE  
  |
  
  general
  
    9 | AdUse

Re: [Users] OpenLDAP Simple Authentication in Ovirt Engine

2013-02-28 Thread Jure Kranjc
I was also testing simple auth without success. Our ldap doesn't support 
kerberos so we're stuck. Engine log doesn't report anything, and the 
server log shows:


2013-02-28 09:53:52,850 INFO  [org.jboss.as.server] 
(DeploymentScanner-threads - 2) JBAS015870: Deploy of deployment 
engine.ear was rolled back with failure message {JBAS014671: Failed 
services = 
{jboss.deployment.subunit.\engine.ear\.\engine-bll.jar\.component.UsersDomainsCacheManagerService.START 
= org.jboss.msc.service.StartException in service 
jboss.deployment.subunit.\engine.ear\.\engine-bll.jar\.component.UsersDomainsCacheManagerService.START: 
Failed to start service}}


We're using 3.1 on CentOS, rpms from dev.centos.org repo.


On 02/28/2013 09:33 AM, Yair Zaslavsky wrote:

Hi Eduardo,
We mainly focus on supporting Kerberos authentication at the moment
Can you switch to kerberos authentication?



- Original Message -

From: Eduardo Ramos edua...@freedominterface.org
To: users@ovirt.org
Sent: Wednesday, February 27, 2013 11:04:17 PM
Subject: Re: [Users] OpenLDAP Simple Authentication in Ovirt Engine

Anyone has made success with that?


On 12/10/2012 10:18 AM, Eduardo Ramos wrote:

Hi dudes!

I was following the model below, but without success. That is my
db:


engine=# select * from vdc_options where option_name in
('DomainName','LdapServers','LDAPSecurityAuthentication','LDAPProviderTypes','AdUserName','AdUserPassword','AdUserId');
  option_id |option_name | option_value
| version
---+++-

 63 | DomainName | ovirt
  | general
  8 | AdUserName |
ovirt:admin|
general
113 | LDAPProviderTypes  |
ovirt:ipa  |
general
112 | LdapServers|
ovirt:172.16.21.240|
general
110 | LDAPSecurityAuthentication |
ovirt:SIMPLE   |
general
  9 | AdUserPassword |
ovirt:e1NTSEF9aENLaXVoNUQzOXV0S1A0QlBZa3J4WVBaM2doUjNMNFg= |
general
(7 rows)

As you can see, my ldap server and domain are internal. That's my
ldap
user object:

# admin, Users, Accounts, inpe.br
dn: cn=admin,cn=Users,cn=Accounts,dc=ovirt
givenName: Admin
sn: istrator
uid: admin
userPassword:: e1NTSEF9aENLaXVoNUQzOXV0S1A0QlBZa3J4WVBaM2doUjNMNFg=
uidNumber: 1001
gidNumber: 502
homeDirectory: /home/users/admin
loginShell: /bin/sh
objectClass: inetOrgPerson
objectClass: posixAccount
objectClass: top
cn: admin

But the log aways returns:

2012-12-10 10:07:00,317 ERROR
[org.ovirt.engine.core.bll.adbroker.LdapSearchExceptionHandler]
(ajp--0.0.0.0-8009-11) Ldap authentication failed. Please check
that
the login name , password and path are correct.
2012-12-10 10:07:00,321 ERROR
[org.ovirt.engine.core.bll.adbroker.DirectorySearcher]
(ajp--0.0.0.0-8009-8) Failed ldap search server
ldap://172.16.21.240:389 due to
org.ovirt.engine.core.bll.adbroker.EngineDirectoryServiceException.
We
should not try the next server:
org.ovirt.engine.core.bll.adbroker.EngineDirectoryServiceException

Am I doing the right way?

On 12/04/2012 07:07 AM, Oved Ourfalli wrote:

- Original Message -

From: Thierry Kauffmann thierry.kauffm...@univ-montp2.fr
To: Oved Ourfalli ov...@redhat.com
Cc: Itamar Heim ih...@redhat.com, users@ovirt.org
Sent: Tuesday, December 4, 2012 10:35:34 AM
Subject: Re: [Users] OpenLDAP Simple Authentication in Ovirt
Engine


Le 04/12/2012 09:09, Oved Ourfalli a écrit :


- Original Message -

From: Itamar Heim ih...@redhat.com To: Oved Ourfalli
ov...@redhat.com Cc: users@ovirt.org , Thierry Kauffmann
thierry.kauffm...@univ-montp2.fr Sent: Tuesday, December 4,
2012
1:47:52 AM
Subject: Re: [Users] OpenLDAP Simple Authentication in Ovirt
Engine

On 12/02/2012 08:10 AM, Oved Ourfalli wrote:

- Original Message -

From: Thierry Kauffmann thierry.kauffm...@univ-montp2.fr To:
cristi falcas cristi.fal...@gmail.com Cc: users@ovirt.org
Sent:
Saturday, December 1, 2012 5:56:14 PM
Subject: [Users] OpenLDAP Simple Authentication in Ovirt Engine






Hi,

I am currently testing Ovirt 3.1 standalone on Fedora 17.

Until now, I could only use the default user admin@internal.

Our Directory at the University is OpenLDAP. We use it for
authentication
WITHOUT Kerberos : Simple authentication.

I wonder how to use this backend to authenticate users and manage
groups
in Ovirt.

Has anyone already set this up ?
How to configure Ovirt to use Simple Authentication (No
Kerberos).

Cheers,

--
Thierry Kauffmann
Chef du Service Informatique // Facult? des Sciences //
Universit?
de
Montpellier 2

 [image: SIF - Service Informatique de la Facult? des
 Sciences]
 http://sif.info-ufr.univ-montp2.fr/ [image:
UM2 - Universit? de 

[Users] Ovirt Node install to USB stick - required 70GB disk space?

2013-01-07 Thread Jure Kranjc

Hi,

has anybody installed ovirt-node on a bootable usb stick? If the 
hypervisor is less than 1GB in size, why does installation require 70GB 
of disk space? It would be perfect to run nodes from usb without any disks.


Thanks
Jure Kranjc
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users


Re: [Users] Ovirt Node install to USB stick - required 70GB disk space?

2013-01-07 Thread Jure Kranjc

Thanks, that was the problem and the solution.
Found the post, it's easier to find something when you know what you are 
looking for.


On 7.1.2013 16:17, Jorick Astrego wrote:

On 01/07/2013 02:19 PM, Joey Boggs wrote:

On 01/07/2013 07:33 AM, Alexandre Santos wrote:

2013/1/7 Jure Kranjc jure.kra...@arnes.si:

Hi,

has anybody installed ovirt-node on a bootable usb stick? If the 
hypervisor
is less than 1GB in size, why does installation require 70GB of 
disk space?

It would be perfect to run nodes from usb without any disks.

Thanks
Jure Kranjc


Sorry for not asnwering to the list, here are my previous post:

How much memory do you have? It seems that it's calculating how much
swap it will need and turns that needs at least 70 GB disk space.

There is a thread in this forum that has the calculations that ovirt
does for it. You can change this values on the boot options.

Alex
Those values are also shown on the installer screen right before 
entering the password and can be changed


As sometimes searching the list can be a pain, I'll just repost it:

You can do this with 2 different methods, both of which are on the 
kernel command line during boot. Simply hit TAB when you're selecting 
the install option and add one of the options below to the command line.


1.  You can set  storage_vol=:XXX   where XXX is the desired 
size of the SWAP partition in MB.  It has a minimum size of 5MB.

   This lets you set a static size for swap.

2.  You can set mem_overcommit=0.  This will change our calculation 
to not add any swap for overcommit.  It will still calculate a value 
based on the amount of RAM, but not as large as with the overcommit.


The swap size is calculated at mem_overcommit*RAM + BASE_SWAP

BASE_SWAP is calculated using this formula:

if MEM_SIZE  4GB:
 BASE_SWAP = 2GB
elif MEM_SIZE  16GB:
 BASE_SWAP = 4GB
elif MEM_SIZE  64GB:
 BASE_SWAP = 8GB
else:
 BASE_SWAP = 16GB


We are planning to expose these option in the TUI installer, just not 
there yet.


Mike




___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users