[ovirt-users] Re: Can't add freshly installed node.. host has no default route

2020-05-13 Thread Giorgio Biacchi 

Hi,
im my case that repo *is* enabled.. but I'm still unable to install the 
hooks I need..


Today I installed back a 4.3.9 ovirt node..

[root@cn128 ~]# yum repolist enabled
Loaded plugins: enabled_repos_upload, fastestmirror, imgbased-persist, 
package_upload, product-id, search-disabled-repos, subscription-manager, 
vdsmupgrade, versionlock
This system is not registered with an entitlement server. You can use 
subscription-manager to register.

Loading mirror speeds from cached hostfile
 * ovirt-4.3-epel: epel.mirror.far.fi
repo id   repo name 


status
centos-sclo-rh-release/x86_64 CentOS-7 - 
SCLo rh 
 6,509+6,509
ovirt-4.3/7   Latest 
oVirt 4.3 Release 
 2,831+2,807
ovirt-4.3-centos-gluster6/x86_64  CentOS-7 - 
Gluster 6 
 232+232
ovirt-4.3-centos-opstools/x86_64  CentOS-7 - 
OpsTools - release 
 1,069+1,069
ovirt-4.3-centos-ovirt43/x86_64   CentOS-7 - 
oVirt 4.3 
 484+484
ovirt-4.3-centos-qemu-ev/x86_64   CentOS-7 - 
QEMU EV 
   63+63
ovirt-4.3-epel/x86_64 Extra 
Packages for Enterprise Linux 7 - x86_64 
13,264+13,264
ovirt-4.3-virtio-win-latest   virtio-win 
builds roughly matching what will be shipped in upcoming RHEL 
   49+49
sac-gluster-ansible/x86_64Copr repo 
for gluster-ansible owned by sac 
16+16

repolist: 24,517
Uploading Enabled Repositories Report
Cannot upload enabled repos report, is this client registered?

but if I search or try to install the hooks I need either via yum or 
customizing the packages I want on the engine host they cannot be found..


[root@cn128 ~]# yum search vdsm-hook
Loaded plugins: enabled_repos_upload, fastestmirror, imgbased-persist, 
package_upload, product-id, search-disabled-repos, subscription-manager, 
vdsmupgrade, versionlock
This system is not registered with an entitlement server. You can use 
subscription-manager to register.

Loading mirror speeds from cached hostfile
 * ovirt-4.3-epel: epel.mirror.far.fi
= 
N/S matched: vdsm-hook 
=
vdsm-hook-ethtool-options.noarch : Allow setting custom ethtool options 
for vdsm controlled nics

vdsm-hook-fcoe.noarch : Hook to enable FCoE support
vdsm-hook-openstacknet.noarch : OpenStack Network vNICs support for VDSM
vdsm-hook-vhostmd.noarch : VDSM hook set for interaction with vhostmd
vdsm-hook-vmfex-dev.noarch : VM-FEX vNIC support for VDSM

  Name and summary matches only, use "search all" for everything.
Uploading Enabled Repositories Report
Cannot upload enabled repos report, is this client registered?

So I can't install vdsm-hook-nestedvt or vdsm-hook-macspoof.

Am I missing something??

Regards

Il 13/05/2020 16:09, Nir Levy ha scritto:

Hi Giorgio,

Ovirt-node is based on being a closed system with certain predefined 
packages,
so the system updates itself to a newer version with an updated bundle 
of packages.


additional packages can be installed if you enable the repositories 
residing at:

/etc/yum.repos.d in this case /etc/yum.repos.d/ovirt-4.3.repo
this should resolve what you are encountering.





On Wed, May 13, 2020 at 2:18 PM Giorgio Biacchi > wrote:


Hi Lev,
I just used the iso you provided to reinstall the same host and now I
see vdsm-hook-nestedvt is pre installed, but this is only a workaround.

The hook is always present, no matter what I put in
/usr/share/ovirt-host-deploy/plugins/ovirt-host-deploy/vdsmhooks/packages.d/

on the engine host.

If I add, for example, vdsm-hook-macspoof in the same directory on the
engine host the installation fails again:

2020-05-13 10:39:32,590+ ERROR
otopi.plugins.otopi.packagers.yumpackager yumpackager.error:85 Yum
Cannot queue package vdsm-hook-macspoof: Package vdsm-hook-macspoof
cannot be found
2020-05-13 10:39:32,590+ DEBUG otopi.context
context._executeMethod:145 method exception
Traceback (most recent call last):
    File "/tmp/ovirt-CQNPURostK/pythonlib/otopi/context.py", line
132, in
_executeMethod
      method['method']()
    File
"/tmp/ovirt-CQNPURostK/otopi-plugins/ovirt-host-deploy/vdsmhooks/hooks.py",

line 109, in _packages
      self.packager.installUpdate(f.read().splitlines())
    File
"/tmp/ovirt-CQNPURostK/otopi-plugins/otopi/packagers/yumpackager.py",
line 305, in

[ovirt-users] Re: Can't add freshly installed node.. host has no default route

2020-05-13 Thread Nir Levy 
Hi Giorgio,

Ovirt-node is based on being a closed system with certain predefined
packages,
so the system updates itself to a newer version with an updated bundle of
packages.

additional packages can be installed if you enable the repositories
residing at:
/etc/yum.repos.d in this case /etc/yum.repos.d/ovirt-4.3.repo
this should resolve what you are encountering.





On Wed, May 13, 2020 at 2:18 PM Giorgio Biacchi  wrote:

> Hi Lev,
> I just used the iso you provided to reinstall the same host and now I
> see vdsm-hook-nestedvt is pre installed, but this is only a workaround.
>
> The hook is always present, no matter what I put in
> /usr/share/ovirt-host-deploy/plugins/ovirt-host-deploy/vdsmhooks/packages.d/
>
> on the engine host.
>
> If I add, for example, vdsm-hook-macspoof in the same directory on the
> engine host the installation fails again:
>
> 2020-05-13 10:39:32,590+ ERROR
> otopi.plugins.otopi.packagers.yumpackager yumpackager.error:85 Yum
> Cannot queue package vdsm-hook-macspoof: Package vdsm-hook-macspoof
> cannot be found
> 2020-05-13 10:39:32,590+ DEBUG otopi.context
> context._executeMethod:145 method exception
> Traceback (most recent call last):
>File "/tmp/ovirt-CQNPURostK/pythonlib/otopi/context.py", line 132, in
> _executeMethod
>  method['method']()
>File
> "/tmp/ovirt-CQNPURostK/otopi-plugins/ovirt-host-deploy/vdsmhooks/hooks.py",
>
> line 109, in _packages
>  self.packager.installUpdate(f.read().splitlines())
>File
> "/tmp/ovirt-CQNPURostK/otopi-plugins/otopi/packagers/yumpackager.py",
> line 305, in installUpdate
>  ignoreErrors=ignoreErrors
>File "/tmp/ovirt-CQNPURostK/pythonlib/otopi/miniyum.py", line 884, in
> installUpdate
>  **kwargs
>File "/tmp/ovirt-CQNPURostK/pythonlib/otopi/miniyum.py", line 500, in
> _queue
>  package=package,
> RuntimeError: Package vdsm-hook-macspoof cannot be found
>
> On https://resources.ovirt.org/pub/ovirt-4.3/rpm/el7/noarch/ I see many
> packetized hooks and I thought that adding what I need in
> /usr/share/ovirt-host-deploy/plugins/ovirt-host-deploy/vdsmhooks/packages.d/
>
> was the correct way to install them. Am I wrong??
>
> Regards
>
> Il 12/05/2020 19:30, Lev Veyde ha scritto:
> > Hi Giorgio,
> >
> > Do you have a staging test (non production) environment?
> > I built a test ovirt-node-ng image that includes this package, and if
> > you want you can download it from here:
> >
> https://jenkins.ovirt.org/job/ovirt-node-ng-image_standard-check-patch/176/artifact/check-patch.el7.x86_64/
> >
> > If you do, please let us know if it resolved the issue for you,
> >
> > Thanks in advance,
> >
> > On Tue, May 12, 2020 at 6:57 PM Giorgio Biacchi  > > wrote:
> >
> > Il 12/05/2020 17:07, Dominik Holler ha scritto:
> >  >
> >  >
> >  > On Tue, May 12, 2020 at 4:25 PM Giorgio Biacchi
> > mailto:gior...@di.unimi.it>
> >  > >> wrote:
> >  >
> >  > On 5/12/20 12:28 PM, Dominik Holler wrote:
> >  >  >
> >  >  >
> >  >  > On Tue, May 12, 2020 at 8:49 AM Giorgio Biacchi
> >  > mailto:gior...@di.unimi.it>
> > >
> >  >  > 
> >  >  >  >
> >  >  > On 5/11/20 5:53 PM, Dominik Holler wrote:
> >  >  > >
> >  >  > >
> >  >  > > On Mon, May 11, 2020 at 12:31 PM Giorgio Biacchi
> >  >  > mailto:gior...@di.unimi.it>
> > >
> >  > 
> > >>
> >  >  > >  >   > >
> >  > 
> >  wrote:
> >  >  > >
> >  >  > > Hi list,
> >  >  > > I've spent a couple of days trying to understand
> why
> >  > this was
> >  >  > > happening...
> >  >  > >
> >  >  > > For the installation I have a well tested
> > installation
> >  > server
> >  >  > with a
> >  >  > > custom kickstart file to setup ssh keys and
> custom
> >  > hooks for
> >  >  > infiniband
> >  >  > > and I'm installing Ovirt Node 4.3.9 via pxe,
> this is
> >  > particularly
> >  >  > > useful
> >  >  > > when I have to install a bunch of blades at
> > once.. In
> >  > the past
> >  >  > I had no
> >  >

[ovirt-users] Re: Can't add freshly installed node.. host has no default route

2020-05-13 Thread Giorgio Biacchi 

Hi Lev,
I just used the iso you provided to reinstall the same host and now I 
see vdsm-hook-nestedvt is pre installed, but this is only a workaround.


The hook is always present, no matter what I put in 
/usr/share/ovirt-host-deploy/plugins/ovirt-host-deploy/vdsmhooks/packages.d/ 
on the engine host.


If I add, for example, vdsm-hook-macspoof in the same directory on the 
engine host the installation fails again:


2020-05-13 10:39:32,590+ ERROR 
otopi.plugins.otopi.packagers.yumpackager yumpackager.error:85 Yum 
Cannot queue package vdsm-hook-macspoof: Package vdsm-hook-macspoof 
cannot be found
2020-05-13 10:39:32,590+ DEBUG otopi.context 
context._executeMethod:145 method exception

Traceback (most recent call last):
  File "/tmp/ovirt-CQNPURostK/pythonlib/otopi/context.py", line 132, in 
_executeMethod

method['method']()
  File 
"/tmp/ovirt-CQNPURostK/otopi-plugins/ovirt-host-deploy/vdsmhooks/hooks.py", 
line 109, in _packages

self.packager.installUpdate(f.read().splitlines())
  File 
"/tmp/ovirt-CQNPURostK/otopi-plugins/otopi/packagers/yumpackager.py", 
line 305, in installUpdate

ignoreErrors=ignoreErrors
  File "/tmp/ovirt-CQNPURostK/pythonlib/otopi/miniyum.py", line 884, in 
installUpdate

**kwargs
  File "/tmp/ovirt-CQNPURostK/pythonlib/otopi/miniyum.py", line 500, in 
_queue

package=package,
RuntimeError: Package vdsm-hook-macspoof cannot be found

On https://resources.ovirt.org/pub/ovirt-4.3/rpm/el7/noarch/ I see many 
packetized hooks and I thought that adding what I need in 
/usr/share/ovirt-host-deploy/plugins/ovirt-host-deploy/vdsmhooks/packages.d/ 
was the correct way to install them. Am I wrong??


Regards

Il 12/05/2020 19:30, Lev Veyde ha scritto:

Hi Giorgio,

Do you have a staging test (non production) environment?
I built a test ovirt-node-ng image that includes this package, and if 
you want you can download it from here:

https://jenkins.ovirt.org/job/ovirt-node-ng-image_standard-check-patch/176/artifact/check-patch.el7.x86_64/

If you do, please let us know if it resolved the issue for you,

Thanks in advance,

On Tue, May 12, 2020 at 6:57 PM Giorgio Biacchi > wrote:


Il 12/05/2020 17:07, Dominik Holler ha scritto:
 >
 >
 > On Tue, May 12, 2020 at 4:25 PM Giorgio Biacchi
mailto:gior...@di.unimi.it>
 > >> wrote:
 >
 >     On 5/12/20 12:28 PM, Dominik Holler wrote:
 >      >
 >      >
 >      > On Tue, May 12, 2020 at 8:49 AM Giorgio Biacchi
 >     mailto:gior...@di.unimi.it>
>
 >      > 
      >
 >      >     On 5/11/20 5:53 PM, Dominik Holler wrote:
 >      >     >
 >      >     >
 >      >     > On Mon, May 11, 2020 at 12:31 PM Giorgio Biacchi
 >      >     mailto:gior...@di.unimi.it>
>
 >     
>>
 >      >     >  >
 >     
 wrote:
 >      >     >
 >      >     >     Hi list,
 >      >     >     I've spent a couple of days trying to understand why
 >     this was
 >      >     >     happening...
 >      >     >
 >      >     >     For the installation I have a well tested
installation
 >     server
 >      >     with a
 >      >     >     custom kickstart file to setup ssh keys and custom
 >     hooks for
 >      >     infiniband
 >      >     >     and I'm installing Ovirt Node 4.3.9 via pxe, this is
 >     particularly
 >      >     >     useful
 >      >     >     when I have to install a bunch of blades at
once.. In
 >     the past
 >      >     I had no
 >      >     >     issues and all was working like a charm until
now when some
 >      >     hardware
 >      >     >     failed and I had to replace it.
 >      >     >
 >      >     >     As expected I have no issues in the node
installation
 >      >     process.. the
 >      >     >     troubles begins when I try to add the node,
 >     installation fails
 >      >     and in
 >      >     >     the UI I have an exclamation mark with the message
 >     "Host has
 >      >     no default
 >      >     >     route." but I can ping and do ssh to the host
from the
 >      >     manager.. the
 >      >     >     problem is somewhere else in the communication
between the

[ovirt-users] Re: Can't add freshly installed node.. host has no default route

2020-05-12 Thread Nir Levy 
Hi strahil,

The current ovirt node image built by Lev includes
vdsm-hook-nestedvt-4.30.46-1.el7.noarch
so yes it should be available when adding the node.


On Wed, May 13, 2020 at 12:49 AM Strahil Nikolov via Users 
wrote:

> On May 12, 2020 6:56:45 PM GMT+03:00, Giorgio Biacchi 
> wrote:
> >Il 12/05/2020 17:07, Dominik Holler ha scritto:
> >>
> >>
> >> On Tue, May 12, 2020 at 4:25 PM Giorgio Biacchi  >> > wrote:
> >>
> >> On 5/12/20 12:28 PM, Dominik Holler wrote:
> >>  >
> >>  >
> >>  > On Tue, May 12, 2020 at 8:49 AM Giorgio Biacchi
> >> mailto:gior...@di.unimi.it>
> >>  > >>
> >wrote:
> >>  >
> >>  > On 5/11/20 5:53 PM, Dominik Holler wrote:
> >>  > >
> >>  > >
> >>  > > On Mon, May 11, 2020 at 12:31 PM Giorgio Biacchi
> >>  > mailto:gior...@di.unimi.it>
> >> >
> >>  > > 
> >>  >wrote:
> >>  > >
> >>  > > Hi list,
> >>  > > I've spent a couple of days trying to understand why
> >> this was
> >>  > > happening...
> >>  > >
> >>  > > For the installation I have a well tested
> >installation
> >> server
> >>  > with a
> >>  > > custom kickstart file to setup ssh keys and custom
> >> hooks for
> >>  > infiniband
> >>  > > and I'm installing Ovirt Node 4.3.9 via pxe, this is
> >> particularly
> >>  > > useful
> >>  > > when I have to install a bunch of blades at once..
> >In
> >> the past
> >>  > I had no
> >>  > > issues and all was working like a charm until now
> >when some
> >>  > hardware
> >>  > > failed and I had to replace it.
> >>  > >
> >>  > > As expected I have no issues in the node
> >installation
> >>  > process.. the
> >>  > > troubles begins when I try to add the node,
> >> installation fails
> >>  > and in
> >>  > > the UI I have an exclamation mark with the message
> >> "Host has
> >>  > no default
> >>  > > route." but I can ping and do ssh to the host from
> >the
> >>  > manager.. the
> >>  > > problem is somewhere else in the communication
> >between the
> >>  > engine and
> >>  > > vdsmd preventing the engine to refresh the host
> >> capabilities.
> >>  > >
> >>  > > So from the engine I tried:
> >>  > >
> >>  > > [root@manager ~]# openssl s_client -connect
> >> 172.20.22.78:54321 
> >>  > 
> >>  > > 
> >>  > > CONNECTED(0003)
> >>  > > ---
> >>  > > Certificate chain
> >>  > >   0 s:/CN=cn128.lagrange.di.unimi.it/O=VDSM
> >> 
> >>  > 
> >>  > > 
> >Certificate
> >>  > > i:/CN=VDSM Certificate Authority
> >>  > >   1 s:/CN=VDSM Certificate Authority
> >>  > > i:/CN=VDSM Certificate Authority
> >>  > > ---
> >>  > >
> >>  > > The host has still the self signed vdsm
> >certificate..
> >> and on the
> >>  > > host in
> >>  > > vdsm.log I find:
> >>  > >
> >>  > > 2020-05-11 09:52:25,433+ ERROR (Reactor thread)
> >>  > > [ProtocolDetector.SSLHandshakeDispatcher] ssl
> >> handshake: SSLError,
> >>  > > address: :::159.149.129.220 (sslutils:264)
> >>  > >
> >>  > > So I tried to enroll the certificate from the UI and
> >> from the
> >>  > events
> >>  > > tab
> >>  > > I sow the enrolling was successful but:
> >>  > >
> >>  > > [root@manager ~]# openssl s_client -connect
> >> 172.20.22.78:54321 
> >>  > 
> >>  > > 
> >>  > >
> >>  > > 140084336994192:error:140790E5:SSL
> >routines:ssl23_write:ssl
> >>  > handshake
> >>  > > failure:s23_lib.c:177:
> >>  > > CONNECTED(0003)
> >>  > > ---
> >>  > > no peer certificate available
> >>  > > ---
> >>  > >
> >>  > > there's still some issue with the certificates.. so
> >on the
> >>  > host again:
> >>  > >
> >>  > > [root@cn128 vdsm]# find /etc/pki/vdsm/ -type f -cmin
> >-10|
> >>

[ovirt-users] Re: Can't add freshly installed node.. host has no default route

2020-05-12 Thread Strahil Nikolov via Users 
On May 12, 2020 6:56:45 PM GMT+03:00, Giorgio Biacchi  
wrote:
>Il 12/05/2020 17:07, Dominik Holler ha scritto:
>> 
>> 
>> On Tue, May 12, 2020 at 4:25 PM Giorgio Biacchi > > wrote:
>> 
>> On 5/12/20 12:28 PM, Dominik Holler wrote:
>>  >
>>  >
>>  > On Tue, May 12, 2020 at 8:49 AM Giorgio Biacchi
>> mailto:gior...@di.unimi.it>
>>  > >>
>wrote:
>>  >
>>  >     On 5/11/20 5:53 PM, Dominik Holler wrote:
>>  >     >
>>  >     >
>>  >     > On Mon, May 11, 2020 at 12:31 PM Giorgio Biacchi
>>  >     mailto:gior...@di.unimi.it>
>> >
>>  >     > 
>> wrote:
>>  >     >
>>  >     >     Hi list,
>>  >     >     I've spent a couple of days trying to understand why
>> this was
>>  >     >     happening...
>>  >     >
>>  >     >     For the installation I have a well tested
>installation
>> server
>>  >     with a
>>  >     >     custom kickstart file to setup ssh keys and custom
>> hooks for
>>  >     infiniband
>>  >     >     and I'm installing Ovirt Node 4.3.9 via pxe, this is
>> particularly
>>  >     >     useful
>>  >     >     when I have to install a bunch of blades at once..
>In
>> the past
>>  >     I had no
>>  >     >     issues and all was working like a charm until now
>when some
>>  >     hardware
>>  >     >     failed and I had to replace it.
>>  >     >
>>  >     >     As expected I have no issues in the node
>installation
>>  >     process.. the
>>  >     >     troubles begins when I try to add the node,
>> installation fails
>>  >     and in
>>  >     >     the UI I have an exclamation mark with the message
>> "Host has
>>  >     no default
>>  >     >     route." but I can ping and do ssh to the host from
>the
>>  >     manager.. the
>>  >     >     problem is somewhere else in the communication
>between the
>>  >     engine and
>>  >     >     vdsmd preventing the engine to refresh the host
>> capabilities.
>>  >     >
>>  >     >     So from the engine I tried:
>>  >     >
>>  >     >     [root@manager ~]# openssl s_client -connect
>> 172.20.22.78:54321 
>>  >     
>>  >     >     
>>  >     >     CONNECTED(0003)
>>  >     >     ---
>>  >     >     Certificate chain
>>  >     >       0 s:/CN=cn128.lagrange.di.unimi.it/O=VDSM
>> 
>>  >     
>>  >     >     
>Certificate
>>  >     >         i:/CN=VDSM Certificate Authority
>>  >     >       1 s:/CN=VDSM Certificate Authority
>>  >     >         i:/CN=VDSM Certificate Authority
>>  >     >     ---
>>  >     >
>>  >     >     The host has still the self signed vdsm
>certificate..
>> and on the
>>  >     >     host in
>>  >     >     vdsm.log I find:
>>  >     >
>>  >     >     2020-05-11 09:52:25,433+ ERROR (Reactor thread)
>>  >     >     [ProtocolDetector.SSLHandshakeDispatcher] ssl
>> handshake: SSLError,
>>  >     >     address: :::159.149.129.220 (sslutils:264)
>>  >     >
>>  >     >     So I tried to enroll the certificate from the UI and
>> from the
>>  >     events
>>  >     >     tab
>>  >     >     I sow the enrolling was successful but:
>>  >     >
>>  >     >     [root@manager ~]# openssl s_client -connect
>> 172.20.22.78:54321 
>>  >     
>>  >     >     
>>  >     >
>>  >     >     140084336994192:error:140790E5:SSL
>routines:ssl23_write:ssl
>>  >     handshake
>>  >     >     failure:s23_lib.c:177:
>>  >     >     CONNECTED(0003)
>>  >     >     ---
>>  >     >     no peer certificate available
>>  >     >     ---
>>  >     >
>>  >     >     there's still some issue with the certificates.. so
>on the
>>  >     host again:
>>  >     >
>>  >     >     [root@cn128 vdsm]# find /etc/pki/vdsm/ -type f -cmin
>-10|
>>  >     xargs ls -l
>>  >     >     -rw---. 1 root kvm  1424 May 11 09:56
>>  >     /etc/pki/vdsm/certs/cacert.pem
>>  >     >     -rw---. 1 root kvm  5108 May 11 09:57
>>  >     >     /etc/pki/vdsm/certs/vdsmcert.pem
>>  >     >     -r--r-. 1 root kvm  1704 May 11 09:56
>>  >     /etc/pki/vdsm/keys/vdsmkey.pem
>>  >     >     -rw-r--r--. 1 root root 1424 May 11 09:57
>>  >     >     /etc/pki/vdsm/libvirt-spice/ca-cert.pem
>>

[ovirt-users] Re: Can't add freshly installed node.. host has no default route

2020-05-12 Thread Lev Veyde 
Hi Giorgio,

Do you have a staging test (non production) environment?
I built a test ovirt-node-ng image that includes this package, and if you
want you can download it from here:
https://jenkins.ovirt.org/job/ovirt-node-ng-image_standard-check-patch/176/artifact/check-patch.el7.x86_64/

If you do, please let us know if it resolved the issue for you,

Thanks in advance,

On Tue, May 12, 2020 at 6:57 PM Giorgio Biacchi  wrote:

> Il 12/05/2020 17:07, Dominik Holler ha scritto:
> >
> >
> > On Tue, May 12, 2020 at 4:25 PM Giorgio Biacchi  > > wrote:
> >
> > On 5/12/20 12:28 PM, Dominik Holler wrote:
> >  >
> >  >
> >  > On Tue, May 12, 2020 at 8:49 AM Giorgio Biacchi
> > mailto:gior...@di.unimi.it>
> >  > >> wrote:
> >  >
> >  > On 5/11/20 5:53 PM, Dominik Holler wrote:
> >  > >
> >  > >
> >  > > On Mon, May 11, 2020 at 12:31 PM Giorgio Biacchi
> >  > mailto:gior...@di.unimi.it>
> > >
> >  > > 
> >  >  > >
> >  > > Hi list,
> >  > > I've spent a couple of days trying to understand why
> > this was
> >  > > happening...
> >  > >
> >  > > For the installation I have a well tested installation
> > server
> >  > with a
> >  > > custom kickstart file to setup ssh keys and custom
> > hooks for
> >  > infiniband
> >  > > and I'm installing Ovirt Node 4.3.9 via pxe, this is
> > particularly
> >  > > useful
> >  > > when I have to install a bunch of blades at once.. In
> > the past
> >  > I had no
> >  > > issues and all was working like a charm until now when
> some
> >  > hardware
> >  > > failed and I had to replace it.
> >  > >
> >  > > As expected I have no issues in the node installation
> >  > process.. the
> >  > > troubles begins when I try to add the node,
> > installation fails
> >  > and in
> >  > > the UI I have an exclamation mark with the message
> > "Host has
> >  > no default
> >  > > route." but I can ping and do ssh to the host from the
> >  > manager.. the
> >  > > problem is somewhere else in the communication between
> the
> >  > engine and
> >  > > vdsmd preventing the engine to refresh the host
> > capabilities.
> >  > >
> >  > > So from the engine I tried:
> >  > >
> >  > > [root@manager ~]# openssl s_client -connect
> > 172.20.22.78:54321 
> >  > 
> >  > > 
> >  > > CONNECTED(0003)
> >  > > ---
> >  > > Certificate chain
> >  > >   0 s:/CN=cn128.lagrange.di.unimi.it/O=VDSM
> > 
> >  > 
> >  > >  Certificate
> >  > > i:/CN=VDSM Certificate Authority
> >  > >   1 s:/CN=VDSM Certificate Authority
> >  > > i:/CN=VDSM Certificate Authority
> >  > > ---
> >  > >
> >  > > The host has still the self signed vdsm certificate..
> > and on the
> >  > > host in
> >  > > vdsm.log I find:
> >  > >
> >  > > 2020-05-11 09:52:25,433+ ERROR (Reactor thread)
> >  > > [ProtocolDetector.SSLHandshakeDispatcher] ssl
> > handshake: SSLError,
> >  > > address: :::159.149.129.220 (sslutils:264)
> >  > >
> >  > > So I tried to enroll the certificate from the UI and
> > from the
> >  > events
> >  > > tab
> >  > > I sow the enrolling was successful but:
> >  > >
> >  > > [root@manager ~]# openssl s_client -connect
> > 172.20.22.78:54321 
> >  > 
> >  > > 
> >  > >
> >  > > 140084336994192:error:140790E5:SSL
> routines:ssl23_write:ssl
> >  > handshake
> >  > > failure:s23_lib.c:177:
> >  > > CONNECTED(0003)
> >  > > ---
> >  > > no peer certificate available
> >  > > ---
> >  > >
> >  > > there's still some issue with the certificates.. so on
> the
> >  > host again:
> >  > >
> >  > > [root@cn128 vdsm]# find /etc/pki/vdsm/ -type f -cmin
> -10|
> >

[ovirt-users] Re: Can't add freshly installed node.. host has no default route

2020-05-12 Thread Giorgio Biacchi 

Il 12/05/2020 17:07, Dominik Holler ha scritto:



On Tue, May 12, 2020 at 4:25 PM Giorgio Biacchi > wrote:


On 5/12/20 12:28 PM, Dominik Holler wrote:
 >
 >
 > On Tue, May 12, 2020 at 8:49 AM Giorgio Biacchi
mailto:gior...@di.unimi.it>
 > >> wrote:
 >
 >     On 5/11/20 5:53 PM, Dominik Holler wrote:
 >     >
 >     >
 >     > On Mon, May 11, 2020 at 12:31 PM Giorgio Biacchi
 >     mailto:gior...@di.unimi.it>
>
 >     > 
     >
 >     >     Hi list,
 >     >     I've spent a couple of days trying to understand why
this was
 >     >     happening...
 >     >
 >     >     For the installation I have a well tested installation
server
 >     with a
 >     >     custom kickstart file to setup ssh keys and custom
hooks for
 >     infiniband
 >     >     and I'm installing Ovirt Node 4.3.9 via pxe, this is
particularly
 >     >     useful
 >     >     when I have to install a bunch of blades at once.. In
the past
 >     I had no
 >     >     issues and all was working like a charm until now when some
 >     hardware
 >     >     failed and I had to replace it.
 >     >
 >     >     As expected I have no issues in the node installation
 >     process.. the
 >     >     troubles begins when I try to add the node,
installation fails
 >     and in
 >     >     the UI I have an exclamation mark with the message
"Host has
 >     no default
 >     >     route." but I can ping and do ssh to the host from the
 >     manager.. the
 >     >     problem is somewhere else in the communication between the
 >     engine and
 >     >     vdsmd preventing the engine to refresh the host
capabilities.
 >     >
 >     >     So from the engine I tried:
 >     >
 >     >     [root@manager ~]# openssl s_client -connect
172.20.22.78:54321 
 >     
 >     >     
 >     >     CONNECTED(0003)
 >     >     ---
 >     >     Certificate chain
 >     >       0 s:/CN=cn128.lagrange.di.unimi.it/O=VDSM

 >     
 >     >      Certificate
 >     >         i:/CN=VDSM Certificate Authority
 >     >       1 s:/CN=VDSM Certificate Authority
 >     >         i:/CN=VDSM Certificate Authority
 >     >     ---
 >     >
 >     >     The host has still the self signed vdsm certificate..
and on the
 >     >     host in
 >     >     vdsm.log I find:
 >     >
 >     >     2020-05-11 09:52:25,433+ ERROR (Reactor thread)
 >     >     [ProtocolDetector.SSLHandshakeDispatcher] ssl
handshake: SSLError,
 >     >     address: :::159.149.129.220 (sslutils:264)
 >     >
 >     >     So I tried to enroll the certificate from the UI and
from the
 >     events
 >     >     tab
 >     >     I sow the enrolling was successful but:
 >     >
 >     >     [root@manager ~]# openssl s_client -connect
172.20.22.78:54321 
 >     
 >     >     
 >     >
 >     >     140084336994192:error:140790E5:SSL routines:ssl23_write:ssl
 >     handshake
 >     >     failure:s23_lib.c:177:
 >     >     CONNECTED(0003)
 >     >     ---
 >     >     no peer certificate available
 >     >     ---
 >     >
 >     >     there's still some issue with the certificates.. so on the
 >     host again:
 >     >
 >     >     [root@cn128 vdsm]# find /etc/pki/vdsm/ -type f -cmin -10|
 >     xargs ls -l
 >     >     -rw---. 1 root kvm  1424 May 11 09:56
 >     /etc/pki/vdsm/certs/cacert.pem
 >     >     -rw---. 1 root kvm  5108 May 11 09:57
 >     >     /etc/pki/vdsm/certs/vdsmcert.pem
 >     >     -r--r-. 1 root kvm  1704 May 11 09:56
 >     /etc/pki/vdsm/keys/vdsmkey.pem
 >     >     -rw-r--r--. 1 root root 1424 May 11 09:57
 >     >     /etc/pki/vdsm/libvirt-spice/ca-cert.pem
 >     >     -rw-r--r--. 1 root root 5108 May 11 09:57
 >     >     /etc/pki/vdsm/libvirt-spice/server-cert.pem
 >     >     -r--r-. 1 root root 1704 May 11 09:56
 >     >     /etc/pki/vdsm/libvirt-spice/server-key.pem
 >     >
 >     >     It seems that cacert.pem and vdsmcert.pem have wrong
permissions..
 >     >     let's
 >     >     try to fix it..
 >     >
 >     >     

[ovirt-users] Re: Can't add freshly installed node.. host has no default route

2020-05-12 Thread Dominik Holler 
On Tue, May 12, 2020 at 4:25 PM Giorgio Biacchi  wrote:

> On 5/12/20 12:28 PM, Dominik Holler wrote:
> >
> >
> > On Tue, May 12, 2020 at 8:49 AM Giorgio Biacchi  > > wrote:
> >
> > On 5/11/20 5:53 PM, Dominik Holler wrote:
> > >
> > >
> > > On Mon, May 11, 2020 at 12:31 PM Giorgio Biacchi
> > mailto:gior...@di.unimi.it>
> > > >> wrote:
> > >
> > > Hi list,
> > > I've spent a couple of days trying to understand why this was
> > > happening...
> > >
> > > For the installation I have a well tested installation server
> > with a
> > > custom kickstart file to setup ssh keys and custom hooks for
> > infiniband
> > > and I'm installing Ovirt Node 4.3.9 via pxe, this is
> particularly
> > > useful
> > > when I have to install a bunch of blades at once.. In the past
> > I had no
> > > issues and all was working like a charm until now when some
> > hardware
> > > failed and I had to replace it.
> > >
> > > As expected I have no issues in the node installation
> > process.. the
> > > troubles begins when I try to add the node, installation fails
> > and in
> > > the UI I have an exclamation mark with the message "Host has
> > no default
> > > route." but I can ping and do ssh to the host from the
> > manager.. the
> > > problem is somewhere else in the communication between the
> > engine and
> > > vdsmd preventing the engine to refresh the host capabilities.
> > >
> > > So from the engine I tried:
> > >
> > > [root@manager ~]# openssl s_client -connect 172.20.22.78:54321
> > 
> > > 
> > > CONNECTED(0003)
> > > ---
> > > Certificate chain
> > >   0 s:/CN=cn128.lagrange.di.unimi.it/O=VDSM
> > 
> > >  Certificate
> > > i:/CN=VDSM Certificate Authority
> > >   1 s:/CN=VDSM Certificate Authority
> > > i:/CN=VDSM Certificate Authority
> > > ---
> > >
> > > The host has still the self signed vdsm certificate.. and on
> the
> > > host in
> > > vdsm.log I find:
> > >
> > > 2020-05-11 09:52:25,433+ ERROR (Reactor thread)
> > > [ProtocolDetector.SSLHandshakeDispatcher] ssl handshake:
> SSLError,
> > > address: :::159.149.129.220 (sslutils:264)
> > >
> > > So I tried to enroll the certificate from the UI and from the
> > events
> > > tab
> > > I sow the enrolling was successful but:
> > >
> > > [root@manager ~]# openssl s_client -connect 172.20.22.78:54321
> > 
> > > 
> > >
> > > 140084336994192:error:140790E5:SSL routines:ssl23_write:ssl
> > handshake
> > > failure:s23_lib.c:177:
> > > CONNECTED(0003)
> > > ---
> > > no peer certificate available
> > > ---
> > >
> > > there's still some issue with the certificates.. so on the
> > host again:
> > >
> > > [root@cn128 vdsm]# find /etc/pki/vdsm/ -type f -cmin -10|
> > xargs ls -l
> > > -rw---. 1 root kvm  1424 May 11 09:56
> > /etc/pki/vdsm/certs/cacert.pem
> > > -rw---. 1 root kvm  5108 May 11 09:57
> > > /etc/pki/vdsm/certs/vdsmcert.pem
> > > -r--r-. 1 root kvm  1704 May 11 09:56
> > /etc/pki/vdsm/keys/vdsmkey.pem
> > > -rw-r--r--. 1 root root 1424 May 11 09:57
> > > /etc/pki/vdsm/libvirt-spice/ca-cert.pem
> > > -rw-r--r--. 1 root root 5108 May 11 09:57
> > > /etc/pki/vdsm/libvirt-spice/server-cert.pem
> > > -r--r-. 1 root root 1704 May 11 09:56
> > > /etc/pki/vdsm/libvirt-spice/server-key.pem
> > >
> > > It seems that cacert.pem and vdsmcert.pem have wrong
> permissions..
> > > let's
> > > try to fix it..
> > >
> > > [root@cn128 vdsm]# chown 36:36 /etc/pki/vdsm/certs/cacert.pem
> > > /etc/pki/vdsm/certs/vdsmcert.pem
> > >
> > > And now:
> > >
> > > [root@manager ~]# openssl s_client -connect
> > 172.20.22.78:54321| less
> > > CONNECTED(0003)
> > > ---
> > > Certificate chain
> > >   0 s:/O=lagrange.di.unimi.it/CN=172.20.22.78
> > 
> > > 
> > >
> > >
> >  i:/C=US/O=lagrange.di.unimi.it/CN=cn305.lagrange.di.unimi.it.35941
> > 
> > > <
>

[ovirt-users] Re: Can't add freshly installed node.. host has no default route

2020-05-12 Thread Giorgio Biacchi 
On 5/12/20 12:28 PM, Dominik Holler wrote:
> 
> 
> On Tue, May 12, 2020 at 8:49 AM Giorgio Biacchi  > wrote:
> 
> On 5/11/20 5:53 PM, Dominik Holler wrote:
> >
> >
> > On Mon, May 11, 2020 at 12:31 PM Giorgio Biacchi
> mailto:gior...@di.unimi.it>
> > >> wrote:
> >
> >     Hi list,
> >     I've spent a couple of days trying to understand why this was
> >     happening...
> >
> >     For the installation I have a well tested installation server
> with a
> >     custom kickstart file to setup ssh keys and custom hooks for
> infiniband
> >     and I'm installing Ovirt Node 4.3.9 via pxe, this is particularly
> >     useful
> >     when I have to install a bunch of blades at once.. In the past
> I had no
> >     issues and all was working like a charm until now when some
> hardware
> >     failed and I had to replace it.
> >
> >     As expected I have no issues in the node installation
> process.. the
> >     troubles begins when I try to add the node, installation fails
> and in
> >     the UI I have an exclamation mark with the message "Host has
> no default
> >     route." but I can ping and do ssh to the host from the
> manager.. the
> >     problem is somewhere else in the communication between the
> engine and
> >     vdsmd preventing the engine to refresh the host capabilities.
> >
> >     So from the engine I tried:
> >
> >     [root@manager ~]# openssl s_client -connect 172.20.22.78:54321
> 
> >     
> >     CONNECTED(0003)
> >     ---
> >     Certificate chain
> >       0 s:/CN=cn128.lagrange.di.unimi.it/O=VDSM
> 
> >      Certificate
> >         i:/CN=VDSM Certificate Authority
> >       1 s:/CN=VDSM Certificate Authority
> >         i:/CN=VDSM Certificate Authority
> >     ---
> >
> >     The host has still the self signed vdsm certificate.. and on the
> >     host in
> >     vdsm.log I find:
> >
> >     2020-05-11 09:52:25,433+ ERROR (Reactor thread)
> >     [ProtocolDetector.SSLHandshakeDispatcher] ssl handshake: SSLError,
> >     address: :::159.149.129.220 (sslutils:264)
> >
> >     So I tried to enroll the certificate from the UI and from the
> events
> >     tab
> >     I sow the enrolling was successful but:
> >
> >     [root@manager ~]# openssl s_client -connect 172.20.22.78:54321
> 
> >     
> >
> >     140084336994192:error:140790E5:SSL routines:ssl23_write:ssl
> handshake
> >     failure:s23_lib.c:177:
> >     CONNECTED(0003)
> >     ---
> >     no peer certificate available
> >     ---
> >
> >     there's still some issue with the certificates.. so on the
> host again:
> >
> >     [root@cn128 vdsm]# find /etc/pki/vdsm/ -type f -cmin -10|
> xargs ls -l
> >     -rw---. 1 root kvm  1424 May 11 09:56
> /etc/pki/vdsm/certs/cacert.pem
> >     -rw---. 1 root kvm  5108 May 11 09:57
> >     /etc/pki/vdsm/certs/vdsmcert.pem
> >     -r--r-. 1 root kvm  1704 May 11 09:56
> /etc/pki/vdsm/keys/vdsmkey.pem
> >     -rw-r--r--. 1 root root 1424 May 11 09:57
> >     /etc/pki/vdsm/libvirt-spice/ca-cert.pem
> >     -rw-r--r--. 1 root root 5108 May 11 09:57
> >     /etc/pki/vdsm/libvirt-spice/server-cert.pem
> >     -r--r-. 1 root root 1704 May 11 09:56
> >     /etc/pki/vdsm/libvirt-spice/server-key.pem
> >
> >     It seems that cacert.pem and vdsmcert.pem have wrong permissions..
> >     let's
> >     try to fix it..
> >
> >     [root@cn128 vdsm]# chown 36:36 /etc/pki/vdsm/certs/cacert.pem
> >     /etc/pki/vdsm/certs/vdsmcert.pem
> >
> >     And now:
> >
> >     [root@manager ~]# openssl s_client -connect
> 172.20.22.78:54321| less
> >     CONNECTED(0003)
> >     ---
> >     Certificate chain
> >       0 s:/O=lagrange.di.unimi.it/CN=172.20.22.78
> 
> >     
> >        
> >   
>  i:/C=US/O=lagrange.di.unimi.it/CN=cn305.lagrange.di.unimi.it.35941
> 
> >     
> >       1
> >   
>  s:/C=US/O=lagrange.di.unimi.it/CN=cn305.lagrange.di.unimi.it.35941
> 
> >     
> >        
> >   

[ovirt-users] Re: Can't add freshly installed node.. host has no default route

2020-05-12 Thread Dominik Holler 
On Tue, May 12, 2020 at 8:49 AM Giorgio Biacchi  wrote:

> On 5/11/20 5:53 PM, Dominik Holler wrote:
> >
> >
> > On Mon, May 11, 2020 at 12:31 PM Giorgio Biacchi  > > wrote:
> >
> > Hi list,
> > I've spent a couple of days trying to understand why this was
> > happening...
> >
> > For the installation I have a well tested installation server with a
> > custom kickstart file to setup ssh keys and custom hooks for
> infiniband
> > and I'm installing Ovirt Node 4.3.9 via pxe, this is particularly
> > useful
> > when I have to install a bunch of blades at once.. In the past I had
> no
> > issues and all was working like a charm until now when some hardware
> > failed and I had to replace it.
> >
> > As expected I have no issues in the node installation process.. the
> > troubles begins when I try to add the node, installation fails and in
> > the UI I have an exclamation mark with the message "Host has no
> default
> > route." but I can ping and do ssh to the host from the manager.. the
> > problem is somewhere else in the communication between the engine and
> > vdsmd preventing the engine to refresh the host capabilities.
> >
> > So from the engine I tried:
> >
> > [root@manager ~]# openssl s_client -connect 172.20.22.78:54321
> > 
> > CONNECTED(0003)
> > ---
> > Certificate chain
> >   0 s:/CN=cn128.lagrange.di.unimi.it/O=VDSM
> >  Certificate
> > i:/CN=VDSM Certificate Authority
> >   1 s:/CN=VDSM Certificate Authority
> > i:/CN=VDSM Certificate Authority
> > ---
> >
> > The host has still the self signed vdsm certificate.. and on the
> > host in
> > vdsm.log I find:
> >
> > 2020-05-11 09:52:25,433+ ERROR (Reactor thread)
> > [ProtocolDetector.SSLHandshakeDispatcher] ssl handshake: SSLError,
> > address: :::159.149.129.220 (sslutils:264)
> >
> > So I tried to enroll the certificate from the UI and from the events
> > tab
> > I sow the enrolling was successful but:
> >
> > [root@manager ~]# openssl s_client -connect 172.20.22.78:54321
> > 
> >
> > 140084336994192:error:140790E5:SSL routines:ssl23_write:ssl handshake
> > failure:s23_lib.c:177:
> > CONNECTED(0003)
> > ---
> > no peer certificate available
> > ---
> >
> > there's still some issue with the certificates.. so on the host
> again:
> >
> > [root@cn128 vdsm]# find /etc/pki/vdsm/ -type f -cmin -10| xargs ls
> -l
> > -rw---. 1 root kvm  1424 May 11 09:56
> /etc/pki/vdsm/certs/cacert.pem
> > -rw---. 1 root kvm  5108 May 11 09:57
> > /etc/pki/vdsm/certs/vdsmcert.pem
> > -r--r-. 1 root kvm  1704 May 11 09:56
> /etc/pki/vdsm/keys/vdsmkey.pem
> > -rw-r--r--. 1 root root 1424 May 11 09:57
> > /etc/pki/vdsm/libvirt-spice/ca-cert.pem
> > -rw-r--r--. 1 root root 5108 May 11 09:57
> > /etc/pki/vdsm/libvirt-spice/server-cert.pem
> > -r--r-. 1 root root 1704 May 11 09:56
> > /etc/pki/vdsm/libvirt-spice/server-key.pem
> >
> > It seems that cacert.pem and vdsmcert.pem have wrong permissions..
> > let's
> > try to fix it..
> >
> > [root@cn128 vdsm]# chown 36:36 /etc/pki/vdsm/certs/cacert.pem
> > /etc/pki/vdsm/certs/vdsmcert.pem
> >
> > And now:
> >
> > [root@manager ~]# openssl s_client -connect 172.20.22.78:54321| less
> > CONNECTED(0003)
> > ---
> > Certificate chain
> >   0 s:/O=lagrange.di.unimi.it/CN=172.20.22.78
> > 
> >
> > i:/C=US/O=lagrange.di.unimi.it/CN=cn305.lagrange.di.unimi.it.35941
> > 
> >   1
> > s:/C=US/O=lagrange.di.unimi.it/CN=cn305.lagrange.di.unimi.it.35941
> > 
> >
> > i:/C=US/O=lagrange.di.unimi.it/CN=cn305.lagrange.di.unimi.it.35941
> > 
> > ---
> >
> > Now I can finally refresh the host capabilities and setup the host
> > networks..
> >
> > In attachment all the relevant logs, I don't know if I've found some
> > bug.. this is the first time i had so many troubles adding a new
> host..
> > so I decided to share my experience with the list..
> >
> >
> > Thanks for raising this.
> >
> > On adding the host there is an error about  vdsm-hook-nestedvt which I
> > cannot interprete, maybe someone else can do.
> > In vdsm.log I noticed a strange behavior of setupNetworks, can you
> > please share the corresponding supervdsm.log, too?
> >
> >
> >
> > Cheers
> > --
> > gb
> >
> > PGP Key: http://pgp.mit.edu/
> > Primary key fingerprint: C510 0765 943E EBED A4F2 69D3 16CC DC90
> > B9CB 0F34
> >

[ovirt-users] Re: Can't add freshly installed node.. host has no default route

2020-05-11 Thread Dominik Holler 
On Mon, May 11, 2020 at 12:31 PM Giorgio Biacchi 
wrote:

> Hi list,
> I've spent a couple of days trying to understand why this was happening...
>
> For the installation I have a well tested installation server with a
> custom kickstart file to setup ssh keys and custom hooks for infiniband
> and I'm installing Ovirt Node 4.3.9 via pxe, this is particularly useful
> when I have to install a bunch of blades at once.. In the past I had no
> issues and all was working like a charm until now when some hardware
> failed and I had to replace it.
>
> As expected I have no issues in the node installation process.. the
> troubles begins when I try to add the node, installation fails and in
> the UI I have an exclamation mark with the message "Host has no default
> route." but I can ping and do ssh to the host from the manager.. the
> problem is somewhere else in the communication between the engine and
> vdsmd preventing the engine to refresh the host capabilities.
>
> So from the engine I tried:
>
> [root@manager ~]# openssl s_client -connect 172.20.22.78:54321
> CONNECTED(0003)
> ---
> Certificate chain
>   0 s:/CN=cn128.lagrange.di.unimi.it/O=VDSM Certificate
> i:/CN=VDSM Certificate Authority
>   1 s:/CN=VDSM Certificate Authority
> i:/CN=VDSM Certificate Authority
> ---
>
> The host has still the self signed vdsm certificate.. and on the host in
> vdsm.log I find:
>
> 2020-05-11 09:52:25,433+ ERROR (Reactor thread)
> [ProtocolDetector.SSLHandshakeDispatcher] ssl handshake: SSLError,
> address: :::159.149.129.220 (sslutils:264)
>
> So I tried to enroll the certificate from the UI and from the events tab
> I sow the enrolling was successful but:
>
> [root@manager ~]# openssl s_client -connect 172.20.22.78:54321
>
> 140084336994192:error:140790E5:SSL routines:ssl23_write:ssl handshake
> failure:s23_lib.c:177:
> CONNECTED(0003)
> ---
> no peer certificate available
> ---
>
> there's still some issue with the certificates.. so on the host again:
>
> [root@cn128 vdsm]# find /etc/pki/vdsm/ -type f -cmin -10| xargs ls -l
> -rw---. 1 root kvm  1424 May 11 09:56 /etc/pki/vdsm/certs/cacert.pem
> -rw---. 1 root kvm  5108 May 11 09:57 /etc/pki/vdsm/certs/vdsmcert.pem
> -r--r-. 1 root kvm  1704 May 11 09:56 /etc/pki/vdsm/keys/vdsmkey.pem
> -rw-r--r--. 1 root root 1424 May 11 09:57
> /etc/pki/vdsm/libvirt-spice/ca-cert.pem
> -rw-r--r--. 1 root root 5108 May 11 09:57
> /etc/pki/vdsm/libvirt-spice/server-cert.pem
> -r--r-. 1 root root 1704 May 11 09:56
> /etc/pki/vdsm/libvirt-spice/server-key.pem
>
> It seems that cacert.pem and vdsmcert.pem have wrong permissions.. let's
> try to fix it..
>
> [root@cn128 vdsm]# chown 36:36 /etc/pki/vdsm/certs/cacert.pem
> /etc/pki/vdsm/certs/vdsmcert.pem
>
> And now:
>
> [root@manager ~]# openssl s_client -connect 172.20.22.78:54321| less
> CONNECTED(0003)
> ---
> Certificate chain
>   0 s:/O=lagrange.di.unimi.it/CN=172.20.22.78
> i:/C=US/O=lagrange.di.unimi.it/CN=cn305.lagrange.di.unimi.it.35941
>   1 s:/C=US/O=lagrange.di.unimi.it/CN=cn305.lagrange.di.unimi.it.35941
> i:/C=US/O=lagrange.di.unimi.it/CN=cn305.lagrange.di.unimi.it.35941
> ---
>
> Now I can finally refresh the host capabilities and setup the host
> networks..
>
> In attachment all the relevant logs, I don't know if I've found some
> bug.. this is the first time i had so many troubles adding a new host..
> so I decided to share my experience with the list..
>
>
Thanks for raising this.

On adding the host there is an error about  vdsm-hook-nestedvt which I
cannot interprete, maybe someone else can do.
In vdsm.log I noticed a strange behavior of setupNetworks, can you please
share the corresponding supervdsm.log, too?



> Cheers
> --
> gb
>
> PGP Key: http://pgp.mit.edu/
> Primary key fingerprint: C510 0765 943E EBED A4F2 69D3 16CC DC90 B9CB 0F34
> ___
> Users mailing list -- users@ovirt.org
> To unsubscribe send an email to users-le...@ovirt.org
> Privacy Statement: https://www.ovirt.org/privacy-policy.html
> oVirt Code of Conduct:
> https://www.ovirt.org/community/about/community-guidelines/
> List Archives:
> https://lists.ovirt.org/archives/list/users@ovirt.org/message/6JTU3HB4WCI27WSLGEOSLMPYFU22EX5H/
>
___
Users mailing list -- users@ovirt.org
To unsubscribe send an email to users-le...@ovirt.org
Privacy Statement: https://www.ovirt.org/privacy-policy.html
oVirt Code of Conduct: 
https://www.ovirt.org/community/about/community-guidelines/
List Archives: 
https://lists.ovirt.org/archives/list/users@ovirt.org/message/LK47PGCYENSDO6LV7VRFPRO6UJEH2ASH/