[ovirt-users] Re: understanding if real engine offline deployment is possible
Hi Erez,
Thanks a lot for all your help here!
Le ven. 29 avr. 2022 à 20:21, Erez Zarum a écrit :
> It is possible to have a fully offline installation, you just need the
> files either installed or fetch them from a local repo.
>
> Yes, you are using an outdated version of the ovirt ansible collection.
> The final fix for offline deployment was implemented in v2.0 of the ovirt
> ansible collection, this seems not to make it to the 4.4 ovirt repos, 4.4
> I would say try and install the latest ovirt ansible collection, but since
> v2.0 you must use ansible-core 2.12, i'm not sure the outcome of using
> ansible-core 2.12 on an ovirt 4.4 node.
> It is only in version 4.5 that ansible was upgraded to ansible-core 2.12
> and it is indeed uses ovirt ansible collection v2.0
>
> If i were you, i would implement the changes needed to support offline
> mode, it seems those are the only changes that were made in regarding to
> this matter.
> https://github.com/oVirt/ovirt-ansible-collection/pull/380
> https://github.com/oVirt/ovirt-ansible-collection/pull/381
>
>
>
>
> On Fri, Apr 29, 2022 at 9:02 PM Vincent Kwiatkowski <
> vincent.kwiatkow...@itiviti.com> wrote:
>
>> Hi Erez,
>>
>> Indeed its in London ld6^^
>>
>> Even if I use only "he_offline_deployment=true", the engine tries to
>> reach internet repo.
>>
>> my version of ovirt-ansible-collection is 1.6.6-1.el8.noarch, it seems to
>> be the latest version available on ovirt-4.4 repo (I have tested on another
>> server that has internet, and installed official ovirt-release44.rpm
>> package, and it's the same)
>>
>> in file
>> /usr/share/ansible/collections/ansible_collections/ovirt/ovirt/roles/hosted_engine_setup/tasks/full_execution.yml
>> , the var "ovirt_engine_setup_offline" is on line 38:
>>
>> 38 ovirt_engine_setup_offline: "{{ he_offline_deployment }}"
>>
>> in file
>> /usr/share/ansible/collections/ansible_collections/ovirt/ovirt/roles/engine_setup/tasks/main.yml
>> line 7 I have:
>>
>> 7 when: not ovirt_engine_setup_perform_upgrade
>>
>> am I using wrong repo of missing something? (as it seems I d on't have
>> the latest files)
>>
>> yes it makes sense to have a look at hooks, so the engine is customized,
>> I'll check that.
>>
>> It's just that initially I would like to test the "100% offline method",
>> as it should avoid me to customize the engine
>>
>> 10.243.140.1 is a simple internal dns server, it's not the host from
>> where I deploy the engine.
>>
>> Yes I recently understood the created network between the local VM and
>> the host from where we deploy the engine. When I saw that "nameserver" in
>> resolv.conf of the engine points to 192.168.222.1, which is the vibr0 IP of
>> the physical host, I was quite surprised, because on old ovirt deployment I
>> did, the engines have the dns servers I've specified in their resolv.conf,
>> not the vibr0 ip of their host . But it's maybe changed later in the
>> process of the deployment
>>
>> I will stop specifying the ova file as indeed, I don't think it's useful
>> here.
>>
>> Just wanna make sure if:
>>
>> - 100% offline deploy is possible only using the extra var
>> "he_offline_deployment=true" (maybe I need to udpate some packages?)
>> or
>> - 100% offline deploy is ONLY possible using hooks and internal repo
>>
>> your help is really appreciated, I can understand that not all the
>> scenario are tested by dev teams, maybe my case can help other peoples^^
>>
>> thx a lot, have a nice week end!
>>
>>
>> *Vincent Kwiatkowski*
>> Operations - System Team • Itiviti
>> Production System Engineer
>>
>> Direct: +33 1 44 50 25 45
>> vincent.kwiatkow...@itiviti.com
>>
>> 21 Boulevard Haussmann
>>
>> 75009 Paris, France
>>
>> Phone: +33 1 49 95 30 00
>>
>>
>> Le ven. 29 avr. 2022 à 18:20, Erez Zarum a écrit :
>>
>>> 1. You have a typo in your hosted-engine deploy line as you do not
>>> enclose the quotes correctly:
>>>
>>> --ansible-extra-vars=he_appliance_ova=/usr/share/ovirt-engine-appliance/ovirt-engine-appliance-4.4-20211020135049.1.el8.ova
>>> he_offline_deployment=true it should be
>>> --ansible-extra-vars="he_appliance_ova=/usr/share/ovirt-engine-appliance/ovirt-engine-appliance-4.4-20211020135049.1.el8.ova
>>> he_offline_deployment=true"
>>> 2. Can you check which version of ovirt ansible collection are you
>>> using? it is possible that the version you are using does not have the fix,
>>> the fix was released around november.
>>> to clarify you do have it, on the host where you run the
>>> hosted-engine script from, please check the following:
>>>
>>> /usr/share/ansible/collections/ansible_collections/ovirt/ovirt/roles/hosted_engine_setup/tasks/full_execution.yml
>>> at line 39 should have ovirt_engine_setup_offline var set to the
>>> he_offline_deployment var (
>>>
[ovirt-users] Re: understanding if real engine offline deployment is possible
Hi Erez,
Indeed its in London ld6^^
Even if I use only "he_offline_deployment=true", the engine tries to reach
internet repo.
my version of ovirt-ansible-collection is 1.6.6-1.el8.noarch, it seems to
be the latest version available on ovirt-4.4 repo (I have tested on another
server that has internet, and installed official ovirt-release44.rpm
package, and it's the same)
in file
/usr/share/ansible/collections/ansible_collections/ovirt/ovirt/roles/hosted_engine_setup/tasks/full_execution.yml
, the var "ovirt_engine_setup_offline" is on line 38:
38 ovirt_engine_setup_offline: "{{ he_offline_deployment }}"
in file
/usr/share/ansible/collections/ansible_collections/ovirt/ovirt/roles/engine_setup/tasks/main.yml
line 7 I have:
7 when: not ovirt_engine_setup_perform_upgrade
am I using wrong repo of missing something? (as it seems I d on't have
the latest files)
yes it makes sense to have a look at hooks, so the engine is customized,
I'll check that.
It's just that initially I would like to test the "100% offline method", as
it should avoid me to customize the engine
10.243.140.1 is a simple internal dns server, it's not the host from where
I deploy the engine.
Yes I recently understood the created network between the local VM and the
host from where we deploy the engine. When I saw that "nameserver" in
resolv.conf of the engine points to 192.168.222.1, which is the vibr0 IP of
the physical host, I was quite surprised, because on old ovirt deployment I
did, the engines have the dns servers I've specified in their resolv.conf,
not the vibr0 ip of their host . But it's maybe changed later in the
process of the deployment
I will stop specifying the ova file as indeed, I don't think it's useful
here.
Just wanna make sure if:
- 100% offline deploy is possible only using the extra var
"he_offline_deployment=true" (maybe I need to udpate some packages?)
or
- 100% offline deploy is ONLY possible using hooks and internal repo
your help is really appreciated, I can understand that not all the scenario
are tested by dev teams, maybe my case can help other peoples^^
thx a lot, have a nice week end!
*Vincent Kwiatkowski*
Operations - System Team • Itiviti
Production System Engineer
Direct: +33 1 44 50 25 45
vincent.kwiatkow...@itiviti.com
21 Boulevard Haussmann
75009 Paris, France
Phone: +33 1 49 95 30 00
Le ven. 29 avr. 2022 à 18:20, Erez Zarum a écrit :
> 1. You have a typo in your hosted-engine deploy line as you do not enclose
> the quotes correctly:
>
> --ansible-extra-vars=he_appliance_ova=/usr/share/ovirt-engine-appliance/ovirt-engine-appliance-4.4-20211020135049.1.el8.ova
> he_offline_deployment=true it should be
> --ansible-extra-vars="he_appliance_ova=/usr/share/ovirt-engine-appliance/ovirt-engine-appliance-4.4-20211020135049.1.el8.ova
> he_offline_deployment=true"
> 2. Can you check which version of ovirt ansible collection are you using?
> it is possible that the version you are using does not have the fix, the
> fix was released around november.
> to clarify you do have it, on the host where you run the hosted-engine
> script from, please check the following:
>
> /usr/share/ansible/collections/ansible_collections/ovirt/ovirt/roles/hosted_engine_setup/tasks/full_execution.yml
> at line 39 should have ovirt_engine_setup_offline var set to the
> he_offline_deployment var (
> https://github.com/oVirt/ovirt-ansible-collection/blob/master/roles/hosted_engine_setup/tasks/full_execution.yml
> )
>
>
> /usr/share/ansible/collections/ansible_collections/ovirt/ovirt/roles/engine_setup/tasks/main.yml
> at line 7 should have this: when: not
> ovirt_engine_setup_perform_upgrade|bool and not
> ovirt_engine_setup_offline|bool (
> https://github.com/oVirt/ovirt-ansible-collection/blob/master/roles/engine_setup/tasks/main.yml
> )
> 3. i'm not sure regarding the ovirt appliance, but as far as it seems if
> you don't specify it will try to download one, but this happens from the
> host you run the hosted-engine script from which in what you describe uses
> your local repo so it should be able to download from there.
> 4. If i were you, i would hooks
> https://www.ovirt.org/documentation/installing_ovirt_as_a_self-hosted_engine_using_the_command_line/index.html#customizing_engine_vm_during_deployment_auto_SHE_cli_deploy
> You would want to use the "enginevm_before_engine_setup" hook and
> create an ansible task that configure local repos on the engine vm,
> anything you put in that folder hook ("enginevm_before_engine_setup") will
> run on the engine vm, it will allow you to skip later configuring the
> engine vm for your local repos
> 5. I see from the logs that it uses 10.243.140.1 as DNS, is that the host
> you are running from? what is the resolv.conf on that host?
> you need to understand the flow of installing the
[ovirt-users] Re: understanding if real engine offline deployment is possible
It is possible to have a fully offline installation, you just need the
files either installed or fetch them from a local repo.
Yes, you are using an outdated version of the ovirt ansible collection.
The final fix for offline deployment was implemented in v2.0 of the ovirt
ansible collection, this seems not to make it to the 4.4 ovirt repos, 4.4
I would say try and install the latest ovirt ansible collection, but since
v2.0 you must use ansible-core 2.12, i'm not sure the outcome of using
ansible-core 2.12 on an ovirt 4.4 node.
It is only in version 4.5 that ansible was upgraded to ansible-core 2.12
and it is indeed uses ovirt ansible collection v2.0
If i were you, i would implement the changes needed to support offline
mode, it seems those are the only changes that were made in regarding to
this matter.
https://github.com/oVirt/ovirt-ansible-collection/pull/380
https://github.com/oVirt/ovirt-ansible-collection/pull/381
On Fri, Apr 29, 2022 at 9:02 PM Vincent Kwiatkowski <
vincent.kwiatkow...@itiviti.com> wrote:
> Hi Erez,
>
> Indeed its in London ld6^^
>
> Even if I use only "he_offline_deployment=true", the engine tries to reach
> internet repo.
>
> my version of ovirt-ansible-collection is 1.6.6-1.el8.noarch, it seems to
> be the latest version available on ovirt-4.4 repo (I have tested on another
> server that has internet, and installed official ovirt-release44.rpm
> package, and it's the same)
>
> in file
> /usr/share/ansible/collections/ansible_collections/ovirt/ovirt/roles/hosted_engine_setup/tasks/full_execution.yml
> , the var "ovirt_engine_setup_offline" is on line 38:
>
> 38 ovirt_engine_setup_offline: "{{ he_offline_deployment }}"
>
> in file
> /usr/share/ansible/collections/ansible_collections/ovirt/ovirt/roles/engine_setup/tasks/main.yml
> line 7 I have:
>
> 7 when: not ovirt_engine_setup_perform_upgrade
>
> am I using wrong repo of missing something? (as it seems I d on't have
> the latest files)
>
> yes it makes sense to have a look at hooks, so the engine is customized,
> I'll check that.
>
> It's just that initially I would like to test the "100% offline method",
> as it should avoid me to customize the engine
>
> 10.243.140.1 is a simple internal dns server, it's not the host from where
> I deploy the engine.
>
> Yes I recently understood the created network between the local VM and the
> host from where we deploy the engine. When I saw that "nameserver" in
> resolv.conf of the engine points to 192.168.222.1, which is the vibr0 IP of
> the physical host, I was quite surprised, because on old ovirt deployment I
> did, the engines have the dns servers I've specified in their resolv.conf,
> not the vibr0 ip of their host . But it's maybe changed later in the
> process of the deployment
>
> I will stop specifying the ova file as indeed, I don't think it's useful
> here.
>
> Just wanna make sure if:
>
> - 100% offline deploy is possible only using the extra var
> "he_offline_deployment=true" (maybe I need to udpate some packages?)
> or
> - 100% offline deploy is ONLY possible using hooks and internal repo
>
> your help is really appreciated, I can understand that not all the
> scenario are tested by dev teams, maybe my case can help other peoples^^
>
> thx a lot, have a nice week end!
>
>
> *Vincent Kwiatkowski*
> Operations - System Team • Itiviti
> Production System Engineer
>
> Direct: +33 1 44 50 25 45
> vincent.kwiatkow...@itiviti.com
>
> 21 Boulevard Haussmann
>
> 75009 Paris, France
>
> Phone: +33 1 49 95 30 00
>
>
> Le ven. 29 avr. 2022 à 18:20, Erez Zarum a écrit :
>
>> 1. You have a typo in your hosted-engine deploy line as you do not
>> enclose the quotes correctly:
>>
>> --ansible-extra-vars=he_appliance_ova=/usr/share/ovirt-engine-appliance/ovirt-engine-appliance-4.4-20211020135049.1.el8.ova
>> he_offline_deployment=true it should be
>> --ansible-extra-vars="he_appliance_ova=/usr/share/ovirt-engine-appliance/ovirt-engine-appliance-4.4-20211020135049.1.el8.ova
>> he_offline_deployment=true"
>> 2. Can you check which version of ovirt ansible collection are you using?
>> it is possible that the version you are using does not have the fix, the
>> fix was released around november.
>> to clarify you do have it, on the host where you run the
>> hosted-engine script from, please check the following:
>>
>> /usr/share/ansible/collections/ansible_collections/ovirt/ovirt/roles/hosted_engine_setup/tasks/full_execution.yml
>> at line 39 should have ovirt_engine_setup_offline var set to the
>> he_offline_deployment var (
>> https://github.com/oVirt/ovirt-ansible-collection/blob/master/roles/hosted_engine_setup/tasks/full_execution.yml
>> )
>>
>>
>> /usr/share/ansible/collections/ansible_collections/ovirt/ovirt/roles/engine_setup/tasks/main.yml
>> at line 7 should have this: when: not
>>
[ovirt-users] Re: understanding if real engine offline deployment is possible
1. You have a typo in your hosted-engine deploy line as you do not enclose
the quotes correctly:
--ansible-extra-vars=he_appliance_ova=/usr/share/ovirt-engine-appliance/ovirt-engine-appliance-4.4-20211020135049.1.el8.ova
he_offline_deployment=true it should be
--ansible-extra-vars="he_appliance_ova=/usr/share/ovirt-engine-appliance/ovirt-engine-appliance-4.4-20211020135049.1.el8.ova
he_offline_deployment=true"
2. Can you check which version of ovirt ansible collection are you using?
it is possible that the version you are using does not have the fix, the
fix was released around november.
to clarify you do have it, on the host where you run the hosted-engine
script from, please check the following:
/usr/share/ansible/collections/ansible_collections/ovirt/ovirt/roles/hosted_engine_setup/tasks/full_execution.yml
at line 39 should have ovirt_engine_setup_offline var set to the
he_offline_deployment var (
https://github.com/oVirt/ovirt-ansible-collection/blob/master/roles/hosted_engine_setup/tasks/full_execution.yml
)
/usr/share/ansible/collections/ansible_collections/ovirt/ovirt/roles/engine_setup/tasks/main.yml
at line 7 should have this: when: not
ovirt_engine_setup_perform_upgrade|bool and not
ovirt_engine_setup_offline|bool (
https://github.com/oVirt/ovirt-ansible-collection/blob/master/roles/engine_setup/tasks/main.yml
)
3. i'm not sure regarding the ovirt appliance, but as far as it seems if
you don't specify it will try to download one, but this happens from the
host you run the hosted-engine script from which in what you describe uses
your local repo so it should be able to download from there.
4. If i were you, i would hooks
https://www.ovirt.org/documentation/installing_ovirt_as_a_self-hosted_engine_using_the_command_line/index.html#customizing_engine_vm_during_deployment_auto_SHE_cli_deploy
You would want to use the "enginevm_before_engine_setup" hook and
create an ansible task that configure local repos on the engine vm,
anything you put in that folder hook ("enginevm_before_engine_setup") will
run on the engine vm, it will allow you to skip later configuring the
engine vm for your local repos
5. I see from the logs that it uses 10.243.140.1 as DNS, is that the host
you are running from? what is the resolv.conf on that host?
you need to understand the flow of installing the hosted engine as a
self hosted engine, it creates a local VM and create a network between that
local VM and the host you running from, then the last stage is moving it to
the storage domain.
6. You can have a FULL offline deployment, you just need to make sure you
have all the packages available or even creating a small local repo on the
host where you deploy the hosted engine on (configuring dnf/yum to use the
local filepath for example after you sync the repos there).
I do believe that because there are not much resources at the moment around
oVirt, not all scenarios have been tested, while i'm not a RedHay employee,
i have a lot of love for the oVirt project.
btw, i have a large oVirt deployment probably running in the same
datacenter as you are, if you are in LD6 in Equinix ;)
Let me know if 1 helped you, if not, please attach logs again and also
check 2.
Looking forward.
On Fri, Apr 29, 2022 at 6:59 PM vk wrote:
> Hi Erez,
>
> I already tried to put the 2 extra vars one after the other but it doesn't
> work:
>
> $hosted-engine --deploy
> --ansible-extra-vars=he_appliance_ova=/usr/share/ovirt-engine-appliance/ovirt-engine-appliance-4.4-20211020135049.1.el8.ova
> he_offline_deployment=true
> --config-append=/var/lib/ovirt-hosted-engine-setup/answers/answers-20220424174041.conf
> FATAL: Invalid option 'he_offline_deployment=true'
>
> So I tried to put the variables in tmp file as you proposed, but it failed
> again with same error:
>
> 2022-04-29 16:48:01,701+0100 DEBUG
> otopi.ovirt_hosted_engine_setup.ansible_utils
> ansible_utils._process_output:106 {'msg': "Failed to download metadata for
> repo 'ovirt-4.4-centos-ceph-pacific': Cannot prepare internal
> mirrorlist: Curl error (6): Couldn't resolve host name for
> http://mirrorlist.centos.org/?release=8-stream=x86_64=storage-ceph-pacific
> [Could not resolve host: mirrorlist.centos.org]", 'results': [],
> 'rc': 1, 'invocation': {'module_args': {'name': ['ovirt-engine'], 'state':
> 'present', 'allow_downgrade': False, 'autoremove': False, 'bugfix': False,
> 'disable_gpg_check': False, 'disable_plugin': [], 'disablerepo':
> [], 'download_only': False, 'enable_plugin': [], 'enablerepo': [],
> 'exclude': [], 'installroot': '/', 'install_repoquery': True,
> 'install_weak_deps': True, 'security': False, 'skip_broken': False,
> 'update_cache': False, 'update_only': False, 'validate_certs': True,
> 'lock_timeout': 30, 'conf_file': None, 'disable_excludes': None,
> 'download_dir': None, 'list': None, 'releasever': None}},
> '_ansible_no_log': False, 'changed': False, '_ansible_delegated_vars':
> {'ansible_host':
[ovirt-users] Re: understanding if real engine offline deployment is possible
As I suspected, it hits where i mentioned, but looking again, there's no
bug whatsoever as it should skip it.
>From what I see in the logs, it does not pass "he_offline_deployment=true"
as an ansible extra var.
Look at line 6551: "2022-04-24 17:40:41,613+0100 DEBUG otopi.context
context.dumpEnvironment:775 ENV
OVEHOSTED_CORE/ansibleUserExtraVars=str:'he_appliance_ova=/usr/share/ovirt-engine-appliance/ovirt-engine-appliance-4.4-20211020135049.1.el8.ova'"
>From looking at the hosted-engine setup script, it does not accept multiple
"--ansible-extra-vars" arguments as it's a wrapper script that prepares the
configuration needed for ansible.
You can either try
"--ansible-extra-vars=he_appliance_ova=/usr/share/ovirt-engine-appliance/ovirt-engine-appliance-4.4-20211020135049.1.el8.ova
he_offline_deployment=true" or:
cat > /tmp/ovirt_he_ansible_extravars.yml < wrote:
>
> Hi,
>
> indeed, being able to manually configure the engine repo (before any
> engine repo is reached of course) would be a good thing, in case we want to
> use some internal repo not on internet (like redhat satellite repo)
>
> But if the engine deployment can really be offline (so no internet
> connection at all) with the default public repo, this can be a step done
> after the engine is deployed.
>
> having the choice could be good, but if there is really an issue on
> ansible side, like Erez mentioned, maybe first need to focus on this^^
>
> @Erez, please find the engine deploy log file in attachment
>
> thx
>
> Le ven. 29 avr. 2022 à 10:37, Sandro Bonazzola a
> écrit :
>
>> +Asaf Rachmani , +Martin Necas can
>> you please have a look here?
>>
>> Il giorno gio 28 apr 2022 alle ore 20:18 Erez Zarum
>> ha scritto:
>>
>>> I believe there's a bug here:
>>> https://github.com/oVirt/ovirt-ansible-collection/blob/master/roles/engine_setup/tasks/main.yml
>>> which besides the he_offline_deployment condition it relies
>>> on ovirt_engine_setup_perform_upgrade which is never passed to from the
>>> hosted_engine_setup role.
>>> If he can post the full log, it will be easier to understand where the
>>> issue is and why does ansible triggers yum repos.
>>>
>>> Another way to workaround it is to create a pre engine setup hook as
>>> ansible task and use it to configure the repos on the engine vm that it
>>> will use the local repos and not reach the internet at any point.
>>>
>>>
>>>
>>> On Thu, Apr 28, 2022 at 8:55 PM Strahil Nikolov via Users <
>>> users@ovirt.org> wrote:
>>>
Theoretically everything is possible.
In this situation I can recommend you to open an issue as
he_offline_deployment=true should really mean offline.
Currently you can modify the Ansible code on the system and modify the
repos pointing to your Satellite.
Best Regards,
Strahil Nikolov
On Tue, Apr 26, 2022 at 12:02, v...@itiviti.com
wrote:
Hi Everyone,
In my compagny, we try to deploy engine on 2 RHEL8 hosts we already
installed.
We don't have direct internet access, so the RHEL8 hosts have been
setup using some internal EL repo (using redhat satellite)
We have also duplicated internaly the necessary ovirt repositories, so
all ovirt packages can be installed.
Now the blocking part is the deployment of the engine. Is it really
possible to deploy an engine without having internet connection?
We tried several time but never succeeded.
I tried with ansible extra var "he_offline_deployment=true", naively
thinking it will download necessary packages for the engine through the
repositories already configured on the physical hosts (like the physical
host act as proxy)
I also tried by specifying the ova file with
he_appliance_ova=/usr/share/ovirt-engine-appliance/ovirt-engine-appliance-4.4-20211020135049.1.el8.ova
both options have also been tried together
(--ansible-extra-vars=he_appliance_ova=/usr/share/ovirt-engine-appliance/ovirt-engine-appliance-4.4-20211020135049.1.el8.ova
--ansible-extra-vars=he_offline_deployment=true)
But at the end, it seems the engine deployment process makes the engine
to need to reach the ovirt internet repositories, as it always failed with:
2022-04-24 17:39:53,268+0100 ERROR
otopi.ovirt_hosted_engine_setup.ansible_utils
ansible_utils._process_output:110 fatal: [localhost -> 192.168.1.154]:
FAILED! => {"changed": false, "msg": "Failed to download metadata for repo
'ovirt-4.4-centos-ceph-pacific': Cannot download repomd.xml: Cannot
download repodata/repomd.xml: All mirrors were tried", "rc": 1, "results":
[]}
FYI the pacific repo works fine when we download packages on physical
hosts.
ANother thing to know is that before being able to use our internal
repo present on our redhat satellite, a system need to install the
satellite crtificate, and register to satellite.
it would be
[ovirt-users] Re: understanding if real engine offline deployment is possible
+Asaf Rachmani , +Martin Necas can
you please have a look here?
Il giorno gio 28 apr 2022 alle ore 20:18 Erez Zarum
ha scritto:
> I believe there's a bug here:
> https://github.com/oVirt/ovirt-ansible-collection/blob/master/roles/engine_setup/tasks/main.yml
> which besides the he_offline_deployment condition it relies
> on ovirt_engine_setup_perform_upgrade which is never passed to from the
> hosted_engine_setup role.
> If he can post the full log, it will be easier to understand where the
> issue is and why does ansible triggers yum repos.
>
> Another way to workaround it is to create a pre engine setup hook as
> ansible task and use it to configure the repos on the engine vm that it
> will use the local repos and not reach the internet at any point.
>
>
>
> On Thu, Apr 28, 2022 at 8:55 PM Strahil Nikolov via Users
> wrote:
>
>> Theoretically everything is possible.
>> In this situation I can recommend you to open an issue as
>> he_offline_deployment=true should really mean offline.
>>
>> Currently you can modify the Ansible code on the system and modify the
>> repos pointing to your Satellite.
>>
>> Best Regards,
>> Strahil Nikolov
>>
>> On Tue, Apr 26, 2022 at 12:02, v...@itiviti.com
>> wrote:
>> Hi Everyone,
>> In my compagny, we try to deploy engine on 2 RHEL8 hosts we already
>> installed.
>>
>> We don't have direct internet access, so the RHEL8 hosts have been setup
>> using some internal EL repo (using redhat satellite)
>>
>> We have also duplicated internaly the necessary ovirt repositories, so
>> all ovirt packages can be installed.
>>
>> Now the blocking part is the deployment of the engine. Is it really
>> possible to deploy an engine without having internet connection?
>>
>> We tried several time but never succeeded.
>>
>> I tried with ansible extra var "he_offline_deployment=true", naively
>> thinking it will download necessary packages for the engine through the
>> repositories already configured on the physical hosts (like the physical
>> host act as proxy)
>>
>> I also tried by specifying the ova file with
>> he_appliance_ova=/usr/share/ovirt-engine-appliance/ovirt-engine-appliance-4.4-20211020135049.1.el8.ova
>>
>> both options have also been tried together
>> (--ansible-extra-vars=he_appliance_ova=/usr/share/ovirt-engine-appliance/ovirt-engine-appliance-4.4-20211020135049.1.el8.ova
>> --ansible-extra-vars=he_offline_deployment=true)
>>
>> But at the end, it seems the engine deployment process makes the engine
>> to need to reach the ovirt internet repositories, as it always failed with:
>>
>> 2022-04-24 17:39:53,268+0100 ERROR
>> otopi.ovirt_hosted_engine_setup.ansible_utils
>> ansible_utils._process_output:110 fatal: [localhost -> 192.168.1.154]:
>> FAILED! => {"changed": false, "msg": "Failed to download metadata for repo
>> 'ovirt-4.4-centos-ceph-pacific': Cannot download repomd.xml: Cannot
>> download repodata/repomd.xml: All mirrors were tried", "rc": 1, "results":
>> []}
>>
>> FYI the pacific repo works fine when we download packages on physical
>> hosts.
>> ANother thing to know is that before being able to use our internal repo
>> present on our redhat satellite, a system need to install the satellite
>> crtificate, and register to satellite.
>>
>> it would be so nice if we can achieve a fully offline engine deploy
>> (which mean no internet access at all, including the engine itself), but we
>> start to lack of clues if it's really possible.
>>
>> Here are all the ovirt packages installed on the physical hosts:
>>
>> $rpm -qa | grep ovirt
>> ovirt-ansible-collection-1.6.5-1.el8.noarch
>> ovirt-imageio-daemon-2.3.0-1.el8.x86_64
>> ovirt-host-4.4.9-2.el8.x86_64
>> ovirt-engine-appliance-4.4-20211020135049.1.el8.x86_64
>> ovirt-imageio-common-2.3.0-1.el8.x86_64
>> python3-ovirt-engine-sdk4-4.4.15-1.el8.x86_64
>> ovirt-host-dependencies-4.4.9-2.el8.x86_64
>> ovirt-hosted-engine-setup-2.5.4-2.el8.noarch
>> ovirt-imageio-client-2.3.0-1.el8.x86_64
>> ovirt-vmconsole-host-1.0.9-1.el8.noarch
>> ovirt-provider-ovn-driver-1.2.34-1.el8.noarch
>> cockpit-ovirt-dashboard-0.15.1-1.el8.noarch
>> python3-ovirt-setup-lib-1.3.2-1.el8.noarch
>> ovirt-hosted-engine-ha-2.4.9-1.el8.noarch
>> ovirt-vmconsole-1.0.9-1.el8.noarch
>>
>> thanks a lot in advance
>> ___
>> Users mailing list -- users@ovirt.org
>> To unsubscribe send an email to users-le...@ovirt.org
>> Privacy Statement: https://www.ovirt.org/privacy-policy.html
>> oVirt Code of Conduct:
>> https://www.ovirt.org/community/about/community-guidelines/
>> List Archives:
>> https://lists.ovirt.org/archives/list/users@ovirt.org/message/5IKRUH4A3MY26URYVWIQEAXTIVA4ZEA3/
>>
>> ___
>> Users mailing list -- users@ovirt.org
>> To unsubscribe send an email to users-le...@ovirt.org
>> Privacy Statement: https://www.ovirt.org/privacy-policy.html
>> oVirt Code of Conduct:
>> https://www.ovirt.org/community/about/community-guidelines/
>> List Archives:
>>
[ovirt-users] Re: understanding if real engine offline deployment is possible
I believe there's a bug here:
https://github.com/oVirt/ovirt-ansible-collection/blob/master/roles/engine_setup/tasks/main.yml
which besides the he_offline_deployment condition it relies
on ovirt_engine_setup_perform_upgrade which is never passed to from the
hosted_engine_setup role.
If he can post the full log, it will be easier to understand where the
issue is and why does ansible triggers yum repos.
Another way to workaround it is to create a pre engine setup hook as
ansible task and use it to configure the repos on the engine vm that it
will use the local repos and not reach the internet at any point.
On Thu, Apr 28, 2022 at 8:55 PM Strahil Nikolov via Users
wrote:
> Theoretically everything is possible.
> In this situation I can recommend you to open an issue as
> he_offline_deployment=true should really mean offline.
>
> Currently you can modify the Ansible code on the system and modify the
> repos pointing to your Satellite.
>
> Best Regards,
> Strahil Nikolov
>
> On Tue, Apr 26, 2022 at 12:02, v...@itiviti.com
> wrote:
> Hi Everyone,
> In my compagny, we try to deploy engine on 2 RHEL8 hosts we already
> installed.
>
> We don't have direct internet access, so the RHEL8 hosts have been setup
> using some internal EL repo (using redhat satellite)
>
> We have also duplicated internaly the necessary ovirt repositories, so all
> ovirt packages can be installed.
>
> Now the blocking part is the deployment of the engine. Is it really
> possible to deploy an engine without having internet connection?
>
> We tried several time but never succeeded.
>
> I tried with ansible extra var "he_offline_deployment=true", naively
> thinking it will download necessary packages for the engine through the
> repositories already configured on the physical hosts (like the physical
> host act as proxy)
>
> I also tried by specifying the ova file with
> he_appliance_ova=/usr/share/ovirt-engine-appliance/ovirt-engine-appliance-4.4-20211020135049.1.el8.ova
>
> both options have also been tried together
> (--ansible-extra-vars=he_appliance_ova=/usr/share/ovirt-engine-appliance/ovirt-engine-appliance-4.4-20211020135049.1.el8.ova
> --ansible-extra-vars=he_offline_deployment=true)
>
> But at the end, it seems the engine deployment process makes the engine to
> need to reach the ovirt internet repositories, as it always failed with:
>
> 2022-04-24 17:39:53,268+0100 ERROR
> otopi.ovirt_hosted_engine_setup.ansible_utils
> ansible_utils._process_output:110 fatal: [localhost -> 192.168.1.154]:
> FAILED! => {"changed": false, "msg": "Failed to download metadata for repo
> 'ovirt-4.4-centos-ceph-pacific': Cannot download repomd.xml: Cannot
> download repodata/repomd.xml: All mirrors were tried", "rc": 1, "results":
> []}
>
> FYI the pacific repo works fine when we download packages on physical
> hosts.
> ANother thing to know is that before being able to use our internal repo
> present on our redhat satellite, a system need to install the satellite
> crtificate, and register to satellite.
>
> it would be so nice if we can achieve a fully offline engine deploy (which
> mean no internet access at all, including the engine itself), but we start
> to lack of clues if it's really possible.
>
> Here are all the ovirt packages installed on the physical hosts:
>
> $rpm -qa | grep ovirt
> ovirt-ansible-collection-1.6.5-1.el8.noarch
> ovirt-imageio-daemon-2.3.0-1.el8.x86_64
> ovirt-host-4.4.9-2.el8.x86_64
> ovirt-engine-appliance-4.4-20211020135049.1.el8.x86_64
> ovirt-imageio-common-2.3.0-1.el8.x86_64
> python3-ovirt-engine-sdk4-4.4.15-1.el8.x86_64
> ovirt-host-dependencies-4.4.9-2.el8.x86_64
> ovirt-hosted-engine-setup-2.5.4-2.el8.noarch
> ovirt-imageio-client-2.3.0-1.el8.x86_64
> ovirt-vmconsole-host-1.0.9-1.el8.noarch
> ovirt-provider-ovn-driver-1.2.34-1.el8.noarch
> cockpit-ovirt-dashboard-0.15.1-1.el8.noarch
> python3-ovirt-setup-lib-1.3.2-1.el8.noarch
> ovirt-hosted-engine-ha-2.4.9-1.el8.noarch
> ovirt-vmconsole-1.0.9-1.el8.noarch
>
> thanks a lot in advance
> ___
> Users mailing list -- users@ovirt.org
> To unsubscribe send an email to users-le...@ovirt.org
> Privacy Statement: https://www.ovirt.org/privacy-policy.html
> oVirt Code of Conduct:
> https://www.ovirt.org/community/about/community-guidelines/
> List Archives:
> https://lists.ovirt.org/archives/list/users@ovirt.org/message/5IKRUH4A3MY26URYVWIQEAXTIVA4ZEA3/
>
> ___
> Users mailing list -- users@ovirt.org
> To unsubscribe send an email to users-le...@ovirt.org
> Privacy Statement: https://www.ovirt.org/privacy-policy.html
> oVirt Code of Conduct:
> https://www.ovirt.org/community/about/community-guidelines/
> List Archives:
> https://lists.ovirt.org/archives/list/users@ovirt.org/message/OTS7PU7DMWC6KEKTOAHJ5OILFGE6BI4K/
>
___
Users mailing list -- users@ovirt.org
To unsubscribe send an email to users-le...@ovirt.org
Privacy Statement:
[ovirt-users] Re: understanding if real engine offline deployment is possible
Theoretically everything is possible.In this situation I can recommend you to
open an issue as he_offline_deployment=true should really mean offline.
Currently you can modify the Ansible code on the system and modify the repos
pointing to your Satellite.
Best Regards,Strahil Nikolov
On Tue, Apr 26, 2022 at 12:02, v...@itiviti.com wrote: Hi
Everyone,
In my compagny, we try to deploy engine on 2 RHEL8 hosts we already installed.
We don't have direct internet access, so the RHEL8 hosts have been setup using
some internal EL repo (using redhat satellite)
We have also duplicated internaly the necessary ovirt repositories, so all
ovirt packages can be installed.
Now the blocking part is the deployment of the engine. Is it really possible to
deploy an engine without having internet connection?
We tried several time but never succeeded.
I tried with ansible extra var "he_offline_deployment=true", naively thinking
it will download necessary packages for the engine through the repositories
already configured on the physical hosts (like the physical host act as proxy)
I also tried by specifying the ova file with
he_appliance_ova=/usr/share/ovirt-engine-appliance/ovirt-engine-appliance-4.4-20211020135049.1.el8.ova
both options have also been tried together
(--ansible-extra-vars=he_appliance_ova=/usr/share/ovirt-engine-appliance/ovirt-engine-appliance-4.4-20211020135049.1.el8.ova
--ansible-extra-vars=he_offline_deployment=true)
But at the end, it seems the engine deployment process makes the engine to need
to reach the ovirt internet repositories, as it always failed with:
2022-04-24 17:39:53,268+0100 ERROR
otopi.ovirt_hosted_engine_setup.ansible_utils ansible_utils._process_output:110
fatal: [localhost -> 192.168.1.154]: FAILED! => {"changed": false, "msg":
"Failed to download metadata for repo 'ovirt-4.4-centos-ceph-pacific': Cannot
download repomd.xml: Cannot download repodata/repomd.xml: All mirrors were
tried", "rc": 1, "results": []}
FYI the pacific repo works fine when we download packages on physical hosts.
ANother thing to know is that before being able to use our internal repo
present on our redhat satellite, a system need to install the satellite
crtificate, and register to satellite.
it would be so nice if we can achieve a fully offline engine deploy (which mean
no internet access at all, including the engine itself), but we start to lack
of clues if it's really possible.
Here are all the ovirt packages installed on the physical hosts:
$rpm -qa | grep ovirt
ovirt-ansible-collection-1.6.5-1.el8.noarch
ovirt-imageio-daemon-2.3.0-1.el8.x86_64
ovirt-host-4.4.9-2.el8.x86_64
ovirt-engine-appliance-4.4-20211020135049.1.el8.x86_64
ovirt-imageio-common-2.3.0-1.el8.x86_64
python3-ovirt-engine-sdk4-4.4.15-1.el8.x86_64
ovirt-host-dependencies-4.4.9-2.el8.x86_64
ovirt-hosted-engine-setup-2.5.4-2.el8.noarch
ovirt-imageio-client-2.3.0-1.el8.x86_64
ovirt-vmconsole-host-1.0.9-1.el8.noarch
ovirt-provider-ovn-driver-1.2.34-1.el8.noarch
cockpit-ovirt-dashboard-0.15.1-1.el8.noarch
python3-ovirt-setup-lib-1.3.2-1.el8.noarch
ovirt-hosted-engine-ha-2.4.9-1.el8.noarch
ovirt-vmconsole-1.0.9-1.el8.noarch
thanks a lot in advance
___
Users mailing list -- users@ovirt.org
To unsubscribe send an email to users-le...@ovirt.org
Privacy Statement: https://www.ovirt.org/privacy-policy.html
oVirt Code of Conduct:
https://www.ovirt.org/community/about/community-guidelines/
List Archives:
https://lists.ovirt.org/archives/list/users@ovirt.org/message/5IKRUH4A3MY26URYVWIQEAXTIVA4ZEA3/
___
Users mailing list -- users@ovirt.org
To unsubscribe send an email to users-le...@ovirt.org
Privacy Statement: https://www.ovirt.org/privacy-policy.html
oVirt Code of Conduct:
https://www.ovirt.org/community/about/community-guidelines/
List Archives:
https://lists.ovirt.org/archives/list/users@ovirt.org/message/OTS7PU7DMWC6KEKTOAHJ5OILFGE6BI4K/
