[ovirt-users] oVirt Metrics Store Installation - Error during SSO authentication

Markus Schaufler Mon, 14 Oct 2019 23:50:35 -0700

Hi,

oVirt 4.3.5
changed certificate to one from an official CA
configured active directory auth
no kerberos / no ldapS


as per: 
https://access.redhat.com/documentation/en-us/red_hat_virtualization/4.3/html-single/metrics_store_installation_guide/index#Installing_metrics_store

ANSIBLE_JINJA2_EXTENSIONS="jinja2.ext.do" 
./configure_ovirt_machines_for_metrics.sh 
--playbook=ovirt-metrics-store-installation.yml --ask-vault-pass -vvvv


During installation of the metrics store following error appears:

TASK [oVirt.image-template : Login to oVirt] 
*********************************************************************************************************
task path: 
/usr/share/ansible/roles/ovirt.image-template/tasks/qcow2_image.yml:41
<localhost> ESTABLISH LOCAL CONNECTION FOR USER: root
<localhost> EXEC /bin/sh -c 'echo ~root && sleep 0'
<localhost> EXEC /bin/sh -c '( umask 77 && mkdir -p "` echo 
/root/.ansible/tmp/ansible-tmp-1571121133.7-63276692983944 `" && echo 
ansible-tmp-1571121133.7-63276692983944="` echo 
/root/.ansible/tmp/ansible-tmp-1571121133.7-63276692983944 `" ) && sleep 0'
Using module file 
/usr/lib/python2.7/site-packages/ansible/modules/cloud/ovirt/ovirt_auth.py
<localhost> PUT /root/.ansible/tmp/ansible-local-32046wbKds4/tmpyM5Ro2 TO 
/root/.ansible/tmp/ansible-tmp-1571121133.7-63276692983944/AnsiballZ_ovirt_auth.py
<localhost> EXEC /bin/sh -c 'chmod u+x 
/root/.ansible/tmp/ansible-tmp-1571121133.7-63276692983944/ 
/root/.ansible/tmp/ansible-tmp-1571121133.7-63276692983944/AnsiballZ_ovirt_auth.py
 && sleep 0'
<localhost> EXEC /bin/sh -c '/usr/bin/python 
/root/.ansible/tmp/ansible-tmp-1571121133.7-63276692983944/AnsiballZ_ovirt_auth.py
 && sleep 0'
<localhost> EXEC /bin/sh -c 'rm -f -r 
/root/.ansible/tmp/ansible-tmp-1571121133.7-63276692983944/ > /dev/null 2>&1 && 
sleep 0'
The full traceback is:
Traceback (most recent call last):
  File "/tmp/ansible_ovirt_auth_payload_2cmBY9/__main__.py", line 276, in main
    token = connection.authenticate()
  File "/usr/lib64/python2.7/site-packages/ovirtsdk4/__init__.py", line 382, in 
authenticate
    self._sso_token = self._get_access_token()
  File "/usr/lib64/python2.7/site-packages/ovirtsdk4/__init__.py", line 628, in 
_get_access_token
    sso_error[1]
AuthError: Error during SSO authentication access_denied : Cannot authenticate 
user 'xxx@xxxx.LOCAL': No valid profile found in credentials..

fatal: [localhost]: FAILED! => {
    "changed": false,
    "invocation": {
        "module_args": {
            "ca_file": "/etc/pki/ovirt-engine/apache-ca.pem",
            "compress": true,
            "headers": null,
            "hostname": "ovirt-poc.xxxx.at",
            "insecure": false,
            "kerberos": false,
            "ovirt_auth": null,
            "password": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER",
            "state": "present",
            "timeout": 0,
            "token": null,
            "url": "https://ovirt-poc.xxxx.at/ovirt-engine/api";,
            "username": "xxx@xxx.LOCAL"
        }
    },
    "msg": "Error during SSO authentication access_denied : Cannot authenticate 
user 'xxx@xxx.LOCAL': No valid profile found in credentials.."
}

TASK [oVirt.image-template : Remove downloaded image] 
************************************************************************************************
task path: 
/usr/share/ansible/roles/ovirt.image-template/tasks/qcow2_image.yml:210
skipping: [localhost] => {
    "changed": false,
    "skip_reason": "Conditional result was False"
}

TASK [oVirt.image-template : Remove vm] 
**************************************************************************************************************
task path: 
/usr/share/ansible/roles/ovirt.image-template/tasks/qcow2_image.yml:216
fatal: [localhost]: FAILED! => {
    "msg": "The conditional check 'ovirt_templates | length == 0' failed. The 
error was: error while evaluating conditional (ovirt_templates | length == 0): 
'ovirt_templates' is undefined\n\nThe error appears to be in 
'/usr/share/ansible/roles/ovirt.image-template/tasks/qcow2_image.yml': line 
216, column 7, but may\nbe elsewhere in the file depending on the exact syntax 
problem.\n\nThe offending line appears to be:\n\n\n    - name: Remove vm\n      
^ here\n"
}

###############################################


Double-checked the credentials in "metrics-store-config.yml" and 
"secure_vars.yaml" and tried with admin@internal with same error. 

Any hints on this?
_______________________________________________
Users mailing list -- users@ovirt.org
To unsubscribe send an email to users-le...@ovirt.org
Privacy Statement: https://www.ovirt.org/site/privacy-policy/
oVirt Code of Conduct: 
https://www.ovirt.org/community/about/community-guidelines/
List Archives: 
https://lists.ovirt.org/archives/list/users@ovirt.org/message/TN72E7YVV3EGO2UKYAIU35KSA6QEA5QO/

[ovirt-users] oVirt Metrics Store Installation - Error during SSO authentication

Reply via email to