Re: [vdsm] SSLError with vdsm

2012-06-07 Thread Wenyi Gao 

On 2012-06-07 13:51, Zhou Zheng Sheng wrote:

Hi,
It is because normal user do not have the privilege to access the keys 
in /etc/pki/vdsm/keys/ and certificates in /etc/pki/vdsm/certs/. You 
can su to root or sudo vdsClient to use SSL connection.


于 2012年06月07日 13:03, Wenyi Gao 写道:


Hi guys,

When I ran the cmmand vdsClient -s 0 getVdsCaps, I got the 
following error:



$ vdsClient -s 0 getVdsCaps
Traceback (most recent call last):
  File /usr/share/vdsm/vdsClient.py, line 2275, in module
code, message = commands[command][0](commandArgs)
  File /usr/share/vdsm/vdsClient.py, line 403, in do_getCap
return self.ExecAndExit(self.s.getVdsCapabilities())
  File /usr/lib64/python2.7/xmlrpclib.py, line 1224, in __call__
return self.__send(self.__name, args)
  File /usr/lib64/python2.7/xmlrpclib.py, line 1578, in __request
verbose=self.__verbose
  File /usr/lib64/python2.7/xmlrpclib.py, line 1264, in request
return self.single_request(host, handler, request_body, verbose)
  File /usr/lib64/python2.7/xmlrpclib.py, line 1292, in single_request
self.send_content(h, request_body)
  File /usr/lib64/python2.7/xmlrpclib.py, line 1439, in send_content
connection.endheaders(request_body)
  File /usr/lib64/python2.7/httplib.py, line 954, in endheaders
self._send_output(message_body)
  File /usr/lib64/python2.7/httplib.py, line 814, in _send_output
self.send(msg)
  File /usr/lib64/python2.7/httplib.py, line 776, in send
self.connect()
  File /usr/lib/python2.7/site-packages/vdsm/SecureXMLRPCServer.py, 
line 98, in connect

cert_reqs=self.cert_reqs)
  File /usr/lib64/python2.7/ssl.py, line 381, in wrap_socket
ciphers=ciphers)
  File /usr/lib64/python2.7/ssl.py, line 141, in __init__
ciphers)
SSLError: [Errno 185090050] _ssl.c:340: error:0B084002:x509 
certificate routines:X509_load_cert_crl_file:system lib




But if I set ssl = false in /etc/vdsm/vdsm.conf, then run 
vdsClient 0 getVdsCaps, the problem goes away.


Does anyone know what causes the problem above? Thanks.


Wenyi Gao



___
vdsm-devel mailing list
vdsm-devel@lists.fedorahosted.org
https://fedorahosted.org/mailman/listinfo/vdsm-devel


--
Thanks and best regards!

Zhou Zheng Sheng / 周征晟
E-mail:zhshz...@linux.vnet.ibm.com
Telephone: 86-10-82454397


___
vdsm-devel mailing list
vdsm-devel@lists.fedorahosted.org
https://fedorahosted.org/mailman/listinfo/vdsm-devel


Yes, it works. Thanks.

Wenyi Gao
___
vdsm-devel mailing list
vdsm-devel@lists.fedorahosted.org
https://fedorahosted.org/mailman/listinfo/vdsm-devel

[vdsm] Request for code review

2012-06-07 Thread Wenyi Gao 

Hi guys:

My patch Move vdsmd.init to vdsm-tool is ready for review.
http://gerrit.ovirt.org/#/c/4738/

I am looking forward to your comments. Thanks.


Wenyi Gao

___
vdsm-devel mailing list
vdsm-devel@lists.fedorahosted.org
https://fedorahosted.org/mailman/listinfo/vdsm-devel

[vdsm] SSLError with vdsm

2012-06-06 Thread Wenyi Gao 


Hi guys,

When I ran the cmmand vdsClient -s 0 getVdsCaps, I got the following 
error:



$ vdsClient -s 0 getVdsCaps
Traceback (most recent call last):
  File /usr/share/vdsm/vdsClient.py, line 2275, in module
code, message = commands[command][0](commandArgs)
  File /usr/share/vdsm/vdsClient.py, line 403, in do_getCap
return self.ExecAndExit(self.s.getVdsCapabilities())
  File /usr/lib64/python2.7/xmlrpclib.py, line 1224, in __call__
return self.__send(self.__name, args)
  File /usr/lib64/python2.7/xmlrpclib.py, line 1578, in __request
verbose=self.__verbose
  File /usr/lib64/python2.7/xmlrpclib.py, line 1264, in request
return self.single_request(host, handler, request_body, verbose)
  File /usr/lib64/python2.7/xmlrpclib.py, line 1292, in single_request
self.send_content(h, request_body)
  File /usr/lib64/python2.7/xmlrpclib.py, line 1439, in send_content
connection.endheaders(request_body)
  File /usr/lib64/python2.7/httplib.py, line 954, in endheaders
self._send_output(message_body)
  File /usr/lib64/python2.7/httplib.py, line 814, in _send_output
self.send(msg)
  File /usr/lib64/python2.7/httplib.py, line 776, in send
self.connect()
  File /usr/lib/python2.7/site-packages/vdsm/SecureXMLRPCServer.py, 
line 98, in connect

cert_reqs=self.cert_reqs)
  File /usr/lib64/python2.7/ssl.py, line 381, in wrap_socket
ciphers=ciphers)
  File /usr/lib64/python2.7/ssl.py, line 141, in __init__
ciphers)
SSLError: [Errno 185090050] _ssl.c:340: error:0B084002:x509 certificate 
routines:X509_load_cert_crl_file:system lib




But if I set ssl = false in /etc/vdsm/vdsm.conf, then run vdsClient 0 
getVdsCaps, the problem goes away.


Does anyone know what causes the problem above? Thanks.


Wenyi Gao



___
vdsm-devel mailing list
vdsm-devel@lists.fedorahosted.org
https://fedorahosted.org/mailman/listinfo/vdsm-devel

Re: [vdsm] Re-code /etc/init.d/functions script with Python and move it to vdsm-tool

2012-05-13 Thread Wenyi Gao 

On 2012-05-10 15:33, Federico Simoncelli wrote:

- Original Message -

From: Wenyi Gaowe...@linux.vnet.ibm.com
To: vdsm-devel@lists.fedorahosted.org
Sent: Thursday, May 10, 2012 5:36:08 AM
Subject: [vdsm] Re-code /etc/init.d/functions script with Python and move it
to vdsm-tool

Hi All,

I am working on moving vdsm.init script to vdsm-tool. But the
vdsm.init
script uses some of functions from /etc/init.d/functions. So I plan
to
re-code the /etc/init.d/functions or part of it with python code and
also move it to vdsm-tool.  Is it okey?

Ah thanks for asking, this is something dear to me :)
Basically the init file shouldn't be in python and should look as much as
possible like the standard one:

http://git.fedorahosted.org/git/?p=rpmdevtools.git;a=blob;f=template.init

All the rest should be moved to vdsm-tool as:

- check_port_taken
- mk_data_center
- mk_dom_backup
- mk_upgrade_path
- mk_core_path
- mk_run_path
- get_libvirt_conf_item
- test_conflicting_conf
- shutdown_conflicting_srv (on fedora this is taken care by systemd)
- upstart_libvirt
- start_needed_srv (on fedora this is taken care by systemd)
- test_lo
- free_space
- test_space
- bond_dev_available
- load_needed_modules
- test_already_running
- configure_libvirt
- configure_sysctl

Feel free to regroup the actions as you want (maybe it would make sense
to have just one function with all the mk_* commands, etc...)

So to answer your question, no, you shouldn't need to re-code the init.d
functions.

Thanks,

Got it, thanks Dan and Federico.

___
vdsm-devel mailing list
vdsm-devel@lists.fedorahosted.org
https://fedorahosted.org/mailman/listinfo/vdsm-devel

[vdsm] Re-code /etc/init.d/functions script with Python and move it to vdsm-tool

2012-05-09 Thread Wenyi Gao 

Hi All,

I am working on moving vdsm.init script to vdsm-tool. But the vdsm.init 
script uses some of functions from /etc/init.d/functions. So I plan to 
re-code the /etc/init.d/functions or part of it with python code and 
also move it to vdsm-tool.  Is it okey?




BR.
Wenyi

___
vdsm-devel mailing list
vdsm-devel@lists.fedorahosted.org
https://fedorahosted.org/mailman/listinfo/vdsm-devel