On Wed, Aug 31, 2016 at 4:27 PM, Logan Kuhn <log...@wolfram.com> wrote:
> Thank you for your response, but unfortunately it still doesn't work. > > I can do cinder-ey things from the command line, including cinder list, > type-show, create. The keystonerc_admin file that I use matches yours with > the relevant bits changed for my environment, password, region etc. I've > filled out the External Provider dialog with the admin user, cinder user > and a new user. The dialog reports that it Failed to communicate with the > external provider and to consult the log. The log reports the following: > > 2016-08-31 08:04:21,518 INFO [org.ovirt.engine.core.bll.provider. > TestProviderConnectivityCommand] (default task-46) [20342b40] Running > command: TestProviderConnectivityCommand internal: false. Entities > affected : ID: aaa00000-0000-0000-0000-123456789aaa Type: SystemAction > group CREATE_STORAGE_POOL with role type ADMIN > 2016-08-31 08:04:21,546 ERROR [org.ovirt.engine.core.bll.provider.storage. > AbstractOpenStackStorageProviderProxy] (default task-46) [20342b40] > Unauthorized (OpenStack response error code: 401) > 2016-08-31 08:04:21,546 ERROR [org.ovirt.engine.core.bll.provider. > TestProviderConnectivityCommand] (default task-46) [20342b40] Command > 'org.ovirt.engine.core.bll.provider.TestProviderConnectivityCommand' > failed: EngineException: (Failed with error PROVIDER_FAILURE and code 5050) > > Which is very obvious that the username/auth that ovirt is sending isn't > allowed to create, but it's using the same username/password that's in the > keystonerc_admin file that I can do various command line things with. > > This is my keystonerc_admin file: > > OS_AUTH_URL=http://10.128.7.252:5000/v3 > OS_PASSWORD=adminpass > OS_PROJECT_DOMAIN_NAME=default > OS_PROJECT_NAME=admin > OS_REGION_NAME=WRI > OS_TENANT_NAME=admin > OS_USERNAME=admin > OS_USER_DOMAIN_NAME=default > > I had to make add certain fields and change the auth url to v3 otherwise > it reported either a malformed URL or more commonly, 401 Unauthorized. > Which made me wonder if it's a compatibility issue with the v3 API. I've > been working with Openstack Mitaka and ovirt 4.0.2 and 4.0.3 > For keystone authentication, we support v2.0. Have you tried 'http://10.128.7.252:5000/v2.0' as authentication URL on add provider dialog? > > Regards, > Logan > > ----- On Aug 31, 2016, at 6:07 AM, Natalie Gavrilov <ngavr...@redhat.com> > wrote: > > Hi Logen, > > I'll refer only to* using authentication*, because I had configured it > previously. > This means: /etc/cinder/cinder.conf should have: auth_strategy = keystone > I'm using keystonerc file, example keystonerc_admin: > ------------------------------------------------------------ > ---------------- > unset OS_SERVICE_TOKEN > export OS_USERNAME=admin > export OS_PASSWORD=password > export OS_AUTH_URL=http://CINDER-HOST:5000/v2.0 > export PS1='[\u@\h \W(keystone_admin)]\$ ' > > export OS_TENANT_NAME=admin > export OS_REGION_NAME=RegionOne > ------------------------------------------------------------ > ---------------- > > This will be step by step as much as possible just to make sure nothing is > missed (assuming Cinder and Ceph are configured correctly). > > Go to: > External providers -> Add > Fill in the fields: > Name: > Type: *OpenStack Volume* > Provider url: http://CINDER_HOST:8776 > <http://ogofen-cinder.scl.lab.tlv.redhat.com:8776> > Check "Requires Authentication" > > Fill in the information, this is an example: > Username: admin > Password: password > Tenant name: admin > Authentication URL: http://CINDER-HOST:5000/v2.0 > <http://natalie-cinder.scl.lab.tlv.redhat.com:5000/v2.0> > > Test should return *"Test succeeded, managed to access provider."* > Now click Ok. > > > *Now lets configure additional information:* > > Lower pane: *Authentication Keys* > Click on: New > Fill in *UUID* field with rbd_secret_uuid > and *value*:which is the key (it's in /etc/ceph/ceph.client. > USERNAME.keyring) > > > Hope this helps.. > > Regards, > Natalie > > ------------------------------ > > From: "Aharon Canan" <aca...@redhat.com> > To: "Natalie Gavrilov" <ngavr...@redhat.com> > Sent: Wednesday, August 31, 2016 8:53:22 AM > Subject: Fwd: [ovirt-users] Unable to backend oVirt with Cinder > > Hi > > Can you help with below? > This is community email and will be great if you can help this guy. > > Aharon > ---------- Forwarded message ---------- > From: Logan Kuhn <log...@wolfram.com> > Date: Tue, Aug 30, 2016 at 11:07 PM > Subject: [ovirt-users] Unable to backend oVirt with Cinder > To: users <users@ovirt.org> > > > I've got Cinder configured and pointed at Ceph for it's back end storage. > I can run ceph commands on the cinder machine and cinder is configured for > noauth and I've also tried it with Keystone for auth. I can run various > cinder commands and it'll return as expected. > > When I configure it in oVirt it'll add the external provider fine, but when > I go to create a disk it doesn't populate the volume type field, it's just > empty. The corresponding command for cinder: cinder type-list and cinder > type-show <name> returns fine and it is public. > > Ovirt and Cinder are on the same host so it isn't a firewall issue. > > Cinder config: > [DEFAULT] > rpc_backend = rabbit > #auth_strategy = keystone > auth_strategy = noauth > enabled_backends = ceph > #glance_api_servers = http://10.128.7.252:9292 > #glance_api_version = 2 > > #[keystone_authtoken] > #auth_uri = http://10.128.7.252:5000/v3 > #auth_url = http://10.128.7.252:35357/v3 > #auth_type = password > #memcached_servers = localhost:11211 > #project_domain_name = default > #user_domain_name = default > #project_name = services > #username = user > #password = pass > > [ceph] > volume_driver = cinder.volume.drivers.rbd.RBDDriver > volume_backend_name = ceph > rbd_pool = ovirt-images > rbd_user = cinder > rbd_secret_uuid = <secret> > rbd_ceph_conf = /etc/ceph/ceph.conf > rbd_flatten_volume_from_snapshot = true > rbd_max_clone_depth = 5 > rbd_store_chunk_size = 4 > rados_connect_timeout = -1 > #glance_api_version = 2 > > [database] > connection = postgresql://user:pass@10.128.2.33/cinder > > [oslo_concurrency] > lock_path = /var/lib/cinder/tmp > > [oslo_messaging_rabbit] > rabbit_host = localhost > rabbit_port = 5672 > rabbit_userid = user > rabbit_password = pass > > Regards, > Logan > > _______________________________________________ > Users mailing list > Users@ovirt.org > http://lists.ovirt.org/mailman/listinfo/users > > > _______________________________________________ > Users mailing list > Users@ovirt.org > http://lists.ovirt.org/mailman/listinfo/users > >
_______________________________________________ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users