On 16/03/18 15:21, Dominik Holler wrote:
> On Fri, 16 Mar 2018 12:46:13 +0200
> Kapetanakis Giannis <[email protected]> wrote:
>
>> Hi,
>>
>> After upgrading to 4.2.1 I have problems with ovn provider.
>> I'm getting "Failed to synchronize networks of Provider
>> ovirt-provider-ovn."
>>
>> I use custom SSL certificate in apache and I guess this is the reason.
>>
>> I've tried to update ovirt-provider-ovn.conf with
>> [OVIRT]
>> #ovirt-ca-file=/etc/pki/ovirt-engine/ca.pem
>> ovirt-ca-file=/etc/pki/ovirt-engine/apache-ca.pem
>>
>> but still no go
>
> Would you share the lines in engine.log produced by clicking the "Test"
> button in the "Edit Provider" dialog?
> On Clicking the test button, are you asked about "Import provider
> certificate"?
>
I get ok in test:
Test succeeded, managed to access provider.
2018-03-16 17:35:20,024+02 INFO
[org.ovirt.engine.core.bll.provider.TestProviderConnectivityCommand] (default
task-28) [9920f622-b878-45e1-a421-e76c0ab23470] Running command:
TestProviderConnectivityCommand internal: false. Entities affected : ID:
aaa00000-0000-0000-0000-123456789aaa Type: SystemAction group
CREATE_STORAGE_POOL with role type ADMIN
However a little bit later:
ovirt-provider-ovn.log:
2018-03-16 17:37:27,827 requests.packages.urllib3.connectionpool Starting new
HTTPS connection (1): engine-host
2018-03-16 17:37:27,827 requests.packages.urllib3.connectionpool Starting new
HTTPS connection (1): engine-host
2018-03-16 17:37:27,832 root [SSL: CERTIFICATE_VERIFY_FAILED] certificate
verify failed (_ssl.c:579)
Traceback (most recent call last):
File "/usr/share/ovirt-provider-ovn/handlers/base_handler.py", line 131, in
_handle_request
method, path_parts, content)
File "/usr/share/ovirt-provider-ovn/handlers/selecting_handler.py", line 175,
in handle_request
return self.call_response_handler(handler, content, parameters)
File "/usr/share/ovirt-provider-ovn/handlers/keystone.py", line 33, in
call_response_handler
return response_handler(content, parameters)
File "/usr/share/ovirt-provider-ovn/handlers/keystone_responses.py", line 62,
in post_tokens
user_password=user_password)
File "/usr/share/ovirt-provider-ovn/auth/plugin_facade.py", line 26, in
create_token
return auth.core.plugin.create_token(user_at_domain, user_password)
File "/usr/share/ovirt-provider-ovn/auth/plugins/ovirt/plugin.py", line 48,
in create_token
timeout=self._timeout())
File "/usr/share/ovirt-provider-ovn/auth/plugins/ovirt/sso.py", line 75, in
create_token
username, password, engine_url, ca_file, timeout)
File "/usr/share/ovirt-provider-ovn/auth/plugins/ovirt/sso.py", line 91, in
_get_sso_token
timeout=timeout
File "/usr/share/ovirt-provider-ovn/auth/plugins/ovirt/sso.py", line 54, in
wrapper
response = func(*args, **kwargs)
File "/usr/share/ovirt-provider-ovn/auth/plugins/ovirt/sso.py", line 47, in
wrapper
raise BadGateway(e)
BadGateway: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed
(_ssl.c:579)
and in engine log:
2018-03-16 17:37:27,834+02 ERROR
[org.ovirt.engine.core.bll.provider.network.SyncNetworkProviderCommand]
(EE-ManagedThreadFactory-engineScheduled-Thread-27) [621c2b23] Command
'org.ovirt.engine.core.bll.provider.network.SyncNetworkProviderCommand' failed:
EngineException: (Failed with error PROVIDER_FAILURE and code 5050)
2018-03-16 17:37:27,850+02 ERROR
[org.ovirt.engine.core.dal.dbbroker.auditloghandling.AuditLogDirector]
(EE-ManagedThreadFactory-engineScheduled-Thread-27) [621c2b23] EVENT_ID:
PROVIDER_SYNCHRONIZED_FAILED(216), Failed to synchronize networks of Provider
ovirt-provider-ovn.
So the engine can talk with ovn but not the other way around as I understand.
I think it might have to do with [SSL] settings of ovirt-provider-ovn.conf
G
_______________________________________________
Users mailing list
[email protected]
http://lists.ovirt.org/mailman/listinfo/users
