Alon Bar-Lev has posted comments on this change. Change subject: hosted-engine: WIP - allow to deploy hosted-engine ......................................................................
Patch Set 3: (2 comments) https://gerrit.ovirt.org/#/c/38547/3/src/plugins/ovirt-host-deploy/hosted-engine/configureha.py File src/plugins/ovirt-host-deploy/hosted-engine/configureha.py: Line 146: self.logger.info(_('Updating hosted-engine configuration')) Line 147: conf = { Line 148: 'bridge': self.environment[ Line 149: odeploycons.VdsmEnv.MANAGEMENT_BRIDGE_NAME Line 150: ], > I'll add a hosted engine env then. it's needed by the HA daemons. no need to add new env, use the prefix and you will be able to set the entire config without modifying the interface. Line 151: 'ca_cert': os.path.join( Line 152: odeploycons.FileLocations.VDSM_TRUST_STORE, Line 153: odeploycons.FileLocations.VDSM_SPICE_CA_FILE Line 154: ), Line 154: ), Line 155: 'ca_subject': '"{subject}"'.format( Line 156: subject=self.environment[ Line 157: odeploycons.HostedEngineEnv.SPICE_SUBJECT Line 158: ], > It's used by "hosted-engine --console" for calling this is not ca subject, it is the end certificate subject? not sure why it is required, as in pki you trust a set of CAs and check subject based on remote address. as far as I understand this is incorrect usage of PKI and/or incorrect terms. but still I do not understand... do you run remove-viewer on hosts? so you enforce graphics on hosts? Line 159: ), # TODO: check if it's already passed for VDSM configuration Line 160: 'connectionUUID': self.environment[ Line 161: odeploycons.HostedEngineEnv.CONNECTION_UUID Line 162: ], -- To view, visit https://gerrit.ovirt.org/38547 To unsubscribe, visit https://gerrit.ovirt.org/settings Gerrit-MessageType: comment Gerrit-Change-Id: Ia07992ccab2f745879c8d3d777e45b524bbdf6f8 Gerrit-PatchSet: 3 Gerrit-Project: ovirt-host-deploy Gerrit-Branch: master Gerrit-Owner: Sandro Bonazzola <[email protected]> Gerrit-Reviewer: Alon Bar-Lev <[email protected]> Gerrit-Reviewer: Doron Fediuck <[email protected]> Gerrit-Reviewer: Federico Simoncelli <[email protected]> Gerrit-Reviewer: Martin Sivák <[email protected]> Gerrit-Reviewer: Roy Golan <[email protected]> Gerrit-Reviewer: Sandro Bonazzola <[email protected]> Gerrit-Reviewer: [email protected] Gerrit-Reviewer: oVirt Jenkins CI Server Gerrit-HasComments: Yes _______________________________________________ Engine-patches mailing list [email protected] http://lists.ovirt.org/mailman/listinfo/engine-patches
