Re: [Users] The SPM host node is in unresponsive mode
On 2012-5-15 14:21, Haim Ateya wrote: - Original Message - From: "Shu Ming" To: "Haim Ateya" Cc: "users@oVirt.org" Sent: Tuesday, May 15, 2012 9:03:42 AM Subject: Re: [Users] The SPM host node is in unresponsive mode On 2012-5-15 12:19, Haim Ateya wrote: - Original Message - From: "Shu Ming" To: "users@oVirt.org" Sent: Tuesday, May 15, 2012 4:56:36 AM Subject: [Users] The SPM host node is in unresponsive mode Hi, I attached one host node in my engine. Because it is the only one node, it is automatically the SPM node. And it used to run well in my engine. Yesterday, some errors happened in the network work of the host node. That made the node become "unresponsive" in the engine. I am sure the network errors are fixed and want to bring the node back to life now. However, I found that the only one node could not be "confirm as host been rebooted" and could not be set into the maintenance mode. The reason given there is no active host in the datacenter and SPM can not enter into maintenance mode. It seems that it fell into a logic loop here. Losting network can be quite common in developing environment even in production environment, I think we should have a way to address this problem on how to repair a host node encountering network down for a while. Hi Shu, first, for the manual fence to work ("confirm host have been rebooted") you will need another host in the cluster which will be used as a proxy and send the actual manual fence command. second, you are absolutely right, loss of network is a common scenario, and we should be able to recover, but lets try to understand why your host remain unresponsive after network returned. please ssh to the host and try the following: - vdsClient -s 0 getVdsCaps (validity check making sure vdsm service is up and running and communicate with its network socket from localhost) [root@ovirt-node1 ~]# vdsClient -s 0 getVdsCaps Connection to 9.181.129.110:54321 refused [root@ovirt-node1 ~]# root@ovirt-node1 ~]# ps -ef |grep vdsm root 1365 1 0 09:37 ?00:00:00 /usr/sbin/libvirtd --listen # by vdsm root 5534 4652 0 13:53 pts/000:00:00 grep --color=auto vdsm [root@ovirt-node1 ~]# service vdsmd start Redirecting to /bin/systemctl start vdsmd.service root@ovirt-node1 ~]# ps -ef |grep vdsm root 1365 1 0 09:37 ?00:00:00 /usr/sbin/libvirtd --listen # by vdsm root 5534 4652 0 13:53 pts/000:00:00 grep --color=auto vdsm It seems that VDSM process was gone while libvirtd spawned by VDSM was there. Then I tried to start the VDSM daemon, however it did nothing. After checking the vdsm.log file, the latest message was five hours ago and useless. Also, there was no useful message in libvirtd.log. [HA] problem is systemctl doesn't show real reason why service didn't go, lets try the following: - # cd /lib/systemd/ - # ./systemd-vdsmd restart [root@ovirt-node1 systemd]# ./systemd-vdsmd start WARNING: no socket to connect to vdsm: libvirt already configured for vdsm [ OK ] Starting iscsid: Starting libvirtd (via systemctl): [ OK ] Stopping network (via systemctl): [ OK ] Starting network (via systemctl): Job failed. See system logs and 'systemctl status' for details. [FAILED] Starting up vdsm daemon: vdsm start [ OK ] I did futher test on this system. After I killed the solo libivrtd process, vdsm processs can be started without libvirtd. However, vdsm can not work either in this way. After several round of "killall libvirtd", "service vdsmd start", "vdsmd stop", both vdsm and libivirtd processs now start. In summary: 1) the libvirtd started by vdsm process may stand there even after its parent vdsm process is gone. 2) the legacy libvirtd may block the start process of vdsm service 3) vdsm service can work with the legacy libvirtd sometime without creating a new one. Here are my service process in the host node, please notice that the libvirtd process is earlier than the vdsm process that means this libvirtd was a legacy process not created by the vdsm process in this round. The problem still exist in engine that I don't have a way to reactivate the host node. [root@ovirt-node1 systemd]# ps -ef |grep vdsm root 8738 1 0 14:33 ?00:00:00 /usr/sbin/libvirtd --listen # by vdsm vdsm 9900 1 0 14:35 ?00:00:00 /bin/bash -e /usr/share/vdsm/respawn --minlifetime 10 --daemon --masterpid /var/run/vdsm/respawn.pid /usr/share vdsm/vdsm vdsm 9903 9900 0 14:35 ?00:00:01 /usr/bin/python /usr/share/vdsm vdsm root 9926 9903 0 14:35 ?00:00:00 /usr/bin/sudo -n /usr/bin/python /usr/share/vdsm/supervdsmServer.py b0fcae59-a3cc-4591-93e1-4b9a0bdb93c5 9903 root 9927 9926 0 14:35 ?00:00:00 /usr/bin/python /usr/share
Re: [Users] engine-manage-domains can't add user , domain
help info like this [root@ovirt-engine ~]# engine-manage-domains engine-manage-domains: add/edit/delete/validate/list domains USAGE: engine-manage-domains -action=ACTION [-domain=DOMAIN -user=USER -passwordFile=PASSWORD_FILE -interactive -configFile=PATH] -report Where: ACTION action to perform (add/edit/delete/validate/list). See details below. DOMAIN (mandatory for add, edit and delete) the domain you wish to perform the action on. USER (optional for edit, mandatory for add) the domain user. PASSWORD_FILE(optional for edit, mandatory for add) a file containing the password in the first line. interactivealternative for using -passwordFile - read the password interactively. PATH (optional) use the given alternate configuration file. Available actions: add Examples: -action=add -domain=example.com -user=admin -passwordFile=/tmp/.pwd Add a domain called example.com, using user admin and read the password from /tmp/.pwd. -action=edit -domain=example.com -passwordFile=/tmp/.new_password Edit the domain example.com, using another password file. -action=delete -domain=example.com Delete the domain example.com. -action=validate Validate the current configuration (go over all the domains, try to authenticate to each domain using the configured user/password.). -report In combination with -action=validate will report all validation error, if occured. Default behaviour is to exit when a validation error occurs. -action=list Lists the current configuration. -h Show this help. On 15 May, 2012, at 2:22 PM, Yair Zaslavsky wrote: > On 05/15/2012 09:17 AM, T-Sinjon wrote: >> Oved: >> 1,Yes , I used RPMs >> >> ovirt-engine-restapi-3.0.0_0001-1.6.fc16.x86_64 >> ovirt-engine-dbscripts-3.0.0_0001-1.6.fc16.x86_64 >> ovirt-engine-notification-service-3.0.0_0001-1.6.fc16.x86_64 >> ovirt-engine-backend-3.0.0_0001-1.6.fc16.x86_64 >> ovirt-engine-jboss-deps-3.0.0_0001-1.6.fc16.x86_64 >> ovirt-engine-config-3.0.0_0001-1.6.fc16.x86_64 >> ovirt-engine-webadmin-portal-3.0.0_0001-1.6.fc16.x86_64 >> ovirt-engine-sdk-1.3-1.fc16.noarch >> ovirt-engine-jbossas-1.2-2.fc16.x86_64 >> ovirt-engine-iso-uploader-3.0.0_0001-1.6.fc16.x86_64 >> ovirt-engine-setup-3.0.0_0001-1.6.fc16.x86_64 >> ovirt-engine-userportal-3.0.0_0001-1.6.fc16.x86_64 >> ovirt-node-2.2.2-2.fc16.noarch >> ovirt-engine-genericapi-3.0.0_0001-1.6.fc16.x86_64 >> ovirt-engine-tools-common-3.0.0_0001-1.6.fc16.x86_64 >> ovirt-node-tools-2.2.2-2.fc16.noarch >> ovirt-engine-log-collector-3.0.0_0001-1.6.fc16.x86_64 >> ovirt-engine-3.0.0_0001-1.6.fc16.x86_64 >> >> 2,they are same whether use single quota or not >> >> [root@ovirt-engine ~]# engine-manage-domains -action=add -domain=local >> -user=tsinjon -passwordFile=/root/tsinjon >> No user in Directory was found for tsinjon@LOCAL. Trying next LDAP server in >> list >> Failure while testing domain local. Details: No user information was found >> for user > > When you run engine-manage-domains without parameters, what do you get? > >> >> On 15 May, 2012, at 1:47 PM, Oved Ourfalli wrote: >> >>> >>> >>> - Original Message - From: "Yair Zaslavsky" To: "Oved Ourfalli" Cc: "T-Sinjon" , users@ovirt.org Sent: Tuesday, May 15, 2012 8:48:26 AM Subject: Re: [Users] engine-manage-domains can't add user , domain On 05/15/2012 08:35 AM, Oved Ourfalli wrote: > > > - Original Message - >> From: "T-Sinjon" >> To: "Oved Ourfalli" >> Cc: users@ovirt.org >> Sent: Tuesday, May 15, 2012 5:53:16 AM >> Subject: Re: [Users] engine-manage-domains can't add user , domain >> >> after use kinit login tsinjon , the error changes to , why this >> happened? >> >> [root@ovirt-engine ~]# engine-manage-domains -action=add >> -domain='local' -user='tsinjon' -interactive >> Enter password: >> >> No user in Directory was found for tsinjon@LOCAL. Trying next LDAP >> server in list >> Failure while testing domain local. Details: No user information >> was >> found for user >> > Can't see why kinit matters here, but looking at your command I > noticed you used single quotes for the user and domain name. > I'm not sure it knows to handle this correctly. > Did you try without the quotes? > > Also, what version are you working with? > We had a problem a few weeks ago, of identifying the correct ldap > provider. To fix that we added an option to specify the ldap > provider type. It determines which query will be used in
Re: [Users] The SPM host node is in unresponsive mode
- Original Message - > From: "Shu Ming" > To: "Haim Ateya" > Cc: "users@oVirt.org" > Sent: Tuesday, May 15, 2012 9:03:42 AM > Subject: Re: [Users] The SPM host node is in unresponsive mode > > On 2012-5-15 12:19, Haim Ateya wrote: > > > > - Original Message - > >> From: "Shu Ming" > >> To: "users@oVirt.org" > >> Sent: Tuesday, May 15, 2012 4:56:36 AM > >> Subject: [Users] The SPM host node is in unresponsive mode > >> > >> Hi, > >> I attached one host node in my engine. Because it is the only > >> one > >> node, it is automatically the SPM node. And it used to run well > >> in > >> my > >> engine. Yesterday, some errors happened in the network work of > >> the > >> host > >> node. That made the node become "unresponsive" in the engine. I > >> am > >> sure the network errors are fixed and want to bring the node back > >> to > >> life now. However, I found that the only one node could not be > >> "confirm as host been rebooted" and could not be set into the > >> maintenance mode. The reason given there is no active host in > >> the > >> datacenter and SPM can not enter into maintenance mode. It seems > >> that > >> it fell into a logic loop here. Losting network can be quite > >> common > >> in > >> developing environment even in production environment, I think we > >> should > >> have a way to address this problem on how to repair a host node > >> encountering network down for a while. > > Hi Shu, > > > > first, for the manual fence to work ("confirm host have been > > rebooted") you will need > > another host in the cluster which will be used as a proxy and send > > the actual manual fence command. > > second, you are absolutely right, loss of network is a common > > scenario, and we should be able > > to recover, but lets try to understand why your host remain > > unresponsive after network returned. > > please ssh to the host and try the following: > > > > - vdsClient -s 0 getVdsCaps (validity check making sure vdsm > > service is up and running and communicate with its network socket > > from localhost) > [root@ovirt-node1 ~]# vdsClient -s 0 getVdsCaps > Connection to 9.181.129.110:54321 refused > [root@ovirt-node1 ~]# > > root@ovirt-node1 ~]# ps -ef |grep vdsm > root 1365 1 0 09:37 ?00:00:00 /usr/sbin/libvirtd > --listen # by vdsm > root 5534 4652 0 13:53 pts/000:00:00 grep --color=auto > vdsm > [root@ovirt-node1 ~]# service vdsmd start > Redirecting to /bin/systemctl start vdsmd.service > > root@ovirt-node1 ~]# ps -ef |grep vdsm > root 1365 1 0 09:37 ?00:00:00 /usr/sbin/libvirtd > --listen # by vdsm > root 5534 4652 0 13:53 pts/000:00:00 grep --color=auto > vdsm > > It seems that VDSM process was gone while libvirtd spawned by VDSM > was > there. Then I tried to start the VDSM daemon, however it did > nothing. > After checking the vdsm.log file, the latest message was five hours > ago > and useless. Also, there was no useful message in libvirtd.log. [HA] problem is systemctl doesn't show real reason why service didn't go, lets try the following: - # cd /lib/systemd/ - # ./systemd-vdsmd restart > > > > - please ping between host and engine > It works in both ways. > > > > - please make sure there is no firewall on blocking tcp 54321 (on > > both host and engine) > > No firewall. > > > > > also, please provide vdsm.log (from the time network issues begun) > > and spm-lock.log (both located on /var/log/vdsm/). > > > > as for a mitigation, we can always manipulate db and set it > > correctly, but first, lets try the above. > Also, there is no useful message in spm-lock.log. The latest message > was 24 hours ago. > > >> -- > >> Shu Ming > >> IBM China Systems and Technology Laboratory > >> > >> > >> ___ > >> Users mailing list > >> Users@ovirt.org > >> http://lists.ovirt.org/mailman/listinfo/users > >> > > > -- > Shu Ming > IBM China Systems and Technology Laboratory > > > ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
Re: [Users] engine-manage-domains can't add user , domain
On 05/15/2012 09:17 AM, T-Sinjon wrote: > Oved: > 1,Yes , I used RPMs > > ovirt-engine-restapi-3.0.0_0001-1.6.fc16.x86_64 > ovirt-engine-dbscripts-3.0.0_0001-1.6.fc16.x86_64 > ovirt-engine-notification-service-3.0.0_0001-1.6.fc16.x86_64 > ovirt-engine-backend-3.0.0_0001-1.6.fc16.x86_64 > ovirt-engine-jboss-deps-3.0.0_0001-1.6.fc16.x86_64 > ovirt-engine-config-3.0.0_0001-1.6.fc16.x86_64 > ovirt-engine-webadmin-portal-3.0.0_0001-1.6.fc16.x86_64 > ovirt-engine-sdk-1.3-1.fc16.noarch > ovirt-engine-jbossas-1.2-2.fc16.x86_64 > ovirt-engine-iso-uploader-3.0.0_0001-1.6.fc16.x86_64 > ovirt-engine-setup-3.0.0_0001-1.6.fc16.x86_64 > ovirt-engine-userportal-3.0.0_0001-1.6.fc16.x86_64 > ovirt-node-2.2.2-2.fc16.noarch > ovirt-engine-genericapi-3.0.0_0001-1.6.fc16.x86_64 > ovirt-engine-tools-common-3.0.0_0001-1.6.fc16.x86_64 > ovirt-node-tools-2.2.2-2.fc16.noarch > ovirt-engine-log-collector-3.0.0_0001-1.6.fc16.x86_64 > ovirt-engine-3.0.0_0001-1.6.fc16.x86_64 > > 2,they are same whether use single quota or not > > [root@ovirt-engine ~]# engine-manage-domains -action=add -domain=local > -user=tsinjon -passwordFile=/root/tsinjon > No user in Directory was found for tsinjon@LOCAL. Trying next LDAP server in > list > Failure while testing domain local. Details: No user information was found > for user When you run engine-manage-domains without parameters, what do you get? > > On 15 May, 2012, at 1:47 PM, Oved Ourfalli wrote: > >> >> >> - Original Message - >>> From: "Yair Zaslavsky" >>> To: "Oved Ourfalli" >>> Cc: "T-Sinjon" , users@ovirt.org >>> Sent: Tuesday, May 15, 2012 8:48:26 AM >>> Subject: Re: [Users] engine-manage-domains can't add user , domain >>> >>> On 05/15/2012 08:35 AM, Oved Ourfalli wrote: - Original Message - > From: "T-Sinjon" > To: "Oved Ourfalli" > Cc: users@ovirt.org > Sent: Tuesday, May 15, 2012 5:53:16 AM > Subject: Re: [Users] engine-manage-domains can't add user , domain > > after use kinit login tsinjon , the error changes to , why this > happened? > > [root@ovirt-engine ~]# engine-manage-domains -action=add > -domain='local' -user='tsinjon' -interactive > Enter password: > > No user in Directory was found for tsinjon@LOCAL. Trying next LDAP > server in list > Failure while testing domain local. Details: No user information > was > found for user > Can't see why kinit matters here, but looking at your command I noticed you used single quotes for the user and domain name. I'm not sure it knows to handle this correctly. Did you try without the quotes? Also, what version are you working with? We had a problem a few weeks ago, of identifying the correct ldap provider. To fix that we added an option to specify the ldap provider type. It determines which query will be used in order to get the user details. cc-ing Roy, which added this. iirc it is mandatory to provide this option, so you probably don't have this option in your environment. Roy - is there an upstream release with this fix? >>> >>> Oved - this was merged upstream. >>> T-Sinjon - have you cloned the git repo and compiled or are you using >>> RPMs? >>> >> Yair - he is probably using the RPMs, as it is harder to run the utility >> from the git repo. >>> Regards, Oved > On 15 May, 2012, at 10:47 AM, T-Sinjon wrote: > >> >> I have added those SRV info into my zone file , and it did go , >> the log looks fine , but engine-manage-domains still return >> error >> >> 2012-05-15 10:45:19,222 INFO >> [org.ovirt.engine.core.utils.kerberos.ManageDomains] Creating >> kerberos configuration for domain(s): local >> 2012-05-15 10:45:19,258 INFO >> [org.ovirt.engine.core.utils.kerberos.ManageDomains] >> Successfully >> created kerberos configuration for domain(s): local >> 2012-05-15 10:45:19,259 INFO >> [org.ovirt.engine.core.utils.kerberos.ManageDomains] Testing >> kerberos configuration for domain: local >> >> [root@ovirt-engine ~]# engine-manage-domains -action=add >> -domain='local' -user='tsinjon' -interactive >> Enter password: >> >> Error: exception message: Integrity check on decrypted field >> failed (31) - PREAUTH_FAILED >> Failure while testing domain local. Details: Kerberos error. >> Please >> check log for further details. >> >> >> On 14 May, 2012, at 10:12 PM, Oved Ourfalli wrote: >> >>> >>> >>> - Original Message - From: "T-Sinjon" To: users@ovirt.org Sent: Monday, May 14, 2012 5:07:46 PM Subject: [Users] engine-manage-domains can't add user , domain I use FreeIPA to authenticate users, ipa user-add has no problem, but when i do : [root@ovirt-engine ~]# engine-manage-domains -action=add >
Re: [Users] engine-manage-domains can't add user , domain
Oved: 1,Yes , I used RPMs ovirt-engine-restapi-3.0.0_0001-1.6.fc16.x86_64 ovirt-engine-dbscripts-3.0.0_0001-1.6.fc16.x86_64 ovirt-engine-notification-service-3.0.0_0001-1.6.fc16.x86_64 ovirt-engine-backend-3.0.0_0001-1.6.fc16.x86_64 ovirt-engine-jboss-deps-3.0.0_0001-1.6.fc16.x86_64 ovirt-engine-config-3.0.0_0001-1.6.fc16.x86_64 ovirt-engine-webadmin-portal-3.0.0_0001-1.6.fc16.x86_64 ovirt-engine-sdk-1.3-1.fc16.noarch ovirt-engine-jbossas-1.2-2.fc16.x86_64 ovirt-engine-iso-uploader-3.0.0_0001-1.6.fc16.x86_64 ovirt-engine-setup-3.0.0_0001-1.6.fc16.x86_64 ovirt-engine-userportal-3.0.0_0001-1.6.fc16.x86_64 ovirt-node-2.2.2-2.fc16.noarch ovirt-engine-genericapi-3.0.0_0001-1.6.fc16.x86_64 ovirt-engine-tools-common-3.0.0_0001-1.6.fc16.x86_64 ovirt-node-tools-2.2.2-2.fc16.noarch ovirt-engine-log-collector-3.0.0_0001-1.6.fc16.x86_64 ovirt-engine-3.0.0_0001-1.6.fc16.x86_64 2,they are same whether use single quota or not [root@ovirt-engine ~]# engine-manage-domains -action=add -domain=local -user=tsinjon -passwordFile=/root/tsinjon No user in Directory was found for tsinjon@LOCAL. Trying next LDAP server in list Failure while testing domain local. Details: No user information was found for user On 15 May, 2012, at 1:47 PM, Oved Ourfalli wrote: > > > - Original Message - >> From: "Yair Zaslavsky" >> To: "Oved Ourfalli" >> Cc: "T-Sinjon" , users@ovirt.org >> Sent: Tuesday, May 15, 2012 8:48:26 AM >> Subject: Re: [Users] engine-manage-domains can't add user , domain >> >> On 05/15/2012 08:35 AM, Oved Ourfalli wrote: >>> >>> >>> - Original Message - From: "T-Sinjon" To: "Oved Ourfalli" Cc: users@ovirt.org Sent: Tuesday, May 15, 2012 5:53:16 AM Subject: Re: [Users] engine-manage-domains can't add user , domain after use kinit login tsinjon , the error changes to , why this happened? [root@ovirt-engine ~]# engine-manage-domains -action=add -domain='local' -user='tsinjon' -interactive Enter password: No user in Directory was found for tsinjon@LOCAL. Trying next LDAP server in list Failure while testing domain local. Details: No user information was found for user >>> Can't see why kinit matters here, but looking at your command I >>> noticed you used single quotes for the user and domain name. >>> I'm not sure it knows to handle this correctly. >>> Did you try without the quotes? >>> >>> Also, what version are you working with? >>> We had a problem a few weeks ago, of identifying the correct ldap >>> provider. To fix that we added an option to specify the ldap >>> provider type. It determines which query will be used in order to >>> get the user details. >>> >>> cc-ing Roy, which added this. iirc it is mandatory to provide this >>> option, so you probably don't have this option in your >>> environment. >>> Roy - is there an upstream release with this fix? >> >> Oved - this was merged upstream. >> T-Sinjon - have you cloned the git repo and compiled or are you using >> RPMs? >> > Yair - he is probably using the RPMs, as it is harder to run the utility from > the git repo. >> >>> >>> Regards, >>> Oved On 15 May, 2012, at 10:47 AM, T-Sinjon wrote: > > I have added those SRV info into my zone file , and it did go , > the log looks fine , but engine-manage-domains still return > error > > 2012-05-15 10:45:19,222 INFO > [org.ovirt.engine.core.utils.kerberos.ManageDomains] Creating > kerberos configuration for domain(s): local > 2012-05-15 10:45:19,258 INFO > [org.ovirt.engine.core.utils.kerberos.ManageDomains] > Successfully > created kerberos configuration for domain(s): local > 2012-05-15 10:45:19,259 INFO > [org.ovirt.engine.core.utils.kerberos.ManageDomains] Testing > kerberos configuration for domain: local > > [root@ovirt-engine ~]# engine-manage-domains -action=add > -domain='local' -user='tsinjon' -interactive > Enter password: > > Error: exception message: Integrity check on decrypted field > failed (31) - PREAUTH_FAILED > Failure while testing domain local. Details: Kerberos error. > Please > check log for further details. > > > On 14 May, 2012, at 10:12 PM, Oved Ourfalli wrote: > >> >> >> - Original Message - >>> From: "T-Sinjon" >>> To: users@ovirt.org >>> Sent: Monday, May 14, 2012 5:07:46 PM >>> Subject: [Users] engine-manage-domains can't add user , domain >>> >>> >>> I use FreeIPA to authenticate users, ipa user-add has no >>> problem, >>> but when i do : >>> >>> [root@ovirt-engine ~]# engine-manage-domains -action=add >>> -domain='local' -user='tsinjon' -interactive >>> >>> Error: Authentication Failed. Please verify the fully qualified >>> domain name that is used for authentication is correct.. >>> Problematic >>> domain is: local >>> Fail
Re: [Users] The SPM host node is in unresponsive mode
Some errors in service status, Is engine-notifierd critical to VDSM? Why did it say" pgrep: invalid user name: engine" [root@ovirt-node1 ~]# service --status-all /etc/init.d/ceph: ceph conf /etc/ceph/ceph.conf not found; system is not configured. # Generated by ebtables-save v1.0 on Tue May 15 14:08:06 CST 2012 *nat :PREROUTING ACCEPT :OUTPUT ACCEPT :POSTROUTING ACCEPT pgrep: invalid user name: engine /etc/init.d/engine-notifierd is stopped JAVA_EXECUTABLE or HSQLDB_JAR_PATH in '/etc/sysconfig/hsqldb' is set to a non-file. No active sessions On 2012-5-15 12:19, Haim Ateya wrote: - Original Message - From: "Shu Ming" To: "users@oVirt.org" Sent: Tuesday, May 15, 2012 4:56:36 AM Subject: [Users] The SPM host node is in unresponsive mode Hi, I attached one host node in my engine. Because it is the only one node, it is automatically the SPM node. And it used to run well in my engine. Yesterday, some errors happened in the network work of the host node. That made the node become "unresponsive" in the engine. I am sure the network errors are fixed and want to bring the node back to life now. However, I found that the only one node could not be "confirm as host been rebooted" and could not be set into the maintenance mode. The reason given there is no active host in the datacenter and SPM can not enter into maintenance mode. It seems that it fell into a logic loop here. Losting network can be quite common in developing environment even in production environment, I think we should have a way to address this problem on how to repair a host node encountering network down for a while. Hi Shu, first, for the manual fence to work ("confirm host have been rebooted") you will need another host in the cluster which will be used as a proxy and send the actual manual fence command. second, you are absolutely right, loss of network is a common scenario, and we should be able to recover, but lets try to understand why your host remain unresponsive after network returned. please ssh to the host and try the following: - vdsClient -s 0 getVdsCaps (validity check making sure vdsm service is up and running and communicate with its network socket from localhost) - please ping between host and engine - please make sure there is no firewall on blocking tcp 54321 (on both host and engine) also, please provide vdsm.log (from the time network issues begun) and spm-lock.log (both located on /var/log/vdsm/). as for a mitigation, we can always manipulate db and set it correctly, but first, lets try the above. -- Shu Ming IBM China Systems and Technology Laboratory ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users -- Shu Ming IBM China Systems and Technology Laboratory ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
Re: [Users] engine-manage-domains can't add user , domain
- Original Message - > From: "Yair Zaslavsky" > To: "Oved Ourfalli" > Cc: "T-Sinjon" , users@ovirt.org > Sent: Tuesday, May 15, 2012 8:48:26 AM > Subject: Re: [Users] engine-manage-domains can't add user , domain > > On 05/15/2012 08:35 AM, Oved Ourfalli wrote: > > > > > > - Original Message - > >> From: "T-Sinjon" > >> To: "Oved Ourfalli" > >> Cc: users@ovirt.org > >> Sent: Tuesday, May 15, 2012 5:53:16 AM > >> Subject: Re: [Users] engine-manage-domains can't add user , domain > >> > >> after use kinit login tsinjon , the error changes to , why this > >> happened? > >> > >> [root@ovirt-engine ~]# engine-manage-domains -action=add > >> -domain='local' -user='tsinjon' -interactive > >> Enter password: > >> > >> No user in Directory was found for tsinjon@LOCAL. Trying next LDAP > >> server in list > >> Failure while testing domain local. Details: No user information > >> was > >> found for user > >> > > Can't see why kinit matters here, but looking at your command I > > noticed you used single quotes for the user and domain name. > > I'm not sure it knows to handle this correctly. > > Did you try without the quotes? > > > > Also, what version are you working with? > > We had a problem a few weeks ago, of identifying the correct ldap > > provider. To fix that we added an option to specify the ldap > > provider type. It determines which query will be used in order to > > get the user details. > > > > cc-ing Roy, which added this. iirc it is mandatory to provide this > > option, so you probably don't have this option in your > > environment. > > Roy - is there an upstream release with this fix? > > Oved - this was merged upstream. > T-Sinjon - have you cloned the git repo and compiled or are you using > RPMs? > Yair - he is probably using the RPMs, as it is harder to run the utility from the git repo. > > > > > Regards, > > Oved > >> On 15 May, 2012, at 10:47 AM, T-Sinjon wrote: > >> > >>> > >>> I have added those SRV info into my zone file , and it did go , > >>> the log looks fine , but engine-manage-domains still return > >>> error > >>> > >>> 2012-05-15 10:45:19,222 INFO > >>> [org.ovirt.engine.core.utils.kerberos.ManageDomains] Creating > >>> kerberos configuration for domain(s): local > >>> 2012-05-15 10:45:19,258 INFO > >>> [org.ovirt.engine.core.utils.kerberos.ManageDomains] > >>> Successfully > >>> created kerberos configuration for domain(s): local > >>> 2012-05-15 10:45:19,259 INFO > >>> [org.ovirt.engine.core.utils.kerberos.ManageDomains] Testing > >>> kerberos configuration for domain: local > >>> > >>> [root@ovirt-engine ~]# engine-manage-domains -action=add > >>> -domain='local' -user='tsinjon' -interactive > >>> Enter password: > >>> > >>> Error: exception message: Integrity check on decrypted field > >>> failed (31) - PREAUTH_FAILED > >>> Failure while testing domain local. Details: Kerberos error. > >>> Please > >>> check log for further details. > >>> > >>> > >>> On 14 May, 2012, at 10:12 PM, Oved Ourfalli wrote: > >>> > > > - Original Message - > > From: "T-Sinjon" > > To: users@ovirt.org > > Sent: Monday, May 14, 2012 5:07:46 PM > > Subject: [Users] engine-manage-domains can't add user , domain > > > > > > I use FreeIPA to authenticate users, ipa user-add has no > > problem, > > but when i do : > > > > [root@ovirt-engine ~]# engine-manage-domains -action=add > > -domain='local' -user='tsinjon' -interactive > > > > Error: Authentication Failed. Please verify the fully qualified > > domain name that is used for authentication is correct.. > > Problematic > > domain is: local > > Failure while applying Kerberos configuration. Details: > > Authentication Failed. Please verify the fully qualified domain > > name > > that is used for authentication is correct. > > > > and log from engine-manage-domains.log : > > > > 2012-05-14 21:58:47,892 INFO > > [org.ovirt.engine.core.utils.kerberos.ManageDomains] Creating > > kerberos configuration for domain(s): local > > 2012-05-14 21:58:47,923 ERROR > > [org.ovirt.engine.core.dns.DnsSRVLocator] Error in getting SRV > > list > > for protocol _tcp and domain LOCAL Exception message is DNS > > name > > not > > found [response code 3] > > > > my domain is 'local' , like ovirt-engine.local > > 、ovirt-node-1.local > > …etc > > > > What can i do to get through it? > > > The utility (and also the ovirt engine) are relying on DNS SRV > records in order to find LDAP and kerberos servers (supporting > Active directory, IPA or RHDS). > So, in order to work with it you must have the following in the > DNS > 1. PTR record for your LDAP server > 2. LDAP SRV record for your LDAP server > 3. LDAP kerberos record for your LDAP server > > If you don't really have access to the DNS you can install a
Re: [Users] engine-manage-domains can't add user , domain
On 05/15/2012 08:35 AM, Oved Ourfalli wrote: > > > - Original Message - >> From: "T-Sinjon" >> To: "Oved Ourfalli" >> Cc: users@ovirt.org >> Sent: Tuesday, May 15, 2012 5:53:16 AM >> Subject: Re: [Users] engine-manage-domains can't add user , domain >> >> after use kinit login tsinjon , the error changes to , why this >> happened? >> >> [root@ovirt-engine ~]# engine-manage-domains -action=add >> -domain='local' -user='tsinjon' -interactive >> Enter password: >> >> No user in Directory was found for tsinjon@LOCAL. Trying next LDAP >> server in list >> Failure while testing domain local. Details: No user information was >> found for user >> > Can't see why kinit matters here, but looking at your command I noticed you > used single quotes for the user and domain name. > I'm not sure it knows to handle this correctly. > Did you try without the quotes? > > Also, what version are you working with? > We had a problem a few weeks ago, of identifying the correct ldap provider. > To fix that we added an option to specify the ldap provider type. It > determines which query will be used in order to get the user details. > > cc-ing Roy, which added this. iirc it is mandatory to provide this option, so > you probably don't have this option in your environment. > Roy - is there an upstream release with this fix? Oved - this was merged upstream. T-Sinjon - have you cloned the git repo and compiled or are you using RPMs? > > Regards, > Oved >> On 15 May, 2012, at 10:47 AM, T-Sinjon wrote: >> >>> >>> I have added those SRV info into my zone file , and it did go , >>> the log looks fine , but engine-manage-domains still return error >>> >>> 2012-05-15 10:45:19,222 INFO >>> [org.ovirt.engine.core.utils.kerberos.ManageDomains] Creating >>> kerberos configuration for domain(s): local >>> 2012-05-15 10:45:19,258 INFO >>> [org.ovirt.engine.core.utils.kerberos.ManageDomains] Successfully >>> created kerberos configuration for domain(s): local >>> 2012-05-15 10:45:19,259 INFO >>> [org.ovirt.engine.core.utils.kerberos.ManageDomains] Testing >>> kerberos configuration for domain: local >>> >>> [root@ovirt-engine ~]# engine-manage-domains -action=add >>> -domain='local' -user='tsinjon' -interactive >>> Enter password: >>> >>> Error: exception message: Integrity check on decrypted field >>> failed (31) - PREAUTH_FAILED >>> Failure while testing domain local. Details: Kerberos error. Please >>> check log for further details. >>> >>> >>> On 14 May, 2012, at 10:12 PM, Oved Ourfalli wrote: >>> - Original Message - > From: "T-Sinjon" > To: users@ovirt.org > Sent: Monday, May 14, 2012 5:07:46 PM > Subject: [Users] engine-manage-domains can't add user , domain > > > I use FreeIPA to authenticate users, ipa user-add has no > problem, > but when i do : > > [root@ovirt-engine ~]# engine-manage-domains -action=add > -domain='local' -user='tsinjon' -interactive > > Error: Authentication Failed. Please verify the fully qualified > domain name that is used for authentication is correct.. > Problematic > domain is: local > Failure while applying Kerberos configuration. Details: > Authentication Failed. Please verify the fully qualified domain > name > that is used for authentication is correct. > > and log from engine-manage-domains.log : > > 2012-05-14 21:58:47,892 INFO > [org.ovirt.engine.core.utils.kerberos.ManageDomains] Creating > kerberos configuration for domain(s): local > 2012-05-14 21:58:47,923 ERROR > [org.ovirt.engine.core.dns.DnsSRVLocator] Error in getting SRV > list > for protocol _tcp and domain LOCAL Exception message is DNS name > not > found [response code 3] > > my domain is 'local' , like ovirt-engine.local > 、ovirt-node-1.local > …etc > > What can i do to get through it? > The utility (and also the ovirt engine) are relying on DNS SRV records in order to find LDAP and kerberos servers (supporting Active directory, IPA or RHDS). So, in order to work with it you must have the following in the DNS 1. PTR record for your LDAP server 2. LDAP SRV record for your LDAP server 3. LDAP kerberos record for your LDAP server If you don't really have access to the DNS you can install a package called "dnsmasq", and perform this changes by yourself in its config file. Oved > > ___ > Users mailing list > Users@ovirt.org > http://lists.ovirt.org/mailman/listinfo/users > >>> >> >> > ___ > Users mailing list > Users@ovirt.org > http://lists.ovirt.org/mailman/listinfo/users ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
Re: [Users] engine-manage-domains can't add user , domain
- Original Message - > From: "T-Sinjon" > To: "Oved Ourfalli" > Cc: users@ovirt.org > Sent: Tuesday, May 15, 2012 5:53:16 AM > Subject: Re: [Users] engine-manage-domains can't add user , domain > > after use kinit login tsinjon , the error changes to , why this > happened? > > [root@ovirt-engine ~]# engine-manage-domains -action=add > -domain='local' -user='tsinjon' -interactive > Enter password: > > No user in Directory was found for tsinjon@LOCAL. Trying next LDAP > server in list > Failure while testing domain local. Details: No user information was > found for user > Can't see why kinit matters here, but looking at your command I noticed you used single quotes for the user and domain name. I'm not sure it knows to handle this correctly. Did you try without the quotes? Also, what version are you working with? We had a problem a few weeks ago, of identifying the correct ldap provider. To fix that we added an option to specify the ldap provider type. It determines which query will be used in order to get the user details. cc-ing Roy, which added this. iirc it is mandatory to provide this option, so you probably don't have this option in your environment. Roy - is there an upstream release with this fix? Regards, Oved > On 15 May, 2012, at 10:47 AM, T-Sinjon wrote: > > > > > I have added those SRV info into my zone file , and it did go , > > the log looks fine , but engine-manage-domains still return error > > > > 2012-05-15 10:45:19,222 INFO > > [org.ovirt.engine.core.utils.kerberos.ManageDomains] Creating > > kerberos configuration for domain(s): local > > 2012-05-15 10:45:19,258 INFO > > [org.ovirt.engine.core.utils.kerberos.ManageDomains] Successfully > > created kerberos configuration for domain(s): local > > 2012-05-15 10:45:19,259 INFO > > [org.ovirt.engine.core.utils.kerberos.ManageDomains] Testing > > kerberos configuration for domain: local > > > > [root@ovirt-engine ~]# engine-manage-domains -action=add > > -domain='local' -user='tsinjon' -interactive > > Enter password: > > > > Error: exception message: Integrity check on decrypted field > > failed (31) - PREAUTH_FAILED > > Failure while testing domain local. Details: Kerberos error. Please > > check log for further details. > > > > > > On 14 May, 2012, at 10:12 PM, Oved Ourfalli wrote: > > > >> > >> > >> - Original Message - > >>> From: "T-Sinjon" > >>> To: users@ovirt.org > >>> Sent: Monday, May 14, 2012 5:07:46 PM > >>> Subject: [Users] engine-manage-domains can't add user , domain > >>> > >>> > >>> I use FreeIPA to authenticate users, ipa user-add has no > >>> problem, > >>> but when i do : > >>> > >>> [root@ovirt-engine ~]# engine-manage-domains -action=add > >>> -domain='local' -user='tsinjon' -interactive > >>> > >>> Error: Authentication Failed. Please verify the fully qualified > >>> domain name that is used for authentication is correct.. > >>> Problematic > >>> domain is: local > >>> Failure while applying Kerberos configuration. Details: > >>> Authentication Failed. Please verify the fully qualified domain > >>> name > >>> that is used for authentication is correct. > >>> > >>> and log from engine-manage-domains.log : > >>> > >>> 2012-05-14 21:58:47,892 INFO > >>> [org.ovirt.engine.core.utils.kerberos.ManageDomains] Creating > >>> kerberos configuration for domain(s): local > >>> 2012-05-14 21:58:47,923 ERROR > >>> [org.ovirt.engine.core.dns.DnsSRVLocator] Error in getting SRV > >>> list > >>> for protocol _tcp and domain LOCAL Exception message is DNS name > >>> not > >>> found [response code 3] > >>> > >>> my domain is 'local' , like ovirt-engine.local > >>> 、ovirt-node-1.local > >>> …etc > >>> > >>> What can i do to get through it? > >>> > >> The utility (and also the ovirt engine) are relying on DNS SRV > >> records in order to find LDAP and kerberos servers (supporting > >> Active directory, IPA or RHDS). > >> So, in order to work with it you must have the following in the > >> DNS > >> 1. PTR record for your LDAP server > >> 2. LDAP SRV record for your LDAP server > >> 3. LDAP kerberos record for your LDAP server > >> > >> If you don't really have access to the DNS you can install a > >> package called "dnsmasq", and perform this changes by yourself in > >> its config file. > >> > >> Oved > >>> > >>> ___ > >>> Users mailing list > >>> Users@ovirt.org > >>> http://lists.ovirt.org/mailman/listinfo/users > >>> > > > > ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
Re: [Users] The SPM host node is in unresponsive mode
- Original Message - > From: "Shu Ming" > To: "users@oVirt.org" > Sent: Tuesday, May 15, 2012 4:56:36 AM > Subject: [Users] The SPM host node is in unresponsive mode > > Hi, >I attached one host node in my engine. Because it is the only one > node, it is automatically the SPM node. And it used to run well in > my > engine. Yesterday, some errors happened in the network work of the > host > node. That made the node become "unresponsive" in the engine. I am > sure the network errors are fixed and want to bring the node back to > life now. However, I found that the only one node could not be > "confirm as host been rebooted" and could not be set into the > maintenance mode. The reason given there is no active host in the > datacenter and SPM can not enter into maintenance mode. It seems > that > it fell into a logic loop here. Losting network can be quite common > in > developing environment even in production environment, I think we > should > have a way to address this problem on how to repair a host node > encountering network down for a while. Hi Shu, first, for the manual fence to work ("confirm host have been rebooted") you will need another host in the cluster which will be used as a proxy and send the actual manual fence command. second, you are absolutely right, loss of network is a common scenario, and we should be able to recover, but lets try to understand why your host remain unresponsive after network returned. please ssh to the host and try the following: - vdsClient -s 0 getVdsCaps (validity check making sure vdsm service is up and running and communicate with its network socket from localhost) - please ping between host and engine - please make sure there is no firewall on blocking tcp 54321 (on both host and engine) also, please provide vdsm.log (from the time network issues begun) and spm-lock.log (both located on /var/log/vdsm/). as for a mitigation, we can always manipulate db and set it correctly, but first, lets try the above. > > -- > Shu Ming > IBM China Systems and Technology Laboratory > > > ___ > Users mailing list > Users@ovirt.org > http://lists.ovirt.org/mailman/listinfo/users > ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
Re: [Users] engine-manage-domains can't add user , domain
after use kinit login tsinjon , the error changes to , why this happened? [root@ovirt-engine ~]# engine-manage-domains -action=add -domain='local' -user='tsinjon' -interactive Enter password: No user in Directory was found for tsinjon@LOCAL. Trying next LDAP server in list Failure while testing domain local. Details: No user information was found for user On 15 May, 2012, at 10:47 AM, T-Sinjon wrote: > > I have added those SRV info into my zone file , and it did go , the log > looks fine , but engine-manage-domains still return error > > 2012-05-15 10:45:19,222 INFO > [org.ovirt.engine.core.utils.kerberos.ManageDomains] Creating kerberos > configuration for domain(s): local > 2012-05-15 10:45:19,258 INFO > [org.ovirt.engine.core.utils.kerberos.ManageDomains] Successfully created > kerberos configuration for domain(s): local > 2012-05-15 10:45:19,259 INFO > [org.ovirt.engine.core.utils.kerberos.ManageDomains] Testing kerberos > configuration for domain: local > > [root@ovirt-engine ~]# engine-manage-domains -action=add -domain='local' > -user='tsinjon' -interactive > Enter password: > > Error: exception message: Integrity check on decrypted field failed (31) - > PREAUTH_FAILED > Failure while testing domain local. Details: Kerberos error. Please check log > for further details. > > > On 14 May, 2012, at 10:12 PM, Oved Ourfalli wrote: > >> >> >> - Original Message - >>> From: "T-Sinjon" >>> To: users@ovirt.org >>> Sent: Monday, May 14, 2012 5:07:46 PM >>> Subject: [Users] engine-manage-domains can't add user , domain >>> >>> >>> I use FreeIPA to authenticate users, ipa user-add has no problem, >>> but when i do : >>> >>> [root@ovirt-engine ~]# engine-manage-domains -action=add >>> -domain='local' -user='tsinjon' -interactive >>> >>> Error: Authentication Failed. Please verify the fully qualified >>> domain name that is used for authentication is correct.. Problematic >>> domain is: local >>> Failure while applying Kerberos configuration. Details: >>> Authentication Failed. Please verify the fully qualified domain name >>> that is used for authentication is correct. >>> >>> and log from engine-manage-domains.log : >>> >>> 2012-05-14 21:58:47,892 INFO >>> [org.ovirt.engine.core.utils.kerberos.ManageDomains] Creating >>> kerberos configuration for domain(s): local >>> 2012-05-14 21:58:47,923 ERROR >>> [org.ovirt.engine.core.dns.DnsSRVLocator] Error in getting SRV list >>> for protocol _tcp and domain LOCAL Exception message is DNS name not >>> found [response code 3] >>> >>> my domain is 'local' , like ovirt-engine.local 、ovirt-node-1.local >>> …etc >>> >>> What can i do to get through it? >>> >> The utility (and also the ovirt engine) are relying on DNS SRV records in >> order to find LDAP and kerberos servers (supporting Active directory, IPA or >> RHDS). >> So, in order to work with it you must have the following in the DNS >> 1. PTR record for your LDAP server >> 2. LDAP SRV record for your LDAP server >> 3. LDAP kerberos record for your LDAP server >> >> If you don't really have access to the DNS you can install a package called >> "dnsmasq", and perform this changes by yourself in its config file. >> >> Oved >>> >>> ___ >>> Users mailing list >>> Users@ovirt.org >>> http://lists.ovirt.org/mailman/listinfo/users >>> > ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
Re: [Users] engine-manage-domains can't add user , domain
I have added those SRV info into my zone file , and it did go , the log looks fine , but engine-manage-domains still return error 2012-05-15 10:45:19,222 INFO [org.ovirt.engine.core.utils.kerberos.ManageDomains] Creating kerberos configuration for domain(s): local 2012-05-15 10:45:19,258 INFO [org.ovirt.engine.core.utils.kerberos.ManageDomains] Successfully created kerberos configuration for domain(s): local 2012-05-15 10:45:19,259 INFO [org.ovirt.engine.core.utils.kerberos.ManageDomains] Testing kerberos configuration for domain: local [root@ovirt-engine ~]# engine-manage-domains -action=add -domain='local' -user='tsinjon' -interactive Enter password: Error: exception message: Integrity check on decrypted field failed (31) - PREAUTH_FAILED Failure while testing domain local. Details: Kerberos error. Please check log for further details. On 14 May, 2012, at 10:12 PM, Oved Ourfalli wrote: > > > - Original Message - >> From: "T-Sinjon" >> To: users@ovirt.org >> Sent: Monday, May 14, 2012 5:07:46 PM >> Subject: [Users] engine-manage-domains can't add user , domain >> >> >> I use FreeIPA to authenticate users, ipa user-add has no problem, >> but when i do : >> >> [root@ovirt-engine ~]# engine-manage-domains -action=add >> -domain='local' -user='tsinjon' -interactive >> >> Error: Authentication Failed. Please verify the fully qualified >> domain name that is used for authentication is correct.. Problematic >> domain is: local >> Failure while applying Kerberos configuration. Details: >> Authentication Failed. Please verify the fully qualified domain name >> that is used for authentication is correct. >> >> and log from engine-manage-domains.log : >> >> 2012-05-14 21:58:47,892 INFO >> [org.ovirt.engine.core.utils.kerberos.ManageDomains] Creating >> kerberos configuration for domain(s): local >> 2012-05-14 21:58:47,923 ERROR >> [org.ovirt.engine.core.dns.DnsSRVLocator] Error in getting SRV list >> for protocol _tcp and domain LOCAL Exception message is DNS name not >> found [response code 3] >> >> my domain is 'local' , like ovirt-engine.local 、ovirt-node-1.local >> …etc >> >> What can i do to get through it? >> > The utility (and also the ovirt engine) are relying on DNS SRV records in > order to find LDAP and kerberos servers (supporting Active directory, IPA or > RHDS). > So, in order to work with it you must have the following in the DNS > 1. PTR record for your LDAP server > 2. LDAP SRV record for your LDAP server > 3. LDAP kerberos record for your LDAP server > > If you don't really have access to the DNS you can install a package called > "dnsmasq", and perform this changes by yourself in its config file. > > Oved >> >> ___ >> Users mailing list >> Users@ovirt.org >> http://lists.ovirt.org/mailman/listinfo/users >> ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
[Users] The SPM host node is in unresponsive mode
Hi, I attached one host node in my engine. Because it is the only one node, it is automatically the SPM node. And it used to run well in my engine. Yesterday, some errors happened in the network work of the host node. That made the node become "unresponsive" in the engine. I am sure the network errors are fixed and want to bring the node back to life now. However, I found that the only one node could not be "confirm as host been rebooted" and could not be set into the maintenance mode. The reason given there is no active host in the datacenter and SPM can not enter into maintenance mode. It seems that it fell into a logic loop here. Losting network can be quite common in developing environment even in production environment, I think we should have a way to address this problem on how to repair a host node encountering network down for a while. -- Shu Ming IBM China Systems and Technology Laboratory ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
Re: [Users] ovirt installed on Centos
On Mon, 14 May 2012 01:43:50 +0530 Nirbhay Tomar wrote: > i just want to know that is there any way to have ovirt installed on Centos http://www.dreyou.org/ovirt/ Regards, Nerijus ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
[Users] ovirt installed on Centos
Hi all, I am doing an POC on ovirt, i just want to know that is there any way to have ovirt installed on Centos //Nirbhay ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
Re: [Users] Call For Agenda Items -- 2012-05-16 Weekly Sync Meeting
Hi, Can we please discuss the integration ideas of Quantum into oVirt (http://www.ovirt.org/wiki/Quantum_and_oVirt) Thanks Gary On 05/14/2012 05:59 PM, Mike Burns wrote: Any additional agenda items for next week? Current topics: * Status of Next Release * Sub-project reports (engine, vdsm, node) * Review decision on Java 7 and Fedora jboss rpms in oVirt Engine * Upcoming workshops ___ Arch mailing list a...@ovirt.org http://lists.ovirt.org/mailman/listinfo/arch ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
[Users] Call For Agenda Items -- 2012-05-16 Weekly Sync Meeting
Any additional agenda items for next week? Current topics: * Status of Next Release * Sub-project reports (engine, vdsm, node) * Review decision on Java 7 and Fedora jboss rpms in oVirt Engine * Upcoming workshops ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
Re: [Users] engine-manage-domains can't add user , domain
- Original Message - > From: "T-Sinjon" > To: users@ovirt.org > Sent: Monday, May 14, 2012 5:07:46 PM > Subject: [Users] engine-manage-domains can't add user , domain > > > I use FreeIPA to authenticate users, ipa user-add has no problem, > but when i do : > > [root@ovirt-engine ~]# engine-manage-domains -action=add > -domain='local' -user='tsinjon' -interactive > > Error: Authentication Failed. Please verify the fully qualified > domain name that is used for authentication is correct.. Problematic > domain is: local > Failure while applying Kerberos configuration. Details: > Authentication Failed. Please verify the fully qualified domain name > that is used for authentication is correct. > > and log from engine-manage-domains.log : > > 2012-05-14 21:58:47,892 INFO > [org.ovirt.engine.core.utils.kerberos.ManageDomains] Creating > kerberos configuration for domain(s): local > 2012-05-14 21:58:47,923 ERROR > [org.ovirt.engine.core.dns.DnsSRVLocator] Error in getting SRV list > for protocol _tcp and domain LOCAL Exception message is DNS name not > found [response code 3] > > my domain is 'local' , like ovirt-engine.local 、ovirt-node-1.local > …etc > > What can i do to get through it? > The utility (and also the ovirt engine) are relying on DNS SRV records in order to find LDAP and kerberos servers (supporting Active directory, IPA or RHDS). So, in order to work with it you must have the following in the DNS 1. PTR record for your LDAP server 2. LDAP SRV record for your LDAP server 3. LDAP kerberos record for your LDAP server If you don't really have access to the DNS you can install a package called "dnsmasq", and perform this changes by yourself in its config file. Oved > > ___ > Users mailing list > Users@ovirt.org > http://lists.ovirt.org/mailman/listinfo/users > ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
[Users] engine-manage-domains can't add user , domain
I use FreeIPA to authenticate users, ipa user-add has no problem, but when i do : [root@ovirt-engine ~]# engine-manage-domains -action=add -domain='local' -user='tsinjon' -interactive Error: Authentication Failed. Please verify the fully qualified domain name that is used for authentication is correct.. Problematic domain is: local Failure while applying Kerberos configuration. Details: Authentication Failed. Please verify the fully qualified domain name that is used for authentication is correct. and log from engine-manage-domains.log : 2012-05-14 21:58:47,892 INFO [org.ovirt.engine.core.utils.kerberos.ManageDomains] Creating kerberos configuration for domain(s): local 2012-05-14 21:58:47,923 ERROR [org.ovirt.engine.core.dns.DnsSRVLocator] Error in getting SRV list for protocol _tcp and domain LOCAL Exception message is DNS name not found [response code 3] my domain is 'local' , like ovirt-engine.local 、ovirt-node-1.local …etc What can i do to get through it? ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
Re: [Users] Password reset
On 05/14/2012 07:20 AM, Oved Ourfalli wrote: > You can use the engine-config utlilty. > It is used to show/set config entries. > > Currently, the admin password is a config entry, so you can do the following: > engine-config -s AdminPassword=your_password > > and it will do the trick. That worked as expected, thanks! Regards, Dennis ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
Re: [Users] serial (COM) port
My script was OK, the problem was access rights to /dev/ttyS0. It works OK after I added qemu user to dialout group. On Mon, 14 May 2012 03:07:23 -0400 (EDT) Dan Yasny wrote: > A ready hook can be found in > http://www.ovirt.org/wiki/Features/Serial_Console_in_CLI#Currently_operational_workaround > > > - Original Message - > > From: "Nerijus Baliunas" > > To: users@ovirt.org > > Cc: "Dan Yasny" > > Sent: Monday, 14 May, 2012 2:57:15 AM > > Subject: Re: [Users] serial (COM) port > > > > Thanks, I tried creating > > /usr/libexec/vdsm/hooks/before_vm_start/60_serial like this: > > > > #!/usr/bin/python > > > > import os > > import sys > > import hooking > > import traceback > > > > domxml = hooking.read_domxml() > > devices = domxml.getElementsByTagName('devices')[0] > > > > serial = domxml.createElement('serial') > > serial.setAttribute('type', 'dev') > > devices.appendChild(serial) > > > > source = domxml.createElement('source') > > source.setAttribute('path', '/dev/ttyS0') > > serial.appendChild(source) > > target = domxml.createElement('target') > > target.setAttribute('port', '1') > > serial.appendChild(target) > > > > hooking.write_domxml(domxml) > > > > But VM does not start then. I tried to create the script similar to > > http://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Virtualization/3.0/html/Administration_Guide/ch16s03.html > > What did I do wrong? > > > > Thanks, > > Nerijus > > > > On Sun, 13 May 2012 18:21:27 -0400 (EDT) Dan Yasny > > wrote: > > > > > A simple vdsm hook > > > > > > - Original Message - > > > > From: "Nerijus Baliunas" > > > > To: users@ovirt.org > > > > Sent: Monday, 14 May, 2012 12:13:58 AM > > > > Subject: [Users] serial (COM) port > > > > > > > > Hello, > > > > > > > > is there a support for serial port (/dev/ttyS0) redirection in > > > > ovirt? > > > > If not, > > > > how do I add "-serial /dev/ttyS0" option to the qemu command > > > > line? > > > > > > > > Regards, > > > > Nerijus ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
Re: [Users] serial (COM) port
A ready hook can be found in http://www.ovirt.org/wiki/Features/Serial_Console_in_CLI#Currently_operational_workaround - Original Message - > From: "Nerijus Baliunas" > To: users@ovirt.org > Cc: "Dan Yasny" > Sent: Monday, 14 May, 2012 2:57:15 AM > Subject: Re: [Users] serial (COM) port > > Thanks, I tried creating > /usr/libexec/vdsm/hooks/before_vm_start/60_serial like this: > > #!/usr/bin/python > > import os > import sys > import hooking > import traceback > > domxml = hooking.read_domxml() > devices = domxml.getElementsByTagName('devices')[0] > > serial = domxml.createElement('serial') > serial.setAttribute('type', 'dev') > devices.appendChild(serial) > > source = domxml.createElement('source') > source.setAttribute('path', '/dev/ttyS0') > serial.appendChild(source) > target = domxml.createElement('target') > target.setAttribute('port', '1') > serial.appendChild(target) > > hooking.write_domxml(domxml) > > But VM does not start then. I tried to create the script similar to > http://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Virtualization/3.0/html/Administration_Guide/ch16s03.html > What did I do wrong? > > Thanks, > Nerijus > > On Sun, 13 May 2012 18:21:27 -0400 (EDT) Dan Yasny > wrote: > > > A simple vdsm hook > > > > - Original Message - > > > From: "Nerijus Baliunas" > > > To: users@ovirt.org > > > Sent: Monday, 14 May, 2012 12:13:58 AM > > > Subject: [Users] serial (COM) port > > > > > > Hello, > > > > > > is there a support for serial port (/dev/ttyS0) redirection in > > > ovirt? > > > If not, > > > how do I add "-serial /dev/ttyS0" option to the qemu command > > > line? > > > > > > Regards, > > > Nerijus > > -- Regards, Dan Yasny Red Hat Israel +972 9769 2280 ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users