This has been fixed on GitHub. Here are the steps that were shared with me that fixed the issue.
The Unsecure state in ACS indicates that the Libvirt service has been configured to start with TCP. For the host to be marked with the Up state, Libvirt must be configured to start with TLS. However, during installation of the ACS Agent for KVM, some sockets are automatically masked, including the TLS socket; making it necessary to unmask them manually. To unmask the sockets and reestablish communication via TLS, the following steps are needed: 1. Unmask sockets: systemctl unmask libvirtd-admin.socket systemctl unmask libvirtd-ro.socket systemctl unmask libvirtd-tcp.socket systemctl unmask libvirtd-tls.socket systemctl unmask libvirtd.socket 1. Stop the libvirtd service: systemctl stop libvirtd 1. Start libvirtd-tls.socket systemctl start libvirtd-tls.socket 1. Restart the ACS agent: systemctl restart cloudstack-agent 1. Enable socket libvirt-tls systemctl enable libvirtd-tls.socket With this, Libvirt should start with TLS and ACS will mark it with the status Up, instead of Unsecure. Thanks, Brian From: Brian Fossmeyer <[email protected]> Date: Tuesday, December 19, 2023 at 11:13 AM To: [email protected] <[email protected]> Subject: Re: Host showing as unsecure CloudStack 4.18.1.0 Thanks, Brian From: Wei ZHOU <[email protected]> Date: Tuesday, December 19, 2023 at 11:10 AM To: [email protected] <[email protected]> Subject: Re: Host showing as unsecure Warning: This message is the first you've received from this sender ustcweizhou @ gmail.com. Please click the Report Suspicious Email button if you believe this email is not legitimate. Which cloudstack version do you use ? -Wei On Tue, 19 Dec 2023 at 16:08, Brian Fossmeyer wrote: > Thank you, I tried this several times and it has not helped. Is there > anything else I could try? > > Thanks, > > Brian > > From: Vivek Kumar > Date: Tuesday, December 19, 2023 at 8:33 AM > To: [email protected] > Subject: Re: Host showing as unsecure > Warning: This message is the first you've received from this sender > vivek.kumar @ indiqus.com.INVALID. Please click the Report Suspicious Email > button if you believe this email is not legitimate. > > Hello Brian, > > You can re provision the certificates, > > Click on host and click on second options “Provision host security keys” - > it will re-create the certificate. > > > > > Vivek Kumar > Sr. Manager - Cloud & DevOps > TechOps | Indiqus Technologies > > [email protected] > www.indiqus.com > > > > > > On 19-Dec-2023, at 6:57 PM, Brian Fossmeyer wrote: > > > > Hello, > > > > Are there any specific items I could check for a host that shows > unsecure but connected? I have restarted the agent and management service > removed and rejoined, disconnected and reconnected the host and it still > says unsecure. It was a secure host in our previous build of the system. > This is the third build of our entire system and the previous two times it > was green and secure. I am not sure what is different this time. > > > > Thanks, > > Brian > > > > > > Thanks, > > > > Brian > > > > Brian Fossmeyer > > Senior Systems Engineer, Technology > > > > [Answers in Genesis] [Creation Museum] [Ark Encounter] > > > -- > This message is intended only for the use of the individual or entity to > which it is addressed and may contain confidential and/or privileged > information. If you are not the intended recipient, please delete the > original message and any copy of it from your computer system. You are > hereby notified that any dissemination, distribution or copying of this > communication is strictly prohibited unless proper authorization has been > obtained for such action. If you have received this communication in error, > please notify the sender immediately. Although IndiQus attempts to sweep > e-mail and attachments for viruses, it does not guarantee that both are > virus-free and accepts no liability for any damage sustained as a result of > viruses. >
