On Thu, Oct 22, 2015 at 2:15 PM, Simone Tiraboschi <stira...@redhat.com> wrote:
> >> 2015-10-21 17:36:33 DEBUG otopi.plugins.otopi.dialog.machine >> dialog.__logString:219 DIALOG:SEND ### Please input VDSM certificate >> chain that matches certificate request, top is issuer >> 2015-10-21 17:36:33 DEBUG otopi.plugins.otopi.dialog.machine >> dialog.__logString:219 DIALOG:SEND ### >> 2015-10-21 17:36:33 DEBUG otopi.plugins.otopi.dialog.machine >> dialog.__logString:219 DIALOG:SEND ### type >> '--=451b80dc-996f-432e-9e4f-2b29ef6d1141=--' in own line to mark end, >> '--=451b80dc-996f-ABORT-9e4f-2b29ef6d1141=--' aborts >> 2015-10-21 17:36:33 DEBUG otopi.context context._executeMethod:156 method >> exception >> Traceback (most recent call last): >> File "/tmp/ovirt-xP0lq4KMou/pythonlib/otopi/context.py", line 146, in >> _executeMethod >> method['method']() >> File >> "/tmp/ovirt-xP0lq4KMou/otopi-plugins/ovirt-host-common/vdsm/pki.py", line >> 319, in _misc >> '\n\nPlease input VDSM certificate chain that ' >> File "/tmp/ovirt-xP0lq4KMou/otopi-plugins/otopi/dialog/machine.py", >> line 207, in queryMultiString >> v = self._readline() >> File "/tmp/ovirt-xP0lq4KMou/pythonlib/otopi/dialog.py", line 263, in >> _readline >> raise IOError(_('End of file')) >> IOError: End of file >> 2015-10-21 17:36:33 ERROR otopi.context context._executeMethod:165 Failed >> to execute stage 'Misc configuration': End of file >> 2015-10-21 17:36:33 DEBUG otopi.transaction transaction.abort:134 >> aborting 'Yum Transaction' >> 2015-10-21 17:36:33 INFO otopi.plugins.otopi.packagers.yumpackager >> yumpackager.info:95 Yum Performing yum transaction rollback >> Loaded plugins: fastestmirror, langpacks >> > > The issue seams to be there: > we have an input request on host-deploy to have somebody explicitly > trusting the VDSM cert chain but of course, being an automated process, > nobody will respond and so it failed. > Did you manually changed the engine cert or some others CA cert? > > No. The only thing is that I first ran hosted-engine --deploy without putting the hostname of engine inside /etc/hosts of hypervisor and it failed (see my first mail of the thread), I think without doing anything (at least at engine VM level, I don't know if it created a cert...), but generating an answer file. And then I ran, as you suggested (with the warning you noted) hosted-engine --deploy --config-append=answer_file Inside log of first run (ovirt-hosted-engine-setup-20151021151938-j4hy5g.log) I see 2015-10-21 15:20:13 DEBUG otopi.plugins.ovirt_hosted_engine_setup.pki.vdsmpki plugin.execute:936 execut e-output: ('/bin/openssl', 'x509', '-noout', '-text', '-in', '/etc/pki/vdsm/libvirt-spice/server-cert.p em') stdout: Certificate: Data: Version: 1 (0x0) Serial Number: 1 (0x1) Signature Algorithm: sha1WithRSAEncryption Issuer: C=EN, L=Test, O=Test, CN=TestCA Validity Not Before: Oct 21 13:20:13 2015 GMT Not After : Oct 20 13:20:13 2018 GMT Subject: C=EN, L=Test, O=Test, CN=Test Subject Public Key Info: Public Key Algorithm: rsaEncryption Public-Key: (1024 bit) Modulus: 00:bd:f8:d4:a0:87:9e:20:7f:71:12:8d:8e:90:e0: ... Inside the run with answer file (ovirt-hosted-engine-setup-20151021170822-p1iv3y.log) I see 2015-10-21 17:08:22 DEBUG otopi.plugins.ovirt_hosted_engine_setup.pki.vdsmpki plugin.execute:936 execute-output: ('/bin/openssl', 'x509', '-noout', '-text', '-in', '/etc/pki/vdsm/libvirt-spice/server-cert.pem') stdout: Certificate: Data: Version: 1 (0x0) Serial Number: 1 (0x1) Signature Algorithm: sha1WithRSAEncryption Issuer: C=EN, L=Test, O=Test, CN=TestCA Validity Not Before: Oct 21 13:20:13 2015 GMT Not After : Oct 20 13:20:13 2018 GMT Subject: C=EN, L=Test, O=Test, CN=Test Subject Public Key Info: Public Key Algorithm: rsaEncryption Public-Key: (1024 bit) Modulus: 00:bd:f8:d4:a0:87:9e:20:7f:71:12:8d:8e:90:e0: Any particular file or section in log files to cross check? I can also start from scratch in case.... just to be sure that I don't get into same problem, so that it can be useful to find it before... Thanks, Gianluca
_______________________________________________ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users