Hi, Yes ssh keys have been distributed and root remote login works each way. After I got the error I tested all connection manually and they work. On every host I can ssh to root@localhost and to other hosts without any problem. That's why the error is so strange to me. I event tested ansible from oVirt host to others and it works ok using ssh keys.
W dniu czw., 25.10.2018 o 13:43 Jayme <jay...@gmail.com> napisał(a): > You should also make sure the host can ssh to itself and accept keys > > On Thu, Oct 25, 2018, 8:42 AM Jayme, <jay...@gmail.com> wrote: > >> Darn autocorrect, sshd config rather >> >> On Thu, Oct 25, 2018, 7:29 AM Jarosław Prokopowski, < >> jprokopow...@gmail.com> wrote: >> >>> Hi, >>> >>> Please help! :-) I couldn't find any solution via google. >>> >>> I followed this document to create oVirt hyperconverged on 3 hosts using >>> cockpit wizard: >>> >>> >>> https://ovirt.org/blog/2018/02/up-and-running-with-ovirt-4-2-and-gluster-storage/ >>> >>> System: CentOS Linux release 7.5.1804 >>> >>> All hosts can resolve each other names via DNS, ssh keys are exchanged >>> and working. >>> I added firewall rules based on oVirt installation guide. SSH is >>> possible between all hosts using keys. >>> >>> I cannot create the configuration and the error I get in the last step >>> is: >>> >>> >>> ------------------------------------------------------------------------------------------------------ >>> PLAY [gluster_servers] >>> ********************************************************* >>> >>> TASK [Run a shell script] >>> ****************************************************** >>> failed: [bq817storage.example.com] >>> (item=/usr/share/gdeploy/scripts/grafton-sanity-check.sh -d sdb -h >>> bq817storage.example.com, bq735storage.example.com, >>> bq813storage.example.com) => {"item": >>> "/usr/share/gdeploy/scripts/grafton-sanity-check.sh -d sdb -h >>> bq817storage.example.com, bq735storage.example.com, >>> bq813storage.example.com", "msg": "Failed to connect to the host via >>> ssh: Permission denied >>> (publickey,gssapi-keyex,gssapi-with-mic,password).\r\n", "unreachable": >>> true} >>> fatal: [bq817storage.example.com]: UNREACHABLE! => {"changed": false, >>> "msg": "All items completed", "results": [{"_ansible_ignore_errors": null, >>> "_ansible_item_label": "/usr/share/gdeploy/scripts/grafton-sanity-check.sh >>> -d sdb -h bq817storage.example.com, bq735storage.example.com, >>> bq813storage.example.com", "_ansible_item_result": true, "item": >>> "/usr/share/gdeploy/scripts/grafton-sanity-check.sh -d sdb -h >>> bq817storage.example.com, bq735storage.example.com, >>> bq813storage.example.com", "msg": "Failed to connect to the host via >>> ssh: Permission denied >>> (publickey,gssapi-keyex,gssapi-with-mic,password).\r\n", "unreachable": >>> true}]} >>> to retry, use: --limit @/tmp/tmpYLHDCP/run-script.retry >>> >>> PLAY RECAP >>> ********************************************************************* >>> bq817storage.example.com : ok=0 changed=0 unreachable=1 >>> failed=0 >>> >>> >>> Firewall rules: >>> >>> oVirt engine host: >>> >>> #firewall-cmd --list-all >>> public (active) >>> target: default >>> icmp-block-inversion: no >>> interfaces: enp134s0f0 enp134s0f1 >>> sources: >>> services: ssh dhcpv6-client cockpit glusterfs http https dns >>> ports: 2222/tcp 6100/tcp 7410/udp 54323/tcp 2223/tcp 161/udp 111/tcp >>> 5900-6923/tcp 5989/tcp 9090/tcp 16514/tcp 49152-49216/tcp 54321/tcp >>> 54322/tcp 6081/udp >>> protocols: >>> masquerade: no >>> forward-ports: >>> source-ports: >>> icmp-blocks: >>> rich rules: >>> >>> oVirt nodes: >>> >>> #firewall-cmd --list-all >>> public (active) >>> target: default >>> icmp-block-inversion: no >>> interfaces: enp134s0f0 enp134s0f1 >>> sources: >>> services: ssh dhcpv6-client cockpit glusterfs dns >>> ports: 2223/tcp 161/udp 111/tcp 5900-6923/tcp 5989/tcp 9090/tcp >>> 16514/tcp 49152-49216/tcp 54321/tcp 54322/tcp 6081/udp >>> protocols: >>> masquerade: no >>> forward-ports: >>> source-ports: >>> icmp-blocks: >>> >>> --------------------------------------------------------------------------------- >>> >>> Thanks in advance >>> Jarson >>> _______________________________________________ >>> Users mailing list -- users@ovirt.org >>> To unsubscribe send an email to users-le...@ovirt.org >>> Privacy Statement: https://www.ovirt.org/site/privacy-policy/ >>> oVirt Code of Conduct: >>> https://www.ovirt.org/community/about/community-guidelines/ >>> List Archives: >>> https://lists.ovirt.org/archives/list/users@ovirt.org/message/4KKTG4VVPG7WKRNBDJV6JWGOKPBMM2LB/ >>> >>
_______________________________________________ Users mailing list -- users@ovirt.org To unsubscribe send an email to users-le...@ovirt.org Privacy Statement: https://www.ovirt.org/site/privacy-policy/ oVirt Code of Conduct: https://www.ovirt.org/community/about/community-guidelines/ List Archives: https://lists.ovirt.org/archives/list/users@ovirt.org/message/7HGCNUVR6DV4NKMVNATW5VBJFXP2UJCV/