> On 23 Jan 2019, at 14:33, Simone Tiraboschi <stira...@redhat.com> wrote: > > > > On Wed, Jan 23, 2019 at 5:27 PM Vinícius Ferrão <fer...@versatushpc.com.br > <mailto:fer...@versatushpc.com.br>> wrote: > Simone, may I up this thread. > > I will request the RFE on bugzilla. I just need some time to do this. > > But I have another question on this issue. In a case of an already deployed > oVirt installation with this bug. There’s a way to fix it? Production VMs are > running and I would like to know if this can be fixed without interrupting > the VMs. > > I was thinking on getting a backup of the bugged SHE VM with hosted-engine > command and then trying to restore it with ovirt-hosted-engine-setup with the > Ansible backend. But I’m not sure if this will work. > > Yes, it will. > You can also use that tool to migrate from bare metal to hosted-engine and so > on.
Thank you Simone!!! So I will get the backup from the broken HE and then redeploy it using the backup with the Ansible backend. Rewriting just to be sure. > > > If not, there’s a way to at least keep the VMs running and redeploy the > engine from the ground without restoring the backup? > > Thanks! > > Sent from my iPhone > > On 8 Jan 2019, at 14:49, Simone Tiraboschi <stira...@redhat.com > <mailto:stira...@redhat.com>> wrote: > >> >> >> On Tue, Jan 8, 2019 at 5:31 PM Vinícius Ferrão <fer...@versatushpc.com.br >> <mailto:fer...@versatushpc.com.br>> wrote: >> Hello, >> >>> On 8 Jan 2019, at 11:20, Simone Tiraboschi <stira...@redhat.com >>> <mailto:stira...@redhat.com>> wrote: >>> >>> >>> >>> On Mon, Jan 7, 2019 at 10:43 PM Vinícius Ferrão <fer...@versatushpc.com.br >>> <mailto:fer...@versatushpc.com.br>> wrote: >>> Simone, >>> >>> I have additional findings: Ansible was failing because I was defined the >>> option without-password on SSH root access. So it fails with an >>> authentication failure error during the deployment. >>> >>> After allowing root access over SSH the hosted engine deployement with >>> Ansible worked. >>> >>> Now I will check if everything else is working fine. >>> >>> Maybe I need to open a bug on Bugzilla on this issue? >>> >>> Ok, from the logs I see that you set without-password and you correctly >>> entered a public ssh key when requested. >>> But then ansible failed to authenticate to the engine VM, as root, with >>> that password. >>> So, if you are sure that the correspondent private key was available in the >>> right place and with the right permissions, please open a bug. >> >> Hello Simone, just to be sure. The private key was always on my personal >> computer. It was never on the oVirt Node. >> >> For years I’ve deployed oVirt this way and it worked as expected. >> >> So if the new behaviour demands a private key on the hypervisor this makes >> the deployment different. >> >> The purpose of the key and enabling root ssh without-password is to enforce >> the security of the hosted engine, right? Not the security between the >> hypervisor and hosted engine during the deployment phase. So the setting >> without-password should be set at the end of hosted engine deployment. >> >> If this assumptions are correct I will proceed to the ticket on bugzilla. >> >> Now the whole flow, including engine-setup on the engine VM to create the DB >> and so on, is executed with ansible and this requires ansible, executed on >> the first host, to be able to authenticate to the engine VM over ssh. >> Currently the setup is configuring the root password and/or the root ssh pub >> key on the first boot with cloud-init and so this implicitly requires the >> user to enable password authentication or to configure the host to be able >> to access the engine VM with an ssh key. >> >> What you are proposing requires the setup to inject a temporary key >> generated on the fly and remove it at the end or configure without-password >> only after the deployment. >> It makes sense to me but on my opinion it's more an RFE than a real bug. >> Feel free to file it. >> >> >> >> Thanks, >> >>> >>> >>> >>> Thanks, >>> >>>> On 7 Jan 2019, at 15:22, Vinícius Ferrão <fer...@versatushpc.com.br >>>> <mailto:fer...@versatushpc.com.br>> wrote: >>>> >>>> Hello, >>>> >>>>> On 7 Jan 2019, at 12:52, Simone Tiraboschi <stira...@redhat.com >>>>> <mailto:stira...@redhat.com>> wrote: >>>>> >>>>> >>>>> >>>>> On Mon, Jan 7, 2019 at 2:03 PM Vinícius Ferrão <fer...@versatushpc.com.br >>>>> <mailto:fer...@versatushpc.com.br>> wrote: >>>>> Hello Simone, >>>>> >>>>> Sent from my iPhone >>>>> >>>>> On 7 Jan 2019, at 07:11, Simone Tiraboschi <stira...@redhat.com >>>>> <mailto:stira...@redhat.com>> wrote: >>>>> >>>>>> >>>>>> >>>>>> On Sun, Jan 6, 2019 at 5:31 PM <fer...@versatushpc.com.br >>>>>> <mailto:fer...@versatushpc.com.br>> wrote: >>>>>> Hello, >>>>>> >>>>>> I’ve a new oVirt installation using oVirt 4.2.7.1 Node and after >>>>>> deploying the hosted engine it does not show up on the interface even >>>>>> after adding the first storage. >>>>>> >>>>>> The Datacenter is up but the engine VM and the engine storage does not >>>>>> appear. >>>>>> >>>>>> I have the following message repeated constantly on /var/log/messages: >>>>>> >>>>>> Jan 4 20:17:30 ovirt1 journal: ovirt-ha-agent >>>>>> ovirt_hosted_engine_ha.agent.hosted_engine.HostedEngine.config.vm ERROR >>>>>> Unable to identify the OVF_STORE volume, falling back to initial >>>>>> vm.conf. Please ensure you already added your first data domain for >>>>>> regular VMs >>>>>> >>>>>> What’s wrong? Am I doing something different? >>>>>> >>>>>> The import of external VM is broken in 4.2.7 as for >>>>>> https://bugzilla.redhat.com/show_bug.cgi?id=1649615 >>>>>> <https://bugzilla.redhat.com/show_bug.cgi?id=1649615> >>>>>> It will be fixed with 4.2.8. >>>>>> >>>>>> In the mean time I strongly suggest to use the regular flow for >>>>>> hosted-engine deployment (simply skip --noansible option) since only the >>>>>> vintage deprecated flow is affected by this issue. >>>>>> >>>>> >>>>> Thanks for pointing the issue. I was unable the find this on bugzilla by >>>>> myself. The title isn’t helping either. >>>>> >>>>> But on other hand, I only used the legacy mode because ansible mode fails. >>>>> >>>>> Can you please attach a log of the issue? >>>> >>>> For sure, logs on the link: >>>> http://www.if.ufrj.br/~ferrao/ovirt/issues/ansible-storage-bypass >>>> <http://www.if.ufrj.br/~ferrao/ovirt/issues/ansible-storage-bypass> >>>> >>>> What happens is that Ansible just bypasses the storage configuration >>>> questions: >>>> >>>> [ INFO ] Stage: Environment packages setup >>>> [ INFO ] Stage: Programs detection >>>> [ INFO ] Stage: Environment setup >>>> [ INFO ] Stage: Environment customization >>>> >>>> --== STORAGE CONFIGURATION ==-- >>>> >>>> >>>> --== HOST NETWORK CONFIGURATION ==-- >>>> >>>> Please indicate a pingable gateway IP address [10.20.0.1]: >>>> [ INFO ] TASK [Gathering Facts] >>>> [ INFO ] ok: [localhost] >>>> [ INFO ] TASK [Detecting interface on existing management bridge] >>>> [ INFO ] skipping: [localhost] >>>> [ INFO ] TASK [Get all active network interfaces] >>>> [ INFO ] TASK [Filter bonds with bad naming] >>>> [ INFO ] TASK [Generate output list] >>>> >>>> >>>>> >>>>> >>>>> I’m not sure why it fails. I can try it again, but I can ask in advance: >>>>> the management network is bonded, is this an issue? I think I’ve read >>>>> something about this on this list but I’m unsure. >>>>> >>>>> No, but you should set bond mode 1, 2, 3, or 4. >>>>> Teaming is not supported. >>>> >>>> Thanks, since I’m using 802.3ad (LACP) - mode 4, I think I’m good. >>>> >>>>> >>>>> >>>>> Thanks, >>>>> >>>>>> >>>>>> >>>>>> Additional infos: >>>>>> >>>>>> [root@ovirt1 ~]# vdsm-tool list-nets >>>>>> ovirtmgmt (default route) >>>>>> storage >>>>>> >>>>>> [root@ovirt1 ~]# ip a | grep "inet " >>>>>> inet 127.0.0.1/8 <http://127.0.0.1/8> scope host lo >>>>>> inet 10.20.0.101/24 <http://10.20.0.101/24> brd 10.20.0.255 scope >>>>>> global dynamic ovirtmgmt >>>>>> inet 192.168.10.1/29 <http://192.168.10.1/29> brd 192.168.10.7 scope >>>>>> global storage >>>>>> >>>>>> [root@ovirt1 ~]# mount | grep -i nfs >>>>>> sunrpc on /var/lib/nfs/rpc_pipefs type rpc_pipefs (rw,relatime) >>>>>> 10.20.0.200:/mnt/pool0/ovirt/he on /rhev/data-center/mnt/10.20.0. >>>>>> <http://10.20.0.0/>200:_mnt_pool0_ovirt_he type nfs4 >>>>>> (rw,relatime,vers=4.1,rsize=131072,wsize=131072,namlen=255,soft,nosharecache,proto=tcp,timeo=600,retrans=6,sec=sys,clientaddr=10.20.0.101,local_lock=none,addr=10.20.0.200) >>>>>> >>>>>> [root@ovirt1 ~]# hosted-engine --check-deployed >>>>>> Returns nothing! >>>>>> >>>>>> [root@ovirt1 ~]# hosted-engine --check-liveliness >>>>>> Hosted Engine is up! >>>>>> >>>>>> [root@ovirt1 ~]# hosted-engine --vm-status >>>>>> >>>>>> --== Host 1 status ==-- >>>>>> >>>>>> conf_on_shared_storage : True >>>>>> Status up-to-date : True >>>>>> Hostname : ovirt1.local.versatushpc.com.br >>>>>> <http://ovirt1.local.versatushpc.com.br/> >>>>>> Host ID : 1 >>>>>> Engine status : {"health": "good", "vm": "up", >>>>>> "detail": "Up"} >>>>>> Score : 3400 >>>>>> stopped : False >>>>>> Local maintenance : False >>>>>> crc32 : 1736a87d >>>>>> local_conf_timestamp : 7836 >>>>>> Host timestamp : 7836 >>>>>> Extra metadata (valid at timestamp): >>>>>> metadata_parse_version=1 >>>>>> metadata_feature_version=1 >>>>>> timestamp=7836 (Fri Jan 4 20:18:10 2019) >>>>>> host-id=1 >>>>>> score=3400 >>>>>> vm_conf_refresh_time=7836 (Fri Jan 4 20:18:10 2019) >>>>>> conf_on_shared_storage=True >>>>>> maintenance=False >>>>>> state=EngineUp >>>>>> stopped=False >>>>>> >>>>>> >>>>>> Thanks in advance, >>>>>> >>>>>> PS: Log files are available here: >>>>>> http://www.if.ufrj.br/~ferrao/ovirt/issues/he-not-showing/ >>>>>> <http://www.if.ufrj.br/~ferrao/ovirt/issues/he-not-showing/> >>>>>> _______________________________________________ >>>>>> Users mailing list -- users@ovirt.org <mailto:users@ovirt.org> >>>>>> To unsubscribe send an email to users-le...@ovirt.org >>>>>> <mailto:users-le...@ovirt.org> >>>>>> Privacy Statement: https://www.ovirt.org/site/privacy-policy/ >>>>>> <https://www.ovirt.org/site/privacy-policy/> >>>>>> oVirt Code of Conduct: >>>>>> https://www.ovirt.org/community/about/community-guidelines/ >>>>>> <https://www.ovirt.org/community/about/community-guidelines/> >>>>>> List Archives: >>>>>> https://lists.ovirt.org/archives/list/users@ovirt.org/message/IQHM6YQ7HVBHLFQYBCRV2ODTELTWLLWC/ >>>>>> >>>>>> <https://lists.ovirt.org/archives/list/users@ovirt.org/message/IQHM6YQ7HVBHLFQYBCRV2ODTELTWLLWC/> >>>>>> _______________________________________________ >>>>>> Users mailing list -- users@ovirt.org <mailto:users@ovirt.org> >>>>>> To unsubscribe send an email to users-le...@ovirt.org >>>>>> <mailto:users-le...@ovirt.org> >>>>>> Privacy Statement: https://www.ovirt.org/site/privacy-policy/ >>>>>> <https://www.ovirt.org/site/privacy-policy/> >>>>>> oVirt Code of Conduct: >>>>>> https://www.ovirt.org/community/about/community-guidelines/ >>>>>> <https://www.ovirt.org/community/about/community-guidelines/> >>>>>> List Archives: >>>>>> https://lists.ovirt.org/archives/list/users@ovirt.org/message/BPJAV4AVRN55YEHAPT5BMS42PT7NHKEM/ >>>>>> >>>>>> <https://lists.ovirt.org/archives/list/users@ovirt.org/message/BPJAV4AVRN55YEHAPT5BMS42PT7NHKEM/> >>>>> _______________________________________________ >>>>> Users mailing list -- users@ovirt.org <mailto:users@ovirt.org> >>>>> To unsubscribe send an email to users-le...@ovirt.org >>>>> <mailto:users-le...@ovirt.org> >>>>> Privacy Statement: https://www.ovirt.org/site/privacy-policy/ >>>>> <https://www.ovirt.org/site/privacy-policy/> >>>>> oVirt Code of Conduct: >>>>> https://www.ovirt.org/community/about/community-guidelines/ >>>>> <https://www.ovirt.org/community/about/community-guidelines/> >>>>> List Archives: >>>>> https://lists.ovirt.org/archives/list/users@ovirt.org/message/NSOQQ5T6VLMRHZKVZPKXSR42QX5GQJI3/ >>>>> >>>>> <https://lists.ovirt.org/archives/list/users@ovirt.org/message/NSOQQ5T6VLMRHZKVZPKXSR42QX5GQJI3/> >>
_______________________________________________ Users mailing list -- users@ovirt.org To unsubscribe send an email to users-le...@ovirt.org Privacy Statement: https://www.ovirt.org/site/privacy-policy/ oVirt Code of Conduct: https://www.ovirt.org/community/about/community-guidelines/ List Archives: https://lists.ovirt.org/archives/list/users@ovirt.org/message/ZYCNR6BV5ZWMTN2KLMD6C6XUQWACUVQM/