Forum Stats

  • 3,836,683 Users
  • 2,262,165 Discussions
  • 7,900,071 Comments

Discussions

KVM deploy engine

User_ILNWN
User_ILNWN Member Posts: 4 Green Ribbon
edited Apr 28, 2022 1:51PM in Oracle VM Server for x86

I am installing Oracle Virtualization Manager self-hosted engine on Oracle Enterprise Linux 7.9. The installation starts fine but after a while it got stuck at a point and fails. Until now I am not able to identify the root cause of this error or troubleshoot it.

I tried by CLI and Cockpit but the error is the same

[ ERROR ] fatal: [localhost -> CL4A0V-DCC-MG01.cloud.sonda.com]: FAILED! => {"attempts": 12, "changed": false, "msg": "Failed to validate the SSL certificate for localhost:443. Make sure your managed systems have a valid CA certificate installed. You can use validate_certs=False if you do not need to confirm the servers identity but this is unsafe and not recommended. Paths checked for this platform: /etc/ssl/certs, /etc/pki/ca-trust/extracted/pem, /etc/pki/tls/certs, /usr/share/ca-certificates/cacert.org, /etc/ansible. The exception msg was: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:618).", "status": -1, "url": "http://localhost/ovirt-engine/services/health"}

Could you help me?

Best Answer

Answers

  • Nik
    Nik Blocked Member Posts: 2,879 Bronze Crown

    Hi.

    It's look like at this moment hostname is localhost. It's can be problem.

    Assign some hostname with domain. Check that new hostname can be resolved to IP.


    Regards,

    Nik

  • User_ILNWN
    User_ILNWN Member Posts: 4 Green Ribbon

    Hi,

    The problem is when i m doing engine deploy

    INFO ] changed: [localhost -> cl4a0v-dcc-mg01.cloud.sonda.com]

    [ INFO ] TASK [ovirt.engine-setup : Make sure `ovirt-engine` service is running]

    [ INFO ] ok: [localhost -> cl4a0v-dcc-mg01.cloud.sonda.com]

    [ INFO ] TASK [ovirt.engine-setup : Check if Engine health page is up]

    [ ERROR ] fatal: [localhost -> cl4a0v-dcc-mg01.cloud.sonda.com]:

    FAILED! => {"attempts": 12, "changed": false, "msg":

    "Failed to validate the SSL certificate for localhost:443.

    Make sure your managed systems have a valid CA certificate installed.

    You can use validate_certs=False if you do not need to confirm the servers

    identity but this is unsafe and not recommended. Paths checked for

    this platform: /etc/ssl/certs, /etc/pki/ca-trust/extracted/pem, /etc/pki/tls/certs,

    /usr/share/ca-certificates/cacert.org, /etc/ansible. The exception msg was:

    [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:618).", "status": -1, "url":

    "http://localhost/ovirt-engine/services/health"}

    [ INFO ] TASK [ovirt.engine-setup : Clean temporary files]

    [ INFO ] changed: [localhost -> cl4a0v-dcc-mg01.cloud.sonda.com]

    I don´t have option for change local hosts.

    DNS is resolving name to IP withoit problem.

  • User_X3X0V
    User_X3X0V Member Posts: 1 Blue Ribbon
    Answer ✓

    Hi

    There are various workarounds in the following discussion link with similar problema as you described.


    User_ILNWN
  • User_ILNWN
    User_ILNWN Member Posts: 4 Green Ribbon

    Hi

    Thank you for your answer.

    I fixed my problem whth the next workaroud.

    =======================================================================

    1) During the hosted-engine setup, wait for the local VM to be deployed

    2) After the local VM is deployed and ovirt-engine packages are installated 

    (visible in installation script output) you will have a few minutes to do the following:

    Check the HostedEngineLocalVM IP Address in the Hypervisor /etc/hosts

    Open up a ssh session to the HostedEngineLocalVM IP and execute the following commands:

    # mv /etc/httpd/conf.d/ovirt-enable-strict-transport-security.conf /var/tmp

    ll# systemctl restart httpd

    3) The installation script is at this stage trying to access to health page with http, 

    and it will succeed after step (2) is performed