RHEL host creation failure - SSL errors

Latest response

Hi,

I have a RHEV 3.0.3 installation with a 2.2 compatability mode cluster.  Recently, I tried adding a new host (RHEL 5.8 and 6.2 were attempted) and the following happens:

 

1. Install a host with RHEL 6.2, update, register, etc.

2. Add new host via RHEVM web ui

3. After a while, in events tab, "Host XXXXX installation failed. Please refer to log files for further details"

4. Host status permanently hangs at "installing"

 

Additional info:

 

Vdsmd on the new host crashes immediately after start.  /var/log/vdsm/vdsm.log shows:

 

MainThread::ERROR::2012-06-13 14:29:56,123::vdsm::74::vds::(run) Traceback (most recent call last):
  File "/usr/share/vdsm//vdsm", line 72, in run
    serve_clients(log)
  File "/usr/share/vdsm//vdsm", line 40, in serve_clients
    cif = clientIF.clientIF(log)
  File "/usr/share/vdsm/clientIF.py", line 96, in __init__
    self.server = self._createXMLRPCServer()
  File "/usr/share/vdsm/clientIF.py", line 222, in _createXMLRPCServer
    requestHandler=LoggingHandler)
  File "/usr/share/vdsm/SecureXMLRPCServer.py", line 111, in __init__
    ctx.load_cert_chain(certFile, keyFile)
  File "/usr/lib64/python2.6/site-packages/M2Crypto/SSL/Context.py", line 100, in load_cert_chain
    m2.ssl_ctx_use_cert_chain(self.ctx, certchainfile)
SSLError: No such file or directory
 

I noticed there is nothing in the certs directory of /etc/pki/vdsm:

 

[root@rhev-prod-node6 certs]# cd /etc/pki/vdsm && find .
.
./certs
./keys
./keys/vdsmkey.pem
./keys/dh.pem
./keys/libvirt_password

 

...whereas my other RHEL hypervisors have a vdsmcert.pem and cacert.pem in their /var/vdsm/ts/certs directory. 

 

There are also errors in the rhevm log on the RHEV-M host:

 

2012-06-13 10:45:47,526 ERROR [org.ovirt.engine.core.vdsbroker.ResourceManager] (http-0.0.0.0-8443-4) Cannot get vdsManager for vdsid=766000c0-b566-11e1-9114-5452001e1b9d
2012-06-13 10:45:47,527 ERROR [org.ovirt.engine.core.vdsbroker.ResourceManager] (http-0.0.0.0-8443-4) Cannot get vdsManager for vdsid=766000c0-b566-11e1-9114-5452001e1b9d
2012-06-13 10:45:47,527 ERROR [org.ovirt.engine.core.vdsbroker.ResourceManager] (http-0.0.0.0-8443-4) Cannot get vdsManager for vdsid=766000c0-b566-11e1-9114-5452001e1b9d

 

https://access.redhat.com/knowledge/solutions/127013  seems to be getting at the same thing, but this is RHEV-H specific and I wasn't able to translate into something helpful.

 

Is there a certificate that is not being copied to the host?

Doug

DW

Responses