Back to bug 1417757
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Satoe Imaishi | 2017-01-30 21:49:07 UTC | Depends On | 1382732 | |
| Satoe Imaishi | 2017-01-30 21:55:58 UTC | Status | ASSIGNED | MODIFIED |
| Satoe Imaishi | 2017-01-31 21:14:26 UTC | Status | MODIFIED | ON_QA |
| Fixed In Version | 5.7.1.0 | |||
| Ilanit Stein | 2017-02-02 10:04:09 UTC | Flags | needinfo?(oourfali) | |
| Oved Ourfali | 2017-02-03 07:25:47 UTC | CC | istein | |
| Flags | needinfo?(oourfali) | needinfo?(istein) | ||
| Ilanit Stein | 2017-02-03 12:47:47 UTC | Flags | needinfo?(istein) | |
| Oved Ourfali | 2017-02-06 08:36:36 UTC | Target Release | 5.7.1 | 5.7.3 |
| Flags | needinfo?(juan.hernandez) | |||
| Oved Ourfali | 2017-02-06 08:36:49 UTC | Status | ON_QA | ASSIGNED |
| Juan Hernández | 2017-02-06 11:21:46 UTC | Flags | needinfo?(juan.hernandez) | |
| Juan Hernández | 2017-02-07 09:30:55 UTC | Doc Text | Cause: Since version 4 of RHV requests that use IP addresses are rejected by the RHV single sign on service. Consequence: When CFME performs discovery of RHV installations, it does so probing a range of IP addresses. Once a RHV installation is discovered, it is automatically added as a new provider, using the IP address as the host name. The added provider will not work, because RHV server will refuse to authenticate requests that use the IP address instead of the fully qualified host name. Fix: To avoid this issue the RHV provider has been modified so that when it receives an IP address instead of a fully qualified host name, it will try to find the corresponding fully qualified host name, doing a reverse DNS lookup if required. There are situations where the user may not want to use DNS. In those cases the RHV server can be explicitly configured to accept IP addresses. For example, assuming that the IP address of the RHV server is '192.168.122.47': # echo 192.168.122.47 > /etc/ovirt-engine/engine.conf.d/99-custom-sso-setup.conf # systemctl restart ovirt-engine See the following RHV bug for details: Provide option to access engine not only by engine FQDN but also using alternate host names https://bugzilla.redhat.com/1325746 Once that is enabled in the RHV server, CFME can be configured to not do reverse DNS lookups using the following setting (in 'config/settings.yml'): :ems: :ems_redhat: :resolve_ip_addresses: false The default value of this setting is 'true'. Don't change it unless you really need to avoid reverse DNS lookups. Result: The provider will use the fully qualified host name to connect to oVirt/RHV, and the connection will work correctly. | |
| Doc Type | If docs needed, set a value | Release Note | ||
| Juan Hernández | 2017-02-07 10:07:20 UTC | Doc Text | Cause: Since version 4 of RHV requests that use IP addresses are rejected by the RHV single sign on service. Consequence: When CFME performs discovery of RHV installations, it does so probing a range of IP addresses. Once a RHV installation is discovered, it is automatically added as a new provider, using the IP address as the host name. The added provider will not work, because RHV server will refuse to authenticate requests that use the IP address instead of the fully qualified host name. Fix: To avoid this issue the RHV provider has been modified so that when it receives an IP address instead of a fully qualified host name, it will try to find the corresponding fully qualified host name, doing a reverse DNS lookup if required. There are situations where the user may not want to use DNS. In those cases the RHV server can be explicitly configured to accept IP addresses. For example, assuming that the IP address of the RHV server is '192.168.122.47': # echo 192.168.122.47 > /etc/ovirt-engine/engine.conf.d/99-custom-sso-setup.conf # systemctl restart ovirt-engine See the following RHV bug for details: Provide option to access engine not only by engine FQDN but also using alternate host names https://bugzilla.redhat.com/1325746 Once that is enabled in the RHV server, CFME can be configured to not do reverse DNS lookups using the following setting (in 'config/settings.yml'): :ems: :ems_redhat: :resolve_ip_addresses: false The default value of this setting is 'true'. Don't change it unless you really need to avoid reverse DNS lookups. Result: The provider will use the fully qualified host name to connect to oVirt/RHV, and the connection will work correctly. | Cause: Since version 4 of RHV requests that use IP addresses are rejected by the RHV single sign on service. Consequence: When CFME performs discovery of RHV installations, it does so probing a range of IP addresses. Once a RHV installation is discovered, it is automatically added as a new provider, using the IP address as the host name. The added provider will not work, because RHV server will refuse to authenticate requests that use the IP address instead of the fully qualified host name. Fix: To avoid this issue the RHV provider has been modified so that when it receives an IP address instead of a fully qualified host name, it will try to find the corresponding fully qualified host name, doing a reverse DNS lookup if required. There are situations where the user may not want to use DNS. In those cases the RHV server can be explicitly configured to accept IP addresses. For example, assuming that the IP address of the RHV server is '192.168.122.47': # echo 'SSO_ALTERNATE_ENGINE_FQDNS="192.168.122.47"' > /etc/ovirt-engine/engine.conf.d/99-custom-sso-setup.conf # systemctl restart ovirt-engine See the following RHV bug for details: Provide option to access engine not only by engine FQDN but also using alternate host names https://bugzilla.redhat.com/1325746 Once that is enabled in the RHV server, CFME can be configured to not do reverse DNS lookups using the following setting (in 'config/settings.yml'): :ems: :ems_redhat: :resolve_ip_addresses: false The default value of this setting is 'true'. Don't change it unless you really need to avoid reverse DNS lookups. Result: The provider will use the fully qualified host name to connect to oVirt/RHV, and the connection will work correctly. |
| Oved Ourfali | 2017-02-20 08:37:51 UTC | Flags | needinfo?(juan.hernandez) | |
| Juan Hernández | 2017-02-20 08:43:34 UTC | Flags | needinfo?(juan.hernandez) | |
| Juan Hernández | 2017-02-20 08:46:48 UTC | Status | ASSIGNED | POST |
| Oved Ourfali | 2017-02-20 09:41:21 UTC | Target Release | 5.7.3 | 5.7.2 |
| Satoe Imaishi | 2017-02-21 13:04:12 UTC | Status | POST | ON_DEV |
| Oved Ourfali | 2017-03-20 06:28:57 UTC | Status | ON_DEV | POST |
| Satoe Imaishi | 2017-03-21 23:02:38 UTC | Status | POST | MODIFIED |
| Satoe Imaishi | 2017-03-22 15:40:39 UTC | Status | MODIFIED | ON_QA |
| Fixed In Version | 5.7.1.0 | 5.7.2.0 | ||
| Ilanit Stein | 2017-03-26 12:19:15 UTC | Flags | needinfo?(juan.hernandez) | |
| Juan Hernández | 2017-03-27 11:11:51 UTC | CC | mhild | |
| Flags | needinfo?(juan.hernandez) | |||
| Juan Hernández | 2017-03-27 11:13:12 UTC | Flags | needinfo?(mhild) | |
| Ilanit Stein | 2017-03-27 12:36:14 UTC | Status | ON_QA | VERIFIED |
| Marcel Hild | 2017-03-27 15:27:02 UTC | Flags | needinfo?(mhild) | |
| Juan Hernández | 2017-03-28 10:18:18 UTC | Flags | needinfo?(mhild) | |
| Marcel Hild | 2017-03-28 12:20:02 UTC | Flags | needinfo?(mhild) | |
| Chris Budzilowicz | 2017-04-10 13:42:07 UTC | CC | cbudzilo | |
| Doc Text | Cause: Since version 4 of RHV requests that use IP addresses are rejected by the RHV single sign on service. Consequence: When CFME performs discovery of RHV installations, it does so probing a range of IP addresses. Once a RHV installation is discovered, it is automatically added as a new provider, using the IP address as the host name. The added provider will not work, because RHV server will refuse to authenticate requests that use the IP address instead of the fully qualified host name. Fix: To avoid this issue the RHV provider has been modified so that when it receives an IP address instead of a fully qualified host name, it will try to find the corresponding fully qualified host name, doing a reverse DNS lookup if required. There are situations where the user may not want to use DNS. In those cases the RHV server can be explicitly configured to accept IP addresses. For example, assuming that the IP address of the RHV server is '192.168.122.47': # echo 'SSO_ALTERNATE_ENGINE_FQDNS="192.168.122.47"' > /etc/ovirt-engine/engine.conf.d/99-custom-sso-setup.conf # systemctl restart ovirt-engine See the following RHV bug for details: Provide option to access engine not only by engine FQDN but also using alternate host names https://bugzilla.redhat.com/1325746 Once that is enabled in the RHV server, CFME can be configured to not do reverse DNS lookups using the following setting (in 'config/settings.yml'): :ems: :ems_redhat: :resolve_ip_addresses: false The default value of this setting is 'true'. Don't change it unless you really need to avoid reverse DNS lookups. Result: The provider will use the fully qualified host name to connect to oVirt/RHV, and the connection will work correctly. | This release corrects an issue with RHV server refusing to authenticate requests that use the IP address instead of the fully qualified host name. The RHV provider has been modified so that when it receives an IP address instead of a fully qualified host name, it will try to find the corresponding fully qualified host name, doing a reverse DNS lookup if required. If a user does not want to use DNS, the RHV server can be explicitly configured to accept IP addresses. |
||
| errata-xmlrpc | 2017-04-12 14:13:31 UTC | Status | VERIFIED | RELEASE_PENDING |
| errata-xmlrpc | 2017-04-12 14:36:34 UTC | Status | RELEASE_PENDING | CLOSED |
| Resolution | --- | ERRATA | ||
| Last Closed | 2017-04-12 10:36:34 UTC |
Back to bug 1417757