Description of problem:
A hypervisor that can be added to an environment normally through the admin portal is failing to be added via the hosted-engine --deploy script with the following SSL failure:
2015-03-02 16:31:35 DEBUG otopi.plugins.ovirt_hosted_engine_setup.engine.add_host add_host._closeup:532 Connecting to the Engine
2015-03-02 16:31:35 DEBUG otopi.context context._executeMethod:152 method exception
Traceback (most recent call last):
File "/usr/lib/python2.6/site-packages/otopi/context.py", line 142, in _executeMethod
method['method']()
File "/usr/share/ovirt-hosted-engine-setup/scripts/../plugins/ovirt-hosted-engine-setup/engine/add_host.py", line 544, in _closeup
ohostedcons.EngineEnv.TEMPORARY_CERT_FILE
File "/usr/lib/python2.6/site-packages/ovirtsdk/api.py", line 154, in __init__
url=''
File "/usr/lib/python2.6/site-packages/ovirtsdk/infrastructure/proxy.py", line 118, in request
persistent_auth=self._persistent_auth)
File "/usr/lib/python2.6/site-packages/ovirtsdk/infrastructure/proxy.py", line 146, in __doRequest
persistent_auth=persistent_auth
File "/usr/lib/python2.6/site-packages/ovirtsdk/web/connection.py", line 149, in doRequest
raise ConnectionError, str(e)
ConnectionError: [ERROR]::RHEV API connection failure, [Errno 1] _ssl.c:492: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
2015-03-02 16:31:35 ERROR otopi.context context._executeMethod:161 Failed to execute stage 'Closing up': [ERROR]::RHEV API connection failure, [Errno 1] _ssl.c:492: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
2015-03-02 16:31:35 DEBUG otopi.context context.dumpEnvironment:490 ENVIRONMENT DUMP - BEGIN
2015-03-02 16:31:35 DEBUG otopi.context context.dumpEnvironment:500 ENV BASE/error=bool:'True'
2015-03-02 16:31:35 DEBUG otopi.context context.dumpEnvironment:500 ENV BASE/exceptionInfo=list:'[(<class 'ovirtsdk.infrastructure.errors.ConnectionError'>, ConnectionError('[ERROR]::RHEV API connection failure, [Errno 1] _ssl.c:492: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed',), <traceback object at 0x32fa1b8>)]'
Version-Release number of selected component (if applicable):
rhevm-3.5.0-0.32.el6ev
RHEL 6.5 hypervisor
kernel-2.6.32-431.el6
vdsm-4.16.8.1-6.el6ev
ovirt-hosted-engine-ha-1.2.4-5.el6ev
ovirt-hosted-engine-setup-1.2.1-9.el6ev
How reproducible:
Customer can reproduce this behavior 100%
Steps to Reproduce:
1. Remove a current RHEL hypervisor from RHEV-M
2. Try to add via hosted-engine --deploy
3.
Actual results:
Addition of hypervisor fails
Expected results:
Hypervisor should be added
Additional info:
First pass through this customer removed a working hypervisor from the admin portal and attempted to re-add it via the --deploy script. That failed so they did a re-build of RHEL and tried again with --deploy. That also failed with the same SSL error above, but they were then able to turn around and add the hypervisor via the normal method in the admin portal.
Description of problem: A hypervisor that can be added to an environment normally through the admin portal is failing to be added via the hosted-engine --deploy script with the following SSL failure: 2015-03-02 16:31:35 DEBUG otopi.plugins.ovirt_hosted_engine_setup.engine.add_host add_host._closeup:532 Connecting to the Engine 2015-03-02 16:31:35 DEBUG otopi.context context._executeMethod:152 method exception Traceback (most recent call last): File "/usr/lib/python2.6/site-packages/otopi/context.py", line 142, in _executeMethod method['method']() File "/usr/share/ovirt-hosted-engine-setup/scripts/../plugins/ovirt-hosted-engine-setup/engine/add_host.py", line 544, in _closeup ohostedcons.EngineEnv.TEMPORARY_CERT_FILE File "/usr/lib/python2.6/site-packages/ovirtsdk/api.py", line 154, in __init__ url='' File "/usr/lib/python2.6/site-packages/ovirtsdk/infrastructure/proxy.py", line 118, in request persistent_auth=self._persistent_auth) File "/usr/lib/python2.6/site-packages/ovirtsdk/infrastructure/proxy.py", line 146, in __doRequest persistent_auth=persistent_auth File "/usr/lib/python2.6/site-packages/ovirtsdk/web/connection.py", line 149, in doRequest raise ConnectionError, str(e) ConnectionError: [ERROR]::RHEV API connection failure, [Errno 1] _ssl.c:492: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed 2015-03-02 16:31:35 ERROR otopi.context context._executeMethod:161 Failed to execute stage 'Closing up': [ERROR]::RHEV API connection failure, [Errno 1] _ssl.c:492: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed 2015-03-02 16:31:35 DEBUG otopi.context context.dumpEnvironment:490 ENVIRONMENT DUMP - BEGIN 2015-03-02 16:31:35 DEBUG otopi.context context.dumpEnvironment:500 ENV BASE/error=bool:'True' 2015-03-02 16:31:35 DEBUG otopi.context context.dumpEnvironment:500 ENV BASE/exceptionInfo=list:'[(<class 'ovirtsdk.infrastructure.errors.ConnectionError'>, ConnectionError('[ERROR]::RHEV API connection failure, [Errno 1] _ssl.c:492: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed',), <traceback object at 0x32fa1b8>)]' Version-Release number of selected component (if applicable): rhevm-3.5.0-0.32.el6ev RHEL 6.5 hypervisor kernel-2.6.32-431.el6 vdsm-4.16.8.1-6.el6ev ovirt-hosted-engine-ha-1.2.4-5.el6ev ovirt-hosted-engine-setup-1.2.1-9.el6ev How reproducible: Customer can reproduce this behavior 100% Steps to Reproduce: 1. Remove a current RHEL hypervisor from RHEV-M 2. Try to add via hosted-engine --deploy 3. Actual results: Addition of hypervisor fails Expected results: Hypervisor should be added Additional info: First pass through this customer removed a working hypervisor from the admin portal and attempted to re-add it via the --deploy script. That failed so they did a re-build of RHEL and tried again with --deploy. That also failed with the same SSL error above, but they were then able to turn around and add the hypervisor via the normal method in the admin portal.