Description of problem:
A hypervisor that can be added to an environment normally through the admin portal is failing to be added via the hosted-engine --deploy script with the following SSL failure:
2015-03-02 16:31:35 DEBUG otopi.plugins.ovirt_hosted_engine_setup.engine.add_host add_host._closeup:532 Connecting to the Engine
2015-03-02 16:31:35 DEBUG otopi.context context._executeMethod:152 method exception
Traceback (most recent call last):
File "/usr/lib/python2.6/site-packages/otopi/context.py", line 142, in _executeMethod
method['method']()
File "/usr/share/ovirt-hosted-engine-setup/scripts/../plugins/ovirt-hosted-engine-setup/engine/add_host.py", line 544, in _closeup
ohostedcons.EngineEnv.TEMPORARY_CERT_FILE
File "/usr/lib/python2.6/site-packages/ovirtsdk/api.py", line 154, in __init__
url=''
File "/usr/lib/python2.6/site-packages/ovirtsdk/infrastructure/proxy.py", line 118, in request
persistent_auth=self._persistent_auth)
File "/usr/lib/python2.6/site-packages/ovirtsdk/infrastructure/proxy.py", line 146, in __doRequest
persistent_auth=persistent_auth
File "/usr/lib/python2.6/site-packages/ovirtsdk/web/connection.py", line 149, in doRequest
raise ConnectionError, str(e)
ConnectionError: [ERROR]::RHEV API connection failure, [Errno 1] _ssl.c:492: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
2015-03-02 16:31:35 ERROR otopi.context context._executeMethod:161 Failed to execute stage 'Closing up': [ERROR]::RHEV API connection failure, [Errno 1] _ssl.c:492: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
2015-03-02 16:31:35 DEBUG otopi.context context.dumpEnvironment:490 ENVIRONMENT DUMP - BEGIN
2015-03-02 16:31:35 DEBUG otopi.context context.dumpEnvironment:500 ENV BASE/error=bool:'True'
2015-03-02 16:31:35 DEBUG otopi.context context.dumpEnvironment:500 ENV BASE/exceptionInfo=list:'[(<class 'ovirtsdk.infrastructure.errors.ConnectionError'>, ConnectionError('[ERROR]::RHEV API connection failure, [Errno 1] _ssl.c:492: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed',), <traceback object at 0x32fa1b8>)]'
Version-Release number of selected component (if applicable):
rhevm-3.5.0-0.32.el6ev
RHEL 6.5 hypervisor
kernel-2.6.32-431.el6
vdsm-4.16.8.1-6.el6ev
ovirt-hosted-engine-ha-1.2.4-5.el6ev
ovirt-hosted-engine-setup-1.2.1-9.el6ev
How reproducible:
Customer can reproduce this behavior 100%
Steps to Reproduce:
1. Remove a current RHEL hypervisor from RHEV-M
2. Try to add via hosted-engine --deploy
3.
Actual results:
Addition of hypervisor fails
Expected results:
Hypervisor should be added
Additional info:
First pass through this customer removed a working hypervisor from the admin portal and attempted to re-add it via the --deploy script. That failed so they did a re-build of RHEL and tried again with --deploy. That also failed with the same SSL error above, but they were then able to turn around and add the hypervisor via the normal method in the admin portal.