Bug 1250782
Summary: | [RFE] virt-who should support connecting rhevm and hyperV through proxy | ||
---|---|---|---|
Product: | Red Hat Enterprise Linux 7 | Reporter: | Liushihui <shihliu> |
Component: | virt-who | Assignee: | Radek Novacek <rnovacek> |
Status: | CLOSED ERRATA | QA Contact: | xingge <gxing> |
Severity: | high | Docs Contact: | Jiri Herrmann <jherrman> |
Priority: | medium | ||
Version: | 7.2 | CC: | gxing, hsun, ldai, liliu, lmiksik, ovasik, rbalakri, rnovacek, sgao, tlavigne |
Target Milestone: | rc | Keywords: | FutureFeature |
Target Release: | --- | ||
Hardware: | x86_64 | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | virt-who-0.14-9.el7 | Doc Type: | Release Note |
Doc Text: |
Enhanced proxy connection options
With Red Hat Enterprise Linux 7.2, the virt-who utility can handle the HTTP_PROXY and HTTPS_PROXY environment variables, and thus correctly uses the proxy server when requested. This allows virt-who to connect to the Hyper-V hypervisor and Red Hat Enterprise Virtualization Manager through proxy.
|
Story Points: | --- |
Clone Of: | 1227259 | Environment: | |
Last Closed: | 2015-11-19 11:57:45 UTC | Type: | Bug |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | 1227259 | ||
Bug Blocks: |
Comment 1
Radek Novacek
2015-08-18 15:56:51 UTC
It still exist on virt-who-0.14-7.el7.noarch since virt-who still failed to connect rhevm/hyperv through proxy. Therefore, reopen it. [root@hp-z220-05 ~]# rpm -q virt-who virt-who-0.14-7.el7.noarch Checked process: ******************** Check it on HYPERV ******************** 1.Make sure virt-who can't connect hyperv 2.Configure virt-who connect hyperv through proxy [root@hp-z220-05 network-scripts]# cat /etc/sysconfig/virt-who | grep -v ^# | grep -v ^$ VIRTWHO_DEBUG=1 http_proxy=https://10.66.128.144:3128 VIRTWHO_HYPERV=1 VIRTWHO_HYPERV_OWNER=ACME_Corporation VIRTWHO_HYPERV_ENV=Library VIRTWHO_HYPERV_SERVER=10.66.128.9 VIRTWHO_HYPERV_USERNAME=administrator VIRTWHO_HYPERV_PASSWORD=qwer1234P 3.Register system to SAM and restart virt-who, then check the virt-who's log. [root@hp-z220-05 network-scripts]# subscription-manager register --username=admin --password=admin Registering to: samserv.redhat.com:443/sam/api The system has been registered with ID: c2073ad6-fd89-4e7b-a98e-812989ee8745 [root@hp-z220-05 network-scripts]# systemctl restart virt-who [root@hp-z220-05 network-scripts]# tail -f /var/log/rhsm/rhsm.log 2015-09-08 11:46:54,150 [INFO] @virtwho.py:696 - Using configuration "env/cmdline" ("hyperv" mode) 2015-09-08 11:46:54,151 [DEBUG] @virtwho.py:215 - Starting infinite loop with 3600 seconds interval 2015-09-08 11:46:54,179 [DEBUG] @hyperv.py:307 - Hyper-V url: http://10.66.128.9:5985/wsman 2015-09-08 11:46:54,183 [ERROR] @virt.py:306 - Virt backend 'env/cmdline' fails with exception: Traceback (most recent call last): File "/usr/share/virt-who/virt/virt.py", line 301, in run self._run() File "/usr/share/virt-who/virt/virt.py", line 332, in _run report = self._get_report() File "/usr/share/virt-who/virt/virt.py", line 274, in _get_report return HostGuestAssociationReport(self.config, self.getHostGuestMapping()) File "/usr/share/virt-who/virt/hyperv/hyperv.py", line 426, in getHostGuestMapping connection, headers = self.connect() File "/usr/share/virt-who/virt/hyperv/hyperv.py", line 346, in connect connection.request("POST", self.url, headers=headers) File "/usr/lib64/python2.7/httplib.py", line 979, in request self._send_request(method, url, body, headers) File "/usr/lib64/python2.7/httplib.py", line 1013, in _send_request self.endheaders(body) File "/usr/lib64/python2.7/httplib.py", line 975, in endheaders self._send_output(message_body) File "/usr/lib64/python2.7/httplib.py", line 835, in _send_output self.send(msg) File "/usr/lib64/python2.7/httplib.py", line 797, in send self.connect() File "/usr/lib64/python2.7/httplib.py", line 778, in connect self.timeout, self.source_address) File "/usr/lib64/python2.7/socket.py", line 553, in create_connection for res in getaddrinfo(host, port, 0, SOCK_STREAM): gaierror: [Errno -2] Name or service not known 2015-09-08 11:46:54,184 [INFO] @virt.py:317 - Waiting 3600 seconds before retrying backend 'env/cmdline' ******************** Check it on RHEVM ******************** 1.Make sure virt-who can't connect RHEVM On rhevm machine: [root@rhevm354 ~]# iptables -I INPUT -s 10.66.144.3 -j DROP 2.Configure virt-who connect rhevm through proxy [root@hp-z220-05 network-scripts]# cat /etc/sysconfig/virt-who | grep -v ^# | grep -v ^$ VIRTWHO_DEBUG=1 http_proxy=https://10.66.128.144:3128 VIRTWHO_RHEVM=1 VIRTWHO_RHEVM_OWNER=ACME_Corporation VIRTWHO_RHEVM_ENV=Library VIRTWHO_RHEVM_SERVER=https://10.66.79.83:443 VIRTWHO_RHEVM_USERNAME=admin@internal VIRTWHO_RHEVM_PASSWORD=redhat 3.Register system to SAM and restart virt-who, then check the virt-who's log. [root@hp-z220-05 network-scripts]# tail -f /var/log/rhsm/rhsm.log 2015-09-08 11:57:05,372 [INFO] @virtwho.py:696 - Using configuration "env/cmdline" ("rhevm" mode) 2015-09-08 11:57:05,374 [DEBUG] @virtwho.py:215 - Starting infinite loop with 3600 seconds interval 2015-09-08 11:59:12,683 [ERROR] @virt.py:306 - Virt backend 'env/cmdline' fails with exception: Traceback (most recent call last): File "/usr/share/virt-who/virt/virt.py", line 301, in run self._run() File "/usr/share/virt-who/virt/virt.py", line 332, in _run report = self._get_report() File "/usr/share/virt-who/virt/virt.py", line 274, in _get_report return HostGuestAssociationReport(self.config, self.getHostGuestMapping()) File "/usr/share/virt-who/virt/rhevm/rhevm.py", line 104, in getHostGuestMapping clusters_xml = ElementTree.parse(self.get(self.clusters_url)) File "/usr/share/virt-who/virt/rhevm/rhevm.py", line 89, in get return urllib2.urlopen(request) File "/usr/lib64/python2.7/urllib2.py", line 154, in urlopen return opener.open(url, data, timeout) File "/usr/lib64/python2.7/urllib2.py", line 431, in open response = self._open(req, data) File "/usr/lib64/python2.7/urllib2.py", line 449, in _open '_open', req) File "/usr/lib64/python2.7/urllib2.py", line 409, in _call_chain result = func(*args) File "/usr/lib64/python2.7/urllib2.py", line 1258, in https_open context=self._context, check_hostname=self._check_hostname) File "/usr/lib64/python2.7/urllib2.py", line 1214, in do_open raise URLError(err) URLError: <urlopen error [Errno 110] Connection timed out> 2015-09-08 11:59:12,685 [INFO] @virt.py:317 - Waiting 3600 seconds before retrying backend 'env/cmdline' Result: virt-who failed to connect rhevm/hyperv through proxy. It still exist on virt-who-0.14-7.el7.noarch since virt-who still failed to connect rhevm/hyperv through proxy. Therefore, reopen it. [root@hp-z220-05 ~]# rpm -q virt-who virt-who-0.14-7.el7.noarch Checked process: ******************** Check it on HYPERV ******************** 1.Make sure virt-who can't connect hyperv 2.Configure virt-who connect hyperv through proxy [root@hp-z220-05 network-scripts]# cat /etc/sysconfig/virt-who | grep -v ^# | grep -v ^$ VIRTWHO_DEBUG=1 http_proxy=https://10.66.128.144:3128 VIRTWHO_HYPERV=1 VIRTWHO_HYPERV_OWNER=ACME_Corporation VIRTWHO_HYPERV_ENV=Library VIRTWHO_HYPERV_SERVER=10.66.128.9 VIRTWHO_HYPERV_USERNAME=administrator VIRTWHO_HYPERV_PASSWORD=qwer1234P 3.Register system to SAM and restart virt-who, then check the virt-who's log. [root@hp-z220-05 network-scripts]# subscription-manager register --username=admin --password=admin Registering to: samserv.redhat.com:443/sam/api The system has been registered with ID: c2073ad6-fd89-4e7b-a98e-812989ee8745 [root@hp-z220-05 network-scripts]# systemctl restart virt-who [root@hp-z220-05 network-scripts]# tail -f /var/log/rhsm/rhsm.log 2015-09-08 11:46:54,150 [INFO] @virtwho.py:696 - Using configuration "env/cmdline" ("hyperv" mode) 2015-09-08 11:46:54,151 [DEBUG] @virtwho.py:215 - Starting infinite loop with 3600 seconds interval 2015-09-08 11:46:54,179 [DEBUG] @hyperv.py:307 - Hyper-V url: http://10.66.128.9:5985/wsman 2015-09-08 11:46:54,183 [ERROR] @virt.py:306 - Virt backend 'env/cmdline' fails with exception: Traceback (most recent call last): File "/usr/share/virt-who/virt/virt.py", line 301, in run self._run() File "/usr/share/virt-who/virt/virt.py", line 332, in _run report = self._get_report() File "/usr/share/virt-who/virt/virt.py", line 274, in _get_report return HostGuestAssociationReport(self.config, self.getHostGuestMapping()) File "/usr/share/virt-who/virt/hyperv/hyperv.py", line 426, in getHostGuestMapping connection, headers = self.connect() File "/usr/share/virt-who/virt/hyperv/hyperv.py", line 346, in connect connection.request("POST", self.url, headers=headers) File "/usr/lib64/python2.7/httplib.py", line 979, in request self._send_request(method, url, body, headers) File "/usr/lib64/python2.7/httplib.py", line 1013, in _send_request self.endheaders(body) File "/usr/lib64/python2.7/httplib.py", line 975, in endheaders self._send_output(message_body) File "/usr/lib64/python2.7/httplib.py", line 835, in _send_output self.send(msg) File "/usr/lib64/python2.7/httplib.py", line 797, in send self.connect() File "/usr/lib64/python2.7/httplib.py", line 778, in connect self.timeout, self.source_address) File "/usr/lib64/python2.7/socket.py", line 553, in create_connection for res in getaddrinfo(host, port, 0, SOCK_STREAM): gaierror: [Errno -2] Name or service not known 2015-09-08 11:46:54,184 [INFO] @virt.py:317 - Waiting 3600 seconds before retrying backend 'env/cmdline' ******************** Check it on RHEVM ******************** 1.Make sure virt-who can't connect RHEVM On rhevm machine: [root@rhevm354 ~]# iptables -I INPUT -s 10.66.144.3 -j DROP 2.Configure virt-who connect rhevm through proxy [root@hp-z220-05 network-scripts]# cat /etc/sysconfig/virt-who | grep -v ^# | grep -v ^$ VIRTWHO_DEBUG=1 http_proxy=https://10.66.128.144:3128 VIRTWHO_RHEVM=1 VIRTWHO_RHEVM_OWNER=ACME_Corporation VIRTWHO_RHEVM_ENV=Library VIRTWHO_RHEVM_SERVER=https://10.66.79.83:443 VIRTWHO_RHEVM_USERNAME=admin@internal VIRTWHO_RHEVM_PASSWORD=redhat 3.Register system to SAM and restart virt-who, then check the virt-who's log. [root@hp-z220-05 network-scripts]# tail -f /var/log/rhsm/rhsm.log 2015-09-08 11:57:05,372 [INFO] @virtwho.py:696 - Using configuration "env/cmdline" ("rhevm" mode) 2015-09-08 11:57:05,374 [DEBUG] @virtwho.py:215 - Starting infinite loop with 3600 seconds interval 2015-09-08 11:59:12,683 [ERROR] @virt.py:306 - Virt backend 'env/cmdline' fails with exception: Traceback (most recent call last): File "/usr/share/virt-who/virt/virt.py", line 301, in run self._run() File "/usr/share/virt-who/virt/virt.py", line 332, in _run report = self._get_report() File "/usr/share/virt-who/virt/virt.py", line 274, in _get_report return HostGuestAssociationReport(self.config, self.getHostGuestMapping()) File "/usr/share/virt-who/virt/rhevm/rhevm.py", line 104, in getHostGuestMapping clusters_xml = ElementTree.parse(self.get(self.clusters_url)) File "/usr/share/virt-who/virt/rhevm/rhevm.py", line 89, in get return urllib2.urlopen(request) File "/usr/lib64/python2.7/urllib2.py", line 154, in urlopen return opener.open(url, data, timeout) File "/usr/lib64/python2.7/urllib2.py", line 431, in open response = self._open(req, data) File "/usr/lib64/python2.7/urllib2.py", line 449, in _open '_open', req) File "/usr/lib64/python2.7/urllib2.py", line 409, in _call_chain result = func(*args) File "/usr/lib64/python2.7/urllib2.py", line 1258, in https_open context=self._context, check_hostname=self._check_hostname) File "/usr/lib64/python2.7/urllib2.py", line 1214, in do_open raise URLError(err) URLError: <urlopen error [Errno 110] Connection timed out> 2015-09-08 11:59:12,685 [INFO] @virt.py:317 - Waiting 3600 seconds before retrying backend 'env/cmdline' Result: virt-who failed to connect rhevm/hyperv through proxy. I was able to connect to RHEVM through the proxy. What proxy server are you using and how did you configure it? Can you also please try to set https_proxy variable instead of http_proxy? The proxy support is broken in the HYPERV mode, I'll fix that. In rhevm mode, configure proxy with "https_proxy=https://10.66.128.144:3128" ,it can work normally. However, It can't work when configure proxy with "http_proxy". I think that it is expected that http_proxy won't work for https connections and vice versa. In rhevm mode, Configure "https_proxy=[https/http]://10.66.128.144:3128", virt-who can work normally. However, it can't work when configure http_proxy=[https/http]://10.66.128.144:3128" In esx mode, virt-who run normally when configure "https_proxy=[https/http]://10.66.128.144:3128" or "http_proxy=[https/http]://10.66.128.144:3128". I think it should be the expected result. It sounds like a bug in ESX proxy support, it shouldn't work like that. User might have different proxies for http and for https traffic. I'll fix it. Correct solution is to use http_proxy for http connections only and https_proxy for https connections only. The fix is fairly simple, proposing as a blocker. Fixed in virt-who-0.14-8.el7. It still exist on virt-who-0.14-8.el7.noarch. Therefore,reopen it. Checked version: virt-who-0.14-8.el7.noarch subscription-manager-1.15.9-10.el7.x86_64 python-rhsm-1.15.4-5.el7.x86_64 Checked process: 1. In hyperv mode, virt-who still can't connect hyperv through proxy regardless of setting "https_proxy=[https/http]://10.66.128.144:3128" or "http_proxy=[https/http]://10.66.128.144:3128" 2. In rhevm/esx mode, virt-who can connect rhevm/vcenter through proxy after setting "https_proxy=[https/http]://10.66.128.144:3128". However, it failed to connect rhevm/vcenter after setting "http_proxy=[https/http]://10.66.128.144:3128" virt-who failed to connect server after setting as prefix of "http_proxy" Expected result: No matter what mode virt-who is running, it should connect vcenter/rhevm/hyperv through proxy after setting "https_proxy=https://[proxy_ip]:[proxy_port]" or "http_proxy=http://[proxy_ip]:[proxy_port]" Fixed in virt-who-0.14-9.el7. "http_proxy=http://proxy:port" should work for hyperv mode (hyperv is using http connection). For other modes (assuming they're using https, which is default), "https_proxy=https://proxy:port" should work. Reopen it on virt-who-0.14-9.el7 since virt-who still can connect to rhevm and vcenter through "https_proxy=http://proxy:port" Checked process: Correct result: 1. When virt-who run at rhevm mode or esx mode, it can connect rhevm and vcenter through "https_proxy=https://proxy:port" 2. When virt-who run at rhevm mode or esx mode, it can not connect rhevm and vcenter through "http_proxy=[http/https]://proxy:port" 3. When virt-who run at hyperv mode, it can connect hyperv through "http_proxy=http://proxy:port" 4. When virt-who run at hyperv mode, it can not connect hyperv through "http_proxy=https://proxy:port" or "https_proxy=[https/https]://proxy:port" Failed result: 1. When virt-who run at rhevm mode or esx mode, it can connect rhevm and vcenter through "https_proxy=http://proxy:port" It looks like that the http(s):// in the proxy configuration doesn't matter and it still communicates with the proxy the same way. Is this agreeable? I think so. It seems https_proxy=http(s):// in the proxy configuration can communicate with proxy normally when virt-who connect rhevm and vcenter through proxy. However, it can't work http_proxy=https:// when virt-who connect hyperv through proxy, virt-who only support http_proxy= http://. For me using http_proxy=https:// in hyperv mode works. It might be affected by squid setting, I have following in my squid.conf: acl SSL_ports port 5985 acl Safe_ports port 5985 Verified it on virt-who-0.14-9.el7 since virt-who can connect hyperv through proxy with config http_proxy=[http/https]:// after setting "acl SSL_ports port 5985" and "acl Safe_ports port 5985" in squid. Therefore, verify it. Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://rhn.redhat.com/errata/RHBA-2015-2370.html |