Bug 1317372
Summary: | [RHEVH7.2] Virt-who can't work at vdsm mode as "SSLError: sslv3 alert handshake failure" | |||
---|---|---|---|---|
Product: | Red Hat Enterprise Linux 7 | Reporter: | Liushihui <shihliu> | |
Component: | virt-who | Assignee: | Radek Novacek <rnovacek> | |
Status: | CLOSED ERRATA | QA Contact: | Eko <hsun> | |
Severity: | urgent | Docs Contact: | ||
Priority: | urgent | |||
Version: | 7.2 | CC: | cshao, cww, dougsland, fdeutsch, jentrena, leiwang, mkalyat, ovasik, rbarry, rgroten, sgao, xdmoon, ycui | |
Target Milestone: | rc | Keywords: | ZStream | |
Target Release: | --- | |||
Hardware: | x86_64 | |||
OS: | All | |||
Whiteboard: | ||||
Fixed In Version: | virt-who-0.17-1.el7 | Doc Type: | No Doc Update | |
Doc Text: | Story Points: | --- | ||
Clone Of: | ||||
: | 1337819 (view as bug list) | Environment: | ||
Last Closed: | 2016-11-04 05:08:23 UTC | Type: | Bug | |
Regression: | --- | Mount Type: | --- | |
Documentation: | --- | CRM: | ||
Verified Versions: | Category: | --- | ||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | ||
Cloudforms Team: | --- | Target Upstream Version: | ||
Embargoed: | ||||
Bug Depends On: | ||||
Bug Blocks: | 1172230, 1203710, 1254282, 1337819 |
Description
Liushihui
2016-03-14 06:54:02 UTC
virt-who tries to use SSLv3 which is now disabled. This issue is now addressed upstream: https://github.com/virt-who/virt-who/commit/b5673a4121d30887464723bc65574d494b82756a It will be fixed in RHEL-7.3. virt-who will be rebased to latest upstream version that contains fix for this issue. This bug can be reproduced in rhev-hypervisor7-ng-3.6-20160506.0 build ----------log------------------- # virt-who --vdsm -d -o 2016-05-11 22:26:31,567 INFO: Using configuration "env/cmdline" ("vdsm" mode) 2016-05-11 22:26:31,654 ERROR: Virt backend 'env/cmdline' fails with exception: Traceback (most recent call last): File "/usr/share/virt-who/virt/virt.py", line 301, in run self._run() File "/usr/share/virt-who/virt/virt.py", line 332, in _run report = self._get_report() File "/usr/share/virt-who/virt/virt.py", line 276, in _get_report return DomainListReport(self.config, self.listDomains()) File "/usr/share/virt-who/virt/vdsm/vdsm.py", line 123, in listDomains response = self.server.list(True) File "/usr/lib64/python2.7/xmlrpclib.py", line 1233, in __call__ return self.__send(self.__name, args) File "/usr/lib64/python2.7/xmlrpclib.py", line 1587, in __request verbose=self.__verbose File "/usr/lib64/python2.7/site-packages/M2Crypto/m2xmlrpclib.py", line 49, in request h.endheaders() File "/usr/lib64/python2.7/httplib.py", line 975, in endheaders self._send_output(message_body) File "/usr/lib64/python2.7/httplib.py", line 835, in _send_output self.send(msg) File "/usr/lib64/python2.7/httplib.py", line 797, in send self.connect() File "/usr/lib64/python2.7/site-packages/M2Crypto/httpslib.py", line 58, in connect sock.connect((self.host, self.port)) File "/usr/lib64/python2.7/site-packages/M2Crypto/SSL/Connection.py", line 185, in connect ret = self.connect_ssl() File "/usr/lib64/python2.7/site-packages/M2Crypto/SSL/Connection.py", line 178, in connect_ssl return m2.ssl_connect(self.ssl, self._timeout) SSLError: sslv3 alert handshake failure Mithun, if the customer wants the fix earlier than in 7.3, feel free to propose this bug for z-stream fix. Since this bug is blocker for RHEV 3.6 and RHEV 4.0, how can we deliver the fix? This bug is not approved for fixing in RHEL-7.2 (yet?). Is there some process to fix it only for RHEV? Fixed in virt-who-0.17-1.el7. Verified with virt-who-0.14-9.el7_2.1, # rpm -Uvh virt-who-0.14-9.el7_2.1.noarch.rpm Preparing... ################################# [100%] Updating / installing... 1:virt-who-0.14-9.el7_2.1 ################################# [ 50%] Cleaning up / removing... 2:virt-who-0.14-9.el7 ################################# [100%] # virt-who --vdsm -d 2016-06-13 00:51:07,516 INFO: Using configuration "env/cmdline" ("vdsm" mode) 2016-06-13 00:51:07,516 DEBUG: Starting infinite loop with 3600 seconds interval 2016-06-13 00:51:07,609 DEBUG: Authenticating with certificate: /etc/pki/consumer/cert.pem 2016-06-13 00:51:07,828 INFO: Sending domain info: [] 2016-06-13 00:51:09,411 INFO: virt-who guest list update successful ^C2016-06-13 00:51:13,683 DEBUG: virt-who shut down started Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://rhn.redhat.com/errata/RHBA-2016-2387.html |