Bug 1339419

Summary: Unable to connect to ESX after set "simplified_vim=false"
Product: Red Hat Enterprise Linux 7 Reporter: Liushihui <shihliu>
Component: virt-whoAssignee: Radek Novacek <rnovacek>
Status: CLOSED ERRATA QA Contact: Eko <hsun>
Severity: medium Docs Contact:
Priority: unspecified    
Version: 7.3CC: ovasik
Target Milestone: rc   
Target Release: ---   
Hardware: x86_64   
OS: Linux   
Whiteboard:
Fixed In Version: virt-who-0.17-2.el7 Doc Type: No Doc Update
Doc Text:
undefined
 Story Points: ---
Clone Of: Environment:
Last Closed: 2016-11-04 05:09:13 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Liushihui 2016-05-25 01:42:30 UTC 
Description of problem:
After set "simplified_vim=false" in /etc/virt-who.d/xxx, it will fail to connect ESX as "certificate verify failed". it can't to use server provided wsdl file.

Version-Release number of selected component (if applicable):
Satellite-6.2.0-RHEL-7-20160518
virt-who-0.17-1.el7.noarch
subscription-manager-1.17.6-1.el7.x86_64
python-rhsm-1.17.2-1.el7.x86_64

How reproducible:
Always

Steps to Reproduce:
1. Register system to satellite
2. Configure virt-who run at esx mode and use server provided wsdl file
[root@hp-dl2x170g6-01 virt-who.d]# cat /etc/virt-who.d/esx 
[test-esx1]
type=esx
server=10.73.2.95
username=Administrator
password=Welcome1!
owner=1ACME_Corporation
env=Library
simplified_vim=false
3. Restart virt-who and check virt-who's log
2016-05-24 21:35:06,626 [virtwho.test-esx1 DEBUG] Esx-1(23631):MainThread @esx.py:_prepare:127 - Log into ESX
2016-05-24 21:35:07,233 [virtwho.test-esx1 ERROR] Esx-1(23631):MainThread @esx.py:login:313 - Unable to connect to ESX
Traceback (most recent call last):
  File "/usr/lib/python2.7/site-packages/virtwho/virt/esx/esx.py", line 311, in login
    self.client = suds.client.Client(wsdl, location="%s/sdk" % self.url, **kwargs)
  File "/usr/lib/python2.7/site-packages/suds/client.py", line 112, in __init__
    self.wsdl = reader.open(url)
  File "/usr/lib/python2.7/site-packages/suds/reader.py", line 152, in open
    d = self.fn(url, self.options)
  File "/usr/lib/python2.7/site-packages/suds/wsdl.py", line 136, in __init__
    d = reader.open(url)
  File "/usr/lib/python2.7/site-packages/suds/reader.py", line 79, in open
    d = self.download(url)
  File "/usr/lib/python2.7/site-packages/suds/reader.py", line 95, in download
    fp = self.options.transport.open(Request(url))
  File "/usr/lib/python2.7/site-packages/virtwho/virt/esx/esx.py", line 86, in open
    resp = self._session.get(request.url)
  File "/usr/lib/python2.7/site-packages/requests/sessions.py", line 476, in get
    return self.request('GET', url, **kwargs)
  File "/usr/lib/python2.7/site-packages/requests/sessions.py", line 464, in request
    resp = self.send(prep, **send_kwargs)
  File "/usr/lib/python2.7/site-packages/requests/sessions.py", line 576, in send
    r = adapter.send(request, **kwargs)
  File "/usr/lib/python2.7/site-packages/requests/adapters.py", line 431, in send
    raise SSLError(e, request=request)
SSLError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:765)
2016-05-24 21:35:07,233 [virtwho.test-esx1 ERROR] Esx-1(23631):MainThread @virt.py:run:374 - Virt backend 'test-esx1' fails with error: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:765)
2016-05-24 21:35:07,233 [virtwho.test-esx1 INFO] Esx-1(23631):MainThread @virt.py:run:390 - Waiting 60 seconds before retrying backend 'test-esx1'


Actual results:
Failed to connect esx as "certificate verify failed"

Expected results:
It should get host/guest mapping info successfully after set "simplified_vim=false"

Additional info:
Comment 1 Radek Novacek 2016-05-26 08:41:19 UTC 
Fixed upstream:

https://github.com/virt-who/virt-who/commit/898f94f242737a58b4cbfe9294b1e681a57209f2
Comment 2 Radek Novacek 2016-05-31 08:54:16 UTC 
Fixed in virt-who-0.17-2.el7.
Comment 4 Liushihui 2016-06-03 06:12:20 UTC 
Verified it on virt-who-0.17-2.el7 since virt-who can get h/g mapping info after set "simplified_vim=false". Therefore, verify it.
Comment 6 errata-xmlrpc 2016-11-04 05:09:13 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://rhn.redhat.com/errata/RHBA-2016-2387.html