Bug 1391146
| Summary: | [User Portal] opening spice console for an AD user without GA running causes 'VmLogon: Internal Engine Error' | ||
|---|---|---|---|
| Product: | [oVirt] ovirt-engine | Reporter: | Jiri Belka <jbelka> |
| Component: | Frontend.UserPortal | Assignee: | Ravi Nori <rnori> |
| Status: | CLOSED CURRENTRELEASE | QA Contact: | Jiri Belka <jbelka> |
| Severity: | high | Docs Contact: | |
| Priority: | unspecified | ||
| Version: | 4.0.5.5 | CC: | bugs, lsvaty, mgoldboi, michal.skrivanek, mperina, rnori, tjelinek |
| Target Milestone: | ovirt-4.0.6 | Keywords: | ZStream |
| Target Release: | 4.0.6 | Flags: | rule-engine:
ovirt-4.0.z+
mgoldboi: planning_ack+ mperina: devel_ack+ lsvaty: testing_ack+ |
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | If docs needed, set a value | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2017-01-18 07:26:32 UTC | Type: | Bug |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | Infra | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
Workaround is to disable SSO on the VM: engine=# select sso_method from vms where vm_name = 'fff'; -[ RECORD 1 ]---- sso_method | none That console can be opened. FYI I could not open the console even manually in User Portal thus changing BZ subject. Ha, it opens the console now, so it had to be some race condition. Actually this shouldn't actually try to send VmLogon if there's no agent in the first place. This is quite strange here. I think it is a regression caused by https://gerrit.ovirt.org/#/c/65370/ The issue is that since the VmLogonCommand has a try-catch block around itself, the EngineError.nonresp is not propagated into the logonCommandReturnValue.getFault().getError(). Consequently, the frontend code which checks this error code in SpiceConsoleModel:225 can not catch it and can not provide a nice popup saying that the guest agent is not present. @Ravi: why have you decided to put that try-catch block around the VmLogon in https://gerrit.ovirt.org/#/c/65370/2/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/VmLogonCommand.java ? The password needed by VmLogonCommand is queries from the SSO module and the encrypted password is decrypted before invoking VmLogon vds command. There could be errors in retrieving the password from SSO as well as during decryption. The exceptions need to be handled and were improperly placed in VmLogonCommand. Pushed a patch to fix the issue. ok, ovirt-engine-backend-4.0.6-0.1.el7ev.noarch can't reproduce anymore, no 'Guest agent is not responsive' popup is visible again as well. |
Description of problem: When logging into User Portal with only running new fresh VM (just running, it has no OS, thus no GA running), auto-connect fires up and it ends in error: ~~~ Operation Canceled Error while executing action VmLogon: Internal Engine Error ~~~ It seems it does SSO as I logged in as an AD domain user. ~~~ ...2016-11-02 14:52:14,346 ERROR [org.ovirt.engine.core.vdsbroker.vdsbroker.VmLogonVDSCommand] (default task-10) [98a20a6] Command 'VmLogonVDSCommand(HostName = dell-r210ii-13, VmLogonVDSCommandParameters:{runAsync= 'true', hostId='9fa02e20-aaf9-4256-948f-07f7a079ac0e', vmId='33d37a3a-0dbb-4c25-8ae8-14d55c07614e', domain='ad-w2k8r2.example.com', password='***', userName='user1.com.com'})' execution failed: VDSGenericException: VDSErrorException: Failed to VmLogonVDS, error = Guest agent non-responsive, code = 19 2016-11-02 14:52:14,347 DEBUG [org.ovirt.engine.core.vdsbroker.vdsbroker.VmLogonVDSCommand] (default task-10) [98a20a6] Exception: org.ovirt.engine.core.vdsbroker.vdsbroker.VDSErrorException: VDSGenericException: VDSErrorException: Failed to VmLogonVDS, error = Guest agent non-responsive, code = 19 at org.ovirt.engine.core.vdsbroker.vdsbroker.VdsBrokerCommand.createDefaultConcreteException(VdsBrokerCommand.java:75) [vdsbroker.jar:] at org.ovirt.engine.core.vdsbroker.vdsbroker.BrokerCommandBase.createException(BrokerCommandBase.java:222) [vdsbroker.jar:] ... ~~~ Version-Release number of selected component (if applicable): ovirt-engine-userportal-4.0.5.5-0.1.el7ev.noarch How reproducible: 100% Steps to Reproduce: 1. new fresh VM, do not install OS, just start it 2. login to User Portal as an AD user which got this VM assigned 3. (as auto-connect is default) observe User Portal Actual results: popup with above VmLogon error Expected results: should open spice console Additional info: