Bug 1034679 - [hosted-engine] qemu+tls not working during deployment
Summary: [hosted-engine] qemu+tls not working during deployment
Status: CLOSED DUPLICATE of bug 1034634
Alias: None
Product: Red Hat Enterprise Virtualization Manager
Classification: Red Hat
Component: ovirt-hosted-engine-setup
Version: 3.3.0
Hardware: Unspecified
OS: Unspecified
Target Milestone: ---
: 3.3.0
Assignee: Sandro Bonazzola
QA Contact: Leonid Natapov
Whiteboard: integration
Depends On:
TreeView+ depends on / blocked
Reported: 2013-11-26 10:33 UTC by Doron Fediuck
Modified: 2013-12-09 16:19 UTC (History)
7 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Last Closed: 2013-12-09 16:19:57 UTC
oVirt Team: ---
Target Upstream Version:

Attachments (Terms of Use)

Description Doron Fediuck 2013-11-26 10:33:18 UTC
Description of problem:
During the deployment phase, a user should be able to connect to the VM console
using gnu+tls. However, certificates are missing (see bug 1034634), and after
generating it manually, still unable to connect to the console.

Version-Release number of selected component (if applicable):

How reproducible:
Try connecting: 
virsh -c qemu+tls://some-host/system console HostedEngine

Actual results:
error: unable to connect to server at 'sla-sheldon:16514': Connection refused
error: failed to connect to the hypervisor

Expected results:
Should connect to console

Additional info:
it seems that libvirt is not listening to tls:
netstat -ap --ip | grep libv
tcp        0      0 *:16509                     *:*                         LISTEN      3402/libvirtd     

libvirtd.conf updated by vdsm has:
## end of configuration section by vdsm-4.10.3

Comment 2 Yedidyah Bar David 2013-11-26 11:26:47 UTC
Doron, you probably meant "qemu+tls" and perhaps in some cases "gnutls" (no "+").

Comment 3 Doron Fediuck 2013-11-28 15:11:58 UTC
(In reply to Yedidyah Bar David from comment #2)
> Doron, you probably meant "qemu+tls" and perhaps in some cases "gnutls" (no
> "+").

Right, I was using associations...

Comment 4 Itamar Heim 2013-12-08 09:00:11 UTC
isn't this a dup of bug 1034634?

Comment 5 Sandro Bonazzola 2013-12-09 16:19:57 UTC
tls port is not listening because the required certificate is not generated by hosted-engine --deploy. It's generated later by ovirt-host-deploy when the host is added to the engine.

*** This bug has been marked as a duplicate of bug 1034634 ***

Note You need to log in before you can comment on or make changes to this bug.