1525242 – [RHV] Template Seal option, chosen as part of Publish VM to a template dialog is not working.

Bug 1525242 - [RHV] Template Seal option, chosen as part of Publish VM to a template dialog is not working.

Summary: [RHV] Template Seal option, chosen as part of Publish VM to a template dialog...

Keywords:
Status:	CLOSED CURRENTRELEASE
Alias:	None
Product:	Red Hat CloudForms Management Engine
Classification:	Red Hat
Component:	Providers
Sub Component:
Version:	5.9.0
Hardware:	Unspecified
OS:	Unspecified
Priority:	high
Severity:	high
Target Milestone:	GA
Target Release:	5.9.0
Assignee:	Moti Asayag
QA Contact:	Ilanit Stein
Docs Contact:
URL:
Whiteboard:	rhev
Depends On:	1514895 1516689 1530223
Blocks:
TreeView+	depends on / blocked

Reported:	2017-12-12 21:26 UTC by Satoe Imaishi
Modified:	2018-03-12 12:26 UTC (History)
CC List:	10 users (show)
Fixed In Version:	5.9.0.13
Doc Type:	Release Note
Doc Text:	Release Note contents: This feature works only with RHV 4.1.10 and higher. Doc contents: Feature: Support 'Seal template' as part of 'publish vm' flow. Reason: Allowing the user to decide if the created template should be sealed. Taken from RHV admin guide: " Specifies whether a template is sealed. 'Sealing' is an operation that erases all machine-specific configurations from a filesystem, including SSH keys, UDEV rules, MAC addresses, system ID, and hostname. This setting prevents a virtual machine based on this template from inheriting the configuration of the source virtual machine." Result: The user will be able to check or uncheck a checkbox that will instruct how the template should be created. This feature is applicable for Linux vms only.
Clone Of:	1514895
Environment:
Last Closed:	2018-03-06 15:26:21 UTC
Category:	---
Cloudforms Team:	RHEVM
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Github	ManageIQ manageiq-providers-ovirt pull 167	0	None	closed	Fix Seal option of publish VM	2020-07-22 15:35:46 UTC

Comment 2 Ilanit Stein 2018-01-01 06:34:14 UTC

* On CFME-5.9.0.14,
1. On CFME Publish a RHEL VM (with /root/.ssh/known_hosts, that has content),
to a template, with choosing seal template.
2. On RHV side, create a VM from this published template:
File /root/.ssh/known_hosts exist,
with same content as in the original RHEL VM.

Moti,
Would you please check?

thanks.

Comment 3 Ilanit Stein 2018-01-01 06:39:46 UTC

Info on the seal template choice from evm.log:

[----] I, [2018-01-01T01:21:39.215372 #11892:d59134]  INFO -- : Q-task_id([miq_provision_10]) MIQ(ManageIQ::Providers::Redhat::InfraManager::Provision#log_clone_options) Prov Options:  [:seal_template][0](TrueClass) = true
[----] I, [2018-01-01T01:21:39.215498 #11892:d59134]  INFO -- : Q-task_id([miq_provision_10]) MIQ(ManageIQ::Providers::Redhat::InfraManager::Provision#log_clone_options) Prov Options:  [:seal_template][1](Fixnum) = 1

Comment 4 Moti Asayag 2018-01-01 15:34:01 UTC

(In reply to Ilanit Stein from comment #3)
> Info on the seal template choice from evm.log:
> 
> [----] I, [2018-01-01T01:21:39.215372 #11892:d59134]  INFO -- :
> Q-task_id([miq_provision_10])
> MIQ(ManageIQ::Providers::Redhat::InfraManager::Provision#log_clone_options)
> Prov Options:  [:seal_template][0](TrueClass) = true
> [----] I, [2018-01-01T01:21:39.215498 #11892:d59134]  INFO -- :
> Q-task_id([miq_provision_10])
> MIQ(ManageIQ::Providers::Redhat::InfraManager::Provision#log_clone_options)
> Prov Options:  [:seal_template][1](Fixnum) = 1

I tested it against ovirt-engine-4.2.0 and the sealed template was created successfully.

However, I tested just the creation of template via rest-client against ovirt-engine-4.1.8 and the sealing option wasn't triggered. Therefore this bug should be moved to ovirt-engine restapi or virt for further analyzing why that option isn't working anymore.

I sent via POST to the following url:
https://istein-rhv40.scl.lab.tlv.redhat.com/ovirt-engine/api/templates?seal=true

this body:
<template>
  <name>mysealedtemplate</name>
  <vm>
    <name>rhel_pass</name>
  </vm>
</template>

Comment 5 Ilanit Stein 2018-01-02 10:13:07 UTC

Filed Bug 1530223 for ovirt-engine virt.

When Bug 1530223 will be resolved, this BZ can be verified on RHV-4.1.

Comment 6 Ilanit Stein 2018-02-15 09:11:36 UTC

Moving bug to ON_DEV since it depends on RHV bug 1530223, and this cannot be verified.

Comment 8 Martin Perina 2018-02-27 08:57:02 UTC

Retargeting back to 5.9.0 as according to Ilanit this was successfully verified with RHV 4.1.10. But we should have in release notes that this RFE requires RHV 4.1.10 and higher to work properly (with RHV 4.1.9 and earlier the feature doesn't work)

John, do we need some changes in 5.9.0 errata around this bug?

Comment 9 Ilanit Stein 2018-02-27 16:22:52 UTC

Verified on CFME-5.9.0.22 (latest) / RHV-4.1.10-0.1.el7.

1. From CFME, make template from an original RHEL VM, that contain /root/.ssh/known_hosts file,
with seal template option.

2. Create a VM from this template:  /root/.ssh/known_hosts exists.

Note You need to log in before you can comment on or make changes to this bug.