Description of problem: Datacenters Service `list` search for 'Default' cluster returns all datacenters instead of only the datacenter with 'Default' cluster. Version-Release number of selected component (if applicable): tried both v4.3.3 and v4.4.0 How reproducible: Usage with 'ovirt_nic' Ansible module (Issue: https://github.com/ansible/ansible/issues/65190) Steps to Reproduce: 1. - ovirt_vm: auth: "{{ ovirt_auth }}" name: "testvm" state: present cluster: Default delegate_to: localhost - ovirt_nic: auth: "{{ ovirt_auth }}" vm: "testvm" name: "testif" interface: "virtio" profile: "infra-prod" network: "infra-prod" delegate_to: localhost Actual results: The 'ovirt_nic' module tries to find the 'infra-prod' network in the first datacenter item from the returned list of searched datacenters (with cluster 'Default') ``` An exception occurred during task execution. To see the full traceback, use -vvv. The error was: Exception: Network 'infra-prod' was not found in datacenter 'BA-PERF'. failed: [myvmname -> localhost] {"ansible_loop_var": "item", "changed": false, "item": [{"name": "myvmname", "profile": {"boot_devices": "hd", "cluster": "Default", "cores": 2, "disks": [{"activate": true, "bootable": true, "format": "raw", "interface": "virtio_scsi", "name": "infra_sys", "size": "50GiB", "storage_domain": "rhev_infra_data_10"}], "io_threads": 0, "memory": "4GiB", "operating_system": "rhel_7x64", "state": "running", "type": "server"}}, {"interface": "virtio", "name": "prod", "network": "infra-prod", "profile": "infra-prod"}], "msg": "Network 'infra-prod' was not found in datacenter 'BUA'."} ``` Expected results: Since cluster 'Default' only exists once, only the respective datacenter should be returned (containing also the 'infra-prod' network) -> NIC assignment should succeed. Additional info: Datacenter and Cluster setup: https://github.com/ansible/ansible/issues/65190#issuecomment-562094242 RHEV-Manager version: 4.3.4.3-0.1.el7 I tried: ``` curl -G --cacert rhev_ca.crt --user 'user@domain:password' -v "https://rhev.my/ovirt-engine/api/datacenters" --data-urlencode "search=Clusters.name=Default" ``` which yields: ``` <data_centers> <data_center href="/ovirt-engine/api/datacenters/e38c6a89-78c9-4b0a-8898-8e991f4dba87" id="e38c6a89-78c9-4b0a-8898-8e991f4dba87"> <name>SUP-INFRA</name> <description>BLANKED</description> <link href="/ovirt-engine/api/datacenters/d38c6f89-76c9-4b0a-8898-8d991f4daa87/quotas" rel="quotas"/> <link href="/ovirt-engine/api/datacenters/d38c6f89-76c9-4b0a-8898-8d991f4daa87/iscsibonds" rel="iscsibonds"/> <link href="/ovirt-engine/api/datacenters/d38c6f89-76c9-4b0a-8898-8d991f4daa87/networks" rel="networks"/> <link href="/ovirt-engine/api/datacenters/d38c6f89-76c9-4b0a-8898-8d991f4daa87/storagedomains" rel="storagedomains"/> <link href="/ovirt-engine/api/datacenters/d38c6f89-76c9-4b0a-8898-8d991f4daa87/permissions" rel="permissions"/> <link href="/ovirt-engine/api/datacenters/d38c6f89-76c9-4b0a-8898-8d991f4daa87/clusters" rel="clusters"/> <link href="/ovirt-engine/api/datacenters/d38c6f89-76c9-4b0a-8898-8d991f4daa87/qoss" rel="qoss"/> <local>false</local> <quota_mode>disabled</quota_mode> <status>up</status> <storage_format>v5</storage_format> <supported_versions> <version> <major>4</major> <minor>3</minor> </version> </supported_versions> <version> <major>4</major> <minor>3</minor> </version> <mac_pool href="/ovirt-engine/api/macpools/00000038-0038-0038-0037-0000000002d7" id="00000038-0038-0038-0037-0000000002d7"/> </data_center> </data_centers> ``` So it succeeds with the search query using curl (only returning the matching datacenter). However, using the ovirt_nic Ansible module (and in effect the ovirt-engine-sdk) returns all data centers when searching for the Default cluster as described here: https://github.com/ansible/ansible/issues/65190
I think we need to narrow down the problem some more. The following 4.4 python sdk script works for me. It prints the default datacenter as expected. So I don't think theproblem is with the search: #!/usr/bin/env python # -*- coding: utf-8 -*- import ovirtsdk4 as sdk import ovirtsdk4.types as types # Create the connection to the server: connection = sdk.Connection( url='http://localhost:8080/ovirt-engine/api', username='admin@internal', password='letmein!', debug=True, log=logging.getLogger(), ) # Get datacenters associated with 'Default' Cluster datacenters_service = connection.system_service().data_centers_service() datacenters = datacenters_service.list( search='Clusters.name=Default', case_sensitive=False, ) for datacenter in datacenters: print('%s: %s' % (datacenter.name, datacenter.id)) connection.close()
@Ori Liel, thanks for taking a look. I tried the script and it worked. Also adding the steps done in the ovirt_nic module did not change the result. It turns out that the user we've been using with the module seems to be missing some permissions. The module works correctly with a full fledged user. The permissions of the user were as follows (with 'User' set to the role as Account Type): * System -> Configure System -> Login Permissions * VM -> Basic Operations * Reboot, Stop, Shut Down and Run VM * VM -> Provisioning Operations -> Create * Disk -> Provisioning Operations * Create, Attach * Disk -> Disk Profile -> Attach Disk Profile Creating a new role with 'Admin' as Account Type and the same permissions as above the ovirt_nic module correctly executes.
Shall we close the bug then?
I suppose we can close it. I'm not sure whether perhaps there should be a warning about missing permissions? I'm still not sure what permissions exactly were missing. The module worked successfully on a RHEVM with only one Cluster and Datacenter. Problem only occured when multiple Datacenters existed.