Bug 720942 - make bootstrap/vdsm-reg use of defaults coherent
make bootstrap/vdsm-reg use of defaults coherent
Product: oVirt
Classification: Community
Component: vdsm (Show other bugs)
Unspecified Unspecified
unspecified Severity medium
: ---
: ---
Assigned To: Barak
: CodeChange, Reopened
Depends On:
  Show dependency treegraph
Reported: 2011-07-13 06:08 EDT by Ilanit Stein
Modified: 2013-01-31 04:28 EST (History)
10 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2013-01-30 17:50:38 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Ilanit Stein 2011-07-13 06:08:26 EDT
Description of problem:

Install host RHEL5.7, in ic129 setup (3.0), fail on new certificate install,
looking for non existing '/etc/pki/vdsm/certs/vdsmcert.pem' file.    

bootstrap log:
[root@blue-vdsa tmp]# cat vds_bootstrap_complete.20110713_121536.log
2011-07-13 12:15:36,276 DEBUG    deployUtil 1046 instCert: start. num=12651c15-d08c-4b0a-b86b-96d0d43c4192
2011-07-13 12:15:36,278 DEBUG    deployUtil 1057 instCert: try to delete old certificates
2011-07-13 12:15:36,278 DEBUG    deployUtil 1060 instCert: install new certificates
2011-07-13 12:15:36,278 DEBUG    deployUtil 1095 instCert: failed.
Traceback (most recent call last):
  File "/tmp/deployUtil.py", line 1062, in instCert
    shutil.copy(cert_pemfile, VDSMCERT)
  File "/usr/lib64/python2.4/shutil.py", line 81, in copy
    copyfile(src, dst)
  File "/usr/lib64/python2.4/shutil.py", line 48, in copyfile
    fdst = open(dst, 'wb')
IOError: [Errno 2] No such file or directory: '/etc/pki/vdsm/certs/vdsmcert.pem'
2011-07-13 12:15:36,292 DEBUG    deployUtil 87 ['/sbin/service', 'vdsmd', 'reconfigure']
2011-07-13 12:15:36,327 DEBUG    deployUtil 91 Usage: /etc/init.d/vdsmd {start|stop|status|restart|reload|force-reload|try-restart}

2011-07-13 12:15:36,327 DEBUG    deployUtil 92 
2011-07-13 12:15:36,327 DEBUG    deployUtil 87 ['/sbin/reboot']
2011-07-13 12:15:36,681 DEBUG    deployUtil 91 
2011-07-13 12:15:36,682 DEBUG    deployUtil 92 

Host version details:
Taken from:

From Danken inquiry, Bug broken by:
 commit ec8aee7acabc339f0900e19fd5de4eec4ec573c6
 Author: Yotam Oron <yoron@redhat.com>
 Date:   Mon Apr 4 07:37:20 2011 +0300
     BZ#683905 - VDSM fails to start in newly installed RHEV-H
     The default path to the certificate and keys directory was wrong
     Change-Id: I16b83beedf2bccd96228c277c58551e3817fb2f6
     Reviewed-on: http://gerrit.usersys.redhat.com/219

Work around:
Under [vars] section:
Comment 2 Ilanit Stein 2011-07-13 11:47:18 EDT
Retested on ic130 - same failure.
Comment 4 Ilanit Stein 2011-07-14 05:29:42 EDT
More details:

host vdsm version:

rhevm server vdsm bootstrap version:
Comment 5 Ilanit Stein 2011-07-14 06:23:30 EDT
Removing host vdsm.conf (which has trust_store_path under comment), and rerun host installation on ic130 setup:
A new vdsm.conf created, containing:
trust_store_path = /var/vdsm/ts

and thus, host is installed successfully.
Comment 6 Yotam Oron 2011-07-14 06:48:12 EDT
When vdsm is freshly installed and /etc/vdsm/vdsm.conf doesn't exists, it writes /etc/vdsm/vdsm.conf with proper configuration (including the trust store path), otherwise the file is left untouched with all its content.
If the trust store configuration value is missing from the conf file, vdsm will fall back to its hard-coded defaults - and here is where the real MINOR bug lays - in one case there's a different defaults.
There is a bug opened on this issue (https://bugzilla.redhat.com/show_bug.cgi?id=694377), therefore I'm closing this a duplicate.

*** This bug has been marked as a duplicate of bug 694377 ***
Comment 7 Dan Kenigsberg 2011-07-14 13:08:59 EDT
On a second thought, bug 694377 is a bit too general. Let's reopen this one, so we have a specific bug for the cleanup of bootstrap config mess.
Comment 10 Itamar Heim 2013-01-30 17:50:38 EST
Closing old bugs. If this issue is still relevant/important in current version, please re-open the bug.
Comment 11 Dan Kenigsberg 2013-01-31 04:28:36 EST
I'd say that this bug has been suitably solved by otopi. at least its bootstrap part.

Note You need to log in before you can comment on or make changes to this bug.