Note: This is a beta release of Red Hat Bugzilla 5.0. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Also email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback here.
Bug 1034679 - [hosted-engine] qemu+tls not working during deployment
Summary: [hosted-engine] qemu+tls not working during deployment
Status: CLOSED DUPLICATE of bug 1034634
Alias: None
Product: Red Hat Enterprise Virtualization Manager
Classification: Red Hat
Component: ovirt-hosted-engine-setup
Version: 3.3.0
Hardware: Unspecified
OS: Unspecified
Target Milestone: ---
: 3.3.0
Assignee: Sandro Bonazzola
QA Contact: Leonid Natapov
Whiteboard: integration
Depends On:
TreeView+ depends on / blocked
Reported: 2013-11-26 10:33 UTC by Doron Fediuck
Modified: 2013-12-09 16:19 UTC (History)
7 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Last Closed: 2013-12-09 16:19:57 UTC
oVirt Team: ---
Target Upstream Version:

Attachments (Terms of Use)

Description Doron Fediuck 2013-11-26 10:33:18 UTC
Description of problem:
During the deployment phase, a user should be able to connect to the VM console
using gnu+tls. However, certificates are missing (see bug 1034634), and after
generating it manually, still unable to connect to the console.

Version-Release number of selected component (if applicable):

How reproducible:
Try connecting: 
virsh -c qemu+tls://some-host/system console HostedEngine

Actual results:
error: unable to connect to server at 'sla-sheldon:16514': Connection refused
error: failed to connect to the hypervisor

Expected results:
Should connect to console

Additional info:
it seems that libvirt is not listening to tls:
netstat -ap --ip | grep libv
tcp        0      0 *:16509                     *:*                         LISTEN      3402/libvirtd     

libvirtd.conf updated by vdsm has:
## end of configuration section by vdsm-4.10.3

Comment 2 Yedidyah Bar David 2013-11-26 11:26:47 UTC
Doron, you probably meant "qemu+tls" and perhaps in some cases "gnutls" (no "+").

Comment 3 Doron Fediuck 2013-11-28 15:11:58 UTC
(In reply to Yedidyah Bar David from comment #2)
> Doron, you probably meant "qemu+tls" and perhaps in some cases "gnutls" (no
> "+").

Right, I was using associations...

Comment 4 Itamar Heim 2013-12-08 09:00:11 UTC
isn't this a dup of bug 1034634?

Comment 5 Sandro Bonazzola 2013-12-09 16:19:57 UTC
tls port is not listening because the required certificate is not generated by hosted-engine --deploy. It's generated later by ovirt-host-deploy when the host is added to the engine.

*** This bug has been marked as a duplicate of bug 1034634 ***

Note You need to log in before you can comment on or make changes to this bug.