Hello Folks
Is the "fence_rhevm" package compatible with oVirt >4.5? We're converting our
legacy RHV cluster to a new install of oVirt latest with NFS backed storage.
Everything has been working smoothly with the exception of the RHV-M fencing
device on this newly provisioned oVirt 4.5.7 cluster with RHEL 9.4 hosts -- I
haven't been able to get authentication working between the fencing device and
the manager appliance. The same configuration is working on both the legacy RHV
4.4 cluster (RHV nodes) and a test oVirt 4.5.6 cluster (RHEL 8.9 hosts).
The primary difference that comes to mind between my test and new cluster is
that the newest one was installed with Keycloak SSO default configs while it
was disabled on the older test environment.
I suspect it has something to do with dropping basic auth?
Assuming this is the case, can Keycloak be removed without having to rebuild
the cluster? Are there any significant drawbacks to disabling it? I've found
docs for converting from AAA to Keycloak, but not the reverse.
I see on the mailing list that the `ovirt-aaa-jdbc-tool` is deprecated and that
Keycloak is strongly recommended moving forward -- is it possible to integrate
an internal Keycloak implementation with the existing "fence_rhevm" package?
The errors I'm seeing are:
401 Unauthorized
This server could not verify that you
are authorized to access the document
requested. Either you supplied the wrong
credentials (e.g., bad password), or your
browser doesn't understand how to supply
the credentials required.
I've tried every variation of the <domain> value suggested -- including
"admin@internal", "admin@ovirt@internal", "@admin@ovirt@internal-authz"
Thanks in advance,
Justin
_______________________________________________
Users mailing list -- [email protected]
To unsubscribe send an email to [email protected]
Privacy Statement: https://www.ovirt.org/privacy-policy.html
oVirt Code of Conduct:
https://www.ovirt.org/community/about/community-guidelines/
List Archives:
https://lists.ovirt.org/archives/list/[email protected]/message/BQGPHXOUFWUZW6TIZIUPY5Y64E6EXUYJ/
