Where communities thrive


  • Join over 1.5M+ people
  • Join over 100K+ communities
  • Free without limits
  • Create your own community
People
Repo info
Activity
  • Nov 20 17:29

    simaishi on kasparov-1-alpha1

    (compare)

  • Nov 13 19:27
    Fryguy unlabeled #466
  • Nov 13 19:21
    Fryguy assigned #466
  • Nov 13 19:21
    Fryguy labeled #466
  • Nov 13 19:21
    Fryguy labeled #466
  • Nov 13 19:21
    Fryguy labeled #466
  • Nov 13 19:21

    Fryguy on master

    Use :provider_embedded_ansible … Merge pull request #466 from Ni… (compare)

  • Nov 13 19:21
    Fryguy closed #466
  • Nov 13 19:20
    coveralls commented #466
  • Nov 13 19:20
    coveralls commented #466
  • Nov 13 19:15
    miq-bot commented #466
  • Nov 13 19:07
    NickLaMuro review_requested #466
  • Nov 13 19:07
    NickLaMuro review_requested #466
  • Nov 13 19:07
    NickLaMuro opened #466
  • Nov 12 15:49
    simaishi labeled #465
  • Nov 12 15:49
    simaishi labeled #465
  • Nov 12 15:49
    simaishi labeled #465
  • Nov 12 15:49
    simaishi unlabeled #465
  • Nov 12 15:49
    simaishi commented #465
  • Nov 12 15:49

    simaishi on kasparov

    Merge pull request #465 from d-… (compare)

Michael Butak
@mikebutak
oh vlan sorry
Adam Grare
@agrare
@AndreyMenezes this is rhev/ovirt I assume right?
that error is printed if we cannot find the vnic_profile on the destination cluster
Andrey Menezes
@AndreyMenezes
@agrare yes, is rhev. And I only have one Cluster and these vlans came from this Cluster
dialog_field = $evm.object

# sort_by: value / description / none
dialog_field["sort_by"] = "value"

# data_type: string / integer
dialog_field["data_type"] = "string"

# required: true / false
dialog_field["required"] = "true"

selected_cluster = $evm.root['dialog_placement_cluster_name']
cluster = $evm.vmdb(:ems_cluster).where(:id => selected_cluster).first
$evm.log(:info, "Red Hat - Cluster to provision: #{cluster.name}")

vlans = {}
vlans['!'] = '-- Select from list --'
cluster.hosts.each do |host|
  host.lans.each do |lan|
    $evm.log(:info, "Red Hat - Network Vlan to provision: #{lan.inspect}")
    vlans[lan.id] = "#{lan.name} (#{lan.switch.name})"
  end
end
From log:
[----] I, [2020-11-16T14:54:29.455066 #84529:2ada873e9374] INFO -- : <AEMethod get_vlan> Red Hat - Network Vlan to provision: #<MiqAeServiceLan:0x2ada875c5aa8 @object=#<Lan id: 1000000000002, switch_id: 1000000000002, name: "homologacao", tag: nil, created_on: "2020-08-10 19:54:47", updated_on: "2020-08-10 19:54:47", uid_ems: "d8f27d38-bc42-4afd-97dc-027f64b4d965", allow_promiscuous: nil, forged_transmits: nil, mac_changes: nil, computed_allow_promiscuous: nil, computed_forged_transmits: nil, computed_mac_changes: nil, parent_id: nil, ems_ref: nil>, @virtual_columns=["href_slug", "region_description", "region_number"], @associations=["guest_devices", "hosts", "lans", "miq_templates", "parent", "subnets", "switch", "taggings", "templates", "vms", "vms_and_templates"]>
Andrey Menezes
@AndreyMenezes
Thank's @agrare! From this code I realized that I should use uid_ems and it worked
Adam Grare
@agrare
:tada: awesome!
Peter McGowan
@pemcg
@AndreyMenezes There’s an example here of pulling out the vNIC profiles for a dynamic drop-down directly from the provider using an embedded method if it helps: https://manageiq.gitbook.io/mastering-cloudforms-automation-addendum/embedded_methods/chapter-1#invoking-the-embedded-methods
Peter McGowan
@pemcg
I think the challenge is that you can have multiple vNIC profiles per RHV network, per RHV datacenter
Andrey Menezes
@AndreyMenezes
Yes @pemcg , I'm thinking I will have to filter according to the user's choices. Thank's again
Michael Butak
@mikebutak

I am enhancing our service dialog for provisioning in Azure.

The previous developers set it up to provision to one specific subscription in Azure. (The user can select which resource group, vnet and subnet in that RG, but just one subscription is accessible).

I'm tasked with adding the ability to select other subscriptions and resource groups. What I've done:

  • added a provider to MIQ for an additional subscription in Azure under Compute-->Clouds-->Providers
  • added a drop down to the form for choosing between the two providers.
  • refactored the scripts behind the RG drop down, the vnet dropdown, and subnet drop down to all get their options from whichever subscription was chosen. Works good in the UI. I can choose whichever Subscription/provider I like.

However, despite the fact that I've chosen a new subscription and rg, etc. when I actually submit the request, the resulting vm is actually deployed in the old subscription and rg.

Fix 1: create a new service catalog item, bc the old one was built when there was only one provider and the "Request info" tab of the item doesn't appear to include the new subscription.
Resulting error in automation.log:

[----] I, [2020-11-16T20:21:50.500755 #3203:9b44944]  INFO -- : Calling Create Notification type: automate_user_error subject type: MiqRequest id: 649 options: {:message=>"VM Provision Error: [EVM] VM [deploytodevtest] Step [CheckProvisioned] Status [Error Creating VM] Message [[Azure::Armrest::ForbiddenException]: The client 'a1a1a1a1a1a1a1a1a1a1a1' with object id 'a1a1a1a1a1a1a1a1a1a1a1' has permission to perform action 'Microsoft.Network/networkInterfaces/write' on scope '/subscriptions/123456789] "}

I guess this is an Azure permissions issue, but I'm not sure what's awry. The client id in that error message doesn't match the cilent Id in the credentials I have set up with either provider.

Any guesses as to what's going wrong?

Peter McGowan
@pemcg
I’ve never tried provisioning into Azure, but generally the image or template that you pick when you setup the service catalog item determines where the resulting VM or instance is provisioned to (i.e the same provider that contains the template)
it might be easier to create 2 separate service catalog items, one for each subscription
Michael Butak
@mikebutak
Thanks Peter. The only Azure-related thing I choose when creating the Catalog Item is a drop-down for catalog item type, where I choose Azure. I don't see where I choose a template. I've inspected the Service Catalog Item, and the Service Dialog, and the class invoked at the entry point path. I don't see where any template or subscription is specified.
I must really be missing something.
this is a service dialog, not a provisioning dialog. Might that be a factor?
Michael Butak
@mikebutak

the image or template that you pick when you setup the service catalog item determines where the resulting VM or instance is provisioned to (i.e the same provider that contains the template)
@pemcg I realized you were merely talking about which image one chose when filling out the "Request Info" for a new Catalog Item.

I have tried that (creating a new Service Catalog Item) that has a service dialog designed for one subscription. I get the same error:

[----] I, [2020-11-16T20:21:50.500755 #3203:9b44944]  INFO -- : Calling Create Notification type: automate_user_error subject type: MiqRequest id: 649 options: {:message=>"VM Provision Error: [EVM] VM [deploytodevtest] Step [CheckProvisioned] Status [Error Creating VM] Message [[Azure::Armrest::ForbiddenException]: The client 'a1a1a1a1a1a1a1a1a1a1a1' with object id 'a1a1a1a1a1a1a1a1a1a1a1' has permission to perform action 'Microsoft.Network/networkInterfaces/write' on scope '/subscriptions/123456789] "}
The more I think about it, the more I think there must be a role assignment issue in Azure on that subscription.
Michael Butak
@mikebutak

DOh! Yup it was merely saying that the service principal didn't have write permission on that subscription.

MIQ can pull the resource group from Azure when it refreshes the provider, but for some reason now when I try to provision a VM to the new RG (in new subscr) I get: Step [checkprovisioned] Status [Error Creating Service] Message [[Azure::Armrest::NotFoundException]: Resource group 'usw2-sa-rg-001' could not be found.]

Michael Butak
@mikebutak
which is totally weird bc it got that resource group from Azure in the first place
Like going to a restaurant and the waiter asking if you'd like to have tapenade or escargots, and you say "tapenade please" and they say "sorry we don't offer tapenade."
Michael Butak
@mikebutak
The only thing I can think of is that it is for some reason still looking at the other subscription.
Peter McGowan
@pemcg
@mikebutak in this situation I’d probably go back to trying a fully manual provision from Compute -> Cloud -> Instances, then run a Lifecycle -> Provision Instances. Make a note of the options that are (and aren’t!) presented to you in the UI, and see if that provisions successfully. The UI normally does a pretty good job of only presenting relevant and RBAC-accessible options for the provisioning dialog.
Michael Butak
@mikebutak
I'll try that, @pemcg , thanks!
Andrey Menezes
@AndreyMenezes
Hi guys, It's possible set schedule_type, schedule_time, retirement and retirement_warn with custom dialog on services catalogs?
Captura de Tela 2020-11-18 às 12.46.37 PM.png
Michael Butak
@mikebutak

Thank you, Peter, that helped expose a new Azure error that indicated to me that a setting was missing in Azure (Resource Provider "Microsoft.Compute" needed to be registered for the subscription).

Now I'm getting a new Error that is rather mysterious:

The selected VM Size 'Standard_M208ms_v2' cannot boot Hypervisor Generation '1'. If this was a Create operation please check that the Hypervisor Generation of the Image matches the Hypervisor Generation of the selected VM Size. If this was an Update operation please select a Hypervisor Generation '1' VM Size.] encountered during phase [start_clone_task]

Per this article on a hashicorp forum, this error is solved by simply choosing gen2 skus. But it's not clear how to discern which ones are gen2. I did an inspect on the flavor object and there's no info about the generation. Has anyone run into this?

Michael Butak
@mikebutak
Does this mean I should try to only provision gen 2 vms?
Is there a way to configure miq to be able to provision gen 1 vms?
Michael Butak
@mikebutak
Ok, was getting that odd Hypervisor generation error bc I was erroneously choosing a massive VM size. Back to your last suggestion @pemcg , I can manually provision to this new subscription from the Compute-->Clouds-->Instances pane. But from the service catalog item, I cannot. I get resource group not found.
Peter McGowan
@pemcg
@mikebutak ok, so forgive my ignorance of provisioning into Azure, but from the manual provision, what resource group is used, and how is it selected (i.e. automatically, or manually from a drop-down). Conversely how is the resource group selected from the service provisioning (i.e. automatically, or manually from a dialog drop-down)?
and are you picking the same template image each time for the provision?
Peter McGowan
@pemcg
It might be worth adding a call to object_walker in the VM provision state machine somewhere before the execute stage, and then comparing the options hashes between a manually provisioned instance and a service provisoned instance. The manually provisoned instance is then your reference, you need to make the options hash from the service provision the same
(object_walker_reader -d timestamp1,timestamp2 will run a diff between 2 outputs which can be useful for this kind of thing)
Daniel Berger
@djberg96
I don't want to stifle your discussions, but we do have an azure provider channel that may be better suited for some of these questions: https://gitter.im/ManageIQ/manageiq-providers-azure
Michael Butak
@mikebutak
Aw thanks!
Oh didn't see your replies Peter, will look at that
Moving to the azure provider Channel...
Andrey Menezes
@AndreyMenezes
It's possible set schedule and retirement option with custom dialog on services catalogs as we do in native provisioning?
Andrey Menezes
@AndreyMenezes
Sorry for the excess of doubts, just one more today. I am looking to customize the service approval email with information from the dialog, is it possible? I've tried it in several ways.
Nome: ${/#miq_request.resource.dialog_vm_name}<br/>CPU: ${/#miq_request.get_options(:dialog_cores_per_socket)}<br/>Memória: ${/#miq_request.inspect} GB<br/>
Just for ${/#miq_request.inspect} I get some information, but I can't access only I want
Memória: #{"dialog_vm_name"=>"TESTE321", "dialog_placement_cluster_name"=>"1000000000001", "dialog_src_vm_id"=>"1000000000015", "dialog_cores_per_socket"=>1, "dialog_vm_memory"=>"1024", "dialog_text_box_2_1_1"=>0, "dialog_vlan"=>"3174bbef-87c1-4f46-8c78-ab2e680e5f05", "dialog_teste_ip_addr"=>"", "dialog_justification"=>"teste", "dialog_schedule_type"=>"immediately", "dialog_schedule_time"=>"2020-11-19T22:35:46Z"}, :workflow_settings=>{:resource_action_id=>1000000000884, :dialog_id=>1000000000037}, :initiator=>nil, :src_id=>1000000000038, :request_options=>{:submit_workflow=>true, :init_defaults=>false}, :cart_state=>"ordered", :requester_group=>"EvmGroup-super_administrator", :executed_on_servers=>[1000000000001]}, userid: "t003001@bnb.gov.br", source_id: 1000000000038, source_type: "ServiceTemplate", destination_id: nil, destination_type: nil, tenant_id: 1000000000001, service_order_id: 1000000000100, process: true, cancelation_status: nil>, @virtual_columns=["href_slug", "reason", "region_description", "region_number", "request_type_display", "resource_type", "stamped_on", "state", "v_allowed_tags", "v_approved_by", "v_approved_by_email", "v_workflow_class"], @associations=["approvers", "destination", "miq_approvals", "miq_request", "miq_request_tasks", "picture", "provision_dialog", "requester", "resource", "service_order", "service_template", "source", "tenant", "user", "workflow"]> GB
Peter McGowan
@pemcg
@AndreyMenezes You won't be able to modify anything to do with the service request (including scheduling or approval email) from the service provision state machine, because by the time that this is running (and processing the dialog values) the request has already been approved. I think you should be able to modify the retirement attributes after provisioning using the $evm.root['service'].retirement_warn= & $evm.root['service'].retires_on= methods
Andrey Menezes
@AndreyMenezes
Thank's @pemcg. I understand the scheduler issue, but I can't access or filter miq_request attributes to use in e-mail? Insert dialog values to e-mail body isn't possible?
Captura de Tela 2020-11-19 às 7.38.38 PM.png
Peter McGowan
@pemcg
@AndreyMenezes aah I see what you mean. Yes, you should be able to access the dialog entries. From the service approval state machine the dialog options are available as $evm.root['miq_request'].options[:dialog], so a substitution string something like ${/#miq_request.get_option(:dialog).fetch(dialog_approver_email)} should work
Andrey Menezes
@AndreyMenezes
So if I want vm_name should use ${/#miq_request.get_option(:dialog_vm_name).fetch(dialog_approver_email)} ?
Peter McGowan
@pemcg
no you’d use ${/#miq_request.get_option(:dialog).fetch(dialog_vm_name)} to get the VM name
Andrey Menezes
@AndreyMenezes
perfect, I'll try it now! Thank's a lot @pemcg
Andrey Menezes
@AndreyMenezes
It worked
Peter McGowan
@pemcg
Great!