From 452362f2b5155ab63b864c9c42c7a999b698df0d Mon Sep 17 00:00:00 2001 From: Salvatore Orlando Date: Wed, 31 Mar 2021 10:06:58 -0700 Subject: [PATCH] V2T migration: ensure dvs.ca_file is set for admin shell Ensure the the ca_file value for validating vCenter server certificate is alway set when running V2T pre-migration validation. The ca_file parameter is set to a particular default value as it would otherwise default to None Change-Id: I5b640e47c644dc5c5352b3c7ef80bbb1a7470d34 --- .../shell/admin/plugins/nsxv/resources/migration.py | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/vmware_nsx/shell/admin/plugins/nsxv/resources/migration.py b/vmware_nsx/shell/admin/plugins/nsxv/resources/migration.py index 934c72f0d4..f4285ae803 100644 --- a/vmware_nsx/shell/admin/plugins/nsxv/resources/migration.py +++ b/vmware_nsx/shell/admin/plugins/nsxv/resources/migration.py @@ -517,7 +517,6 @@ def _validate_config(): @admin_utils.output_header def validate_config_for_migration(resource, event, trigger, **kwargs): """Validate the nsxv configuration before migration to nsx-t""" - # Read the command line parameters transit_networks = ["100.64.0.0/16"] strict = False @@ -531,6 +530,13 @@ def validate_config_for_migration(resource, event, trigger, **kwargs): strict = bool(properties.get('strict', 'false').lower() == 'true') out_file = properties.get('summary-file-name') + # Ensure ca_file in DVS section is always set otherwise secure connection + # to vcenter will fail + if not cfg.CONF.dvs.ca_file: + ca_file_default = "/etc/ssl/certs/vcenter.pem" + LOG.info("ca_file for vCenter unset, defaulting to: %s", + ca_file_default) + cfg.CONF.set_override('ca_file', ca_file_default, 'dvs') LOG.info("Running migration config validation in %sstrict mode", '' if strict else 'non-')