<html>
<head>
<meta content="text/html; charset=ISO-8859-1"
http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<div class="moz-cite-prefix">Gianluca,<br>
<br>
I can't grok all that you are asking but, here is the golden rule
for oVirt NFS domains:<br>
- You can export whatever you want from wherever you want so long
as it is writable by UID=36 and GID=36 from an NFS 3/4 client.
When in doubt test it by mounting from the Node and trying to
create a file as user vdsm.<br>
<br>
Here is my specific setup (notice that I don't pin a protocol
version)<br>
### /etc/exports<br>
> cat /etc/exports<br>
/virt/isodomain 127.0.0.1(rw,sync)<br>
<br>
I could have also done (and I highly recommend this when your
storage *isn't* on oVirt Engine):<br>
/virt/isodomain 127.0.0.1(rw,sync,anonuid=<some
local UID that has write permissions to
/virt/isodomain>,anongid=<some local GID that has write
permissions to /virt/isodomain>)<br>
<br>
### IPtables:<br>
-A RH-Firewall-1-INPUT -m state --state NEW -p tcp --dport 111 -j
ACCEPT<br>
-A RH-Firewall-1-INPUT -m state --state NEW -p udp --dport 892 -j
ACCEPT<br>
-A RH-Firewall-1-INPUT -m state --state NEW -p tcp --dport 892 -j
ACCEPT<br>
-A RH-Firewall-1-INPUT -m state --state NEW -p udp --dport 875 -j
ACCEPT<br>
-A RH-Firewall-1-INPUT -m state --state NEW -p tcp --dport 875 -j
ACCEPT<br>
-A RH-Firewall-1-INPUT -m state --state NEW -p udp --dport 662 -j
ACCEPT<br>
-A RH-Firewall-1-INPUT -m state --state NEW -p tcp --dport 662 -j
ACCEPT<br>
-A RH-Firewall-1-INPUT -m state --state NEW -p tcp --dport 2049 -j
ACCEPT<br>
-A RH-Firewall-1-INPUT -m state --state NEW -p tcp --dport 32803
-j ACCEPT<br>
-A RH-Firewall-1-INPUT -m state --state NEW -p udp --dport 32769
-j ACCEPT<br>
<br>
<br>
Cheers,<br>
Keith<br>
<br>
On 01/16/2013 09:57 AM, Gianluca Cecchi wrote:<br>
</div>
<blockquote
cite="mid:CAG2kNCwmO42A2ZpR-kMf8gtyU6hDFD5LAZW9ZZEeYiB8aeoOFg@mail.gmail.com"
type="cite">
<div dir="ltr">
<div style="">Hello,</div>
<div style="">what should it be in 3.2 the version of NFS
default ISO created on engine?</div>
<div style="">Can I change it afterwards</div>
During engine setup I was only requested if I wanted it or not:
<div>
<br>
<div>(f18 with ovirt-nightly repo and
3.2.0-1.20130113.gitc954518)<br>
<div>
<div>Configure NFS share on this server to be used as an
ISO Domain? ['yes'| 'no'] [yes] : </div>
<div>Local ISO domain path [/var/lib/exports/iso] : /ISO</div>
</div>
<div><br>
</div>
<div style="">ok</div>
<div style=""><br>
</div>
<div style="">Current situation on engine regarding iptables</div>
<div>
<div><br>
</div>
<div>[root@f18engine ~]# iptables -L -n</div>
<div>Chain INPUT (policy ACCEPT)</div>
<div>target prot opt source destination
</div>
<div>ACCEPT all -- <a moz-do-not-send="true"
href="http://0.0.0.0/0">0.0.0.0/0</a> <a
moz-do-not-send="true" href="http://0.0.0.0/0">0.0.0.0/0</a>
</div>
<div>ACCEPT icmp -- <a moz-do-not-send="true"
href="http://0.0.0.0/0">0.0.0.0/0</a> <a
moz-do-not-send="true" href="http://0.0.0.0/0">0.0.0.0/0</a>
icmptype 255</div>
<div>ACCEPT all -- <a moz-do-not-send="true"
href="http://0.0.0.0/0">0.0.0.0/0</a> <a
moz-do-not-send="true" href="http://0.0.0.0/0">0.0.0.0/0</a>
ctstate RELATED,ESTABLISHED</div>
<div>ACCEPT tcp -- <a moz-do-not-send="true"
href="http://0.0.0.0/0">0.0.0.0/0</a> <a
moz-do-not-send="true" href="http://0.0.0.0/0">0.0.0.0/0</a>
ctstate NEW tcp dpt:22</div>
<div>ACCEPT tcp -- <a moz-do-not-send="true"
href="http://0.0.0.0/0">0.0.0.0/0</a> <a
moz-do-not-send="true" href="http://0.0.0.0/0">0.0.0.0/0</a>
ctstate NEW tcp dpt:80</div>
<div>ACCEPT tcp -- <a moz-do-not-send="true"
href="http://0.0.0.0/0">0.0.0.0/0</a> <a
moz-do-not-send="true" href="http://0.0.0.0/0">0.0.0.0/0</a>
ctstate NEW tcp dpt:443</div>
<div>ACCEPT udp -- <a moz-do-not-send="true"
href="http://0.0.0.0/0">0.0.0.0/0</a> <a
moz-do-not-send="true" href="http://0.0.0.0/0">0.0.0.0/0</a>
ctstate NEW udp dpt:111</div>
<div>ACCEPT tcp -- <a moz-do-not-send="true"
href="http://0.0.0.0/0">0.0.0.0/0</a> <a
moz-do-not-send="true" href="http://0.0.0.0/0">0.0.0.0/0</a>
ctstate NEW tcp dpt:111</div>
<div>ACCEPT udp -- <a moz-do-not-send="true"
href="http://0.0.0.0/0">0.0.0.0/0</a> <a
moz-do-not-send="true" href="http://0.0.0.0/0">0.0.0.0/0</a>
ctstate NEW udp dpt:892</div>
<div>ACCEPT tcp -- <a moz-do-not-send="true"
href="http://0.0.0.0/0">0.0.0.0/0</a> <a
moz-do-not-send="true" href="http://0.0.0.0/0">0.0.0.0/0</a>
ctstate NEW tcp dpt:892</div>
<div>ACCEPT udp -- <a moz-do-not-send="true"
href="http://0.0.0.0/0">0.0.0.0/0</a> <a
moz-do-not-send="true" href="http://0.0.0.0/0">0.0.0.0/0</a>
ctstate NEW udp dpt:875</div>
<div>ACCEPT tcp -- <a moz-do-not-send="true"
href="http://0.0.0.0/0">0.0.0.0/0</a> <a
moz-do-not-send="true" href="http://0.0.0.0/0">0.0.0.0/0</a>
ctstate NEW tcp dpt:875</div>
<div>ACCEPT udp -- <a moz-do-not-send="true"
href="http://0.0.0.0/0">0.0.0.0/0</a> <a
moz-do-not-send="true" href="http://0.0.0.0/0">0.0.0.0/0</a>
ctstate NEW udp dpt:662</div>
<div>ACCEPT tcp -- <a moz-do-not-send="true"
href="http://0.0.0.0/0">0.0.0.0/0</a> <a
moz-do-not-send="true" href="http://0.0.0.0/0">0.0.0.0/0</a>
ctstate NEW tcp dpt:662</div>
<div>ACCEPT tcp -- <a moz-do-not-send="true"
href="http://0.0.0.0/0">0.0.0.0/0</a> <a
moz-do-not-send="true" href="http://0.0.0.0/0">0.0.0.0/0</a>
ctstate NEW tcp dpt:2049</div>
<div>ACCEPT tcp -- <a moz-do-not-send="true"
href="http://0.0.0.0/0">0.0.0.0/0</a> <a
moz-do-not-send="true" href="http://0.0.0.0/0">0.0.0.0/0</a>
ctstate NEW tcp dpt:32803</div>
<div>ACCEPT udp -- <a moz-do-not-send="true"
href="http://0.0.0.0/0">0.0.0.0/0</a> <a
moz-do-not-send="true" href="http://0.0.0.0/0">0.0.0.0/0</a>
ctstate NEW udp dpt:32769</div>
<div>REJECT all -- <a moz-do-not-send="true"
href="http://0.0.0.0/0">0.0.0.0/0</a> <a
moz-do-not-send="true" href="http://0.0.0.0/0">0.0.0.0/0</a>
reject-with icmp-host-prohibited</div>
<div><br>
</div>
<div>Chain FORWARD (policy ACCEPT)</div>
<div>target prot opt source destination
</div>
<div><br>
</div>
<div>Chain OUTPUT (policy ACCEPT)</div>
<div>target prot opt source destination
</div>
<div><br>
</div>
<div><br>
</div>
<div style="">ANd regarding nfs:</div>
<div>[root@f18engine ~]# ps -ef|grep [n]fs</div>
<div>root 1134 2 0 Jan15 ? 00:00:00
[nfsd4]</div>
<div>root 1135 2 0 Jan15 ? 00:00:00
[nfsd4_callbacks]</div>
<div>root 1136 2 0 Jan15 ? 00:00:00
[nfsd]</div>
<div>root 1137 2 0 Jan15 ? 00:00:00
[nfsd]</div>
<div>root 1138 2 0 Jan15 ? 00:00:00
[nfsd]</div>
<div>root 1139 2 0 Jan15 ? 00:00:00
[nfsd]</div>
<div>root 1140 2 0 Jan15 ? 00:00:00
[nfsd]</div>
<div>root 1141 2 0 Jan15 ? 00:00:00
[nfsd]</div>
<div>root 1142 2 0 Jan15 ? 00:00:00
[nfsd]</div>
<div>root 1143 2 0 Jan15 ? 00:00:00
[nfsd]</div>
<div><br>
</div>
<div>[root@f18engine ~]# systemctl status rpcbind.service</div>
<div>rpcbind.service - RPC bind service</div>
<div><span class="" style="white-space:pre"> </span>
Loaded: loaded
(/usr/lib/systemd/system/rpcbind.service; enabled)</div>
<div><span class="" style="white-space:pre"> </span>
Active: active (running) since Tue, 2013-01-15 13:38:46
CET; 1 day and 2h ago</div>
<div><span class="" style="white-space:pre"> </span>
Process: 1098 ExecStart=/sbin/rpcbind -w ${RPCBIND_ARGS}
(code=exited, status=0/SUCCESS)</div>
<div><span class="" style="white-space:pre"> </span>Main
PID: 1128 (rpcbind)</div>
<div><span class="" style="white-space:pre"> </span>
CGroup: name=systemd:/system/rpcbind.service</div>
<div><span class="" style="white-space:pre"> </span> └
1128 /sbin/rpcbind -w</div>
<div><br>
</div>
<div>Jan 15 13:38:46 <a moz-do-not-send="true"
href="http://f18engine.ceda.polimi.it">f18engine.ceda.polimi.it</a>
systemd[1]: Started RPC bind service.</div>
<div><br>
</div>
<div style="">When host tries to attach ISO it fails</div>
<div style="">
host is f18 with ovirt-nightly and </div>
<div style="">vdsm-4.10.3-0.78.gitb005b54.fc18.x86_64<br>
</div>
<div style=""><br>
</div>
<div style="">I noticed </div>
<div>[root@f18ovn03 ]# ps -ef|grep mount</div>
<div>root 1692 1 0 14:39 ? 00:00:00
/usr/sbin/rpc.mountd</div>
<div>root 6616 2334 0 15:17 ? 00:00:00
/usr/bin/sudo -n /usr/bin/mount -t nfs -o
soft,nosharecache,timeo=600,retrans=6,nfsvers=3
f18engine:/ISO /rhev/data-center/mnt/f18engine:_ISO</div>
<div>root 6617 6616 0 15:17 ? 00:00:00
/usr/bin/mount -t nfs -o
soft,nosharecache,timeo=600,retrans=6,nfsvers=3
f18engine:/ISO /rhev/data-center/mnt/f18engine:_ISO</div>
<div>root 6618 6617 0 15:17 ? 00:00:00
/sbin/mount.nfs f18engine:/ISO
/rhev/data-center/mnt/f18engine:_ISO -o
rw,soft,nosharecache,timeo=600,retrans=6,nfsvers=3</div>
<div>root 6687 4147 0 15:17 pts/0 00:00:00 grep
--color=auto mount</div>
<div><br>
</div>
<div>The problem here is option <br>
</div>
<div>nfsvers=3</div>
<div><br>
</div>
<div style="">in fact if I manually run on node</div>
<div style=""><br>
</div>
<div>[root@f18ovn03 ]# mount -t nfs -o nfsvers=4
f18engine:/ISO /p</div>
<div>--> OK</div>
<div><br>
</div>
<div>and</div>
<div>[root@f18ovn03 ]# mount</div>
<div>...</div>
<div>f18engine:/ISO on /p type nfs4
(rw,relatime,vers=4.0,rsize=524288,wsize=524288,namlen=255,hard,proto=tcp,port=0,timeo=600,retrans=2,sec=sys,clientaddr=10.4.4.59,local_lock=none,addr=10.4.4.60)</div>
<div><br>
</div>
<div style="">while</div>
<div># mount -t nfs -o nfsvers=3 f18engine:/ISO /p</div>
<div>--> KO </div>
<div>stalled</div>
<div><br>
</div>
<div style="">What should I change, engine or host or
both?</div>
<div style="">
<br>
</div>
</div>
</div>
</div>
<div style="">Thanks in advance,</div>
<div style="">Gianluca</div>
</div>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<br>
<pre wrap="">_______________________________________________
Users mailing list
<a class="moz-txt-link-abbreviated" href="mailto:Users@ovirt.org">Users@ovirt.org</a>
<a class="moz-txt-link-freetext" href="http://lists.ovirt.org/mailman/listinfo/users">http://lists.ovirt.org/mailman/listinfo/users</a>
</pre>
</blockquote>
<br>
</body>
</html>