On Mon, Jan 30, 2012 at 07:39:06AM -0500, Andrew Cathrow wrote:
----- Original Message -----
> From: "Dan Kenigsberg" <danken(a)redhat.com>
> To: "Ofer Schreiber" <oschreib(a)redhat.com>, "Andrew
Cathrow" <acathrow(a)redhat.com>
> Cc: engine-devel(a)ovirt.org, dougsland(a)redhat.com
> Sent: Monday, January 30, 2012 6:58:07 AM
> Subject: [Engine-devel] New oVirt-engine RPMs available - Release Candidates
>
> <snip>
>
> >
> > 4) VDS Bootstrap
> >
> > If you check the box for iptables then it breaks the system with
> > an invalid rule
> >
> > Looking at the error from my system
> > "Jan 29 21:38:50 host1 iptables.init[1637]: iptables: Applying
> > firewall rules: iptables-restore v1.4.12: physdev: option
> > "--physdev-is-bridged" cannot be inverted."
> >
> > The problem is that we are using
> > "-A FORWARD -m physdev ! --physdev-is-bridged -j REJECT
> > --reject-with icmp-host-prohibited"
> >
> > -vs-
> >
> > "-I FORWARD -m physdev --physdev-is-bridged -j ACCEPT"
> >
> >
> > On the point of iptables, why do we open libvirt tls port and the
> > snmp port.
>
> This as these iptables rules are kept within Engine, I'll keep that
> question for them.
>
> >
> > After I fixed iptables I still had a problem, the host was showing
> > as non-operational with the error message "NETWORK_UNREACHABLE"
> > (there's a literal missing there)
> >
> > Looking at the host it appears that the management bridge wasn't
> > created.
> >
> > The bootstrap log is attached. It shows the operation failing but
> > still marked the bootstrap as successful.
> > (also in the log we have rhn/satellite references that need to be
> > removed)
> >
> > I've not looked at the reason for the failure yet, but an empty
> > line at the end of my ifcfg-em1 file looks suspicious.
>
> You are correct (too bad I've noticed your suspicion only after
> reading
> the log)
>
> > Sun, 29 Jan 2012 21:30:05 DEBUG makeBridge found the following
> > bridge paramaters: ['ONBOOT=yes', 'BOOTPROTO=none',
> > 'IPADDR=172.16.31.230', 'DNS1=172.16.31.4',
'NM_CONTROLLED=no',
> > 'NETMASK=255.255.255.0', 'DNS2=172.16.31.1',
> > 'GATEWAY=172.16.31.1', '']
> > Sun, 29 Jan 2012 21:30:05 DEBUG ['/usr/share/vdsm/addNetwork',
> > 'ovirtmgmt', '', '', 'em1',
'ONBOOT=yes', 'BOOTPROTO=none',
> > 'IPADDR=172.16.31.230', 'DNS1=172.16.31.4',
'NM_CONTROLLED=no',
> > 'NETMASK=255.255.255.0', 'DNS2=172.16.31.1',
> > 'GATEWAY=172.16.31.1', '', 'blockingdhcp=true',
> > 'skipLibvirt=True']
> > Sun, 29 Jan 2012 21:30:05 DEBUG
> > Sun, 29 Jan 2012 21:30:05 DEBUG Traceback (most recent call
> > last):
> > File "/usr/lib64/python2.7/runpy.py", line 162, in
> > _run_module_as_main
> > "__main__", fname, loader, pkg_name)
> > File "/usr/lib64/python2.7/runpy.py", line 72, in _run_code
> > exec code in run_globals
> > File "/usr/share/vdsm/configNetwork.py", line 924, in
<module>
> > main()
> > File "/usr/share/vdsm/configNetwork.py", line 890, in main
> > kwargs = _parseKwargs(sys.argv[3:])
> > File "/usr/share/vdsm/configNetwork.py", line 876, in
> > _parseKwargs
> > return dict(arg.split('=', 1) for arg in args)
> > ValueError: dictionary update sequence element #11 has length 1; 2
> > is required
>
> addNetwork script breaks down in tears if it sees the empty arg '',
> which is passed to it by makeBridge. makeBridge should become more
> robust - but until then, please del lines with no key=value form from
> ifcfg.
Yeah, I did that to work around it, funnily enough vdsm adds emtpy lines when it makes
it's config file!
I'm not laughing.