Taken from the ansible-playbook log of host-0: TASK [ovirt-host-deploy-firewalld : Enable firewalld rules] ******************** failed: [lago-basic-suite-master-host-0] (item={u'service': u'glusterfs'}) => {"changed": false, "failed": true, "item": {"service": "glusterfs"}, "msg": "ERROR: Exception caught: org.fedoraproject.FirewallD1.Exception: INVALID_SERVICE: 'glusterfs' not among existing services Permanent and Non-Permanent(immediate) operation, Services are defined by port/tcp relationship and named as they are in /etc/services (on most systems)"} Shouldn't we fail the the playbook on firewall configuration failure? On Thu, Oct 19, 2017 at 12:04 PM, Martin Perina <mperina@redhat.com> wrote:
On Thu, Oct 19, 2017 at 10:58 AM, Dan Kenigsberg <danken@redhat.com> wrote:
On Thu, Oct 19, 2017 at 10:29 AM, Martin Perina <mperina@redhat.com> wrote:
On Thu, Oct 19, 2017 at 7:35 AM, Dan Kenigsberg <danken@redhat.com>
On Wed, Oct 18, 2017 at 2:40 PM, Daniel Belenky <dbelenky@redhat.com> wrote:
Hi all,
The following test is failing: 002_bootstrap.verify_add_hosts All logs from failing job Only 2 engine patches participated in the test, so the suspected
wrote: patches
are:
https://gerrit.ovirt.org/#/c/82542/2 https://gerrit.ovirt.org/#/c/82545/3
Due to the fact that when this error first introduced we had another error, the CI can't automatically detect the specific patch.
Error snippet from logs: ovirt-host-deploy-ansible log (Full log)
TASK [ovirt-host-deploy-firewalld : Enable firewalld rules] ******************** failed: [lago-basic-suite-master-host-0] (item={u'service': u'glusterfs'}) => {"changed": false, "failed": true, "item": {"service": "glusterfs"}, "msg": "ERROR: Exception caught: org.fedoraproject.FirewallD1.Exception: INVALID_SERVICE: 'glusterfs' not among existing services Permanent and Non-Permanent(immediate) operation, Services are defined by port/tcp relationship and named as they are in /etc/services (on most systems)"}
Error from HOST 0 firewalld log: lago-basic-suite-master-host-0/_var_log/firewalld/ (Full log)
2017-10-15 16:51:24 ERROR: INVALID_SERVICE: 'glusterfs' not among existing services
Ondra, would such an error propagate through the playbook to Engine and fail the add-host flow? (I think it should!)
We didn't do that so far, because of EL 7.3 . We need firewalld from 7.4 to have all available services in place (I don't remember but I think imageio service was the one delivered only in firewalld from 7.4). So up until now we ingore non-existent firewalld service, but if needed we can turn this on and fail host deploy.
Ok, so for now your "luckily" off the hook and not the reason of failure.
Do you know which package provide the glusterfs firewalld service, and
why
it is missing from the host?
So we have used 'glusterfs' firewalld service per Sahina recommendation, which is included in glusterfs-server package from version 3.7.6 [1]. But this package is not installed when installing packages for cluster with gluster capabilities enabled. So now I'm confused: don't we need glusterfs-server package? If not and we need those ports open because they are used by services from different already installed glusterfs packages, shouldn't the firewalld configuration be moved from glusterfs-server to glusterfs package?
glusterfs-cli.rpm is required to consume gluster storage (virt use case), but I don't recall that it needs open ports.
It was there even for IPTables, if gluster support is enabled on cluster, then gluster specific ports were enabled even with IPTables. FirewallD feature continues to use that.
glusterfs-server.rpm is required to provide gluster storage (gluster use case). If I recall correctly, firewalld feature has differentiated between the two; opening needed ports only when relevant.
Right, but if gluster services are configured for firewalld it means that the host has been added to the cluster with gluster feature enabled and not only virt
_______________________________________________ Devel mailing list Devel@ovirt.org http://lists.ovirt.org/mailman/listinfo/devel
-- *GAL bEN HAIM* RHV DEVOPS