On Thu, Oct 19, 2017 at 10:29 AM, Martin Perina <mperina@redhat.com> wrote:
>
>
> On Thu, Oct 19, 2017 at 7:35 AM, Dan Kenigsberg <danken@redhat.com> wrote:
>>
>> On Wed, Oct 18, 2017 at 2:40 PM, Daniel Belenky <dbelenky@redhat.com>
>> wrote:
>>>
>>> Hi all,
>>>
>>> The following test is failing: 002_bootstrap.verify_add_hosts
>>> All logs from failing job
>>> Only 2 engine patches participated in the test, so the suspected patches
>>> are:
>>>
>>> https://gerrit.ovirt.org/#/c/82542/2
>>> https://gerrit.ovirt.org/#/c/82545/3
>>>
>>> Due to the fact that when this error first introduced we had another
>>> error, the CI can't automatically detect the specific patch.
>>>
>>> Error snippet from logs: ovirt-host-deploy-ansible log (Full log)
>>>
>>> TASK [ovirt-host-deploy-firewalld : Enable firewalld rules]
>>> ********************
>>> failed: [lago-basic-suite-master-host-0] (item={u'service':
>>> u'glusterfs'}) => {"changed": false, "failed": true, "item": {"service":
>>> "glusterfs"}, "msg": "ERROR: Exception caught:
>>> org.fedoraproject.FirewallD1.Exception: INVALID_SERVICE: 'glusterfs' not
>>> among existing services Permanent and Non-Permanent(immediate) operation,
>>> Services are defined by port/tcp relationship and named as they are in
>>> /etc/services (on most systems)"}
>>>
>>>
>>> Error from HOST 0 firewalld log:
>>> lago-basic-suite-master-host-0/_var_log/firewalld/ (Full log)
>>>
>>> 2017-10-15 16:51:24 ERROR: INVALID_SERVICE: 'glusterfs' not among
>>> existing services
>>
>>
>> Ondra, would such an error propagate through the playbook to Engine and
>> fail the add-host flow? (I think it should!)
>
>
> We didn't do that so far, because of EL 7.3
> . We need firewalld from 7.4 to have all available services in place (I
> don't remember but I think imageio service was the one delivered only in
> firewalld from 7.4). So up until now we ingore non-existent firewalld
> service, but if needed we can turn this on and fail host deploy.
Ok, so for now your "luckily" off the hook and not the reason of failure.
>>
>>
>> Do you know which package provide the glusterfs firewalld service, and why
>> it is missing from the host?
>
>
> So we have used 'glusterfs' firewalld service per Sahina recommendation,
> which is included in glusterfs-server package from version 3.7.6 [1]. But
> this package is not installed when installing packages for cluster with
> gluster capabilities enabled. So now I'm confused: don't we need
> glusterfs-server package? If not and we need those ports open because they
> are used by services from different already installed glusterfs packages,
> shouldn't the firewalld configuration be moved from glusterfs-server to
> glusterfs package?
glusterfs-cli.rpm is required to consume gluster storage (virt use
case), but I don't recall that it needs open ports.
glusterfs-server.rpm is required to provide gluster storage (gluster use case).
If I recall correctly, firewalld feature has differentiated between
the two; opening needed ports only when relevant.
>
>
> [1] https://bugzilla.redhat.com/show_bug.cgi?id=1057295
>
>