On Mon, Sep 17, 2018 at 11:50 AM, Gianluca Cecchi <gianluca.cecchi(a)gmail.com
wrote:
> On Sun, Sep 16, 2018 at 7:56 AM Edward Haas <ehaas(a)redhat.com
wrote:
>
>>
>>
>> On Fri, Sep 14, 2018 at 9:43 AM, Gianluca Cecchi <
>> gianluca.cecchi(a)gmail.com
wrote:
>>
>>> On Thu, Sep 13, 2018 at 7:53 AM Edward Haas <ehaas(a)redhat.com
wrote:
>>>
>>>>
>>>>
>>>> On Mon, Sep 10, 2018 at 5:53 PM, Gianluca Cecchi <
>>>> gianluca.cecchi(a)gmail.com
wrote:
>>>>
>>>>> Hello,
>>>>> supposing to have ovirt-ng node 4.2.6 and that ovirtmgmt config
>>>>> regarding DNS servers has to be updated, what is the correct way to
proceed?
>>>>>
>>>>
>>>> DNS should be editable from the network attachment window.
>>>>
>>>
>>> Thanks for your answer Edward.
>>> What do you mean with "network attachment window"?
>>> a) Network > Networks, then select ovirtmgmt line and edit, putting DNS
>>> info (that is empty right now)
>>> or
>>> b) Compute > Hosts, then select host1 line, click on host1 name, then
>>> Network Interfaces and Setup Host Networks. then edit ovirtmgmt > DNS
>>> Configuration (that is empty right now)
>>> or what?
>>>
>>
>> I meant (b). Option (a) is there to apply the same DNS entries over all
>> hosts for that specific network.
>> I do not see a problem of using both.
>>
>
> OK.
> What is it expected to happen if for example I have 4 active nodes and use
> a)?
> Possibly all of them loosing ovirtmgmt connection with possibly dangerous
> effects?
>
I consider touching the management network always as a risk, but it should
work if you do not have VM/s on it.
I do not recall if changing the DNS on the Network immediately causes
setup-network commands to be sent to all hosts.
> If you add a new host, Engine will read the existing DNS entries from the
> host and persist them. (you will see them in the setup-networks window (b)).
>
The strange thing is that apparently it made what you say (from a files
content point of view) but there is no match if you go into configuration
inside web admin gui pages, neither at cluster level, nor at host level.
This was what seemed strange to me.
Please notice that these hosts were installed in 4.1.x and then update
several times up to 4.2.6.
So it could be the case of some sort of bug in previous versions and not
if I plain install right now in 4.2.6 (not tested)
> Upgraded systems (hosts have been added before DNS configuration was
> available) will have it empty and you will need to explicitly set it.
>
It is not my case.
We will have to check this then. We may have changed the policy on this
issue due to other complaints.
(An argument that we should not enforce DNS entries if not explicitly
requested sounds valid to me)
>>
>>> The values are added through ifcfg, therefore its logic of adding it to
>>> resolv.conf is used.
>>>
>>
>> I have also opened a case for another environment where I'm using RHV-H
>> hosts, that should be quite similar to ovirt-node-ng
>> In that environment one of the original M$ based dns server was changed
>> (that was the one I had as primary) creating some latency problems.
>> Using setup host networks generated big problems, especially if doing on
>> the host where hosted engine was running.
>> I verified that a safe way to modify DNS config is:
>> - evacuate VMs from host
>> - put host into maintenance
>> - change dns settings in setup host networks
>> - reboot the host
>> - activate the host
>>
>> I do not see a reason to pass all these steps unless we have a bug.
> The DNS entry are supposed to be applied immediately through ifcfg,
> rebooting is an precaution to make sure it has been correctly persisted.
> And if the management network is not serving VM/s, then no VM evacuation
> is needed.
>
If host is not reachable through ovirtmgmt doesn't fencing take place? And
so indirect consequence a move of the VMs it had in charge?
Correct, but as far as I know it is not immediate. There is a grace period
in which Engine (and VDSM) attempts to confirm connectivity.
VDSM will also (try to) revert back to the previous working configuration
in a "revert" action.
It may also be a matter of the level of "defence" needed. As mentioned,
there is a risk in touching the management network and your mentioned steps
are a way to reduce the risks.
But lets get another opinion on this, I may be wrong here.
> I guess the risk here is the management network editing, which is
> sensitive (Engine looses connectivity and unexpected behaviour may occur).
> If there is a problem with this scenario, I would consider it a bug.
>
>
>> This way the "persistent" files are initially updated and then at the
>> reboot the ifcfg and resolv.conf files are correctly updated
>> If you are interested my case is 02179117
>>
>
> I could not find such a BZ.
>
This is a Red Hat case number, not a bugzilla entry. Because I had the
same kind of problems on oVirt based environments and RHV based ones that
are present.
So for RHV I opened a case.
As a consequence of the case, it was created this solution that I have not
tested yet:
https://access.redhat.com/solutions/3613731
Please note that it requires RH account, but in my opinion should be of
public domain or similar information put inside oVirt documentation pages.
It could happen having to change DNS and it can be useful to know the
recommended workflow for that
>
>> As far as I remember, when adding a host (that reports the nameservers),
> the DNS entries learned are added to the Engine config and used when
> sending the first setup-networks to VDSM.
> But there were several iterations of this flow, perhaps it changed (will
> check).
>
>
>>
Note also my comments regarding environment installed in 4.1 and then
updated to 4.2
Thanks
Gianluca