From: "Cong Yue" <Cong_Yue(a)alliedtelesis.com>
To: "Simone Tiraboschi" <stirabos(a)redhat.com>
Cc: users(a)ovirt.org
Sent: Wednesday, December 17, 2014 7:18:26 PM
Subject: RE: [ovirt-users] NFS can not be mounted after the installation of
ovirt-hosted-engine
Thanks.
I just want to double confirm whether I do the right thing or not.
Currently, my /etc/sysconfig/iptables is like
--
# oVirt default firewall configuration. Automatically generated by vdsm
bootstrap script.
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A INPUT -i lo -j ACCEPT
# vdsm
-A INPUT -p tcp --dport 54321 -j ACCEPT
# SSH
-A INPUT -p tcp --dport 22 -j ACCEPT
# snmp
-A INPUT -p udp --dport 161 -j ACCEPT
# libvirt tls
-A INPUT -p tcp --dport 16514 -j ACCEPT
# guest consoles
-A INPUT -p tcp -m multiport --dports 5900:6923 -j ACCEPT
# migration
-A INPUT -p tcp -m multiport --dports 49152:49216 -j ACCEPT
# Reject any other input traffic
-A INPUT -j REJECT --reject-with icmp-host-prohibited -A FORWARD -m physdev !
--physdev-is-bridged -j REJECT --reject-with icmp-host-prohibited COMMIT
--
Do you mean I need to add the following rule to the table?
--
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp
dpt:6100
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state
NEW tcp
dpt:111
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW udp
dpt:111
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp
dpt:662
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW udp
dpt:662
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp
dpt:875
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW udp
dpt:875
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp
dpt:892
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW udp
dpt:892
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp
dpt:2049
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW udp
dpt:32769
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp
dpt:32803
--
Thanks in advance,
Cong
-----Original Message-----
From: Simone Tiraboschi [mailto:stirabos@redhat.com]
Sent: Wednesday, December 17, 2014 9:48 AM
To: Yue, Cong
Cc: users(a)ovirt.org
Subject: Re: [ovirt-users] NFS can not be mounted after the installation of
ovirt-hosted-engine
----- Original Message -----
> From: "Simone Tiraboschi" <stirabos(a)redhat.com>
> To: "Cong Yue" <Cong_Yue(a)alliedtelesis.com>
> Cc: users(a)ovirt.org
> Sent: Wednesday, December 17, 2014 6:43:34 PM
> Subject: Re: [ovirt-users] NFS can not be mounted after the installation
> of ovirt-hosted-engine
>
>
>
> ----- Original Message -----
> > From: "Cong Yue" <Cong_Yue(a)alliedtelesis.com>
> > To: users(a)ovirt.org
> > Sent: Wednesday, December 17, 2014 6:33:48 PM
> > Subject: [ovirt-users] NFS can not be mounted after the installation of
> > ovirt-hosted-engine
> >
> >
> >
> > Hi
> >
> >
> >
> > I walked through the installation of ovirt-hosted-engine as
> >
> >
http://community.redhat.com/blog/2014/10/up-and-running-with-ovirt-3
> > -5/
> >
> >
> >
> > And I met a problem in the step of “Configure storage”
> >
> >
> >
> > In my ovirt host, I am using nfs v3 for the test. I created two
> > exports points, and just after that I confirmed with other client
> > that I can mount these two points.
> >
> > My /etc/exports is as
> >
> >
> >
> > ---
> >
> > /engine 10.0.0.0/24(rw,sync,no_root_squash,no_all_squash)
> >
> > /data 10.0.0.0/24(rw,sync,no_root_squash,no_all_squash)
> >
> > ---
> >
> >
> >
> > While after I completed the engine VM install, I found these two
> > points can not be mounted again with the same command
> >
> > as
> >
> > mount –t nfs 10.0.0.94:/engine /engine
> >
> >
> >
> > Is ovirt changed something for nfs server configuration
>
> Yes, it's a know issue [1]. Please check iptables rules and re-open
> NFS required ports.
> [1]
https://bugzilla.redhat.com/show_bug.cgi?id=1109326
>
> We already had a patch for it, it will be included next month in oVirt
> 3.5.1
Oh, it's note really the same: this it's related to hosted-engine but is not
that different.
Please check iptables rules.
> > or something wrong
> > with my setting?
> >
> >
> >
> > Thanks in advance,
> >
> > Cong
> >
> >
> >
> >
> > This e-mail message is for the sole use of the intended recipient(s)
> > and may contain confidential and privileged information. Any
> > unauthorized review, use, disclosure or distribution is prohibited.
> > If you are not the intended recipient, please contact the sender by
> > reply e-mail and destroy all copies of the original message. If you
> > are the intended recipient, please be advised that the content of
> > this message is subject to access, review and disclosure by the
> > sender's e-mail System Administrator.
> >
> > _______________________________________________
> > Users mailing list
> > Users(a)ovirt.org
> >
http://lists.ovirt.org/mailman/listinfo/users
> >
> _______________________________________________
> Users mailing list
> Users(a)ovirt.org
>
http://lists.ovirt.org/mailman/listinfo/users
>
This e-mail message is for the sole use of the intended recipient(s) and may
contain confidential and privileged information. Any unauthorized review,
use, disclosure or distribution is prohibited. If you are not the intended
recipient, please contact the sender by reply e-mail and destroy all copies
of the original message. If you are the intended recipient, please be
advised that the content of this message is subject to access, review and
disclosure by the sender's e-mail System Administrator.