Importing VMs from kvm to oVirt. "VM zarafa is down with error. Exit message: Failed to find the libvirt domain."
by Marc Pfaendler
Hello
I'm trying to import an existing kvm VM into oVirt 4.1. It a new server
with a fresh installation of oVirt.
I'm working with the oVirt gui to achieve this.
After moving the VM from the old system into the export folder, the gui
allows me to import it.
The import seems to succeed. But after the VM is imported it fails to start.
Giving this error:
"VM zarafa is down with error. Exit message: Failed to find the
libvirt domain."
Cheers
Marc
2 years, 3 months
Re: [ovirt-users] Ovirt Hosted-Engine VM iptables
by Andrew Dent
I can add a rule into ipdates such as this
iptables -I INPUT -s 192.168.0.10 -p tcp -m tcp --dport 5666 -j ACCEPT
I can see the addition has succeeded with this
iptables-save > /etc/sysconfig/iptables
But a reboot of the Engine VM (not the Host) doesn't keep the new rule,
and I was expecting that during bootup CentOS would read from
/etc/sysconfig/iptables.
Alas it isn't.
Found a solution.
After reading this
https://stackoverflow.com/questions/24756240/how-can-i-use-iptables-on-ce...
I installed iptables-services
But once installed I found that iptables -L showed no rules.
thankfully I still had the default hosted-engine rules in
/etc/sysconfig/iptables
iptables-restore < /etc/sysconfig/iptables
Then.....
service iptables save
restored the default hosted-engine rules including my rule for 5666.
Rebooting the hosted-engine VM and my rule 5666 for NRPE is still there.
Success!!
To answer your other questions
> Did you ask to configure the firewall during engine-setup?
Yes.
Looks like it setup firewalld for me.
> Alternatively, it's recommended to use firewalld.
For the moment I have disabled firewalld and are using iptables....Is
there a reason why firewalld is preferred over iptables?
Kind regards
Andrew
------ Original Message ------
From: "Yedidyah Bar David" <didi(a)redhat.com>
To: "Andrew Dent" <adent(a)ctcroydon.com.au>
Cc: "users" <users(a)ovirt.org>
Sent: 29/05/2017 9:26:23 PM
Subject: Re: [ovirt-users] Ovirt Hosted-Engine VM iptables
>On Mon, May 29, 2017 at 1:14 PM, Andrew Dent <adent(a)ctcroydon.com.au>
>wrote:
>> Hi
>>
>> I would like to add rules into the iptables of the Hosted Engine VM
>>in
>> Ovirt.
>> I am wanting to monitor the Ovirt Engine using Nagios -> NRPE and I
>>would
>> like to open port 5666
>>
>> the version is oVirt Engine Version: 4.1.1.8-1.el7.centos
>> I have tried using the normal process for iptables (iptables-save
>>etc), but
>> it seems that the file
>> /etc/sysconfig/iptables
>> is ignored when the Ovirt Engine VM starts.
>
>What do you mean in "ignored"?
>
>What's the output of 'iptables-save'?
>
>Did you ask to configure the firewall during engine-setup?
>
>>
>> How can I add permanent iptables rules into the Engine VM?
>
>On the engine vm (unlike hosts), the only thing that touches iptables
>is engine-setup. Before doing that it asks you if you want to configure
>the firewall. There aren't currently means to add your custom rules -
>either you manage it all by yourself or you let engine-setup do that.
>
>Alternatively, it's recommended to use firewalld. engine-setup can
>add to firewalld the stuff it wants, and you still can add your own
>stuff.
>
>If I got you wrong and you refer to the hosts (not engine), see also:
>
>https://www.ovirt.org/blog/2016/12/extension-iptables-rules-oVirt-hosts/
>
>Best,
>
>>
>> Kind regards
>>
>>
>> Andrew
>>
>>
>>
>> _______________________________________________
>> Users mailing list
>> Users(a)ovirt.org
>> http://lists.ovirt.org/mailman/listinfo/users
>>
>
>
>
>--
>Didi
2 years, 3 months
