Re: [ovirt-users] [hosted-engine] Error creating a glusterfs storage domain

This is a multi-part message in MIME format. --------------060701060108040708070005 Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 8bit Hi, Wow. How dumb of me. I just realized that I answered "Yes" in this configuration question: iptables was detected on your computer, do you wish setup to configure it? (Yes, No)[Yes]: So the hosted-engine setup configure my empty iptables to allow just some necessary port (excluding glusterfs) I solved this by editing /etc/sysconfig/iptables to: # oVirt+glusterfs firewall configuration. *filter :INPUT ACCEPT [0:0] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [0:0] -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT -A INPUT -p icmp -j ACCEPT -A INPUT -i lo -j ACCEPT # vdsm -A INPUT -p tcp --dport 54321 -j ACCEPT # rpc.statd -A INPUT -p tcp --dport 111 -j ACCEPT -A INPUT -p udp --dport 111 -j ACCEPT # SSH -A INPUT -p tcp --dport 22 -j ACCEPT # snmp -A INPUT -p udp --dport 161 -j ACCEPT # libvirt tls -A INPUT -p tcp --dport 16514 -j ACCEPT # serial consoles -A INPUT -p tcp -m multiport --dports 2223 -j ACCEPT # guest consoles -A INPUT -p tcp -m multiport --dports 5900:6923 -j ACCEPT # migration -A INPUT -p tcp -m multiport --dports 49152:49216 -j ACCEPT # glusterfs -A INPUT -p tcp --dport 24007:24008 -j ACCEPT -A INPUT -p tcp --dport 24007:24008 -j ACCEPT -A INPUT -p tcp --dport 38465:38467 -j ACCEPT # nfs -A INPUT -p tcp --dport 2049 -j ACCEPT # Reject any other input traffic -A INPUT -j REJECT --reject-with icmp-host-prohibited -A FORWARD -m physdev ! --physdev-is-bridged -j REJECT --reject-with icmp-host-prohibited COMMIT Then restarted iptables and run 'hosted-engine --deploy again'. This time, I made sure to answer "No" when the setup asked me if it should alter iptables or not. The deployment was success, although with some errors: [ ERROR ] The VDSM host was found in a failed state. Please check engine and bootstrap installation logs. [ ERROR ] Unable to add hosted_engine_1 to the manager I were somehow able to solve them by manually SSH from the engine to the host, so that the host's key fingerprint was added to the engine's known_hosts. Then I logged into the engine's web UI and manually reinstall hosted_engine_1 with the "Automatically configure host firewall" option deselected (since I already included all of its configuration in my iptables file). I also set the virt group profile on the storage domain's volume as you suggested. Thank you very much for guiding me. Wee On 23/2/2559 17:49, Sahina Bose wrote: --- ซอฟต์แวร์ Avast แอนตี้ไวรัสตรวจสอบหาไวรัสจากอีเมลนี้แล้ว https://www.avast.com/antivirus --------------060701060108040708070005 Content-Type: text/html; charset=utf-8 Content-Transfer-Encoding: 8bit <html> <head> <meta content="text/html; charset=utf-8" http-equiv="Content-Type"> </head> <body bgcolor="#FFFFFF" text="#000000"> Hi,<br> <br> Wow. How dumb of me. I just realized that I answered "Yes" in this configuration question:<br> <br> iptables was detected on your computer, do you wish setup to configure it? (Yes, No)[Yes]:<br> <br> So the hosted-engine setup configure my empty iptables to allow just some necessary port (excluding glusterfs)<br> <br> I solved this by editing /etc/sysconfig/iptables to:<br> <br> # oVirt+glusterfs firewall configuration.<br> *filter<br> :INPUT ACCEPT [0:0]<br> :FORWARD ACCEPT [0:0]<br> :OUTPUT ACCEPT [0:0]<br> -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT<br> -A INPUT -p icmp -j ACCEPT<br> -A INPUT -i lo -j ACCEPT<br> # vdsm<br> -A INPUT -p tcp --dport 54321 -j ACCEPT<br> # rpc.statd<br> -A INPUT -p tcp --dport 111 -j ACCEPT<br> -A INPUT -p udp --dport 111 -j ACCEPT<br> # SSH<br> -A INPUT -p tcp --dport 22 -j ACCEPT<br> # snmp<br> -A INPUT -p udp --dport 161 -j ACCEPT<br> # libvirt tls<br> -A INPUT -p tcp --dport 16514 -j ACCEPT<br> # serial consoles<br> -A INPUT -p tcp -m multiport --dports 2223 -j ACCEPT<br> # guest consoles<br> -A INPUT -p tcp -m multiport --dports 5900:6923 -j ACCEPT<br> # migration<br> -A INPUT -p tcp -m multiport --dports 49152:49216 -j ACCEPT<br> # glusterfs<br> -A INPUT -p tcp --dport 24007:24008 -j ACCEPT<br> -A INPUT -p tcp --dport 24007:24008 -j ACCEPT<br> -A INPUT -p tcp --dport 38465:38467 -j ACCEPT<br> # nfs<br> -A INPUT -p tcp --dport 2049 -j ACCEPT<br> <br> # Reject any other input traffic<br> -A INPUT -j REJECT --reject-with icmp-host-prohibited<br> -A FORWARD -m physdev ! --physdev-is-bridged -j REJECT --reject-with icmp-host-prohibited<br> COMMIT<br> <br> Then restarted iptables and run 'hosted-engine --deploy again'. This time, I made sure to answer "No" when the setup asked me if it should alter iptables or not. The deployment was success, although with some errors:<br> <br> [ ERROR ] The VDSM host was found in a failed state. Please check engine and bootstrap installation logs.<br> [ ERROR ] Unable to add hosted_engine_1 to the manager<br> <br> I were somehow able to solve them by manually SSH from the engine to the host, so that the host's key fingerprint was added to the engine's known_hosts. Then I logged into the engine's web UI and manually reinstall hosted_engine_1 with the <span style="border-width: 1px; border-style: none; padding: 5px; border-color: gray;" class="gwt-CheckBox">"Automatically configure host firewall" option deselected (since I already included all of its configuration in my iptables file).<br> <br> I also set the virt group profile on the storage domain's volume as you suggested.<br> <br> Thank you very much for guiding me.</span><span style="border-width: 1px; border-style: none; padding: 5px; border-color: gray;" class="gwt-CheckBox"><br> Wee<br> </span><br> <div class="moz-cite-prefix">On 23/2/2559 17:49, Sahina Bose wrote:<br> </div> <blockquote cite="mid:56CC3938.2070504@redhat.com" type="cite"> <meta content="text/html; charset=utf-8" http-equiv="Content-Type"> The error indicates : OSError: [Errno 30] Read-only file system<br> <br> Can you check the output of "gluster volume status gv0" on host01.ovirt.forest.go.th. Please make sure that firewall is not blocking gluster ports from communicating on the 3 nodes.<br> <br> On a different note, since you are using gv0 as storage domain, set the virt group profile on this volume - "gluster volume set gv0 group virt"<br> <br> <div class="moz-cite-prefix">On 02/23/2016 01:39 PM, Wee Sritippho wrote:<br> </div> <blockquote cite="mid:56CC13D5.8050005@forest.go.th" type="cite">Hi, <br> <br> I'm trying to deploy an oVirt Hosed Engine environment using this glusterfs volume: <br> <br> # gluster volume info <br> <br> Volume Name: gv0 <br> Type: Replicate <br> Volume ID: 37bba03b-7276-421a-8960-81e28196ebde <br> Status: Started <br> Number of Bricks: 1 x 3 = 3 <br> Transport-type: tcp <br> Bricks: <br> Brick1: host01.ovirt.forest.go.th:/data/brick1/gv0 <br> Brick2: host03.ovirt.forest.go.th:/data/brick1/gv0 <br> Brick3: host02.ovirt.forest.go.th:/data/brick1/gv0 <br> Options Reconfigured: <br> storage.owner-gid: 36 <br> storage.owner-uid: 36 <br> performance.readdir-ahead: on <br> <br> But the deployment failed with this error message: <br> <br> [ ERROR ] Failed to execute stage 'Misc configuration': Error creating a storage domain: ('storageType=7, sdUUID=be5f66d8-57ef-43c8-90a5-e9132e0c95b4, domainName=hosted_storage, domClass=1, typeSpecificArg=host01.ovirt.forest.go.th:/gv0 domVersion=3',) <br> <br> I tried to figure out what is happening via the log files: <br> <br> Line ~7243 of vdsm.log <br> Line ~2930 of ovirt-hosted-engine-setup-20160223204857-585hqv.log <br> <br> But didn't seem to understand it at all. <br> <br> Please guide me on how to solve this problem. <br> <br> Here is my environment: <br> <br> CentOS Linux release 7.2.1511 (Core) <br> ovirt-hosted-engine-setup-1.3.2.3-1.el7.centos.noarch <br> vdsm-4.17.18-1.el7.noarch <br> glusterfs-3.7.8-1.el7.x86_64 <br> <br> Thank you, <br> Wee <br> <br> <br> --- <br> ซอฟต์แวร์ Avast แอนตี้ไวรัสตรวจสอบหาไวรัสจากอีเมลนี้แล้ว <br> <a moz-do-not-send="true" class="moz-txt-link-freetext" href="https://www.avast.com/antivirus">https://www.avast.com... <br> <br> <fieldset class="mimeAttachmentHeader"></fieldset> <br> <pre wrap="">_______________________________________________ Users mailing list <a moz-do-not-send="true" class="moz-txt-link-abbreviated" href="mailto:Users@ovirt.org">Users@ovirt.org</a> <a moz-do-not-send="true" class="moz-txt-link-freetext" href="http://lists.ovirt.org/mailman/listinfo/users">http://... </pre> </blockquote> <br> </blockquote> <br> <br /> <table style="border-top: 1px solid #aaabb6;"> <tr> <td style="width: 470px; padding-top: 20px; color: #41424e; font-size: 13px; font-family: Arial, Helvetica, sans-serif; line-height: 18px;">อีเมลฉบับนี้ส่งมาจากเครื่องคอมพิวเตอร์ที่ปราศจากไวรัส ซึ่งปกป้องโดย Avast <br /><a href="https://www.avast.com/sig-email" target="_blank" style="color: #4453ea;">www.avast.com</a> </td> </tr> </table> </body> </html> --------------060701060108040708070005--