Hi, On 09/29/2012 01:37 PM, Hans Lellelid wrote:
I apologize in advance that this email is less about a specific problem and more a general inquiry as to the most recommended / likely-to-be-successful way path.
Having just gone through the process, I hope I can help a little! You might want to check (and add to) the Troubleshooting page where I documented the various hiccups I had, and how I addressed them: http://wiki.ovirt.org/wiki/Troubleshooting There's also "Node Troubleshooting" and "Troubleshooting NFS Storage Issues" which might help you: http://wiki.ovirt.org/wiki/Node_Troubleshooting and http://wiki.ovirt.org/wiki/Troubleshooting_NFS_Storage_Issues Also Jason Brooks's "Up and running with oVirt 3.1" article is useful I think: http://blog.jebpages.com/archives/up-and-running-with-ovirt-3-1-edition/
2nd attempt: I re-installed the nodes as Fedora 17 boxes and downgraded the kernels to 3.4.6-2. Then I connected these from the Engine (specifying the root pw) and watched the logs while things installed. After reboot neither of the servers were reachable. Sitting in front of the console, I realized that networking was refusing to start; several errors printed to the console looked like:
When you say that they are not reachable, what do you mean? By default, installing F17 as a node sets the iptables settings to: # oVirt default firewall configuration. Automatically generated by vdsm bootstrap script. *filter :INPUT ACCEPT [0:0] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [0:0] -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT -A INPUT -p icmp -j ACCEPT -A INPUT -i lo -j ACCEPT # vdsm -A INPUT -p tcp --dport 54321 -j ACCEPT # libvirt tls -A INPUT -p tcp --dport 16514 -j ACCEPT # SSH -A INPUT -p tcp --dport 22 -j ACCEPT # guest consoles -A INPUT -p tcp -m multiport --dports 5634:6166 -j ACCEPT # migration -A INPUT -p tcp -m multiport --dports 49152:49216 -j ACCEPT # snmp -A INPUT -p udp --dport 161 -j ACCEPT # Reject any other input traffic -A INPUT -j REJECT --reject-with icmp-host-prohibited -A FORWARD -m physdev ! --physdev-is-bridged -j REJECT --reject-with icmp-host-prohibited COMMIT So if you're trying to ping the nodes, you should see nothing, but ssh, snmp and vdsm should be available. If you have a local console access to the nodes, you should check the IPTables config. I don't understand why you would lose your network connection entirely, though. I don't think that the network config for the nodes is changed by the installer.
3rd attempt: I re-installed the nodes with Fedora 17 and attempted to install VDSM manually by RPM. Despite following the instructions to turn off ssl (ssl=false in /etc/vdsm/vdsm.conf), I am seeing SSL "unknown cert" errors from the python socket server with every attempt of the engine to talk to the node.
Hopefully the "Node Troubleshooting" page (or somebody else) can help you here, I'm afraid I can't.
The Fedora-17-installed-by-engine sounds good, but there's a lot of magic there & it obviously completely broke my systems. Is that where I should focus my efforts? Should I ditch NFS storage and just try to get something working with local-only storage on the nodes? (Shared storage would be a primary motivation for moving to ovirt, though.)
I would focus on this approach, and would continue to aim to use NFS storage. It works fine as long as you are on the 3?4?x kernels.
I am very excited for this to work for me someday. I think it has been frustrating to have such sparse (or outdated?) documentation and such fundamental problems/bugs/configuration challenges. I'm using pretty standard (Dell) commodity servers (SATA drives, simple RAID setups, etc.).
The "Quick Setup Guide" was useful to me, as long as everything went well: http://wiki.ovirt.org/wiki/Quick_Start_Guide Hope some of that is helpful! Cheers, Dave. -- Dave Neary Community Action and Impact Open Source and Standards, Red Hat Ph: +33 9 50 71 55 62 / Cell: +33 6 77 01 92 13