Once upon a time, Nikolai Sednev <nsednev@redhat.com> said:
Can I get engine, libvirt, vdsm, mom, logs from host8 and connectivity log? Have you tried installing clean OSs on hosts, especially on problematic host? I'd also try to disable JSONRPC on hosts, by putting them to maintenance and then removing JSONRPC from the check box on all hosts, just to compare if it resolves the issue.
Just to follow up... (tl;dr: issues may be just my own fault) I tried to put node8 into maintenance mode, but then vdsm died while migrating active VMs and the node rebooted. At that point, ovirt-ha-agent.service would exit and sanlock logged errors. I finally realized sanlock was logging "-13" (would be nice to strerr() here, as -13 is not intuitive), which is EACCESS aka permission denied. I realized I didn't have the latest SELinux policy, but had enabled enforcing mode since the last reboot (from permissive, so no relabel needed). The latest CentOS 7 policy includes this in the changelog: * Mon Nov 10 2014 Miroslav Grepl <mgrepl@redhat.com> 3.12.1-153.el7_0.13 - Add support for vdsm. Resolves:#1172146 - ALlow sanlock to send a signal to virtd_t. - ALlow sanlock_t to read sysfs. Resolves:#1172147 * Tue Nov 04 2014 Miroslav Grepl <mgrepl@redhat.com> 3.12.1-153.el7_0.12 - Allow logrotate to manage virt_cache_t type Resolves:#1159834 So, this may have all just been self-inflicted. I've switched back to permissive mode until I next apply updates; hopefully that'll fix my other issues as well. -- Chris Adams <cma@cmadams.net>