Re: [ovirt-users] 3. vdsm losing connection to libvirt (Chris Adams)
Once upon a time, Nikolai Sednev <nsednev(a)redhat.com> said:
Can I get engine, libvirt, vdsm, mom, logs from host8 and
connectivity log?
Have you tried installing clean OSs on hosts, especially on problematic host?
I'd also try to disable JSONRPC on hosts, by putting them to maintenance and then
removing JSONRPC from the check box on all hosts, just to compare if it resolves the
issue.
Just to follow up... (tl;dr: issues may be just my own fault)
I tried to put node8 into maintenance mode, but then vdsm died while
migrating active VMs and the node rebooted. At that point,
ovirt-ha-agent.service would exit and sanlock logged errors. I finally
realized sanlock was logging "-13" (would be nice to strerr() here, as
-13 is not intuitive), which is EACCESS aka permission denied.
I realized I didn't have the latest SELinux policy, but had enabled
enforcing mode since the last reboot (from permissive, so no relabel
needed). The latest CentOS 7 policy includes this in the changelog:
* Mon Nov 10 2014 Miroslav Grepl <mgrepl(a)redhat.com> 3.12.1-153.el7_0.13
- Add support for vdsm.
Resolves:#1172146
- ALlow sanlock to send a signal to virtd_t.
- ALlow sanlock_t to read sysfs.
Resolves:#1172147
* Tue Nov 04 2014 Miroslav Grepl <mgrepl(a)redhat.com> 3.12.1-153.el7_0.12
- Allow logrotate to manage virt_cache_t type
Resolves:#1159834
So, this may have all just been self-inflicted. I've switched back to
permissive mode until I next apply updates; hopefully that'll fix my
other issues as well.
--
Chris Adams <cma(a)cmadams.net>