9:59 p.m.
Hi,
I've just set up a new oVirt installation with two nodes. Both of the
nodes have had 'firewalld' disabled. When I went to test VM
migration, it failed, apparently due to this (from the vdsm log on the
source node):
error : virNetClientProgramDispatchError:174 : Error while building
firewall: Some rules could not be created for interface vnet0:
Failure to execute command '$EBT -t nat -N libvirt-J-vnet0' :
'DBusException org.freedesktop.DBus.Error.ServiceUnknown: The name
org.fedoraproject.FirewallD1 was not provided by any .service
filesCouldn't connect to FirewallD, it's probably not running.'.
Is running firewalld a requirement for oVirt? Is it possible to avoid
having oVirt attempt to manage my firewall rules?
Thanks!
--
Jonathan Daugherty
Software Engineer
Galois, Inc.
12:13 a.m.
I've just set up a new oVirt installation with two nodes. Both
of
the nodes have had 'firewalld' disabled. When I went to test VM
migration, it failed, apparently due to this (from the vdsm log on
the source node):
error : virNetClientProgramDispatchError:174 : Error while
building firewall: Some rules could not be created for interface
vnet0: Failure to execute command '$EBT -t nat -N libvirt-J-vnet0'
: 'DBusException org.freedesktop.DBus.Error.ServiceUnknown: The
name org.fedoraproject.FirewallD1 was not provided by any .service
filesCouldn't connect to FirewallD, it's probably not running.'.
Okay, I'll answer it myself, for the google searchers of the future:
This was caused by 1) not restarting libvirtd *after* disabling
firewalld and 2) not realizing (understandably) that the error was
from the migration *destination* host, not the source host, despite
the fact that it was found in the source host's log and makes no
mention of the other host. Libvirtd on the destination host was still
attempting to use firewalld; restarting it resolved the problem.
--
Jonathan Daugherty
Software Engineer
Galois, Inc.
4298
days inactive
4300
days old
1 comments
1 participants
participants (1)
-
Jonathan Daugherty