Issues encountered performing HE install on 4.3
Hi, I hit a few issues while performing a recent HE install of 4.3. While I managed to find solutions/workarounds to all the problems I thought I might share them here * As defined in the Ansible defaults the temp dir for building the local HE VM is /var/tmp. I was 80M short of the required space and there did not appear to be a (supported) way to specify a different location. I ended up having to do a bind mount of /var/tmp to get me through the install. Would be nice to be able to specify a custom location. * Permissive umask required. Our CIS CentOS 7 build requires that default umask is 027. This breaks the installer as it creates the VM image under /var/tmp as root and cannot then access it as qemu user. As the temp files are cleaned up on failure it took me a while to track this one down. My solution was to temporarily set the umask to 022 for the session while running the installer. It would be nice if the installer either handled this by doing a chmod/chown as required, or at least doing a umask pre-check and failing with a meaningful error. * SSH root login required on host. Again for CIS we have "PermitRoologin no" configured in sshd. This means the add host task fails on the Engine, but instead of a hard failure we get a timeout on the installer. Which left me chasing some imagined routing/bridging/DNS issue. Eventually I realised I could get to the engine logs and found the issue but took several hours. Would be nice if the installer could either support a sudo option or at least perform a root login pre-check and fail with a meaningful error. Thanks, Alan
Hi, Sorry for the very late reply... On Tue, Mar 10, 2020 at 7:25 PM Alan G <alan+ovirt@griff.me.uk> wrote:
Hi,
I hit a few issues while performing a recent HE install of 4.3. While I managed to find solutions/workarounds to all the problems I thought I might share them here
Thanks, that's appreciated!
* As defined in the Ansible defaults the temp dir for building the local HE VM is /var/tmp. I was 80M short of the required space and there did not appear to be a (supported) way to specify a different
location. I ended up having to do a bind mount of /var/tmp to get me through the install. Would be nice to be able to specify a custom location. You can affect this via the ansible var he_local_vm_dir_path . I don't think we have this documented anywhere, or even whether that's easily settable by the user.
* Permissive umask required. Our CIS CentOS 7 build requires that default umask is 027. This breaks the installer as it creates the VM image under /var/tmp as root and cannot then access it as qemu user. As the temp files are cleaned up on failure it took me a while to track this one down. My solution was to temporarily set the umask to 022 for the session while running the installer. It would be nice if the installer either handled this by doing a chmod/chown as required, or at least doing a umask pre-check and failing with a meaningful error.
* SSH root login required on host. Again for CIS we have "PermitRoologin no" configured in sshd. This means the add host task fails on the Engine, but instead of a hard failure we get a timeout on the installer. Which left me chasing some imagined routing/bridging/DNS issue. Eventually I realised I could get to the engine logs and found the issue but took several hours. Would be nice if the installer could either support a sudo option or at least perform a root login pre-check and fail with a meaningful error.
Also both of these make sense. Would you like to open RFE bugs to track these issues? For latter, we had in the past: https://bugzilla.redhat.com/show_bug.cgi?id=1037800 Perhaps you can reopen, to show your interest, although the details have changed since then, as we now use ansible (in 4.4, fully. In 4.3, partially). Best regards, -- Didi
participants (2)
-
Alan G -
Yedidyah Bar David