[Users] Nfs version 3 or 4 when mounting predefined engine ISO?

Keith Robertson kroberts at redhat.com
Wed Jan 16 15:41:04 UTC 2013


Gianluca,

I can't grok all that you are asking but, here is the golden rule for 
oVirt NFS domains:
- You can export whatever you want from wherever you want so long as it 
is writable by UID=36 and GID=36 from an NFS 3/4 client. When in doubt 
test it by mounting from the Node and trying to create a file as user vdsm.

Here is my specific setup (notice that I don't pin a protocol version)
### /etc/exports
 > cat /etc/exports
/virt/isodomain                127.0.0.1(rw,sync)

I could have also done (and I highly recommend this when your storage 
*isn't* on oVirt Engine):
/virt/isodomain                127.0.0.1(rw,sync,anonuid=<some local UID 
that has write permissions to /virt/isodomain>,anongid=<some local GID 
that has write permissions to /virt/isodomain>)

### IPtables:
-A RH-Firewall-1-INPUT -m state --state NEW -p tcp --dport 111 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -p udp --dport 892 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -p tcp --dport 892 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -p udp --dport 875 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -p tcp --dport 875 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -p udp --dport 662 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -p tcp --dport 662 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -p tcp --dport 2049 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -p tcp --dport 32803 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -p udp --dport 32769 -j ACCEPT


Cheers,
Keith

On 01/16/2013 09:57 AM, Gianluca Cecchi wrote:
> Hello,
> what should it be in 3.2 the version of NFS default ISO created on engine?
> Can I change it afterwards
> During engine setup I was only requested if I wanted it or not:
>
> (f18 with ovirt-nightly repo and 3.2.0-1.20130113.gitc954518)
> Configure NFS share on this server to be used as an ISO Domain? 
> ['yes'| 'no']  [yes] :
> Local ISO domain path  [/var/lib/exports/iso] : /ISO
>
> ok
>
> Current situation on engine regarding iptables
>
> [root at f18engine ~]# iptables -L -n
> Chain INPUT (policy ACCEPT)
> target     prot opt source               destination
> ACCEPT     all  -- 0.0.0.0/0 <http://0.0.0.0/0> 0.0.0.0/0 
> <http://0.0.0.0/0>
> ACCEPT     icmp -- 0.0.0.0/0 <http://0.0.0.0/0> 0.0.0.0/0 
> <http://0.0.0.0/0>            icmptype 255
> ACCEPT     all  -- 0.0.0.0/0 <http://0.0.0.0/0> 0.0.0.0/0 
> <http://0.0.0.0/0>            ctstate RELATED,ESTABLISHED
> ACCEPT     tcp  -- 0.0.0.0/0 <http://0.0.0.0/0> 0.0.0.0/0 
> <http://0.0.0.0/0>            ctstate NEW tcp dpt:22
> ACCEPT     tcp  -- 0.0.0.0/0 <http://0.0.0.0/0> 0.0.0.0/0 
> <http://0.0.0.0/0>            ctstate NEW tcp dpt:80
> ACCEPT     tcp  -- 0.0.0.0/0 <http://0.0.0.0/0> 0.0.0.0/0 
> <http://0.0.0.0/0>            ctstate NEW tcp dpt:443
> ACCEPT     udp  -- 0.0.0.0/0 <http://0.0.0.0/0> 0.0.0.0/0 
> <http://0.0.0.0/0>            ctstate NEW udp dpt:111
> ACCEPT     tcp  -- 0.0.0.0/0 <http://0.0.0.0/0> 0.0.0.0/0 
> <http://0.0.0.0/0>            ctstate NEW tcp dpt:111
> ACCEPT     udp  -- 0.0.0.0/0 <http://0.0.0.0/0> 0.0.0.0/0 
> <http://0.0.0.0/0>            ctstate NEW udp dpt:892
> ACCEPT     tcp  -- 0.0.0.0/0 <http://0.0.0.0/0> 0.0.0.0/0 
> <http://0.0.0.0/0>            ctstate NEW tcp dpt:892
> ACCEPT     udp  -- 0.0.0.0/0 <http://0.0.0.0/0> 0.0.0.0/0 
> <http://0.0.0.0/0>            ctstate NEW udp dpt:875
> ACCEPT     tcp  -- 0.0.0.0/0 <http://0.0.0.0/0> 0.0.0.0/0 
> <http://0.0.0.0/0>            ctstate NEW tcp dpt:875
> ACCEPT     udp  -- 0.0.0.0/0 <http://0.0.0.0/0> 0.0.0.0/0 
> <http://0.0.0.0/0>            ctstate NEW udp dpt:662
> ACCEPT     tcp  -- 0.0.0.0/0 <http://0.0.0.0/0> 0.0.0.0/0 
> <http://0.0.0.0/0>            ctstate NEW tcp dpt:662
> ACCEPT     tcp  -- 0.0.0.0/0 <http://0.0.0.0/0> 0.0.0.0/0 
> <http://0.0.0.0/0>            ctstate NEW tcp dpt:2049
> ACCEPT     tcp  -- 0.0.0.0/0 <http://0.0.0.0/0> 0.0.0.0/0 
> <http://0.0.0.0/0>            ctstate NEW tcp dpt:32803
> ACCEPT     udp  -- 0.0.0.0/0 <http://0.0.0.0/0> 0.0.0.0/0 
> <http://0.0.0.0/0>            ctstate NEW udp dpt:32769
> REJECT     all  -- 0.0.0.0/0 <http://0.0.0.0/0> 0.0.0.0/0 
> <http://0.0.0.0/0>            reject-with icmp-host-prohibited
>
> Chain FORWARD (policy ACCEPT)
> target     prot opt source               destination
>
> Chain OUTPUT (policy ACCEPT)
> target     prot opt source               destination
>
>
> ANd regarding nfs:
> [root at f18engine ~]# ps -ef|grep [n]fs
> root      1134     2  0 Jan15 ?        00:00:00 [nfsd4]
> root      1135     2  0 Jan15 ?        00:00:00 [nfsd4_callbacks]
> root      1136     2  0 Jan15 ?        00:00:00 [nfsd]
> root      1137     2  0 Jan15 ?        00:00:00 [nfsd]
> root      1138     2  0 Jan15 ?        00:00:00 [nfsd]
> root      1139     2  0 Jan15 ?        00:00:00 [nfsd]
> root      1140     2  0 Jan15 ?        00:00:00 [nfsd]
> root      1141     2  0 Jan15 ?        00:00:00 [nfsd]
> root      1142     2  0 Jan15 ?        00:00:00 [nfsd]
> root      1143     2  0 Jan15 ?        00:00:00 [nfsd]
>
> [root at f18engine ~]# systemctl status rpcbind.service
> rpcbind.service - RPC bind service
>  Loaded: loaded (/usr/lib/systemd/system/rpcbind.service; enabled)
>  Active: active (running) since Tue, 2013-01-15 13:38:46 CET; 1 day 
> and 2h ago
> Process: 1098 ExecStart=/sbin/rpcbind -w ${RPCBIND_ARGS} (code=exited, 
> status=0/SUCCESS)
> Main PID: 1128 (rpcbind)
>  CGroup: name=systemd:/system/rpcbind.service
>  ? 1128 /sbin/rpcbind -w
>
> Jan 15 13:38:46 f18engine.ceda.polimi.it 
> <http://f18engine.ceda.polimi.it> systemd[1]: Started RPC bind service.
>
> When host tries to attach ISO it fails
> host is f18 with ovirt-nightly and
> vdsm-4.10.3-0.78.gitb005b54.fc18.x86_64
>
> I noticed
> [root at f18ovn03 ]# ps -ef|grep mount
> root      1692     1  0 14:39 ?        00:00:00 /usr/sbin/rpc.mountd
> root      6616  2334  0 15:17 ?        00:00:00 /usr/bin/sudo -n 
> /usr/bin/mount -t nfs -o 
> soft,nosharecache,timeo=600,retrans=6,nfsvers=3 f18engine:/ISO 
> /rhev/data-center/mnt/f18engine:_ISO
> root      6617  6616  0 15:17 ?        00:00:00 /usr/bin/mount -t nfs 
> -o soft,nosharecache,timeo=600,retrans=6,nfsvers=3 f18engine:/ISO 
> /rhev/data-center/mnt/f18engine:_ISO
> root      6618  6617  0 15:17 ?        00:00:00 /sbin/mount.nfs 
> f18engine:/ISO /rhev/data-center/mnt/f18engine:_ISO -o 
> rw,soft,nosharecache,timeo=600,retrans=6,nfsvers=3
> root      6687  4147  0 15:17 pts/0    00:00:00 grep --color=auto mount
>
> The problem here is option
> nfsvers=3
>
> in fact if I manually run on node
>
> [root at f18ovn03 ]# mount -t nfs -o nfsvers=4 f18engine:/ISO  /p
> --> OK
>
> and
> [root at f18ovn03 ]# mount
> ...
> f18engine:/ISO on /p type nfs4 
> (rw,relatime,vers=4.0,rsize=524288,wsize=524288,namlen=255,hard,proto=tcp,port=0,timeo=600,retrans=2,sec=sys,clientaddr=10.4.4.59,local_lock=none,addr=10.4.4.60)
>
> while
> # mount -t nfs -o nfsvers=3 f18engine:/ISO  /p
> --> KO
> stalled
>
> What should I change, engine or host or both?
>
> Thanks in advance,
> Gianluca
>
>
> _______________________________________________
> Users mailing list
> Users at ovirt.org
> http://lists.ovirt.org/mailman/listinfo/users

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ovirt.org/pipermail/users/attachments/20130116/c118ec19/attachment-0001.html>


More information about the Users mailing list