[Users] Host installation failed ovirt 3.2
Alon Bar-Lev
alonbl at redhat.com
Fri Oct 18 18:26:55 UTC 2013
----- Original Message -----
> From: "Sven Kieske" <S.Kieske at mittwald.de>
> To: users at ovirt.org
> Sent: Friday, October 18, 2013 5:43:39 PM
> Subject: Re: [Users] Host installation failed ovirt 3.2
>
> This problem occured again, this time, deploying an centOS netinstall.
>
> Steps to reproduce:
>
> 1. install CentOS 6.4. x64 netinstall, use the target "minimal
> installation".
> 2. add repos for epel and ovirt.
> 3. install vdsm on host through webadmin
>
> actual result:
>
> In Webadmin:
>
> "Failed to install Host server4 Failed to execute stage 'Closing up':
> Command '/sbin/service' failed to execute."
2013-10-18 16:29:11 DEBUG otopi.plugins.otopi.services.rhel plugin.execute:412 execute-output: ('/sbin/service', 'iptables', 'start') stdout:
iptables: Applying firewall rules: [FAILED]
2013-10-18 16:29:11 DEBUG otopi.plugins.otopi.services.rhel plugin.execute:417 execute-output: ('/sbin/service', 'iptables', 'start') stderr:
iptables-restore: line 61 failed
> I attached the complete host-deploy log. it fails at reloading iptables
> however, the default ovirt-iptables config is present in
> /etc/sysconfig/iptables and is loaded (this was checked by
> "service iptables status" command)
> also manual restarting the service works fine:
>
> service iptables restart
> iptables: Flushing firewall rules: [ OK ]
> iptables: Setting chains to policy ACCEPT: mangle filter na[ OK ]
> iptables: Unloading modules: [ OK ]
> iptables: Applying firewall rules: [ OK ]
>
> next step was "reinstall" host through webadmin, which worked fine,
> the host rebooted.
>
> any hints?
I have no access to centos... and unsure what is happening... need your help.
It looks like there is some problem in first apply of firewall rules...
Can you please checkout this sequence which is similar to what happening at host-deploy:
1. have default /etc/sysconfig/iptables (you can find it as backuped up /etc/sysconfig/iptables.*)
2. restart iptables
3. move /etc/sysconfig/iptables /etc/sysconfig/iptables.old
4. move /etc/sysconfig/<ovirt> /etc/sysconfig/iptables
5. restart iptables
I hope we see same failure, so it will be easier to debug.
I've never seen this issue... with same file content restart 1 does not work, restart 2 does... this is strange.
Thanks,
Alon
>
>
> On 18.10.2013 10:44, Sven Kieske wrote:
> > Hi,
> >
> > this config was already in /etc/sysconfig/iptables (you forget some
> > empty lines, but the rest is identical), here is the outcome:
> >
> > service iptables stop
> > iptables: Flushing firewall rules: [ OK ]
> > iptables: Setting chains to policy ACCEPT: nat filter mangl[ OK ]
> > iptables: Unloading modules: [ OK ]
> > [root at vroot4 ~]# service iptables start
> > iptables: Applying firewall rules: [ OK ]
> > [root at vroot4 ~]# service iptables status
> > Table: filter
> > Chain INPUT (policy ACCEPT)
> > num target prot opt source destination
> > 1 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state
> > RELATED,ESTABLISHED
> > 2 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
> > 3 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp
> > dpt:54321
> > 4 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp
> > dpt:22
> > 5 ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp
> > dpt:161
> > 6 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp
> > dpt:16514
> > 7 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0
> > multiport dports 5634:6166
> > 8 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0
> > multiport dports 49152:49216
> > 9 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp
> > dpt:24007
> > 10 ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp
> > dpt:111
> > 11 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp
> > dpt:38465
> > 12 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp
> > dpt:38466
> > 13 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp
> > dpt:38467
> > 14 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp
> > dpt:39543
> > 15 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp
> > dpt:55863
> > 16 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp
> > dpt:38468
> > 17 ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp
> > dpt:963
> > 18 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp
> > dpt:965
> > 19 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp
> > dpt:4379
> > 20 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp
> > dpt:139
> > 21 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp
> > dpt:445
> > 22 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp
> > dpts:24009:24108
> > 23 REJECT all -- 0.0.0.0/0 0.0.0.0/0
> > reject-with icmp-host-prohibited
> >
> > Chain FORWARD (policy ACCEPT)
> > num target prot opt source destination
> > 1 REJECT all -- 0.0.0.0/0 0.0.0.0/0
> > PHYSDEV match ! --physdev-is-bridged reject-with icmp-host-prohibited
> >
> > Chain OUTPUT (policy ACCEPT)
> > num target prot opt source destination
> >
> >
> > So there is no error, reloading it by hand.
> >
> > I tried to then add the host again via webadmin, and it succeeds.
> >
> > So I really don't know what the problem was :(
> >
> >
> > On 17.10.2013 17:52, Alon Bar-Lev wrote:
> >>
> >>
> >> ----- Original Message -----
> >>>
> >>> On 17.10.2013 16:15, Alon Bar-Lev wrote:
> >>>> Please send the entire host-deploy log so I can see what iptables rules
> >>>> are
> >>>> there.
> >>>>
> >>>
> > _______________________________________________
> > Users mailing list
> > Users at ovirt.org
> > http://lists.ovirt.org/mailman/listinfo/users
> >
> >
> >
>
> _______________________________________________
> Users mailing list
> Users at ovirt.org
> http://lists.ovirt.org/mailman/listinfo/users
>
More information about the Users
mailing list