[ovirt-users] NFS can not be mounted after the installation of ovirt-hosted-engine

Simone Tiraboschi stirabos at redhat.com
Thu Dec 18 08:43:23 UTC 2014



----- Original Message -----
> From: "Cong Yue" <Cong_Yue at alliedtelesis.com>
> To: "Simone Tiraboschi" <stirabos at redhat.com>
> Cc: users at ovirt.org
> Sent: Wednesday, December 17, 2014 7:18:26 PM
> Subject: RE: [ovirt-users] NFS can not be mounted after the installation of ovirt-hosted-engine
> 
> Thanks.
> 
> I just want to double confirm whether I do the right thing or not.
> 
> Currently, my /etc/sysconfig/iptables is like
> --
> # oVirt default firewall configuration. Automatically generated by vdsm
> bootstrap script.
> *filter
> :INPUT ACCEPT [0:0]
> :FORWARD ACCEPT [0:0]
> :OUTPUT ACCEPT [0:0]
> -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
> 
> -A INPUT -i lo -j ACCEPT
> # vdsm
> -A INPUT -p tcp --dport 54321 -j ACCEPT
> # SSH
> -A INPUT -p tcp --dport 22 -j ACCEPT
> # snmp
> -A INPUT -p udp --dport 161 -j ACCEPT
> 
> 
> # libvirt tls
> -A INPUT -p tcp --dport 16514 -j ACCEPT
> 
> # guest consoles
> -A INPUT -p tcp -m multiport --dports 5900:6923 -j ACCEPT
> 
> # migration
> -A INPUT -p tcp -m multiport --dports 49152:49216 -j ACCEPT
> 
> 
> # Reject any other input traffic
> -A INPUT -j REJECT --reject-with icmp-host-prohibited -A FORWARD -m physdev !
> --physdev-is-bridged -j REJECT --reject-with icmp-host-prohibited COMMIT
> --
> 
> Do you mean I need to add the following rule to the table?
> --
> ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           state NEW tcp
> dpt:6100

It's websocket proxy port, not really need there.

> ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           state NEW tcp
> dpt:111
> ACCEPT     udp  --  0.0.0.0/0            0.0.0.0/0           state NEW udp
> dpt:111
> ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           state NEW tcp
> dpt:662
> ACCEPT     udp  --  0.0.0.0/0            0.0.0.0/0           state NEW udp
> dpt:662
> ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           state NEW tcp
> dpt:875
> ACCEPT     udp  --  0.0.0.0/0            0.0.0.0/0           state NEW udp
> dpt:875
> ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           state NEW tcp
> dpt:892
> ACCEPT     udp  --  0.0.0.0/0            0.0.0.0/0           state NEW udp
> dpt:892
> ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           state NEW tcp
> dpt:2049
> ACCEPT     udp  --  0.0.0.0/0            0.0.0.0/0           state NEW udp
> dpt:32769
> ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           state NEW tcp
> dpt:32803
> --

Ok

> Thanks in advance,
> Cong
> 
> 
> -----Original Message-----
> From: Simone Tiraboschi [mailto:stirabos at redhat.com]
> Sent: Wednesday, December 17, 2014 9:48 AM
> To: Yue, Cong
> Cc: users at ovirt.org
> Subject: Re: [ovirt-users] NFS can not be mounted after the installation of
> ovirt-hosted-engine
> 
> 
> 
> ----- Original Message -----
> > From: "Simone Tiraboschi" <stirabos at redhat.com>
> > To: "Cong Yue" <Cong_Yue at alliedtelesis.com>
> > Cc: users at ovirt.org
> > Sent: Wednesday, December 17, 2014 6:43:34 PM
> > Subject: Re: [ovirt-users] NFS can not be mounted after the installation
> > of      ovirt-hosted-engine
> >
> >
> >
> > ----- Original Message -----
> > > From: "Cong Yue" <Cong_Yue at alliedtelesis.com>
> > > To: users at ovirt.org
> > > Sent: Wednesday, December 17, 2014 6:33:48 PM
> > > Subject: [ovirt-users] NFS can not be mounted after the installation of
> > >     ovirt-hosted-engine
> > >
> > >
> > >
> > > Hi
> > >
> > >
> > >
> > > I walked through the installation of ovirt-hosted-engine as
> > >
> > > http://community.redhat.com/blog/2014/10/up-and-running-with-ovirt-3
> > > -5/
> > >
> > >
> > >
> > > And I met a problem in the step of “Configure storage”
> > >
> > >
> > >
> > > In my ovirt host, I am using nfs v3 for the test. I created two
> > > exports points, and just after that I confirmed with other client
> > > that I can mount these two points.
> > >
> > > My /etc/exports is as
> > >
> > >
> > >
> > > ---
> > >
> > > /engine 10.0.0.0/24(rw,sync,no_root_squash,no_all_squash)
> > >
> > > /data 10.0.0.0/24(rw,sync,no_root_squash,no_all_squash)
> > >
> > > ---
> > >
> > >
> > >
> > > While after I completed the engine VM install, I found these two
> > > points can not be mounted again with the same command
> > >
> > > as
> > >
> > > mount –t nfs 10.0.0.94:/engine /engine
> > >
> > >
> > >
> > > Is ovirt changed something for nfs server configuration
> >
> > Yes, it's a know issue [1]. Please check iptables rules and re-open
> > NFS required ports.
> > [1] https://bugzilla.redhat.com/show_bug.cgi?id=1109326
> >
> > We already had a patch for it, it will be included next month in oVirt
> > 3.5.1
> 
> Oh, it's note really the same: this it's related to hosted-engine but is not
> that different.
> Please check iptables rules.
> 
> > > or something wrong
> > > with my setting?
> > >
> > >
> > >
> > > Thanks in advance,
> > >
> > > Cong
> > >
> > >
> > >
> > >
> > > This e-mail message is for the sole use of the intended recipient(s)
> > > and may contain confidential and privileged information. Any
> > > unauthorized review, use, disclosure or distribution is prohibited.
> > > If you are not the intended recipient, please contact the sender by
> > > reply e-mail and destroy all copies of the original message. If you
> > > are the intended recipient, please be advised that the content of
> > > this message is subject to access, review and disclosure by the
> > > sender's e-mail System Administrator.
> > >
> > > _______________________________________________
> > > Users mailing list
> > > Users at ovirt.org
> > > http://lists.ovirt.org/mailman/listinfo/users
> > >
> > _______________________________________________
> > Users mailing list
> > Users at ovirt.org
> > http://lists.ovirt.org/mailman/listinfo/users
> >
> 
> This e-mail message is for the sole use of the intended recipient(s) and may
> contain confidential and privileged information. Any unauthorized review,
> use, disclosure or distribution is prohibited. If you are not the intended
> recipient, please contact the sender by reply e-mail and destroy all copies
> of the original message. If you are the intended recipient, please be
> advised that the content of this message is subject to access, review and
> disclosure by the sender's e-mail System Administrator.
> 



More information about the Users mailing list