[ovirt-users] Single server hosted engine... almost there

Mark Steckel mjs at fix.net
Thu Dec 8 15:24:03 UTC 2016 

[Apologize. Accidentally hit send instead of save. Continuing below...]

> ----- Yedidyah Bar David <didi at redhat.com> wrote:
> > On Thu, Dec 8, 2016 at 12:42 AM, Mark Steckel <mjs at fix.net> wrote:
> > > Hi,
> > >
> > > OK, I reset things and tried again but was more more careful regarding the DNS setup which I believe was correct this. In other words, the FQDNs were resolved from both the host and the HE VM.
> > >
> > > After the latest failure I execute 'ip address' to see the state of the interfaces. And lo and behold the /29 IP I had on eth0:1 no longer exists.
> > >
> > > So some context.
> > >
> > > The server's primary IP is a /24 with the gw being the x.y.z.1.
> > >
> > > I have have a /29 subnet to use for the VMs.
> > >
> > > I have been presuming that I place the a.b.c.1/29 on eth0:1 for the subnet's gw and OVirt will ether keep it in place or migrate it to the ovirtmgmt device. Instead it is deleted during "hosted-engine --deploy".(Note, when the .1/29 is assigned to eth0:1, the IP address is reachable from the the Internet.)
> > >
> > > Dnsmasq is configured to a) serve a.b.c.2/29 a.b.c.6/29 via DHCP and b) to resolve unique FQDNs for each IP. The he VM set to receive the a.b.c.2/29 address.
> > >
> > > Am I missing and or just misunderstanding something here?
> > 
> > "eth0:1" is not really a different interface.
> > 
> > Part of the deploy process is to take the interface you have chosen,
> > create a new bridge, copy part of the configuration from the nic to
> > the bridge, and add the nic to the bridge. This is one of the most
> > delicate parts of the process, the one that if fails might leave you
> > with no network access, the one due to which we recommend to run this
> > inside 'screen'. You can't do this to "eth0" and keep "eth0:1"
> > untouched. You need either a vlan interface or a separate physical
> > nic. If you feel like this, please open a bug to make 'hosted-engine
> > --deploy' notice and prevent what you tried to do. Currently it does
> > not check IP aliases.

I was creating the /29 gw IP on eth0:1 because it seems the simplest thing to do. There is no requirement for it to hang off of eth0.

Given that I have to hang the entire /29 subnet on the host (and VMs), and I am presuming that the gw IP of the /29 must be on the host, do you have a suggestion of how to configure this? (And to be explicit about it, do I need the /29 gw IP on the host to ensure the vm networking operates?)

Without the vm engine logs it is difficult to determine why the engine vm fails when resolving its fqdn. At this point I'm presuming it's due to a networking/routing issue, but am open to suggestions.


> > Another point - the script that failed is 'engine-setup'. This one
> > runs inside the engine vm, and keeps its logs in
> > /var/log/ovirt-engine/setup. If it fails again, please check/post also
> > these, if at all possible (that is, if you can access the vm).
> > Thinking about this, it might be possible for 'hosted-engine --deploy'
> > to get this log, perhaps through the virtual serial connection it
> > opens to show you the output, and save it on the host side, for easier
> > debugging. Please open a bug for this too :-)
> 

When the engine vm setup fails I am unable to connect to it via "hosted-engine --console". Should console access to the engine vm exist at this point? If so, what is the best way to access the engine vm console?

The lack access to the engine vm logs is very painful for trying to diagnose what is going wrong. Ideas welcomed!

Thanks
Mark



> 
> 
> 
> > 
> > Thanks, and good luck!
> > 
> > >
> > > Oh, and does ip_forwarding need to be set in the kernel? (ie net.ipv4.ip_forward=1)
> > >
> > > Thanks
> > > Mark
> > >
> > >
> > >
> > > ----- Derek Atkins <derek at ihtfp.com> wrote:
> > >> Hi,
> > >>
> > >> You need to make sure resolv.conf is correct (both on the host AND on the
> > >> engine vm).
> > >>
> > >> So:   dig hostname
> > >> (without the @local-ip)
> > >>
> > >> As for the VM not coming up...  I'm not sure how to delay "engine-setup"
> > >> run.  I presume you're running an engine appliance -- I ran my own CentOS
> > >> install on the engine.  The logs imply it's suggesting you can access the
> > >> engine VM console, but maybe it's exiting quickly?
> > >>
> > >> -derek
> > >>
> > >> On Wed, December 7, 2016 3:52 pm, Mark Steckel wrote:
> > >> > I tested dnsmasq from the host by
> > >> >
> > >> >    dig hostname @local-ip
> > >> >
> > >> > Worked fine.
> > >> >
> > >> > The engine VM never comes up to the point where I can access it via the
> > >> > console...
> > >> >
> > >> >
> > >> > ----- Derek Atkins <derek at ihtfp.com> wrote:
> > >> >> Hi,
> > >> >>
> > >> >> Ensure dnsmasq is working and can be accessed by the engine VM?
> > >> >> Log in to the engine VM and test from there?
> > >> >> Maybe set up *real* DNS?
> > >> >>
> > >> >> -derek
> > >> >>
> > >> >> On Wed, December 7, 2016 3:41 pm, Mark Steckel wrote:
> > >> >> > Hi Derek,
> > >> >> >
> > >> >> > ----- Derek Atkins <derek at ihtfp.com> wrote:
> > >> >> >> Hi Mark,
> > >> >> >>
> > >> >> >> The error is correct, hosted-engine-1.pcstrac.com is not a valid
> > >> >> >> hostname:
> > >> >> >>
> > >> >> >> $ host hosted-engine-1.pcstrac.com
> > >> >> >> $
> > >> >> >>
> > >> >> >> I'm lost, tho -- was this an error that occurred on the host during
> > >> >> >> hosted-engine --deploy, or was it an error that occurred in the
> > >> >> hosted
> > >> >> >> enging VM when running engine-setup?
> > >> >> >
> > >> >> > I believe when it occurred when the running the engine-setup.
> > >> >> >
> > >> >> >
> > >> >> >> If the former, you need to ensure that you have a real DNS name for
> > >> >> your
> > >> >> >> ovirt engine.  It's unclear (to me) that using /etc/hosts is
> > >> >> sufficient.
> > >> >> >> However looking at the logs, it looks like it can locally resolve (to
> > >> >> >> xx.yy.18.122).
> > >> >> >
> > >> >> > Yep. I tested things to make sure it could resolve before I started
> > >> >> the
> > >> >> > 'hosted-engine --deploy'.
> > >> >> >
> > >> >> >> You might need to answer "Yes" to the /etc/hosts question..
> > >> >> >
> > >> >> > I did answer "Yes".
> > >> >> >
> > >> >> >
> > >> >> >> The log seems to get far enough along that it presents you the engine
> > >> >> vm
> > >> >> >> console URL?  It looks like the issue is that the engine vm cannot
> > >> >> >> resolve
> > >> >> >> its own name.
> > >> >> >
> > >> >> > That is my take as well.
> > >> >> >
> > >> >> > Scratching my head as I config'ed dnsmasq to provide local dns and to
> > >> >> read
> > >> >> > from /etc/hosts for hosted-engine-1.pcstrac.com.
> > >> >> >
> > >> >> > The only thing I think I flubbed was neglecting to add the host's IP
> > >> >> to
> > >> >> > the host's /etc/resolv.conf.
> > >> >> >
> > >> >> > Scrubbing and staring again.
> > >> >> >
> > >> >> > Mark
> > >> >> >
> > >> >> >
> > >> >> >>
> > >> >> >> -derek
> > >> >> >>
> > >> >> >> On Wed, December 7, 2016 3:13 pm, Mark Steckel wrote:
> > >> >> >> > Folks,
> > >> >> >> >
> > >> >> >> > Thanks to Didi in another thread I'm making progress. (Lesson
> > >> >> learned,
> > >> >> >> > choose 'disk' and not 'cdrom' when using the he-appliance.)
> > >> >> >> >
> > >> >> >> > So I reset to a fresh CentOS 7, installed various software packages
> > >> >> >> > including ovirt.
> > >> >> >> >
> > >> >> >> > I configed eth0 with a /32 public IP. I also added an alias for a
> > >> >> >> > x.x.x.1/29 on eth0:1.
> > >> >> >> >
> > >> >> >> > Finally I config'ed dnsmasq to provide both dhcp and dns (ensuring
> > >> >> >> that it
> > >> >> >> > will read from /etc/hosts before forwarding dns requests) and added
> > >> >> >> the
> > >> >> >> > IPs and hostsnames to /etc/hosts from the /29 IPs which are to be
> > >> >> used
> > >> >> >> by
> > >> >> >> > the VMs.
> > >> >> >> >
> > >> >> >> > Things proceeded nicely till resolving the he vm fqdn. (I tested to
> > >> >> >> make
> > >> >> >> > sure that the he vm fqdm would resolve **Before** I ran
> > >> >> 'hosted-engine
> > >> >> >> > --deploy'.)
> > >> >> >> >
> > >> >> >> >           |-           --== NETWORK CONFIGURATION ==--
> > >> >> >> >           |-
> > >> >> >> >           |- [ ERROR ] Host name is not valid:
> > >> >> >> hosted-engine-1.pcstrac.com
> > >> >> >> > did not resolve into an IP address
> > >> >> >> >           |- [ ERROR ] Failed to execute stage 'Environment
> > >> >> >> > customization': Host name is not valid:
> > >> >> >> > hosted-engine-1.pcstrac.com did not resolve into an IP address
> > >> >> >> >           |- [ INFO  ] Stage: Clean up
> > >> >> >> >           |-           Log file is located at
> > >> >> >> > /var/log/ovirt-engine/setup/ovirt-engine-setup-20161207193757-6i03xg.log
> > >> >> >> >           |- [ INFO  ] Generating answer file
> > >> >> >> > '/var/lib/ovirt-engine/setup/answers/20161207193758-setup.conf'
> > >> >> >> >           |- [ INFO  ] Stage: Pre-termination
> > >> >> >> >           |- [ INFO  ] Stage: Termination
> > >> >> >> >           |- [ ERROR ] Execution of setup failed
> > >> >> >> >           |- HE_APPLIANCE_ENGINE_SETUP_FAIL
> > >> >> >> >     [ ERROR ] Engine setup failed on the appliance
> > >> >> >> >     [ ERROR ] Failed to execute stage 'Closing up': Engine setup
> > >> >> >> failed on
> > >> >> >> > the appliance Please check its log on the appliance.
> > >> >> >> >
> > >> >> >> >
> > >> >> >> > The one thing I forgot is to update /etc/resolv.conf to include the
> > >> >> >> host
> > >> >> >> > though I don't know if this matters...
> > >> >> >> >
> > >> >> >> > Logs attached.
> > >> >> >> >
> > >> >> >> > I suspect I've very close to having this working but am admittedly
> > >> >> >> > stumped.
> > >> >> >> >
> > >> >> >> > Pointers appreciated.
> > >> >> >> >
> > >> >> >> > Thanks
> > >> >> >> > Mark
> > >> >> >> >
> > >> >> >> >
> > >> >> >> > _______________________________________________
> > >> >> >> > Users mailing list
> > >> >> >> > Users at ovirt.org
> > >> >> >> > http://lists.ovirt.org/mailman/listinfo/users
> > >> >> >> >
> > >> >> >>
> > >> >> >>
> > >> >> >> --
> > >> >> >>        Derek Atkins                 617-623-3745
> > >> >> >>        derek at ihtfp.com             www.ihtfp.com
> > >> >> >>        Computer and Internet Security Consultant
> > >> >> >>
> > >> >> >
> > >> >> >
> > >> >>
> > >> >>
> > >> >> --
> > >> >>        Derek Atkins                 617-623-3745
> > >> >>        derek at ihtfp.com             www.ihtfp.com
> > >> >>        Computer and Internet Security Consultant
> > >> >>
> > >> >
> > >> >
> > >>
> > >>
> > >> --
> > >>        Derek Atkins                 617-623-3745
> > >>        derek at ihtfp.com             www.ihtfp.com
> > >>        Computer and Internet Security Consultant
> > >>
> > >
> > > _______________________________________________
> > > Users mailing list
> > > Users at ovirt.org
> > > http://lists.ovirt.org/mailman/listinfo/users
> > 
> > 
> > 
> > -- 
> > Didi
>

More information about the Users mailing list