Re: [ovirt-users] Minor issue upgrading to 4.2
Hi, I'm not completely sure, but i think i have firewalld before. Anyway, I changed type to firewalld in cluster and reinstalled all my hosts from engine, as i don't have Host Console either. Best regards, Misak Khachatryan On Mon, Dec 25, 2017 at 6:16 PM, Chris Adamswrote: > Once upon a time, Misak Khachatryan said: >> It seems me too in the same situation, my cluster shows firewall type >> as iptables, and my firewalld status is on hosts: > > Do you know if you had firewalld installed before upgrading? You should > be able to tell by checking your /var/log/yum.log. > > I suspect that the issue is that oVirt pulls in firewalld, and the > firewalld RPM sets itself to run by default, plus it happens to be > started after iptables (and so blows away iptables rules). > > See if this fixes it for you: > > # systemctl stop firewalld.service > # systemctl disable firewalld.service > # systemctl restart iptables.service > > -- > Chris Adams > ___ > Users mailing list > Users@ovirt.org > http://lists.ovirt.org/mailman/listinfo/users ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
Re: [ovirt-users] Minor issue upgrading to 4.2
Once upon a time, Misak Khachatryansaid: > It seems me too in the same situation, my cluster shows firewall type > as iptables, and my firewalld status is on hosts: Do you know if you had firewalld installed before upgrading? You should be able to tell by checking your /var/log/yum.log. I suspect that the issue is that oVirt pulls in firewalld, and the firewalld RPM sets itself to run by default, plus it happens to be started after iptables (and so blows away iptables rules). See if this fixes it for you: # systemctl stop firewalld.service # systemctl disable firewalld.service # systemctl restart iptables.service -- Chris Adams ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
Re: [ovirt-users] Minor issue upgrading to 4.2
Hi, It seems me too in the same situation, my cluster shows firewall type as iptables, and my firewalld status is on hosts: systemctl status firewalld ● firewalld.service - firewalld - dynamic firewall daemon Loaded: loaded (/usr/lib/systemd/system/firewalld.service; disabled; vendor preset: enabled) Active: inactive (dead) Docs: man:firewalld(1) The problem i hit that one of my VM gets paused second time due storage error. 3 host hyperconverged cluster with glusterfs, oVirt 4.2 Best regards, Misak Khachatryan On Sun, Dec 24, 2017 at 3:26 PM, Yaniv Kaulwrote: > Sounds like https://bugzilla.redhat.com/show_bug.cgi?id=1511013 - can you > confirm? > Y. > > > On Sat, Dec 23, 2017 at 1:56 AM, Chris Adams wrote: >> >> I upgraded a CentOS 7 oVirt 4.1.7 (initially installed as 3.5 if it >> matters) test oVirt cluster to 4.2.0, and ran into one minor issue. The >> update installed firewalld on the host, which was set to start on boot. >> This replaced the iptables rules with a blank firewalld setup that only >> allowed SSH, which kept the host from working. >> >> Stopping and disabling firewalld, then reloading iptables, got the host >> back working. >> >> In a quick search, I didn't see anything noting that firewalld was now >> required, and it didn't seem to be configured correctly if oVirt was >> trying to use it. >> >> -- >> Chris Adams >> ___ >> Users mailing list >> Users@ovirt.org >> http://lists.ovirt.org/mailman/listinfo/users > > > > ___ > Users mailing list > Users@ovirt.org > http://lists.ovirt.org/mailman/listinfo/users > ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
Re: [ovirt-users] Minor issue upgrading to 4.2
My cluster shows iptables as the firewall type in the web UI, and firewall_type is 0 in the database. Once upon a time, Yaniv Kaulsaid: > Sounds like https://bugzilla.redhat.com/show_bug.cgi?id=1511013 - can you > confirm? > Y. > > On Sat, Dec 23, 2017 at 1:56 AM, Chris Adams wrote: > > > I upgraded a CentOS 7 oVirt 4.1.7 (initially installed as 3.5 if it > > matters) test oVirt cluster to 4.2.0, and ran into one minor issue. The > > update installed firewalld on the host, which was set to start on boot. > > This replaced the iptables rules with a blank firewalld setup that only > > allowed SSH, which kept the host from working. > > > > Stopping and disabling firewalld, then reloading iptables, got the host > > back working. > > > > In a quick search, I didn't see anything noting that firewalld was now > > required, and it didn't seem to be configured correctly if oVirt was > > trying to use it. > > > > -- > > Chris Adams > > ___ > > Users mailing list > > Users@ovirt.org > > http://lists.ovirt.org/mailman/listinfo/users > > > ___ > Users mailing list > Users@ovirt.org > http://lists.ovirt.org/mailman/listinfo/users -- Chris Adams ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
Re: [ovirt-users] Minor issue upgrading to 4.2
Sounds like https://bugzilla.redhat.com/show_bug.cgi?id=1511013 - can you confirm? Y. On Sat, Dec 23, 2017 at 1:56 AM, Chris Adamswrote: > I upgraded a CentOS 7 oVirt 4.1.7 (initially installed as 3.5 if it > matters) test oVirt cluster to 4.2.0, and ran into one minor issue. The > update installed firewalld on the host, which was set to start on boot. > This replaced the iptables rules with a blank firewalld setup that only > allowed SSH, which kept the host from working. > > Stopping and disabling firewalld, then reloading iptables, got the host > back working. > > In a quick search, I didn't see anything noting that firewalld was now > required, and it didn't seem to be configured correctly if oVirt was > trying to use it. > > -- > Chris Adams > ___ > Users mailing list > Users@ovirt.org > http://lists.ovirt.org/mailman/listinfo/users > ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
[ovirt-users] Minor issue upgrading to 4.2
I upgraded a CentOS 7 oVirt 4.1.7 (initially installed as 3.5 if it matters) test oVirt cluster to 4.2.0, and ran into one minor issue. The update installed firewalld on the host, which was set to start on boot. This replaced the iptables rules with a blank firewalld setup that only allowed SSH, which kept the host from working. Stopping and disabling firewalld, then reloading iptables, got the host back working. In a quick search, I didn't see anything noting that firewalld was now required, and it didn't seem to be configured correctly if oVirt was trying to use it. -- Chris Adams___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users