[ovirt-users] Newbie Questions

[Dirk Streubel]

Hello,

i'am a new user and i have a few questions, maybe somebody can Help.

It is possible to install the Server Management on a Raspberry PI 4 with
4GB.  I find in the official Re Hat Document "Red Hat Virtualization
Manager Hardware Requirements" that 4GB RAM is enough.
And the PI has a 128 GB Flash Card. Would it work? Have somebody tested it?

Another Question: Since yesterday i am trying to ad a host in my
environment on ovirt Version 4.3.6. My Server Management runs under
Fedora 31 under KVM/Virt-Manager without any problems.
Adding a new Host doesn't work. I have tried to ad another VM with 8
Cores and 32 GB RAM as a host. This is not working, maybe VMs in VMs
under ovirt is not possible, i don't know.
So i try  a physical Machine here as a Host. This and the other
Installations fails with the Information: no route to Host. I found a
bug and it says that the bug is closed.
In the bug stand that maybe something wrong with the openvswitch. So i
tried the following commands on the Server Management: ovn-nbctl show
and ovn-sbctl show and the output was nothing.
journalctl -xfe on the host that i want to migrate gave my the output:

Nov 17 10:30:38 hypervisor1.linux.fritz.box sshd[12632]: Accepted
keyboard-interactive/pam for root from 10.2.0.99 port 43260 ssh2
Nov 17 10:30:38 hypervisor1.linux.fritz.box systemd-logind[960]: New
session 5 of user root.
-- Subject: A new session 5 has been created for user root
-- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
-- Documentation: http://www.freedesktop.org/wiki/Software/systemd/multiseat
--
-- A new session with the ID 5 has been created for the user root.
--
-- The leading process of the session is 12632.
Nov 17 10:30:38 hypervisor1.linux.fritz.box sshd[12632]:
pam_unix(sshd:session): session opened for user root by (uid=0)
Nov 17 10:30:38 hypervisor1.linux.fritz.box systemd[1]: Started Session
5 of user root.
-- Subject: Unit session-5.scope has finished start-up
-- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
--
-- Unit session-5.scope has finished starting up.
--
-- The start-up result is done.
Nov 17 10:30:39 hypervisor1.linux.fritz.box sshd[12632]:
pam_unix(sshd:session): session closed for user root
Nov 17 10:30:39 hypervisor1.linux.fritz.box systemd-logind[960]: Removed
session 5.
-- Subject: Session 5 has been terminated
-- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
-- Documentation: http://www.freedesktop.org/wiki/Software/systemd/multiseat
--
-- A session with the ID 5 has been terminated.
Nov 17 10:30:39 hypervisor1.linux.fritz.box sshd[12654]: Accepted
keyboard-interactive/pam for root from 10.2.0.99 port 43264 ssh2
Nov 17 10:30:39 hypervisor1.linux.fritz.box systemd-logind[960]: New
session 6 of user root.
-- Subject: A new session 6 has been created for user root
-- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
-- Documentation: http://www.freedesktop.org/wiki/Software/systemd/multiseat
--
-- A new session with the ID 6 has been created for the user root.
--
-- The leading process of the session is 12654.
Nov 17 10:30:39 hypervisor1.linux.fritz.box systemd[1]: Started Session
6 of user root.
-- Subject: Unit session-6.scope has finished start-up
-- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
--
-- Unit session-6.scope has finished starting up.
--
-- The start-up result is done.
Nov 17 10:30:39 hypervisor1.linux.fritz.box sshd[12654]:
pam_unix(sshd:session): session opened for user root by (uid=0)
Nov 17 10:30:54 hypervisor1.linux.fritz.box sshd[12654]:
pam_unix(sshd:session): session closed for user root
Nov 17 10:30:54 hypervisor1.linux.fritz.box systemd-logind[960]: Removed
session 6.
-- Subject: Session 6 has been terminated
-- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
-- Documentation: http://www.freedesktop.org/wiki/Software/systemd/multiseat
--
-- A session with the ID 6 has been terminated.

Maybe i mix some things, i don't know :(

Regards

Dirk
___
Users mailing list -- users@ovirt.org
To unsubscribe send an email to users-le...@ovirt.org
Privacy Statement: https://www.ovirt.org/site/privacy-policy/
oVirt Code of Conduct: 
https://www.ovirt.org/community/about/community-guidelines/
List Archives: 
https://lists.ovirt.org/archives/list/users@ovirt.org/message/ODGZ77IMZ3J6CT6HMRKGYV4R47SXBMH2/

[ovirt-users] newbie questions about installation using synology NAS

[bmillett]

I'm starting fairly fresh.
Ovirt engine 4.3.3.7 on a host 
2 nodes installed with ovirt-release-host-node-4.3.3.1
synology DS418 with 5 TB disks

I've configured the master engine and am ready to add the nodes.
My questions have to do with the order or steps .
Do I need to mount /volume1/data/images/rhev from the DS418 on each of the 
nodes before I add them or
do I just add the nodes, then define a domain using the NFS mounts from the 
DS418?

Thanks.
___
Users mailing list -- users@ovirt.org
To unsubscribe send an email to users-le...@ovirt.org
Privacy Statement: https://www.ovirt.org/site/privacy-policy/
oVirt Code of Conduct: 
https://www.ovirt.org/community/about/community-guidelines/
List Archives: 
https://lists.ovirt.org/archives/list/users@ovirt.org/message/IXCF3CZGQDDOFDFBAOUVRKPOWO3FUB3L/

Re: [ovirt-users] newbie questions on networking

[Clint Boggio]

You should query the network to team for sure.

You should also use use the ping command (from the VM) to troubleshoot possible 
MTU problems getting to your infrastructure DNS servers and gateway.

# ping -M do -s 1472 xxx.xxx.xxx.xxx

Starting at 1472 and “walking” the -s up and down will help you determine your 
situation.

If at all possible, you could take the production switches and gateway out of 
the equation with your own isolated gear.

> On May 7, 2018, at 5:45 PM, Rue, Randy  wrote:
> 
> Looks like the physical interface on the host and the virtual interface on 
> the VM are both at the default 1500 MTU.
> 
> How can I determine the MTU setting for the physical switches without admin 
> access to them? Or do I need to ask the network team?
> 
> 
> 
>> On 5/7/2018 2:03 PM, Clint Boggio wrote:
>> Randy this flaky layer two problem reeks of a possible MTU situation between 
>> your oVirt switches and your physical switches.
>> 
>>> On May 7, 2018, at 3:59 PM, Dominik Holler  wrote:
>>> 
>>> On Mon, 7 May 2018 11:43:51 -0700
>>> "Rue, Randy"  wrote:
>>> 
 I've sort of had some progress. On Friday I went to the dentist and
 when I returned, my VM could ping google.
 
 I don't believe I changed anything Friday morning but I confess I've
 been flailing on this for so long I'm not keeping detailed notes on
 what I change. And as I'm evaluating oVirt as a possible replacement
 for our production xencenter/xenserver systems, I need to know what
 was wrong and what fixed it.
 
 I reinstalled the ovirt-engine box and two hosts and started again.
 The only change I've made beyond the default is to remove the
 no-mac-spoofing filter from the ovirtmgmt vNIC profile so there are
 no filters applied. At this point I'm back to an ubuntu LTS server VM
 that again, is getting a DHCP IP address, nameserver entries in
 resolv.conf, and "route" shows correct local routing for addresses on
 the same subnet and the correct gateway for the rest of the world.
 The VM is even registering its hostname in our DNS correctly. And I
 can ping the static IP of the host the VM is on, but not the subnet
 gateway or anything in the real world.
 
>>> Can you ping the DHCP server?
>>> 
 Two things I haven't mentioned that I haven't seen anything in the
 docs about. My ovirt-engine box is on a different subnet than my
 hosts, and my hosts are using a bonded pair of physical interfaces
 (XOR mode) for their single LAN connection.
>>> Was the bond created before adding the hosts to oVirt, or after adding
>>> the hosts via oVirt web UI?
>>> If the switch requires configuration for the bond, is this applied?
>>> Can you check if the VM can ping the getaway, if you use a simple
>>> Ethernet connection instead of the bond?
>>> 
 Did I miss something in the docs where these are a problem?
 
 Dominik, to answer your thoughts earlier:
 
 * name resolution isn't happening at all, the VM can't reach a DNS
 server
 
 * I don't manage the data center network gear but am pretty sure
 there's no configuration that blocks traffic. This is supported by my
 temporary success on Friday. And we also have other virtualization
 hosts (VMWare hosts) in the same subnet, that forward traffic to/from
 their VMs just fine.
 
>>> OK, L3 seems to work now sometimes.
>>> 
 * tcpdump on the host's ovirtmgmt interface is pretty noisy but if I
 grep for the ubuntu DDNS name I see a slew of ARP requests. I can see
 pings to the host's IP address, and attempts to SSH from the VM to
 its host. Any attempt to touch anything past the host shows nothing
 on any interface in tcpdump, not a ping to the subnet gateway, not an
 SSH attempt, not a DNS query or a ping to known IP address.
 
>>> The outgoing ARP requests looks like the traffic of the VM is forwarded
>>> to ovirtmgmt.
>>> Do you see ARP reply to the VM?
>>> Maybe the VM fails to get the MAC address of the gateway.
>>> 
 * hot damn, here's a clue! I can ping other oVirt hosts! (by IP only)
 I also tried pinging the ovirt-engine box, wasn't surprised when that
 failed as the VM would need to reach the gateway to get to the
 different subnet.
 
 So it appears that even though I've set up the ovirtmgmt network
 using defaults, and it has the "VM Network" option checked, my
 logical network is still set to only allow traffic between the VMs
 and hosts.
 
 What am I missing?
 
 -randy
>>> ___
>>> Users mailing list
>>> Users@ovirt.org
>>> http://lists.ovirt.org/mailman/listinfo/users
>>> 
> 
> 

___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] newbie questions on networking

[Rue, Randy]

I installed the ovirt node to standalone interfaces, then created the 
bond via the ovirt-node webui at port 9090, before adding the node to 
the cluster.


The DHCP server happens to be in the same subnet but no, I can't ping it 
as I can't ping anything beyond the physical interfaces of the hosts.


I've added a third host and can also ping that from the VM on node 1.

For a hoot also spun up a new CentOS VM in case this was an OS problem. 
Same results. And when the two VMs are on different hosts, they can't 
ping each other. When I migrate one so they're both on the same host, 
they can each ping each other.


On 5/7/2018 1:58 PM, Dominik Holler wrote:

On Mon, 7 May 2018 11:43:51 -0700
"Rue, Randy"  wrote:


I've sort of had some progress. On Friday I went to the dentist and
when I returned, my VM could ping google.

I don't believe I changed anything Friday morning but I confess I've
been flailing on this for so long I'm not keeping detailed notes on
what I change. And as I'm evaluating oVirt as a possible replacement
for our production xencenter/xenserver systems, I need to know what
was wrong and what fixed it.

I reinstalled the ovirt-engine box and two hosts and started again.
The only change I've made beyond the default is to remove the
no-mac-spoofing filter from the ovirtmgmt vNIC profile so there are
no filters applied. At this point I'm back to an ubuntu LTS server VM
that again, is getting a DHCP IP address, nameserver entries in
resolv.conf, and "route" shows correct local routing for addresses on
the same subnet and the correct gateway for the rest of the world.
The VM is even registering its hostname in our DNS correctly. And I
can ping the static IP of the host the VM is on, but not the subnet
gateway or anything in the real world.


Can you ping the DHCP server?


Two things I haven't mentioned that I haven't seen anything in the
docs about. My ovirt-engine box is on a different subnet than my
hosts, and my hosts are using a bonded pair of physical interfaces
(XOR mode) for their single LAN connection.

Was the bond created before adding the hosts to oVirt, or after adding
the hosts via oVirt web UI?
If the switch requires configuration for the bond, is this applied?
Can you check if the VM can ping the getaway, if you use a simple
Ethernet connection instead of the bond?


Did I miss something in the docs where these are a problem?

Dominik, to answer your thoughts earlier:

* name resolution isn't happening at all, the VM can't reach a DNS
server

* I don't manage the data center network gear but am pretty sure
there's no configuration that blocks traffic. This is supported by my
temporary success on Friday. And we also have other virtualization
hosts (VMWare hosts) in the same subnet, that forward traffic to/from
their VMs just fine.


OK, L3 seems to work now sometimes.


* tcpdump on the host's ovirtmgmt interface is pretty noisy but if I
grep for the ubuntu DDNS name I see a slew of ARP requests. I can see
pings to the host's IP address, and attempts to SSH from the VM to
its host. Any attempt to touch anything past the host shows nothing
on any interface in tcpdump, not a ping to the subnet gateway, not an
SSH attempt, not a DNS query or a ping to known IP address.


The outgoing ARP requests looks like the traffic of the VM is forwarded
to ovirtmgmt.
Do you see ARP reply to the VM?
Maybe the VM fails to get the MAC address of the gateway.


* hot damn, here's a clue! I can ping other oVirt hosts! (by IP only)
I also tried pinging the ovirt-engine box, wasn't surprised when that
failed as the VM would need to reach the gateway to get to the
different subnet.

So it appears that even though I've set up the ovirtmgmt network
using defaults, and it has the "VM Network" option checked, my
logical network is still set to only allow traffic between the VMs
and hosts.

What am I missing?

-randy


___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] newbie questions on networking

[Rue, Randy]

Looks like the physical interface on the host and the virtual interface 
on the VM are both at the default 1500 MTU.


How can I determine the MTU setting for the physical switches without 
admin access to them? Or do I need to ask the network team?




On 5/7/2018 2:03 PM, Clint Boggio wrote:

Randy this flaky layer two problem reeks of a possible MTU situation between 
your oVirt switches and your physical switches.


On May 7, 2018, at 3:59 PM, Dominik Holler  wrote:

On Mon, 7 May 2018 11:43:51 -0700
"Rue, Randy"  wrote:


I've sort of had some progress. On Friday I went to the dentist and
when I returned, my VM could ping google.

I don't believe I changed anything Friday morning but I confess I've
been flailing on this for so long I'm not keeping detailed notes on
what I change. And as I'm evaluating oVirt as a possible replacement
for our production xencenter/xenserver systems, I need to know what
was wrong and what fixed it.

I reinstalled the ovirt-engine box and two hosts and started again.
The only change I've made beyond the default is to remove the
no-mac-spoofing filter from the ovirtmgmt vNIC profile so there are
no filters applied. At this point I'm back to an ubuntu LTS server VM
that again, is getting a DHCP IP address, nameserver entries in
resolv.conf, and "route" shows correct local routing for addresses on
the same subnet and the correct gateway for the rest of the world.
The VM is even registering its hostname in our DNS correctly. And I
can ping the static IP of the host the VM is on, but not the subnet
gateway or anything in the real world.


Can you ping the DHCP server?


Two things I haven't mentioned that I haven't seen anything in the
docs about. My ovirt-engine box is on a different subnet than my
hosts, and my hosts are using a bonded pair of physical interfaces
(XOR mode) for their single LAN connection.

Was the bond created before adding the hosts to oVirt, or after adding
the hosts via oVirt web UI?
If the switch requires configuration for the bond, is this applied?
Can you check if the VM can ping the getaway, if you use a simple
Ethernet connection instead of the bond?


Did I miss something in the docs where these are a problem?

Dominik, to answer your thoughts earlier:

* name resolution isn't happening at all, the VM can't reach a DNS
server

* I don't manage the data center network gear but am pretty sure
there's no configuration that blocks traffic. This is supported by my
temporary success on Friday. And we also have other virtualization
hosts (VMWare hosts) in the same subnet, that forward traffic to/from
their VMs just fine.


OK, L3 seems to work now sometimes.


* tcpdump on the host's ovirtmgmt interface is pretty noisy but if I
grep for the ubuntu DDNS name I see a slew of ARP requests. I can see
pings to the host's IP address, and attempts to SSH from the VM to
its host. Any attempt to touch anything past the host shows nothing
on any interface in tcpdump, not a ping to the subnet gateway, not an
SSH attempt, not a DNS query or a ping to known IP address.


The outgoing ARP requests looks like the traffic of the VM is forwarded
to ovirtmgmt.
Do you see ARP reply to the VM?
Maybe the VM fails to get the MAC address of the gateway.


* hot damn, here's a clue! I can ping other oVirt hosts! (by IP only)
I also tried pinging the ovirt-engine box, wasn't surprised when that
failed as the VM would need to reach the gateway to get to the
different subnet.

So it appears that even though I've set up the ovirtmgmt network
using defaults, and it has the "VM Network" option checked, my
logical network is still set to only allow traffic between the VMs
and hosts.

What am I missing?

-randy

___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users



___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] newbie questions on networking

[Justin Zygmont]

>Was the bond created before adding the hosts to oVirt, or after adding the 
>hosts via oVirt web UI?
>If the switch requires configuration for the bond, is this applied?
>Can you check if the VM can ping the getaway, if you use a simple Ethernet 
>connection instead of the >bond?

Should any of this be done before adding the host to oVirt?
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] newbie questions on networking

[Clint Boggio]

Randy this flaky layer two problem reeks of a possible MTU situation between 
your oVirt switches and your physical switches.

> On May 7, 2018, at 3:59 PM, Dominik Holler  wrote:
> 
> On Mon, 7 May 2018 11:43:51 -0700
> "Rue, Randy"  wrote:
> 
>> I've sort of had some progress. On Friday I went to the dentist and
>> when I returned, my VM could ping google.
>> 
>> I don't believe I changed anything Friday morning but I confess I've 
>> been flailing on this for so long I'm not keeping detailed notes on
>> what I change. And as I'm evaluating oVirt as a possible replacement
>> for our production xencenter/xenserver systems, I need to know what
>> was wrong and what fixed it.
>> 
>> I reinstalled the ovirt-engine box and two hosts and started again.
>> The only change I've made beyond the default is to remove the 
>> no-mac-spoofing filter from the ovirtmgmt vNIC profile so there are
>> no filters applied. At this point I'm back to an ubuntu LTS server VM
>> that again, is getting a DHCP IP address, nameserver entries in
>> resolv.conf, and "route" shows correct local routing for addresses on
>> the same subnet and the correct gateway for the rest of the world.
>> The VM is even registering its hostname in our DNS correctly. And I
>> can ping the static IP of the host the VM is on, but not the subnet
>> gateway or anything in the real world.
>> 
> 
> Can you ping the DHCP server?
> 
>> Two things I haven't mentioned that I haven't seen anything in the
>> docs about. My ovirt-engine box is on a different subnet than my
>> hosts, and my hosts are using a bonded pair of physical interfaces
>> (XOR mode) for their single LAN connection.
> 
> Was the bond created before adding the hosts to oVirt, or after adding
> the hosts via oVirt web UI?
> If the switch requires configuration for the bond, is this applied?
> Can you check if the VM can ping the getaway, if you use a simple
> Ethernet connection instead of the bond?
> 
>> Did I miss something in the docs where these are a problem?
>> 
>> Dominik, to answer your thoughts earlier:
>> 
>> * name resolution isn't happening at all, the VM can't reach a DNS
>> server
>> 
>> * I don't manage the data center network gear but am pretty sure
>> there's no configuration that blocks traffic. This is supported by my
>> temporary success on Friday. And we also have other virtualization
>> hosts (VMWare hosts) in the same subnet, that forward traffic to/from
>> their VMs just fine.
>> 
> 
> OK, L3 seems to work now sometimes.
> 
>> * tcpdump on the host's ovirtmgmt interface is pretty noisy but if I 
>> grep for the ubuntu DDNS name I see a slew of ARP requests. I can see 
>> pings to the host's IP address, and attempts to SSH from the VM to
>> its host. Any attempt to touch anything past the host shows nothing
>> on any interface in tcpdump, not a ping to the subnet gateway, not an
>> SSH attempt, not a DNS query or a ping to known IP address.
>> 
> 
> The outgoing ARP requests looks like the traffic of the VM is forwarded
> to ovirtmgmt.
> Do you see ARP reply to the VM?
> Maybe the VM fails to get the MAC address of the gateway.
> 
>> * hot damn, here's a clue! I can ping other oVirt hosts! (by IP only)
>> I also tried pinging the ovirt-engine box, wasn't surprised when that 
>> failed as the VM would need to reach the gateway to get to the
>> different subnet.
>> 
>> So it appears that even though I've set up the ovirtmgmt network
>> using defaults, and it has the "VM Network" option checked, my
>> logical network is still set to only allow traffic between the VMs
>> and hosts.
>> 
>> What am I missing?
>> 
>> -randy
> 
> ___
> Users mailing list
> Users@ovirt.org
> http://lists.ovirt.org/mailman/listinfo/users
> 

___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] newbie questions on networking

[Dominik Holler]

On Mon, 7 May 2018 11:43:51 -0700
"Rue, Randy"  wrote:

> I've sort of had some progress. On Friday I went to the dentist and
> when I returned, my VM could ping google.
> 
> I don't believe I changed anything Friday morning but I confess I've 
> been flailing on this for so long I'm not keeping detailed notes on
> what I change. And as I'm evaluating oVirt as a possible replacement
> for our production xencenter/xenserver systems, I need to know what
> was wrong and what fixed it.
> 
> I reinstalled the ovirt-engine box and two hosts and started again.
> The only change I've made beyond the default is to remove the 
> no-mac-spoofing filter from the ovirtmgmt vNIC profile so there are
> no filters applied. At this point I'm back to an ubuntu LTS server VM
> that again, is getting a DHCP IP address, nameserver entries in
> resolv.conf, and "route" shows correct local routing for addresses on
> the same subnet and the correct gateway for the rest of the world.
> The VM is even registering its hostname in our DNS correctly. And I
> can ping the static IP of the host the VM is on, but not the subnet
> gateway or anything in the real world.
> 

Can you ping the DHCP server?

> Two things I haven't mentioned that I haven't seen anything in the
> docs about. My ovirt-engine box is on a different subnet than my
> hosts, and my hosts are using a bonded pair of physical interfaces
> (XOR mode) for their single LAN connection.

Was the bond created before adding the hosts to oVirt, or after adding
the hosts via oVirt web UI?
If the switch requires configuration for the bond, is this applied?
Can you check if the VM can ping the getaway, if you use a simple
Ethernet connection instead of the bond?

> Did I miss something in the docs where these are a problem?
> 
> Dominik, to answer your thoughts earlier:
> 
> * name resolution isn't happening at all, the VM can't reach a DNS
> server
> 
> * I don't manage the data center network gear but am pretty sure
> there's no configuration that blocks traffic. This is supported by my
> temporary success on Friday. And we also have other virtualization
> hosts (VMWare hosts) in the same subnet, that forward traffic to/from
> their VMs just fine.
> 

OK, L3 seems to work now sometimes.

> * tcpdump on the host's ovirtmgmt interface is pretty noisy but if I 
> grep for the ubuntu DDNS name I see a slew of ARP requests. I can see 
> pings to the host's IP address, and attempts to SSH from the VM to
> its host. Any attempt to touch anything past the host shows nothing
> on any interface in tcpdump, not a ping to the subnet gateway, not an
> SSH attempt, not a DNS query or a ping to known IP address.
> 

The outgoing ARP requests looks like the traffic of the VM is forwarded
to ovirtmgmt.
Do you see ARP reply to the VM?
Maybe the VM fails to get the MAC address of the gateway.

> * hot damn, here's a clue! I can ping other oVirt hosts! (by IP only)
> I also tried pinging the ovirt-engine box, wasn't surprised when that 
> failed as the VM would need to reach the gateway to get to the
> different subnet.
> 
> So it appears that even though I've set up the ovirtmgmt network
> using defaults, and it has the "VM Network" option checked, my
> logical network is still set to only allow traffic between the VMs
> and hosts.
> 
> What am I missing?
> 
> -randy

___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] newbie questions on networking

[Rue, Randy]

I've sort of had some progress. On Friday I went to the dentist and when 
I returned, my VM could ping google.


I don't believe I changed anything Friday morning but I confess I've 
been flailing on this for so long I'm not keeping detailed notes on what 
I change. And as I'm evaluating oVirt as a possible replacement for our 
production xencenter/xenserver systems, I need to know what was wrong 
and what fixed it.


I reinstalled the ovirt-engine box and two hosts and started again. The 
only change I've made beyond the default is to remove the 
no-mac-spoofing filter from the ovirtmgmt vNIC profile so there are no 
filters applied. At this point I'm back to an ubuntu LTS server VM that 
again, is getting a DHCP IP address, nameserver entries in resolv.conf, 
and "route" shows correct local routing for addresses on the same subnet 
and the correct gateway for the rest of the world. The VM is even 
registering its hostname in our DNS correctly. And I can ping the static 
IP of the host the VM is on, but not the subnet gateway or anything in 
the real world.


Two things I haven't mentioned that I haven't seen anything in the docs 
about. My ovirt-engine box is on a different subnet than my hosts, and 
my hosts are using a bonded pair of physical interfaces (XOR mode) for 
their single LAN connection. Did I miss something in the docs where 
these are a problem?


Dominik, to answer your thoughts earlier:

* name resolution isn't happening at all, the VM can't reach a DNS server

* I don't manage the data center network gear but am pretty sure there's 
no configuration that blocks traffic. This is supported by my temporary 
success on Friday. And we also have other virtualization hosts (VMWare 
hosts) in the same subnet, that forward traffic to/from their VMs just fine.


* tcpdump on the host's ovirtmgmt interface is pretty noisy but if I 
grep for the ubuntu DDNS name I see a slew of ARP requests. I can see 
pings to the host's IP address, and attempts to SSH from the VM to its 
host. Any attempt to touch anything past the host shows nothing on any 
interface in tcpdump, not a ping to the subnet gateway, not an SSH 
attempt, not a DNS query or a ping to known IP address.


* hot damn, here's a clue! I can ping other oVirt hosts! (by IP only) I 
also tried pinging the ovirt-engine box, wasn't surprised when that 
failed as the VM would need to reach the gateway to get to the different 
subnet.


So it appears that even though I've set up the ovirtmgmt network using 
defaults, and it has the "VM Network" option checked, my logical network 
is still set to only allow traffic between the VMs and hosts.


What am I missing?

-randy
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] newbie questions on networking

[Dominik Holler]

On Thu, 3 May 2018 09:30:17 -0700
"Rue, Randy"  wrote:

> Hi Again,
> 
> I'm not sure if my first post yesterday went through, I can see it in 
> the list archives but I didn't receive a copy and I've confirmed my
> list settings include me getting a copy of my own posts. In any case,
> nobody has replied and unless I'm the only guy that needs my VMs to
> talk to the rest of the world I assume someone else knows how to fix
> this.
> 
> I've read and re-read the Quick Start Guide, Installation Guide and 
> Administration Guide even though they appear to describe an earlier 
> version. If I've overlooked the answer and this is an RTFM issue,
> feel free to tell me so but I'd be grateful if you'd also tell me
> exactly which part of the FM to read.
> 
> Again, my VM is getting an IP address and nameserver settings from
> the DHCP service running on the server room subnet the oVirt host
> sits in. 

This looks like the oVirt setup is fine.

> From the Vm, I can ping the static IP of the host the vm is
> on, but not anything else on the server room subnet including the
> other hosts or the subnet's gateway. The "route" command sits for
> about 10 seconds before completing but eventually shows two rows, one

Maybe the route command tries to resolve hostnames using an unreachable
DNS server?

> for default with the correct local gateway and one for the local
> subnet. All appears to be well on the VM, the problem appears to be
> the host is not passing traffic.
> 

Maybe the host passes the traffic, but the network equipment outside
the host prevents IP spoofing of the host?
Can you check if the VM traffic is pushed out of the host's interface,
e.g. by tcpdump on the hosts outgoing interface?

To check if the problem is the network between the hosts, you can check
connectivity between two VMs on two different host connected via
an external network of the ovirt-provider-ovn. This way the VM
traffic will be tunneled in the physical network.

> The dialogue for the interface on the host shows some logos on the 
> ovirtmgmt network that's assigned to it, including a green "VM" tile.
> Is this the "outside" role for commodity connections to a VM?
> 
> I've also spent some time rooting around different parts of the admin 
> interface and found some settings under the ovirtmgmt network's vNIC 
> Profiles for the "Network Filter." Tried changing that to "allow
> IPv4" and then to "No Network Filter" with no change.
> 
> I hope to hear from you soon.
> 
> randy in Seattle
> 
> ___
> Users mailing list
> Users@ovirt.org
> http://lists.ovirt.org/mailman/listinfo/users

___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] newbie questions on networking

[Justin Zygmont]

I have been seeing your messages, and watching since it could be useful, and I 
had unanswered questions about networking.


-Original Message-
From: users-boun...@ovirt.org [mailto:users-boun...@ovirt.org] On Behalf Of 
Rue, Randy
Sent: Thursday, May 3, 2018 3:01 PM
To: users@ovirt.org
Subject: Re: [ovirt-users] newbie questions on networking

And Hi Again Again,

I still haven't received any copies of the first two emails I sent to this 
list. Is this list moderated, or do new members require some approval before 
their posts will be forwarded (but will still make it to the archives)? If so, 
should I have gotten some reply explaining this when I subscribed?

I can ping the VM from the host. Can also SSH from the host to the VM. 
Oddly, I can SSH from the VM to the host but it's flaky.

After some time in the docs it appears the network I want is the "VM Network," 
and that the ovirtmgmt network is this by default. This option is checked for 
my ovirtmgmt network. So why can't my VM see the real world?

Hoping to hear from you.
___
Users mailing list
Users@ovirt.org
https://urldefense.proofpoint.com/v2/url?u=http-3A__lists.ovirt.org_mailman_listinfo_users=DwICAg=Vxt5e0Osvvt2gflwSlsJ5DmPGcPvTRKLJyp031rXjhg=FiPhL0Cl1ymZlnTyAIIL75tE4L0reHcDdD-7wUtUGHA=oe_SMTfc2NzVHWN_Lf570I8jGLEI64sm-MkVtoZ2izI=uIGujvouyyxPXU6efuYZwD-IYBTI-SzRH1WusselEjw=
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] newbie questions on networking

[Rue, Randy]

And Hi Again Again,

I still haven't received any copies of the first two emails I sent to 
this list. Is this list moderated, or do new members require some 
approval before their posts will be forwarded (but will still make it to 
the archives)? If so, should I have gotten some reply explaining this 
when I subscribed?


I can ping the VM from the host. Can also SSH from the host to the VM. 
Oddly, I can SSH from the VM to the host but it's flaky.


After some time in the docs it appears the network I want is the "VM 
Network," and that the ovirtmgmt network is this by default. This option 
is checked for my ovirtmgmt network. So why can't my VM see the real world?


Hoping to hear from you.
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] newbie questions on networking

[Rue, Randy]

Hi Again,

I'm not sure if my first post yesterday went through, I can see it in 
the list archives but I didn't receive a copy and I've confirmed my list 
settings include me getting a copy of my own posts. In any case, nobody 
has replied and unless I'm the only guy that needs my VMs to talk to the 
rest of the world I assume someone else knows how to fix this.


I've read and re-read the Quick Start Guide, Installation Guide and 
Administration Guide even though they appear to describe an earlier 
version. If I've overlooked the answer and this is an RTFM issue, feel 
free to tell me so but I'd be grateful if you'd also tell me exactly 
which part of the FM to read.


Again, my VM is getting an IP address and nameserver settings from the 
DHCP service running on the server room subnet the oVirt host sits in. 
From the Vm, I can ping the static IP of the host the vm is on, but not 
anything else on the server room subnet including the other hosts or the 
subnet's gateway. The "route" command sits for about 10 seconds before 
completing but eventually shows two rows, one for default with the 
correct local gateway and one for the local subnet. All appears to be 
well on the VM, the problem appears to be the host is not passing traffic.


The dialogue for the interface on the host shows some logos on the 
ovirtmgmt network that's assigned to it, including a green "VM" tile. Is 
this the "outside" role for commodity connections to a VM?


I've also spent some time rooting around different parts of the admin 
interface and found some settings under the ovirtmgmt network's vNIC 
Profiles for the "Network Filter." Tried changing that to "allow IPv4" 
and then to "No Network Filter" with no change.


I hope to hear from you soon.

randy in Seattle

___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

[ovirt-users] newbie questions on networking

[Rue, Randy]

Hi All,

I'm new to oVirt and have set up a basic cluster of an engine and five 
hosts, using the quick start and default settings as much as possible. I 
confess it's taken some heavy flailing to get this far, the docs all 
seem to be for the previous versions and the latest greatest appears to 
be significantly different. I now have a working data center / cluster 
/hosts and a bouncing baby ubuntu server LTS VM.


My VM is getting a DHCP address and nameservers from the data center the 
hosts sit in. But from the VM I can only ping the IP of the host the VM 
is on. Can't reach the gateway of the local subnet, or anything in the 
real world.


Am I missing some step? the "Quick Start" doesn't say much beyond "The 
ovirtmgmt Management network is used for this document, however if you 
wish to create new logical networks see the oVirt Administration Guide." 
The admin guide has information on creating new networks but I'm not 
spotting the parts I need to connect my VM to the real world. Or how to 
attach another network to the host if all NICs are in use.


Short Version:

* Is some change needed to allow VMs on the ovirtmgmt network to connect 
to the real world? If so, what?


* Is the ovirtmgmt network not meant for "commodity" use, and instead I 
should have some other network? If so, how do I connect that to the real 
LAN/WAN, and how do I replace the ovirtmgmt with it? (my hosts each only 
have two NICs bonded in a pair).



Hope to hear from you,

Randy in Seattle

___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users