[ovirt-users] [QE] Hardening Guide

2014-06-19 Thread Sandro Bonazzola
Hi,
while I was working on Bug 1097022 - ovirt-engine-setup: weak default passwords 
for PostgreSQL database users
I was wondering where to write hardening tips described in comment #18.
It looks like we don't have any page on oVirt wiki about hardening.
Anyone interested in contributing to such page?
I guess it can be created as http://www.ovirt.org/OVirt_Hardening_Guide
Thoughts?


-- 
Sandro Bonazzola
Better technology. Faster innovation. Powered by community collaboration.
See how it works at redhat.com
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users


Re: [ovirt-users] Upgrade to 3.4.2 failed

2014-06-19 Thread Yedidyah Bar David
Hi,

- Original Message -
 From: Demeter Tibor tdeme...@itsmart.hu
 To: Yedidyah Bar David d...@redhat.com
 Cc: users@ovirt.org
 Sent: Wednesday, June 18, 2014 7:37:24 PM
 Subject: Re: [ovirt-users] Upgrade to 3.4.2 failed
 
 Hi,
 
 Yes, I have a FreeIPA server, but it was a running virtual server on ovirt :)
 Yes, I know, it was a stupid idea,

Not necessarily, if you can also use admin@internal for maintenance.

 but it's only a test system for testing
 ovirt capabilites.
 So, this vm (the freeipa) at this moment doesn't running and I cannot run
 without ovirt.

Is ovirt down? Didn't the upgrade rollback cleanly? If not, please provide
logs, it should have. If it did, you can simply 'service ovirt-engine start'.

 
 - Can I re-run this vm without ovirt?

I guess you can, but it won't be easy.

 - If no, then how can I remove the ipaserver from ovirt configuration ?

Same :-)

But I do not think that the upgrade failure was caused due to ipa being
down. There is something else. Did you try running the below query? Did
it return anything? You run it inside psql, with:
# su - postgres
$ psql engine
engine=# select count(*), external_id from users group by external_id having 
count(*)1;
(All in one line, in case it's cut during mail processing)

 
 Thank in advance.
 
 
 Tibor
 
 - Eredeti üzenet -
  - Original Message -
   From: Demeter Tibor tdeme...@itsmart.hu
   To: users@ovirt.org
   Sent: Tuesday, June 17, 2014 3:11:54 PM
   Subject: [ovirt-users] Upgrade to 3.4.2 failed
   
   Hi,
   
   I just did an upgrade to my 3.4.0 box.
   I did a yum update and an engine-setup
   After the package downloading process got this:
   
   
   [ INFO ] Yum Verify: 14/14: ovirt-engine.noarch 0:3.4.0-1.el6 - ud
   [ INFO ] Stage: Misc configuration
   [ INFO ] Backing up database localhost:engine_20140130075536 to
   '/var/lib/ovirt-engine/backups/engine-20140617140129.QZGO9x.dump'.
   [ INFO ] Updating Engine database schema
   [ ERROR ] Failed to execute stage 'Misc configuration': Command
   '/usr/share/ovirt-engine/dbscripts/upgrade.sh' failed to execute
   [ INFO ] Yum Performing yum transaction rollback
   [ INFO ] Yum Status: Downloading Packages
   [ INFO ] Yum Download/Verify: ovirt-engine-3.4.0-1.el6.noarch
   
   A cut from the log file:
   
   running upgrade sql script
   upgrade/03_04_0720_add_host_interface_high_network_use_event.sql ...
   Running upgrade sql script upgrade/03_04_0730_change_group_ids.sql ...
   Running upgrade sql script upgrade/03_04_0740_update_user_ids.sql ...
   
   2014-06-17 14:01:41 DEBUG
   otopi.plugins.ovirt_engine_setup.ovirt_engine.db.schema
   plugin.execute:866
   execute-output: ['/usr/share/ovirt-engine/dbscripts/upgrade.sh', '-s',
   'localhost',
   '-p', '5432', '-u', 'engine_20140130075536', '-d',
   'engine_20140130075536',
   '-l',
   '/var/log/ovirt-engine/setup/ovirt-engine-setup-20140617135909-a7zbn6.log',
   '-g'] stderr:
   psql:upgrade/03_04_0740_update_user_ids.sql:41: ERROR:  duplicate key
   value
   violates unique constraint pk_users
   CONTEXT:  SQL statement UPDATE users SET user_id = temp_id
   PL/pgSQL function __temp_update_user_ids_03_04_0740 line 30 at SQL
   statement
   
   2014-06-17 14:01:41 DEBUG otopi.context context._executeMethod:152 method
   exception
   Traceback (most recent call last):
 File /usr/lib/python2.6/site-packages/otopi/context.py, line 142, in
 _executeMethod
   method['method']()
 File
 
   /usr/share/ovirt-engine/setup/bin/../plugins/ovirt-engine-setup/ovirt-engine/db/schema.py,
 line 345, in _miscUpgrade
   osetupcons.DBEnv.PGPASS_FILE
 File /usr/lib/python2.6/site-packages/otopi/plugin.py, line 871, in
 execute
   command=args[0],
   RuntimeError: Command '/usr/share/ovirt-engine/dbscripts/upgrade.sh'
   failed
   to execute
   2014-06-17 14:01:41 ERROR otopi.context context._executeMethod:161 Failed
   to
   execute stage 'Misc configuration': Command
   '/usr/share/ovirt-engine/dbscripts/upgrade.sh' failed to execute
   2014-06-17 14:01:41 DEBUG otopi.transaction transaction.abort:131
   aborting
   'Yum Transaction'
   2014-06-17 14:01:41 INFO otopi.plugins.otopi.packagers.yumpackager
   yumpackager.info:92 Yum Performing yum transaction rollback
   2014-06-17 14:01:41 DEBUG otopi.plugins.otopi.packagers.yumpackager
   yumpackager.verbose:88 Yum Building transaction
   2014-06-17 14:01:42 DEBUG otopi.plugins.otopi.packagers.yumpackager
   yumpackager.verbose:88 Yum Transaction built
   2014-06-17 14:01:42 DEBUG otopi.plugins.otopi.packagers.yumpackager
   yumpackager.verbose:88 Yum Transaction Summary:
   2014-06-17 14:01:42 DEBUG otopi.plugins.otopi.packagers.yumpackager
   yumpackager.verbose:88 Yum install-
   ovirt-engine-3.4.0-1.el6.noarch
   
   
   Anybody help me?
   
  
  Is it possible that you use an external directory and have two users
  pointing at the same directory user?
  
  Does the following query return anything?
  
  select 

[ovirt-users] Ip spoofing

2014-06-19 Thread Punit Dambiwal
Hi,

I have setup Ovirt with glusterfs...I have some concern about the network
part

1. Is there any way to restrict the Guest VM...so that it can be assign
with single ip address...and in anyhow the user can not manipulate the IP
address from inside the VM (that means user can not change the ip address
inside the VM).

Thanks,
Punit
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users


Re: [ovirt-users] italian language pack ?

2014-06-19 Thread Gianluca Cecchi
On Thu, Jun 12, 2014 at 4:12 PM, Einav Cohen eco...@redhat.com wrote:


  Hello,
  I plan to work on this during the next days.
  Possibly the end of the next week could be a good ETA (if there will be
 an
  overlap between the different paths and the total amount is not the sum
 of
  all of them...)
  Could this be ok for you? Could we have a follow up on next Wednesday?

 sounds good, Gianluca - we will follow up on next Wednesday. thanks.


Update: now I'm at 12% and going ahead. Let's see at the end of today...
In the mean time I see you opened BUG ID 1110577, thanks.
Hope to have it inside 3.5 tree.. btw: what is the eta for 3.5 final and
for 3.5 beta?

Gianluca
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users


Re: [ovirt-users] Ip spoofing

2014-06-19 Thread Dan Kenigsberg
On Thu, Jun 19, 2014 at 04:23:18PM +0800, Punit Dambiwal wrote:
 Hi,
 
 I have setup Ovirt with glusterfs...I have some concern about the network
 part
 
 1. Is there any way to restrict the Guest VM...so that it can be assign
 with single ip address...and in anyhow the user can not manipulate the IP
 address from inside the VM (that means user can not change the ip address
 inside the VM).

I am afraid that oVirt does not let you do that out-of-the-box. By
default, the vdsm-no-mac-spoofing filter is applied to vNICs, which
indeed allows IP spoofing.

This behavior can be changed by writing a vdsm hook that changes the
default filterref to

  filterref filter='clean-traffic'
  parameter name='CTRL_IP_LEARNING' value='dhcp'/
  /filterref

If your VM is assigned with its address not via dhcp, life is more
complicated, since the hook needs to have access to this address before
boot.

I would love to assist you in writing such a hook; please take the
vmfex_dev hook as a reference. To read more about vdsm hooks, please see
http://www.ovirt.org/Vdsm_Hooks .

Regards,
Dan.
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users


[ovirt-users] Call for Papers Deadline on Sunday: Open World Forum

2014-06-19 Thread Brian Proffitt
Conference: Open World Forum 2014
Information: This year's program will show you how to take back control of your 
digital world, including IT/IS and (personal) data, whether you are a 
professional or not. Stop losing control and discover how Free and Open Source 
software may help you be more and more independent, whether technologically, 
legally or financially.
Date: October 30-November 1, 2014
Location: Paris, France
Website: http://openworldforum.org/
Call for Papers Deadline: June 22, 2014
Call for Papers URL: http://openworldforum.org/en/cfp/

-- 
Brian Proffitt

oVirt Community Manager
Project Atomic Community Lead
Open Source and Standards, Red Hat - http://community.redhat.com
Phone: +1 574 383 9BKP
IRC: bkp @ OFTC
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users


Re: [ovirt-users] host upgrade from ovirt manager and custom iptables rules

2014-06-19 Thread Jiří Sléžka

- Original Message -

From: Jiří Sléžka jiri.sle...@slu.cz
To: users@ovirt.org
Sent: Wednesday, June 18, 2014 8:12:09 PM
Subject: [ovirt-users] host upgrade from ovirt manager and custom iptables  
rules

Hello all,

is there any way to make custom iptables rules persistent during host
upgrade? I have for example zabbix agents installed on all hosts and
thus iptables rule allowing connections from our zabbix server. Sadly I
have to manually restore iptables backup after host upgrade (initiated
from oVirt manager).



This should be achievable by defining the iptables rules you wish to use
when [re]installing using the engine-config tool:


thanks a lot for reply


1. Check the existing iptables rules:
sudo engine-config -g IPTablesConfig


this displays whole iptables template. Interesting thing is that there 
is a variable @CUSTOM_RULES@. Maybe custom rules could be defined this way?




2. Define the desired iptables:
sudo engine-config -s IPTablesConfig=Your rules


I entered...

engine-config -s IPTablesConfig=-A INPUT -p tcp -m state --state NEW -m 
tcp -s xx.xx.xx.xx --dport 10050 -j ACCEPT


...and it looks like this overwrite entire IPTablesConfig template...


3. Verify the changes
sudo engine-config -g IPTablesConfig


...because this displays only just my one line above.

I have copy of default template but I have no idea how to set this 
variable with multi line text. I tried inserting \n but it is not 
converted to newlines. Any ideas?


Btw. these variables are stored in database?


Thanks in advance,

Jiri





4. Restart the engine for changes to take effect

5. Reinstall the host and verify the iptables rule.


And another question I have always wanted to ask... It looks like host
upgrade is upgrading just vdsm components and no others virtualization stuff

this was updatet after clicking to host upgrade

Jun 18 18:21:38 Updated: iproute-2.6.32-32.el6_5.x86_64
Jun 18 18:21:59 Installed: vdsm-python-zombiereaper-4.14.7-3.el6ev.noarch
Jun 18 18:21:59 Updated: vdsm-python-4.14.7-3.el6ev.x86_64
Jun 18 18:21:59 Updated: vdsm-xmlrpc-4.14.7-3.el6ev.noarch
Jun 18 18:21:59 Updated: vdsm-cli-4.14.7-3.el6ev.noarch
Jun 18 18:22:26 Updated: vdsm-4.14.7-3.el6ev.x86_64
Jun 18 18:22:27 Updated:
2:qemu-kvm-rhev-tools-0.12.1.2-2.415.el6_5.10.x86_64

and after that I run yum update and updated this components (honestly
this one was rhev host but ovirt behave the same)

Jun 18 18:26:59 Updated: selinux-policy-3.7.19-231.el6_5.3.noarch
Jun 18 18:27:03 Updated: tzdata-2014d-1.el6.noarch
Jun 18 18:27:10 Updated: glibc-2.12-1.132.el6_5.2.x86_64
Jun 18 18:27:22 Updated: glibc-common-2.12-1.132.el6_5.2.x86_64
Jun 18 18:27:22 Updated: audit-libs-2.2-4.el6_5.x86_64
Jun 18 18:27:22 Updated: libxml2-2.7.6-14.el6_5.1.x86_64
Jun 18 18:27:22 Updated: libcurl-7.19.7-37.el6_5.3.x86_64
Jun 18 18:27:23 Updated: 2:qemu-img-rhev-0.12.1.2-2.415.el6_5.10.x86_64
Jun 18 18:27:23 Updated: libtasn1-2.3-6.el6_5.x86_64
Jun 18 18:27:23 Updated: gnutls-2.8.5-14.el6_5.x86_64
Jun 18 18:27:25 Updated: openssl-1.0.1e-16.el6_5.14.x86_64
Jun 18 18:27:25 Updated: spice-server-0.12.4-6.el6_5.2.x86_64
Jun 18 18:27:25 Updated: gnutls-utils-2.8.5-14.el6_5.x86_64
Jun 18 18:27:25 Updated: pm-utils-1.2.5-10.el6_5.1.x86_64
Jun 18 18:27:28 Updated: libvirt-client-0.10.2-29.el6_5.9.x86_64
Jun 18 18:27:30 Updated: libvirt-0.10.2-29.el6_5.9.x86_64
Jun 18 18:27:30 Updated: libvirt-python-0.10.2-29.el6_5.9.x86_64
Jun 18 18:27:30 Updated: mom-0.4.0-1.el6ev.noarch
Jun 18 18:27:30 Updated: libvirt-lock-sanlock-0.10.2-29.el6_5.9.x86_64
Jun 18 18:27:32 Updated: 2:qemu-kvm-rhev-0.12.1.2-2.415.el6_5.10.x86_64
Jun 18 18:27:32 Updated: python-rhsm-1.9.7-1.el6_5.x86_64
Jun 18 18:27:32 Updated: curl-7.19.7-37.el6_5.3.x86_64
Jun 18 18:27:33 Updated: libxml2-python-2.7.6-14.el6_5.1.x86_64
Jun 18 18:27:33 Updated: audit-libs-python-2.2-4.el6_5.x86_64
Jun 18 18:27:33 Updated: audit-2.2-4.el6_5.x86_64
Jun 18 18:27:33 Updated: mdadm-3.2.6-7.el6_5.2.x86_64
Jun 18 18:27:33 Updated: python-cpopen-1.3-2.el6_5.x86_64
Jun 18 18:28:30 Updated: selinux-policy-targeted-3.7.19-231.el6_5.3.noarch
Jun 18 18:28:30 Updated: python-pthreading-0.1.3-1.el6ev.noarch


I believe qemu-img-rhev, spice-server, libvirt, mom,... are important
components too. Should not be upgraded as well?


Thanks for clarification,

Jiri






___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users



attachment: jiri_slezka.vcf

smime.p7s
Description: Elektronicky podpis S/MIME
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users


Re: [ovirt-users] italian language pack ?

2014-06-19 Thread Einav Cohen
Hi Gianluca,

Thank you for working hard on completing the translation - it is highly 
appreciated!

according to [1], ovirt-3.5.0 beta is planned for 2014-06-26 (which is 
~1 week from now), however I am not sure if this is a build date or a 
release date (I assume it is a build date, as it is the same time in 
which we plan to branch 'ovirt-engine-3.5' out of 'master' - maybe 
@Sandro/Eyal can confirm that). 

RC Build is currently planned for 2014-07-16. 

GA is currently planned for 2014-08-04. 

I am planning to pull translations from Zanata towards the end of this 
month (hopefully in time for the beta, but not necessarily - maybe it 
will land only in the RC build eventually), and then do another pull 
at the end of July [probably not in time for the RC build, so may land 
eventually only in ovirt-3.5.1 or similar]. 

do you think that we will be able to have a ~70% Italian translation 
completion by mid/towards-the-end-of July? if so, we can work on 
adding Italian to the locale drop-down in the GUI now (i.e. in the 
upcoming days/week), however we may need to take it out of the 
GUI drop-down eventually if we won't meet the ~70% Italian translation 
completion by mid/towards-the-end-of July goal. 

let me know what you think.


Thanks,
Einav

[1] http://wiki.ovirt.org/OVirt_3.5_release-management

- Original Message -
 From: Gianluca Cecchi gianluca.cec...@gmail.com
 To: Einav Cohen eco...@redhat.com
 Cc: users users@ovirt.org
 Sent: Thursday, June 19, 2014 4:40:02 AM
 Subject: Re: [ovirt-users] italian language pack ?
 
 
 
 On Thu, Jun 12, 2014 at 4:12 PM, Einav Cohen  eco...@redhat.com  wrote:
 
 
 
 
  Hello,
  I plan to work on this during the next days.
  Possibly the end of the next week could be a good ETA (if there will be an
  overlap between the different paths and the total amount is not the sum of
  all of them...)
  Could this be ok for you? Could we have a follow up on next Wednesday?
 
 sounds good, Gianluca - we will follow up on next Wednesday. thanks.
 
 
 Update: now I'm at 12% and going ahead. Let's see at the end of today...
 In the mean time I see you opened BUG ID 1110577, thanks.
 Hope to have it inside 3.5 tree.. btw: what is the eta for 3.5 final and for
 3.5 beta?
 
 Gianluca
 
 ___
 Users mailing list
 Users@ovirt.org
 http://lists.ovirt.org/mailman/listinfo/users
 
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users


Re: [ovirt-users] italian language pack ?

2014-06-19 Thread Gianluca Cecchi
On Thu, Jun 19, 2014 at 3:24 PM, Einav Cohen eco...@redhat.com wrote:


 do you think that we will be able to have a ~70% Italian translation
 completion by mid/towards-the-end-of July? if so, we can work on
 adding Italian to the locale drop-down in the GUI now (i.e. in the
 upcoming days/week), however we may need to take it out of the
 GUI drop-down eventually if we won't meet the ~70% Italian translation
 completion by mid/towards-the-end-of July goal.

 let me know what you think.


Thanks for your trust, much appreciated too!
I think I'm able to get 70% around 10th of July.

It would be great to have sooner than later the dropdown and the
functionality, because in some cases it is not so easy to extrapolate
context in a single word or few words and give a truly correct translation
(despite the section's title itself that is an initial suggestion).
Having the chance to set the locale in a real environment and crosscheck
the proposed translations would be great to have a consistent work done at
the end...

Gianluca
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users


Re: [ovirt-users] italian language pack ?

2014-06-19 Thread Sandro Bonazzola
Il 19/06/2014 15:24, Einav Cohen ha scritto:
 Hi Gianluca,
 
 Thank you for working hard on completing the translation - it is highly 
 appreciated!
 
 according to [1], ovirt-3.5.0 beta is planned for 2014-06-26 (which is 
 ~1 week from now), however I am not sure if this is a build date or a 
 release date (I assume it is a build date, as it is the same time in 
 which we plan to branch 'ovirt-engine-3.5' out of 'master' - maybe 
 @Sandro/Eyal can confirm that). 

Beta will be composed on 2014-06-26 using the last nightly snapshot available.
If it won't pass basic sanity test a new build may be required but it will be 
highly appreciated that maintainers ensure their packages works the day
before the repository composition.
The branch will be created from the git hash of the build passing basic sanity 
test.



 
 RC Build is currently planned for 2014-07-16. 
 
 GA is currently planned for 2014-08-04. 
 
 I am planning to pull translations from Zanata towards the end of this 
 month (hopefully in time for the beta, but not necessarily - maybe it 
 will land only in the RC build eventually), and then do another pull 
 at the end of July [probably not in time for the RC build, so may land 
 eventually only in ovirt-3.5.1 or similar]. 
 
 do you think that we will be able to have a ~70% Italian translation 
 completion by mid/towards-the-end-of July? if so, we can work on 
 adding Italian to the locale drop-down in the GUI now (i.e. in the 
 upcoming days/week), however we may need to take it out of the 
 GUI drop-down eventually if we won't meet the ~70% Italian translation 
 completion by mid/towards-the-end-of July goal. 
 
 let me know what you think.
 
 
 Thanks,
 Einav
 
 [1] http://wiki.ovirt.org/OVirt_3.5_release-management
 
 - Original Message -
 From: Gianluca Cecchi gianluca.cec...@gmail.com
 To: Einav Cohen eco...@redhat.com
 Cc: users users@ovirt.org
 Sent: Thursday, June 19, 2014 4:40:02 AM
 Subject: Re: [ovirt-users] italian language pack ?



 On Thu, Jun 12, 2014 at 4:12 PM, Einav Cohen  eco...@redhat.com  wrote:




 Hello,
 I plan to work on this during the next days.
 Possibly the end of the next week could be a good ETA (if there will be an
 overlap between the different paths and the total amount is not the sum of
 all of them...)
 Could this be ok for you? Could we have a follow up on next Wednesday?

 sounds good, Gianluca - we will follow up on next Wednesday. thanks.


 Update: now I'm at 12% and going ahead. Let's see at the end of today...
 In the mean time I see you opened BUG ID 1110577, thanks.
 Hope to have it inside 3.5 tree.. btw: what is the eta for 3.5 final and for
 3.5 beta?

 Gianluca

 ___
 Users mailing list
 Users@ovirt.org
 http://lists.ovirt.org/mailman/listinfo/users



-- 
Sandro Bonazzola
Better technology. Faster innovation. Powered by community collaboration.
See how it works at redhat.com
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users


Re: [ovirt-users] VMware machines disk locked

2014-06-19 Thread Andy Michielsen
Dear all,

I already restarted the engine and the node but the status keeps on being
locked.

How do I connect with the postgres database and can I alter that locked
status of the disks.

Kind regards.


2014-06-18 8:50 GMT+02:00 Joop jvdw...@xs4all.nl:

 On 18-6-2014 7:30, andy.michiel...@gmail.com wrote:
  Hello,
 
  We are having problems with a VMware machine. In the engine I can see
 the status of its disks are locked. I don't know exactly what my co worker
 did but it's up to me to find out and fix it.
 
  So what log's should I check and what entry should I look for.
 
  Can I find out why the disks are locked via the cli ?
 
  Can I look in the database and change the status ?
 
 
 You should be able to see in the message pane what was done in the past
 and try to correlate that with the locked disks. Further if you look on
 the host which is the SPM you could see a dd process. Cloning disks,
 exporting VMs are done using dd on the SPM.

 Hoping the devs have some more things to check.

 Joop

 ___
 Users mailing list
 Users@ovirt.org
 http://lists.ovirt.org/mailman/listinfo/users

___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users


[ovirt-users] tools page needs updates

2014-06-19 Thread Alissa Bonas
Hi all,

The tools page [1] lacks a lot of info such as where the tools can be 
downloaded/installed from, how to configure and use them, etc.

I updated the image uploader section, if someone can do the same for the rest 
of the tools - it will be great.

[1]http://www.ovirt.org/OVirt_engine_tools
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users


[ovirt-users] Spam Cannot attach to VM pool

2014-06-19 Thread Maurice James
Im trying to to attach to a VM in a pool and Im seeing the following in the 
engine.log 


Message: VM TIEATS_VDI-1 is down. Exit message: internal error ifname vnet0 
not in key map 

Is there anything that I should be looking out for when using pools? 

3.4.1 
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users


Re: [ovirt-users] Script to determine Direct LUN mapping

2014-06-19 Thread Gilad Chaplik
- Original Message -
 From: Citros Airv citros.a...@gmail.com
 To: users@ovirt.org
 Sent: Wednesday, June 18, 2014 5:23:42 PM
 Subject: [ovirt-users] Script to determine Direct LUN mapping
 
 HI,
 
 I'm writing a script to determine on which guest a Direct Lun is currently
 attached to. Any pointers, help, much appreciated.

Not that strong in luns, but I'd use the search, but I'm not sure isLun is 
supported in search (by quick look at the code it isn't).
From the top of my head, a quick workaround to that is to add prefix to lun 
disk aliases, and then use the search with alias starts with lun_***.
You can fetch the vm_names from the disk and proceed from there.

 
 C
 
 ___
 Users mailing list
 Users@ovirt.org
 http://lists.ovirt.org/mailman/listinfo/users
 
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users


[ovirt-users] New oVirt Case Study: Judici

2014-06-19 Thread Brian Proffitt
All:

I am pleased to let you know that I have posted a new case study about oVirt on 
ovirt.org. The new study is a small government project, Judici, with a big 
impact: managing the court documentation for 68 of the 102 county courts in the 
State of Illinois.

Take a look[1] and feel free to spread the word though social media.

Thanks!
Brian

[1]http://www.ovirt.org/Judici_Case_Study 

-- 
Brian Proffitt

oVirt Community Manager
Project Atomic Community Lead
Open Source and Standards, Red Hat - http://community.redhat.com
Phone: +1 574 383 9BKP
IRC: bkp @ OFTC
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users


[ovirt-users] gluster rpms not found

2014-06-19 Thread Nathan Stratton
I am running ovirt 3.4 and have gluster installed:

[root@virt01a]# yum list installed |grep gluster
glusterfs.x86_64   3.5.0-2.el6  @ovirt-glusterfs-epel

glusterfs-api.x86_64   3.5.0-2.el6  @ovirt-glusterfs-epel

glusterfs-cli.x86_64   3.5.0-2.el6  @ovirt-glusterfs-epel

glusterfs-fuse.x86_64  3.5.0-2.el6  @ovirt-glusterfs-epel

glusterfs-libs.x86_64  3.5.0-2.el6  @ovirt-glusterfs-epel

glusterfs-rdma.x86_64  3.5.0-2.el6  @ovirt-glusterfs-epel

glusterfs-server.x86_64  3.5.0-2.el6  @ovirt-glusterfs-epel

However vdsm can't seem to find them:

Thread-13::DEBUG::2014-06-19
16:15:57,250::caps::458::root::(_getKeyPackages) rpm package glusterfs-rdma
not found
Thread-13::DEBUG::2014-06-19
16:15:57,250::caps::458::root::(_getKeyPackages) rpm package glusterfs-fuse
not found
Thread-13::DEBUG::2014-06-19
16:15:57,251::caps::458::root::(_getKeyPackages) rpm package gluster-swift
not found
Thread-13::DEBUG::2014-06-19
16:15:57,252::caps::458::root::(_getKeyPackages) rpm package
gluster-swift-object not found
Thread-13::DEBUG::2014-06-19
16:15:57,252::caps::458::root::(_getKeyPackages) rpm package glusterfs not
found
Thread-13::DEBUG::2014-06-19
16:15:57,252::caps::458::root::(_getKeyPackages) rpm package
gluster-swift-plugin not found
Thread-13::DEBUG::2014-06-19
16:15:57,254::caps::458::root::(_getKeyPackages) rpm package
gluster-swift-account not found
Thread-13::DEBUG::2014-06-19
16:15:57,254::caps::458::root::(_getKeyPackages) rpm package
gluster-swift-proxy not found
Thread-13::DEBUG::2014-06-19
16:15:57,254::caps::458::root::(_getKeyPackages) rpm package
gluster-swift-doc not found
Thread-13::DEBUG::2014-06-19
16:15:57,255::caps::458::root::(_getKeyPackages) rpm package
glusterfs-server not found
Thread-13::DEBUG::2014-06-19
16:15:57,255::caps::458::root::(_getKeyPackages) rpm package
gluster-swift-container not found
Thread-13::DEBUG::2014-06-19
16:15:57,255::caps::458::root::(_getKeyPackages) rpm package
glusterfs-geo-replication not found

Any ideas?


nathan stratton | vp technology | broadsoft, inc | +1-240-404-6580 |
www.broadsoft.com
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users


[ovirt-users] Log-off SPICE client system from oVirt guest

2014-06-19 Thread cyber python
Hello everyone!

I currently have an MS Windows client running remote viewer which connects
to an oVirt Linux VM using SPICE.

My applicaiton is running on the VM.

(Actually there are several clients each connecting to one VM at a time,
with each client connecting to the first available VM every time - I have
already achieved this using the oVirt REST API).

What I want to do now, is have the MS Windows client (I am using
remote-viewer as the SPICE client) log out automatically when the user
closes the application's window in the VM.

Is this possible?

If not, is there a way to get the IP address of the client machine (the one
running remote-viewer) from the guest so that I can notify it to log off?

Best regards,
George.
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users


[ovirt-users] oVirt Node as vm

2014-06-19 Thread Stefan Sahlender
Hello,

I want to run oVirt Node as vm to learn a little bit about ovirt. But
I'm facing some problems.

I understand that oVirt Node maybe needs to see the vmx feature from the
cpu so that kvm will work.

But I can't get the oVirt Node ISO booting at all.

I tried it in VirtualBox ... since it doesn't support nested
virtualization I understand why it doesn't boot ... perhaps.

But I tried it also on ESX and in the configuration i said that the
virtualization features of the CPU should be passed through. If I boot a
Live CD with that configuration see with cat /proc/cpuinfo that vmx is
available.

When I boot the oVirt Node ISO it just hangs after the 30 seconds count
down ...I just see the background from the boot menu and it hangs the
forever.

Anybody else facing the same problem. Or is it just not possible to run
oVirt Node as VM?

Thanks for your replies.

Regards


___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users


Re: [ovirt-users] host upgrade from ovirt manager and custom iptables rules

2014-06-19 Thread Moti Asayag


- Original Message -
 From: Jiří Sléžka jiri.sle...@slu.cz
 To: Moti Asayag masa...@redhat.com
 Cc: users@ovirt.org
 Sent: Thursday, June 19, 2014 3:25:49 PM
 Subject: Re: [ovirt-users] host upgrade from ovirt manager and custom 
 iptables rules
 
  - Original Message -
  From: Jiří Sléžka jiri.sle...@slu.cz
  To: users@ovirt.org
  Sent: Wednesday, June 18, 2014 8:12:09 PM
  Subject: [ovirt-users] host upgrade from ovirt manager and custom iptables
 rules
 
  Hello all,
 
  is there any way to make custom iptables rules persistent during host
  upgrade? I have for example zabbix agents installed on all hosts and
  thus iptables rule allowing connections from our zabbix server. Sadly I
  have to manually restore iptables backup after host upgrade (initiated
  from oVirt manager).
 
 
  This should be achievable by defining the iptables rules you wish to use
  when [re]installing using the engine-config tool:
 
 thanks a lot for reply
 
  1. Check the existing iptables rules:
  sudo engine-config -g IPTablesConfig
 
 this displays whole iptables template. Interesting thing is that there
 is a variable @CUSTOM_RULES@. Maybe custom rules could be defined this way?
 

Adding Alon to reply on @CUSTOM_RULES@

 
  2. Define the desired iptables:
  sudo engine-config -s IPTablesConfig=Your rules
 
 I entered...
 
 engine-config -s IPTablesConfig=-A INPUT -p tcp -m state --state NEW -m
 tcp -s xx.xx.xx.xx --dport 10050 -j ACCEPT
 
 ...and it looks like this overwrite entire IPTablesConfig template...
 
  3. Verify the changes
  sudo engine-config -g IPTablesConfig
 
 ...because this displays only just my one line above.
 
 I have copy of default template but I have no idea how to set this
 variable with multi line text. I tried inserting \n but it is not
 converted to newlines. Any ideas?

to me i worked by pasting the file content in the command line:
engine-config -s IPTablesConfig= paste multi-line content

 
 Btw. these variables are stored in database?

Yes, in vdc_options table:

select * from vdc_options where option_name = 'IPTablesConfig';

 
 
 Thanks in advance,
 
 Jiri
 
 
 
 
  4. Restart the engine for changes to take effect
 
  5. Reinstall the host and verify the iptables rule.
 
  And another question I have always wanted to ask... It looks like host
  upgrade is upgrading just vdsm components and no others virtualization
  stuff
 
  this was updatet after clicking to host upgrade
 
  Jun 18 18:21:38 Updated: iproute-2.6.32-32.el6_5.x86_64
  Jun 18 18:21:59 Installed: vdsm-python-zombiereaper-4.14.7-3.el6ev.noarch
  Jun 18 18:21:59 Updated: vdsm-python-4.14.7-3.el6ev.x86_64
  Jun 18 18:21:59 Updated: vdsm-xmlrpc-4.14.7-3.el6ev.noarch
  Jun 18 18:21:59 Updated: vdsm-cli-4.14.7-3.el6ev.noarch
  Jun 18 18:22:26 Updated: vdsm-4.14.7-3.el6ev.x86_64
  Jun 18 18:22:27 Updated:
  2:qemu-kvm-rhev-tools-0.12.1.2-2.415.el6_5.10.x86_64
 
  and after that I run yum update and updated this components (honestly
  this one was rhev host but ovirt behave the same)
 
  Jun 18 18:26:59 Updated: selinux-policy-3.7.19-231.el6_5.3.noarch
  Jun 18 18:27:03 Updated: tzdata-2014d-1.el6.noarch
  Jun 18 18:27:10 Updated: glibc-2.12-1.132.el6_5.2.x86_64
  Jun 18 18:27:22 Updated: glibc-common-2.12-1.132.el6_5.2.x86_64
  Jun 18 18:27:22 Updated: audit-libs-2.2-4.el6_5.x86_64
  Jun 18 18:27:22 Updated: libxml2-2.7.6-14.el6_5.1.x86_64
  Jun 18 18:27:22 Updated: libcurl-7.19.7-37.el6_5.3.x86_64
  Jun 18 18:27:23 Updated: 2:qemu-img-rhev-0.12.1.2-2.415.el6_5.10.x86_64
  Jun 18 18:27:23 Updated: libtasn1-2.3-6.el6_5.x86_64
  Jun 18 18:27:23 Updated: gnutls-2.8.5-14.el6_5.x86_64
  Jun 18 18:27:25 Updated: openssl-1.0.1e-16.el6_5.14.x86_64
  Jun 18 18:27:25 Updated: spice-server-0.12.4-6.el6_5.2.x86_64
  Jun 18 18:27:25 Updated: gnutls-utils-2.8.5-14.el6_5.x86_64
  Jun 18 18:27:25 Updated: pm-utils-1.2.5-10.el6_5.1.x86_64
  Jun 18 18:27:28 Updated: libvirt-client-0.10.2-29.el6_5.9.x86_64
  Jun 18 18:27:30 Updated: libvirt-0.10.2-29.el6_5.9.x86_64
  Jun 18 18:27:30 Updated: libvirt-python-0.10.2-29.el6_5.9.x86_64
  Jun 18 18:27:30 Updated: mom-0.4.0-1.el6ev.noarch
  Jun 18 18:27:30 Updated: libvirt-lock-sanlock-0.10.2-29.el6_5.9.x86_64
  Jun 18 18:27:32 Updated: 2:qemu-kvm-rhev-0.12.1.2-2.415.el6_5.10.x86_64
  Jun 18 18:27:32 Updated: python-rhsm-1.9.7-1.el6_5.x86_64
  Jun 18 18:27:32 Updated: curl-7.19.7-37.el6_5.3.x86_64
  Jun 18 18:27:33 Updated: libxml2-python-2.7.6-14.el6_5.1.x86_64
  Jun 18 18:27:33 Updated: audit-libs-python-2.2-4.el6_5.x86_64
  Jun 18 18:27:33 Updated: audit-2.2-4.el6_5.x86_64
  Jun 18 18:27:33 Updated: mdadm-3.2.6-7.el6_5.2.x86_64
  Jun 18 18:27:33 Updated: python-cpopen-1.3-2.el6_5.x86_64
  Jun 18 18:28:30 Updated: selinux-policy-targeted-3.7.19-231.el6_5.3.noarch
  Jun 18 18:28:30 Updated: python-pthreading-0.1.3-1.el6ev.noarch
 
 
  I believe qemu-img-rhev, spice-server, libvirt, mom,... are important
  components too. Should not be upgraded as well?
 
 
  Thanks for clarification,
 
 

Re: [ovirt-users] host upgrade from ovirt manager and custom iptables rules

2014-06-19 Thread Alon Bar-Lev


- Original Message -
 From: Moti Asayag masa...@redhat.com
 To: Jiří Sléžka jiri.sle...@slu.cz, Alon Bar-Lev abar...@redhat.com
 Cc: users@ovirt.org
 Sent: Friday, June 20, 2014 1:12:58 AM
 Subject: Re: [ovirt-users] host upgrade from ovirt manager and custom 
 iptables rules
 
 
 
 - Original Message -
  From: Jiří Sléžka jiri.sle...@slu.cz
  To: Moti Asayag masa...@redhat.com
  Cc: users@ovirt.org
  Sent: Thursday, June 19, 2014 3:25:49 PM
  Subject: Re: [ovirt-users] host upgrade from ovirt manager and custom
  iptables rules
  
   - Original Message -
   From: Jiří Sléžka jiri.sle...@slu.cz
   To: users@ovirt.org
   Sent: Wednesday, June 18, 2014 8:12:09 PM
   Subject: [ovirt-users] host upgrade from ovirt manager and custom
   iptables
rules
  
   Hello all,
  
   is there any way to make custom iptables rules persistent during host
   upgrade? I have for example zabbix agents installed on all hosts and
   thus iptables rule allowing connections from our zabbix server. Sadly I
   have to manually restore iptables backup after host upgrade (initiated
   from oVirt manager).
  
  
   This should be achievable by defining the iptables rules you wish to use
   when [re]installing using the engine-config tool:
  
  thanks a lot for reply
  
   1. Check the existing iptables rules:
   sudo engine-config -g IPTablesConfig
  
  this displays whole iptables template. Interesting thing is that there
  is a variable @CUSTOM_RULES@. Maybe custom rules could be defined this way?
  
 
 Adding Alon to reply on @CUSTOM_RULES@

These are to be replaced with gluster specific or virt specific or both, see 
IPTablesConfigForVirt, IPTablesConfigForGluster.

I must note that there is no real support for manual modification of the 
iptables rules, as once you change it, you do not enjoy future product updates, 
such as upcoming kdump fence listener daemon.

However, moti, we can add another vdc config for user defined rules, it should 
be sufficient in most cases.

 
  
   2. Define the desired iptables:
   sudo engine-config -s IPTablesConfig=Your rules
  
  I entered...
  
  engine-config -s IPTablesConfig=-A INPUT -p tcp -m state --state NEW -m
  tcp -s xx.xx.xx.xx --dport 10050 -j ACCEPT
  
  ...and it looks like this overwrite entire IPTablesConfig template...
  
   3. Verify the changes
   sudo engine-config -g IPTablesConfig
  
  ...because this displays only just my one line above.
  
  I have copy of default template but I have no idea how to set this
  variable with multi line text. I tried inserting \n but it is not
  converted to newlines. Any ideas?
 
 to me i worked by pasting the file content in the command line:
 engine-config -s IPTablesConfig= paste multi-line content
 
  
  Btw. these variables are stored in database?
 
 Yes, in vdc_options table:
 
 select * from vdc_options where option_name = 'IPTablesConfig';
 
  
  
  Thanks in advance,
  
  Jiri
  
  
  
  
   4. Restart the engine for changes to take effect
  
   5. Reinstall the host and verify the iptables rule.
  
   And another question I have always wanted to ask... It looks like host
   upgrade is upgrading just vdsm components and no others virtualization
   stuff
  
   this was updatet after clicking to host upgrade
  
   Jun 18 18:21:38 Updated: iproute-2.6.32-32.el6_5.x86_64
   Jun 18 18:21:59 Installed:
   vdsm-python-zombiereaper-4.14.7-3.el6ev.noarch
   Jun 18 18:21:59 Updated: vdsm-python-4.14.7-3.el6ev.x86_64
   Jun 18 18:21:59 Updated: vdsm-xmlrpc-4.14.7-3.el6ev.noarch
   Jun 18 18:21:59 Updated: vdsm-cli-4.14.7-3.el6ev.noarch
   Jun 18 18:22:26 Updated: vdsm-4.14.7-3.el6ev.x86_64
   Jun 18 18:22:27 Updated:
   2:qemu-kvm-rhev-tools-0.12.1.2-2.415.el6_5.10.x86_64
  
   and after that I run yum update and updated this components (honestly
   this one was rhev host but ovirt behave the same)
  
   Jun 18 18:26:59 Updated: selinux-policy-3.7.19-231.el6_5.3.noarch
   Jun 18 18:27:03 Updated: tzdata-2014d-1.el6.noarch
   Jun 18 18:27:10 Updated: glibc-2.12-1.132.el6_5.2.x86_64
   Jun 18 18:27:22 Updated: glibc-common-2.12-1.132.el6_5.2.x86_64
   Jun 18 18:27:22 Updated: audit-libs-2.2-4.el6_5.x86_64
   Jun 18 18:27:22 Updated: libxml2-2.7.6-14.el6_5.1.x86_64
   Jun 18 18:27:22 Updated: libcurl-7.19.7-37.el6_5.3.x86_64
   Jun 18 18:27:23 Updated: 2:qemu-img-rhev-0.12.1.2-2.415.el6_5.10.x86_64
   Jun 18 18:27:23 Updated: libtasn1-2.3-6.el6_5.x86_64
   Jun 18 18:27:23 Updated: gnutls-2.8.5-14.el6_5.x86_64
   Jun 18 18:27:25 Updated: openssl-1.0.1e-16.el6_5.14.x86_64
   Jun 18 18:27:25 Updated: spice-server-0.12.4-6.el6_5.2.x86_64
   Jun 18 18:27:25 Updated: gnutls-utils-2.8.5-14.el6_5.x86_64
   Jun 18 18:27:25 Updated: pm-utils-1.2.5-10.el6_5.1.x86_64
   Jun 18 18:27:28 Updated: libvirt-client-0.10.2-29.el6_5.9.x86_64
   Jun 18 18:27:30 Updated: libvirt-0.10.2-29.el6_5.9.x86_64
   Jun 18 18:27:30 Updated: libvirt-python-0.10.2-29.el6_5.9.x86_64
   Jun 18 18:27:30 Updated: mom-0.4.0-1.el6ev.noarch
   Jun 18 

Re: [ovirt-users] gluster rpms not found

2014-06-19 Thread Andrew Lau
You're missing vdsm-gluster

yum install vdsm-gluster

On Fri, Jun 20, 2014 at 6:24 AM, Nathan Stratton nat...@robotics.net wrote:
 I am running ovirt 3.4 and have gluster installed:

 [root@virt01a]# yum list installed |grep gluster
 glusterfs.x86_64   3.5.0-2.el6  @ovirt-glusterfs-epel
 glusterfs-api.x86_64   3.5.0-2.el6  @ovirt-glusterfs-epel
 glusterfs-cli.x86_64   3.5.0-2.el6  @ovirt-glusterfs-epel
 glusterfs-fuse.x86_64  3.5.0-2.el6  @ovirt-glusterfs-epel
 glusterfs-libs.x86_64  3.5.0-2.el6  @ovirt-glusterfs-epel
 glusterfs-rdma.x86_64  3.5.0-2.el6  @ovirt-glusterfs-epel
 glusterfs-server.x86_64  3.5.0-2.el6  @ovirt-glusterfs-epel

 However vdsm can't seem to find them:

 Thread-13::DEBUG::2014-06-19
 16:15:57,250::caps::458::root::(_getKeyPackages) rpm package glusterfs-rdma
 not found
 Thread-13::DEBUG::2014-06-19
 16:15:57,250::caps::458::root::(_getKeyPackages) rpm package glusterfs-fuse
 not found
 Thread-13::DEBUG::2014-06-19
 16:15:57,251::caps::458::root::(_getKeyPackages) rpm package gluster-swift
 not found
 Thread-13::DEBUG::2014-06-19
 16:15:57,252::caps::458::root::(_getKeyPackages) rpm package
 gluster-swift-object not found
 Thread-13::DEBUG::2014-06-19
 16:15:57,252::caps::458::root::(_getKeyPackages) rpm package glusterfs not
 found
 Thread-13::DEBUG::2014-06-19
 16:15:57,252::caps::458::root::(_getKeyPackages) rpm package
 gluster-swift-plugin not found
 Thread-13::DEBUG::2014-06-19
 16:15:57,254::caps::458::root::(_getKeyPackages) rpm package
 gluster-swift-account not found
 Thread-13::DEBUG::2014-06-19
 16:15:57,254::caps::458::root::(_getKeyPackages) rpm package
 gluster-swift-proxy not found
 Thread-13::DEBUG::2014-06-19
 16:15:57,254::caps::458::root::(_getKeyPackages) rpm package
 gluster-swift-doc not found
 Thread-13::DEBUG::2014-06-19
 16:15:57,255::caps::458::root::(_getKeyPackages) rpm package
 glusterfs-server not found
 Thread-13::DEBUG::2014-06-19
 16:15:57,255::caps::458::root::(_getKeyPackages) rpm package
 gluster-swift-container not found
 Thread-13::DEBUG::2014-06-19
 16:15:57,255::caps::458::root::(_getKeyPackages) rpm package
 glusterfs-geo-replication not found

 Any ideas?


 nathan stratton | vp technology | broadsoft, inc | +1-240-404-6580 |
 www.broadsoft.com

 ___
 Users mailing list
 Users@ovirt.org
 http://lists.ovirt.org/mailman/listinfo/users

___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users


Re: [ovirt-users] host upgrade from ovirt manager and custom iptables rules

2014-06-19 Thread Moti Asayag


- Original Message -
 From: Alon Bar-Lev alo...@redhat.com
 To: Moti Asayag masa...@redhat.com
 Cc: Jiří Sléžka jiri.sle...@slu.cz, users@ovirt.org
 Sent: Friday, June 20, 2014 1:19:25 AM
 Subject: Re: [ovirt-users] host upgrade from ovirt manager and custom 
 iptables rules
 
 
 
 - Original Message -
  From: Moti Asayag masa...@redhat.com
  To: Jiří Sléžka jiri.sle...@slu.cz, Alon Bar-Lev abar...@redhat.com
  Cc: users@ovirt.org
  Sent: Friday, June 20, 2014 1:12:58 AM
  Subject: Re: [ovirt-users] host upgrade from ovirt manager and custom
  iptables rules
  
  
  
  - Original Message -
   From: Jiří Sléžka jiri.sle...@slu.cz
   To: Moti Asayag masa...@redhat.com
   Cc: users@ovirt.org
   Sent: Thursday, June 19, 2014 3:25:49 PM
   Subject: Re: [ovirt-users] host upgrade from ovirt manager and custom
   iptables rules
   
- Original Message -
From: Jiří Sléžka jiri.sle...@slu.cz
To: users@ovirt.org
Sent: Wednesday, June 18, 2014 8:12:09 PM
Subject: [ovirt-users] host upgrade from ovirt manager and custom
iptables
   rules
   
Hello all,
   
is there any way to make custom iptables rules persistent during host
upgrade? I have for example zabbix agents installed on all hosts and
thus iptables rule allowing connections from our zabbix server. Sadly
I
have to manually restore iptables backup after host upgrade (initiated
from oVirt manager).
   
   
This should be achievable by defining the iptables rules you wish to
use
when [re]installing using the engine-config tool:
   
   thanks a lot for reply
   
1. Check the existing iptables rules:
sudo engine-config -g IPTablesConfig
   
   this displays whole iptables template. Interesting thing is that there
   is a variable @CUSTOM_RULES@. Maybe custom rules could be defined this
   way?
   
  
  Adding Alon to reply on @CUSTOM_RULES@
 
 These are to be replaced with gluster specific or virt specific or both, see
 IPTablesConfigForVirt, IPTablesConfigForGluster.
 
 I must note that there is no real support for manual modification of the
 iptables rules, as once you change it, you do not enjoy future product
 updates, such as upcoming kdump fence listener daemon.
 
 However, moti, we can add another vdc config for user defined rules, it
 should be sufficient in most cases.

Sounds reasonable.

Jiri, would you like to open RFE for it ?

 
  
   
2. Define the desired iptables:
sudo engine-config -s IPTablesConfig=Your rules
   
   I entered...
   
   engine-config -s IPTablesConfig=-A INPUT -p tcp -m state --state NEW -m
   tcp -s xx.xx.xx.xx --dport 10050 -j ACCEPT
   
   ...and it looks like this overwrite entire IPTablesConfig template...
   
3. Verify the changes
sudo engine-config -g IPTablesConfig
   
   ...because this displays only just my one line above.
   
   I have copy of default template but I have no idea how to set this
   variable with multi line text. I tried inserting \n but it is not
   converted to newlines. Any ideas?
  
  to me i worked by pasting the file content in the command line:
  engine-config -s IPTablesConfig= paste multi-line content
  
   
   Btw. these variables are stored in database?
  
  Yes, in vdc_options table:
  
  select * from vdc_options where option_name = 'IPTablesConfig';
  
   
   
   Thanks in advance,
   
   Jiri
   
   
   
   
4. Restart the engine for changes to take effect
   
5. Reinstall the host and verify the iptables rule.
   
And another question I have always wanted to ask... It looks like host
upgrade is upgrading just vdsm components and no others virtualization
stuff
   
this was updatet after clicking to host upgrade
   
Jun 18 18:21:38 Updated: iproute-2.6.32-32.el6_5.x86_64
Jun 18 18:21:59 Installed:
vdsm-python-zombiereaper-4.14.7-3.el6ev.noarch
Jun 18 18:21:59 Updated: vdsm-python-4.14.7-3.el6ev.x86_64
Jun 18 18:21:59 Updated: vdsm-xmlrpc-4.14.7-3.el6ev.noarch
Jun 18 18:21:59 Updated: vdsm-cli-4.14.7-3.el6ev.noarch
Jun 18 18:22:26 Updated: vdsm-4.14.7-3.el6ev.x86_64
Jun 18 18:22:27 Updated:
2:qemu-kvm-rhev-tools-0.12.1.2-2.415.el6_5.10.x86_64
   
and after that I run yum update and updated this components (honestly
this one was rhev host but ovirt behave the same)
   
Jun 18 18:26:59 Updated: selinux-policy-3.7.19-231.el6_5.3.noarch
Jun 18 18:27:03 Updated: tzdata-2014d-1.el6.noarch
Jun 18 18:27:10 Updated: glibc-2.12-1.132.el6_5.2.x86_64
Jun 18 18:27:22 Updated: glibc-common-2.12-1.132.el6_5.2.x86_64
Jun 18 18:27:22 Updated: audit-libs-2.2-4.el6_5.x86_64
Jun 18 18:27:22 Updated: libxml2-2.7.6-14.el6_5.1.x86_64
Jun 18 18:27:22 Updated: libcurl-7.19.7-37.el6_5.3.x86_64
Jun 18 18:27:23 Updated:
2:qemu-img-rhev-0.12.1.2-2.415.el6_5.10.x86_64
Jun 18 18:27:23 Updated: libtasn1-2.3-6.el6_5.x86_64
Jun 18 18:27:23 Updated: gnutls-2.8.5-14.el6_5.x86_64
Jun 18 

Re: [ovirt-users] oVirt Node as vm

2014-06-19 Thread John Xue
I have the same problem. Finally, I am not using oVirth Node ISO, I
setup one step by step. And the key point is enable promiscuous mode
on your ESXi vswitch, or you cann't ping double nested guest.

On Fri, Jun 20, 2014 at 2:57 AM, Stefan Sahlender ssahlen...@gmx.de wrote:
 Hello,

 I want to run oVirt Node as vm to learn a little bit about ovirt. But
 I'm facing some problems.

 I understand that oVirt Node maybe needs to see the vmx feature from the
 cpu so that kvm will work.

 But I can't get the oVirt Node ISO booting at all.

 I tried it in VirtualBox ... since it doesn't support nested
 virtualization I understand why it doesn't boot ... perhaps.

 But I tried it also on ESX and in the configuration i said that the
 virtualization features of the CPU should be passed through. If I boot a
 Live CD with that configuration see with cat /proc/cpuinfo that vmx is
 available.

 When I boot the oVirt Node ISO it just hangs after the 30 seconds count
 down ...I just see the background from the boot menu and it hangs the
 forever.

 Anybody else facing the same problem. Or is it just not possible to run
 oVirt Node as VM?

 Thanks for your replies.

 Regards


 ___
 Users mailing list
 Users@ovirt.org
 http://lists.ovirt.org/mailman/listinfo/users



-- 
Regards,
John Xue
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users