Hi Jaime, Thanks for kindly pointing out something I had obviously missed. I'm still wrapping my head around my return to centos/fedora, so I'll submit those policies once I have a better handle on it myself.
'tin' is my server hostname. /var/tmp/one/vnm/tin/pre does not exists. I think that might've pointed to a typo in my initial CLI setup. I managed to get *something* working by flushing out all virtual resources & setting them up anew. Logs are still a little cryptic to me - J On Mon, Oct 20, 2014 at 10:56 PM, Jaime Melis <[email protected]> wrote: > Hi Jaco, > > thanks for the feedback! > > > * CentOS 7 by default comes with firewalld - something that's not > covered under official docco's. I initially thought it was iptables > preventing access from LAN, but managed to find this issue via accessing > services through SSH tunnel > > There's a small warning banner in the documentation page you mentioned: > http://docs.opennebula.org/4.8/design_and_installation/quick_starts/qs_centos7_kvm.html > > > Warning > > Some commands may fail depending on your iptables/firewalld > configuration. Disable the firewalls entirely for testing just to rule it > out. > > You have probably missed it, there might be a few too many notices ;) > > > * Telling people to 'disable SELinux' is simply a bad idea & sets a bad > precedent & encourages lax security practices IMHO. It's there for a > reason. For now I've set it to be permissive rather than disabled, but will > re-enforce it again later. > > Right, I completely agree. It'd be great if someone could contribute the > SElinux policies for OpenNebula so we can add them to the packages. It > shouldn't be that hard, but unfortunately it's something we haven't had > time to do yet. > > > btw. found the bug in the Ubuntu docco: > > Absolutely! thanks for pointing it out. I've fixed it. > > > Otherwise I've followed the guide dutifully, but I'm unable to provision > my 1st instance. > > In the logs I can see it's trying to find: /var/tmp/one/vnm/tin/pre. Where > does that 'tin' come from? Supported vnm's are: 802.1Q dummy ebtables fw > ovswitch vmware. > > > On Sun, Oct 19, 2014 at 10:06 AM, Jaco <[email protected]> wrote: > >> btw. found the bug in the Ubuntu docco: >> >> 1.1. Install the repo >> >> Add the OpenNebula repository: >> >> # wget -q -O- http://downloads.opennebula.org/repo/Ubuntu/repo.key | apt-key >> add - >> # echo "deb http://downloads.opennebula.org/repo/4.8/Ubuntu/14.04/ stable >> opennebula" \ >> > /etc/apt/sources.list.d/opennebula.list >> >> vs. >> 2.1. Install the repo >> >> Add the OpenNebula repository: >> >> # wget -q -O- http://downloads.opennebula.org/repo/Ubuntu/repo.key | apt-key >> add - >> # echo "deb http://downloads.opennebula.org/repo/Ubuntu/14.04 stable >> opennebula" > \ >> /etc/apt/sources.list.d/opennebula.list >> >> >> This last one sources packages outside the 4.8 specified before >> >> - J >> >> On 19/10/14 20:52, Valentin Bud wrote: >> >> Hello Jaco, >> >> Maybe Javier's presentation "OpenNebula and tips for CentOS 7" [1] >> might help you achieve what you desire. >> >> [1]: http://www.slideshare.net/opennebula >> >> Best, >> Valentin >> >> On Sun, Oct 19, 2014 at 3:59 AM, Jaco <[email protected]> wrote: >> >>> Hi folks, >>> (1st post) >>> >>> I've toyed with ON before, but decided to finally commit. >>> >>> I scratched my server, installed CentOS 7 (minimal) & followed guide >>> provided here: >>> http://docs.opennebula.org/4.8/design_and_installation/quick_starts/qs_centos7_kvm.html >>> >>> (context: I've been using Ubuntu/Debian for a very long time, but >>> recently decided to commit to CentOS/Fedora, so I'm a little rusty in >>> places) >>> >>> Overall it went OK, but not great. >>> >>> A few things that tripped me up: >>> * CentOS 7 by default comes with firewalld - something that's not >>> covered under official docco's. I initially thought it was iptables >>> preventing access from LAN, but managed to find this issue via accessing >>> services through SSH tunnel >>> * Telling people to 'disable SELinux' is simply a bad idea & sets a bad >>> precedent & encourages lax security practices IMHO. It's there for a >>> reason. For now I've set it to be permissive rather than disabled, but will >>> re-enforce it again later. >>> >>> Otherwise I've followed the guide dutifully, but I'm unable to provision >>> my 1st instance. >>> >>> I get this in the log: >>> >>> Sun Oct 19 13:56:54 2014 [Z0][DiM][I]: New VM state is ACTIVE. >>> Sun Oct 19 13:56:54 2014 [Z0][LCM][I]: New VM state is PROLOG. >>> Sun Oct 19 13:56:56 2014 [Z0][LCM][I]: New VM state is BOOT >>> Sun Oct 19 13:56:56 2014 [Z0][VMM][I]: Generating deployment file: >>> /var/lib/one/vms/5/deployment.0 >>> Sun Oct 19 13:56:56 2014 [Z0][VMM][I]: Remote worker node files not found >>> Sun Oct 19 13:56:56 2014 [Z0][VMM][I]: Updating remotes >>> Sun Oct 19 13:56:57 2014 [Z0][VMM][I]: Command execution fail: >>> /var/tmp/one/vnm/tin/pre $REDACTED_HASH >>> Sun Oct 19 13:56:57 2014 [Z0][VMM][I]: bash: line 2: >>> /var/tmp/one/vnm/tin/pre: No such file or directory >>> Sun Oct 19 13:56:57 2014 [Z0][VMM][I]: ExitCode: 127 >>> Sun Oct 19 13:56:57 2014 [Z0][VMM][I]: Failed to execute network driver >>> operation: pre. >>> Sun Oct 19 13:56:57 2014 [Z0][VMM][E]: Error deploying virtual machine >>> Sun Oct 19 13:56:58 2014 [Z0][DiM][I]: New VM state is FAILED >>> >>> /var/tmp/one/vnm/tin/pre/ did not exist, so I created it as user >>> oneadmin >>> >>> Virtual network is named "default", template " CentOS-7" & image " >>> CentOS-7-one-4.8" (ad per docco). >>> >>> Default setup out of the box does not work, and/or documentation is >>> incomplete. >>> >>> What am I missing? >>> Please advise >>> >>> - J >>> >>> _______________________________________________ >>> Users mailing list >>> [email protected] >>> http://lists.opennebula.org/listinfo.cgi/users-opennebula.org >>> >>> >> >> >> _______________________________________________ >> Users mailing list >> [email protected] >> http://lists.opennebula.org/listinfo.cgi/users-opennebula.org >> >> > > > -- > Jaime Melis > Project Engineer > OpenNebula - Flexible Enterprise Cloud Made Simple > www.OpenNebula.org | [email protected] >
_______________________________________________ Users mailing list [email protected] http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
