Hi,
Wow. How dumb of me. I just realized that I answered "Yes" in this
configuration question:
iptables was detected on your computer, do you wish setup to configure
it? (Yes, No)[Yes]:
So the hosted-engine setup configure my empty iptables to allow just
some necessary port (excluding glusterfs)
I solved this by editing /etc/sysconfig/iptables to:
# oVirt+glusterfs firewall configuration.
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
# vdsm
-A INPUT -p tcp --dport 54321 -j ACCEPT
# rpc.statd
-A INPUT -p tcp --dport 111 -j ACCEPT
-A INPUT -p udp --dport 111 -j ACCEPT
# SSH
-A INPUT -p tcp --dport 22 -j ACCEPT
# snmp
-A INPUT -p udp --dport 161 -j ACCEPT
# libvirt tls
-A INPUT -p tcp --dport 16514 -j ACCEPT
# serial consoles
-A INPUT -p tcp -m multiport --dports 2223 -j ACCEPT
# guest consoles
-A INPUT -p tcp -m multiport --dports 5900:6923 -j ACCEPT
# migration
-A INPUT -p tcp -m multiport --dports 49152:49216 -j ACCEPT
# glusterfs
-A INPUT -p tcp --dport 24007:24008 -j ACCEPT
-A INPUT -p tcp --dport 24007:24008 -j ACCEPT
-A INPUT -p tcp --dport 38465:38467 -j ACCEPT
# nfs
-A INPUT -p tcp --dport 2049 -j ACCEPT
# Reject any other input traffic
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -m physdev ! --physdev-is-bridged -j REJECT --reject-with
icmp-host-prohibited
COMMIT
Then restarted iptables and run 'hosted-engine --deploy again'. This
time, I made sure to answer "No" when the setup asked me if it should
alter iptables or not. The deployment was success, although with some
errors:
[ ERROR ] The VDSM host was found in a failed state. Please check engine
and bootstrap installation logs.
[ ERROR ] Unable to add hosted_engine_1 to the manager
I were somehow able to solve them by manually SSH from the engine to the
host, so that the host's key fingerprint was added to the engine's
known_hosts. Then I logged into the engine's web UI and manually
reinstall hosted_engine_1 with the "Automatically configure host
firewall" option deselected (since I already included all of its
configuration in my iptables file).
I also set the virt group profile on the storage domain's volume as you
suggested.
Thank you very much for guiding me.
Wee
On 23/2/2559 17:49, Sahina Bose wrote:
The error indicates : OSError: [Errno 30] Read-only file system
Can you check the output of "gluster volume status gv0" on
host01.ovirt.forest.go.th. Please make sure that firewall is not
blocking gluster ports from communicating on the 3 nodes.
On a different note, since you are using gv0 as storage domain, set
the virt group profile on this volume - "gluster volume set gv0 group
virt"
On 02/23/2016 01:39 PM, Wee Sritippho wrote:
Hi,
I'm trying to deploy an oVirt Hosed Engine environment using this
glusterfs volume:
# gluster volume info
Volume Name: gv0
Type: Replicate
Volume ID: 37bba03b-7276-421a-8960-81e28196ebde
Status: Started
Number of Bricks: 1 x 3 = 3
Transport-type: tcp
Bricks:
Brick1: host01.ovirt.forest.go.th:/data/brick1/gv0
Brick2: host03.ovirt.forest.go.th:/data/brick1/gv0
Brick3: host02.ovirt.forest.go.th:/data/brick1/gv0
Options Reconfigured:
storage.owner-gid: 36
storage.owner-uid: 36
performance.readdir-ahead: on
But the deployment failed with this error message:
[ ERROR ] Failed to execute stage 'Misc configuration': Error
creating a storage domain: ('storageType=7,
sdUUID=be5f66d8-57ef-43c8-90a5-e9132e0c95b4,
domainName=hosted_storage, domClass=1,
typeSpecificArg=host01.ovirt.forest.go.th:/gv0 domVersion=3',)
I tried to figure out what is happening via the log files:
Line ~7243 of vdsm.log
Line ~2930 of ovirt-hosted-engine-setup-20160223204857-585hqv.log
But didn't seem to understand it at all.
Please guide me on how to solve this problem.
Here is my environment:
CentOS Linux release 7.2.1511 (Core)
ovirt-hosted-engine-setup-1.3.2.3-1.el7.centos.noarch
vdsm-4.17.18-1.el7.noarch
glusterfs-3.7.8-1.el7.x86_64
Thank you,
Wee
---
ซอฟต์แวร์ Avast แอนตี้ไวรัสตรวจสอบหาไวรัสจากอีเมลนี้แล้ว
https://www.avast.com/antivirus
_______________________________________________
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users
---
ซอฟต์แวร์ Avast แอนตี้ไวรัสตรวจสอบหาไวรัสจากอีเมลนี้แล้ว
https://www.avast.com/antivirus
_______________________________________________
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users