[ovirt-users] Re: fresh ovirt node 4.4.6 fail on firewalld both host and engine deployment

2021-06-21 Thread ppetrou 
Same situation.

I had to remove port 5900 from the host to complete the installation.

firewall-cmd --zone public --remove-port 5900/tcp --permanent

As you have already mentioned there is no access to the hosted-engine vm, so as 
a workaround I commented out the open port task in the following role. This 
worked fine. I assume the port must be opened by default in the hosted-engine 
vm image.

/usr/share/ansible/collections/ansible_collections/ovirt/ovirt/roles/hosted_engine_setup/tasks/bootstrap_local_vm/05_add_host.yml

#  - name: Open a port on firewalld
#firewalld:
#  port: "{{ he_webui_forward_port }}/tcp"
#  permanent: false
#  immediate: true
#  state: enabled

It looks like a fixed issue in a very old ansible version. 
https://github.com/ansible/ansible/issues/23895
Not sure why we see this here. There are no leading spaces in the port as the 
issue mentions and I cannot replicate the issue in the host using the following 
playbook. 

---
- name: test firewalld
  hosts: localhost
  tasks:

  - name: Open Common Public Ports
firewalld:
  port: "{{item}}"
  permanent: true
  state: enabled
  zone: public
  immediate: true
with_items:
  - 5900-6923/tcp

Petros





___
Users mailing list -- users@ovirt.org
To unsubscribe send an email to users-le...@ovirt.org
Privacy Statement: https://www.ovirt.org/privacy-policy.html
oVirt Code of Conduct: 
https://www.ovirt.org/community/about/community-guidelines/
List Archives: 
https://lists.ovirt.org/archives/list/users@ovirt.org/message/PKLX2R32YZQJR7FJOT3GU7WHLJW7MBRX/

[ovirt-users] Re: fresh ovirt node 4.4.6 fail on firewalld both host and engine deployment

2021-05-13 Thread Strahil Nikolov via Users 
I don't see 6900 in 
https://github.com/gluster/glusterfs/blob/devel/extras/firewalld/glusterfs.xml

Best Regards,Strahil Nikolov___
Users mailing list -- users@ovirt.org
To unsubscribe send an email to users-le...@ovirt.org
Privacy Statement: https://www.ovirt.org/privacy-policy.html
oVirt Code of Conduct: 
https://www.ovirt.org/community/about/community-guidelines/
List Archives: 
https://lists.ovirt.org/archives/list/users@ovirt.org/message/LJRW4AJ5NBIQVEDEBDC633RDHOP5CB4W/

[ovirt-users] Re: fresh ovirt node 4.4.6 fail on firewalld both host and engine deployment

2021-05-12 Thread Yedidyah Bar David 
Hi,

On Wed, May 12, 2021 at 8:53 PM Charles Kozler  wrote:
>
> Yep! I thought the error was reporting as the port already configured inside 
> the seed engine and not on the actual host. I deleted the firewalld 6900 port 
> addition and everything seems to be flowing through
>
> On Wed, May 12, 2021 at 1:36 PM Patrick Lomakin  
> wrote:
>>
>> Hello. I know this error. Please see which ports are used in firewalld 
>> configuration (6900). In gluster wizard click "Edit" button and remove 
>> gluster firewall config string like "port 6900". Save your configuration and 
>> try to deploy. Regards!

Thanks, Charles and Patrick, for reporting the problem and the solution!

Would one of you like to open a bug on this?

I agree that deploy should not fail on this.

Is it common to use port 6900 for gluster?

Best regards,
-- 
Didi
___
Users mailing list -- users@ovirt.org
To unsubscribe send an email to users-le...@ovirt.org
Privacy Statement: https://www.ovirt.org/privacy-policy.html
oVirt Code of Conduct: 
https://www.ovirt.org/community/about/community-guidelines/
List Archives: 
https://lists.ovirt.org/archives/list/users@ovirt.org/message/5YXPPEX3D3T3JARPKYJ5VUYM4K35ERUZ/

[ovirt-users] Re: fresh ovirt node 4.4.6 fail on firewalld both host and engine deployment

2021-05-12 Thread Charles Kozler 
Yep! I thought the error was reporting as the port already configured
inside the seed engine and not on the actual host. I deleted the firewalld
6900 port addition and everything seems to be flowing through

On Wed, May 12, 2021 at 1:36 PM Patrick Lomakin 
wrote:

> Hello. I know this error. Please see which ports are used in firewalld
> configuration (6900). In gluster wizard click "Edit" button and remove
> gluster firewall config string like "port 6900". Save your configuration
> and try to deploy. Regards!
> ___
> Users mailing list -- users@ovirt.org
> To unsubscribe send an email to users-le...@ovirt.org
> Privacy Statement: https://www.ovirt.org/privacy-policy.html
> oVirt Code of Conduct:
> https://www.ovirt.org/community/about/community-guidelines/
> List Archives:
> https://lists.ovirt.org/archives/list/users@ovirt.org/message/DD2ATIFJEITEI5LZL7IVQS7ROD7HQOYX/
>

-- 
*Notice to Recipient*: https://www.fixflyer.com/disclaimer 

___
Users mailing list -- users@ovirt.org
To unsubscribe send an email to users-le...@ovirt.org
Privacy Statement: https://www.ovirt.org/privacy-policy.html
oVirt Code of Conduct: 
https://www.ovirt.org/community/about/community-guidelines/
List Archives: 
https://lists.ovirt.org/archives/list/users@ovirt.org/message/3MFZHREQGHOCAT44H6JUPZXPVJXWWIDZ/

[ovirt-users] Re: fresh ovirt node 4.4.6 fail on firewalld both host and engine deployment

2021-05-12 Thread Patrick Lomakin 
Hello. I know this error. Please see which ports are used in firewalld 
configuration (6900). In gluster wizard click "Edit" button and remove gluster 
firewall config string like "port 6900". Save your configuration and try to 
deploy. Regards! 
___
Users mailing list -- users@ovirt.org
To unsubscribe send an email to users-le...@ovirt.org
Privacy Statement: https://www.ovirt.org/privacy-policy.html
oVirt Code of Conduct: 
https://www.ovirt.org/community/about/community-guidelines/
List Archives: 
https://lists.ovirt.org/archives/list/users@ovirt.org/message/DD2ATIFJEITEI5LZL7IVQS7ROD7HQOYX/

[ovirt-users] Re: fresh ovirt node 4.4.6 fail on firewalld both host and engine deployment

2021-05-12 Thread Charles Kozler 
I also just upgraded to 4.6.6.1 and it is still occurring




On Wed, May 12, 2021 at 12:36 PM Charles Kozler 
wrote:

> Hello -
>
> Deployed fresh ovirt node 4.4.6 and the only thing I did to the system was
> configure the NIC with nmtui
>
> During the gluster install the install errored out with
>
> gluster-deployment-1620832547044.log:failed: [n2] (item=5900/tcp) =>
> {"ansible_loop_var": "item", "changed": false, "item": "5900/tcp", "msg":
> "ERROR: Exception caught: org.fedoraproject.FirewallD1.Exception:
> ALREADY_ENABLED: '5900:tcp' already in 'public' Permanent and
> Non-Permanent(immediate) operation"}
>
> The fix here was easy - I just deleted the port it was complaining about
> with firewall-cmd and restarted the installation and it was all fine
>
> During the hosted engine deployment when the VM is being deployed it dies
> here
>
> [ INFO ] TASK [ovirt.ovirt.hosted_engine_setup : Open a port on firewalld]
> [ ERROR ] fatal: [localhost]: FAILED! => {"changed": false, "msg": "ERROR:
> Exception caught: org.fedoraproject.FirewallD1.Exception: ALREADY_ENABLED:
> '6900:tcp' already in 'public' Non-permanent operation"}
>
> Now the issue here is that I do not have access to the engine VM as it is
> in a bit of a transient state since when it fails the current image that is
> open is discarded when the ansible playbook is kicked off again
>
> I cannot find any BZ on this and google is turning up nothing. I don't
> think firewalld failing due to the firewall rule already existing should be
> a reason to exit the installation
>
> The interesting part is that this only fails on certain ports. i.e when I
> reran the gluster wizard after 5900 failed, the other ports are presumably
> still added to the firewall, and the installation completes
>
> Suggestions?
>
>
>

-- 
*Notice to Recipient*: https://www.fixflyer.com/disclaimer 

___
Users mailing list -- users@ovirt.org
To unsubscribe send an email to users-le...@ovirt.org
Privacy Statement: https://www.ovirt.org/privacy-policy.html
oVirt Code of Conduct: 
https://www.ovirt.org/community/about/community-guidelines/
List Archives: 
https://lists.ovirt.org/archives/list/users@ovirt.org/message/QTQ5GCPXWW6VFHP7Y2ADOTB2SNPGP6VZ/