Bug 1582836
| Summary: | [RFE][TestOnly] - Certify Skydive with RHV 4.3 and the oVirt OVN provider | ||
|---|---|---|---|
| Product: | Red Hat Enterprise Virtualization Manager | Reporter: | Yaniv Lavi <ylavi> |
| Component: | ovirt-provider-ovn | Assignee: | Marcin Mirecki <mmirecki> |
| Status: | CLOSED CURRENTRELEASE | QA Contact: | Dominik Holler <dholler> |
| Severity: | medium | Docs Contact: | |
| Priority: | medium | ||
| Version: | 4.2.0 | CC: | danken, dholler, mburman, myakove, nplanel, safchain |
| Target Milestone: | ovirt-4.3.0 | Keywords: | FutureFeature, TestOnly |
| Target Release: | --- | Flags: | mburman:
testing_plan_complete-
|
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | If docs needed, set a value | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2019-02-08 15:11:01 UTC | Type: | Bug |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | Network | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | 1568448, 1669567 | ||
| Bug Blocks: | 994170, 1647203 | ||
|
Description
Yaniv Lavi
2018-05-27 08:59:04 UTC
Ansible playbook that deploy analyzers and agents: http://skydive.network/documentation/deployment#ansible Here a fix that address etcd server list generation issue when using skydive_listen_ip=0.0.0.0 https://github.com/skydive-project/skydive/pull/1057 Still have the same issue:
May 29 11:57:10 network-ge-1.scl.lab.tlv.redhat.com skydive[615]: 2018-05-29T11:57:10.383+0300 ERROR analyzer/server.go:222 NewServerFromConfig network network-ge-1: Etcd server not ready: client: etcd cluster is unavailable or misconfigured;client: etcd cluster is unavailable or misconfigured; error #0: dial tcp 10.35.161.250:12379: getsockopt: connection refused
/etc/skydive/skydive.yml
etcd:
embedded: true
listen: 0.0.0.0:12379
peers:
network-ge-1: http://10.35.161.250:12380
servers:
- http://10.35.161.250:12379
netstat:
tcp 0 0 127.0.0.1:12379 0.0.0.0:* LISTEN 615/skydive
tcp 0 0 127.0.0.1:12380 0.0.0.0:* LISTEN 615/skydive
curl 10.35.161.250:12379
curl: (7) Failed connect to 10.35.161.250:12379; Connection refused
iptables is not running.
Still have the same issue:
May 29 11:57:10 network-ge-1.scl.lab.tlv.redhat.com skydive[615]: 2018-05-29T11:57:10.383+0300 ERROR analyzer/server.go:222 NewServerFromConfig network network-ge-1: Etcd server not ready: client: etcd cluster is unavailable or misconfigured;client: etcd cluster is unavailable or misconfigured; error #0: dial tcp 10.35.161.250:12379: getsockopt: connection refused
/etc/skydive/skydive.yml
etcd:
embedded: true
listen: 0.0.0.0:12379
peers:
network-ge-1: http://10.35.161.250:12380
servers:
- http://10.35.161.250:12379
netstat:
tcp 0 0 127.0.0.1:12379 0.0.0.0:* LISTEN 615/skydive
tcp 0 0 127.0.0.1:12380 0.0.0.0:* LISTEN 615/skydive
curl 10.35.161.250:12379
curl: (7) Failed connect to 10.35.161.250:12379; Connection refused
iptables is not running.
can you give the skydive version used: $ skydive version As the "listen" parameter is set to "0.0.0.0:12379" and the peers is set too, you should have in your netstat result 2 entries per IP present in you host. Is selinux enabled and blocking the port binding ? For the version I took this PR https://github.com/skydive-project/skydive/pull/1057 git fetch origin pull/1057/head:etcd_fix After disable selinux I can open the webUI. How can I make it works with selinux? For the version I took this PR https://github.com/skydive-project/skydive/pull/1057 git fetch origin pull/1057/head:etcd_fix After disable selinux I can open the webUI. How can I make it works with selinux? @Meni : could you share 1/ the skydive configuration /etc/skydive/skydive.yml 2/ grep skydive /var/log/audit/audit.log I don't known what's differ from your setup, but here my working test : 1/ I did install a centos with selinux enabled by default 2/ deploy with ansible from the PR 1057 3/ edit skydive configuration file /etc/skydive/skydive.yml o set 0.0.0.0:8082 for analyzer.listen o set 0.0.0.0:12379 for etcd.listen curl 192.168.0.7:12379 curl 192.168.0.7:8082 working find with selinux enabled (enforcing) [root@centos7-1804 centos]# netstat -tnlp Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 192.168.0.7:12380 0.0.0.0:* LISTEN 12357/skydive tcp 0 0 127.0.0.1:12380 0.0.0.0:* LISTEN 12357/skydive tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN 505/rpcbind tcp 0 0 127.0.0.1:8081 0.0.0.0:* LISTEN 10637/skydive tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 1386/sshd tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 999/master tcp 0 0 192.168.0.7:12379 0.0.0.0:* LISTEN 12357/skydive tcp 0 0 127.0.0.1:12379 0.0.0.0:* LISTEN 12357/skydive tcp6 0 0 ::1:12380 :::* LISTEN 12357/skydive tcp6 0 0 :::111 :::* LISTEN 505/rpcbind tcp6 0 0 :::8082 :::* LISTEN 12357/skydive tcp6 0 0 :::22 :::* LISTEN 1386/sshd tcp6 0 0 ::1:25 :::* LISTEN 999/master tcp6 0 0 ::1:12379 :::* LISTEN 12357/skydive [root@centos7-1804 centos]# sestatus SELinux status: enabled SELinuxfs mount: /sys/fs/selinux SELinux root directory: /etc/selinux Loaded policy name: targeted Current mode: enforcing Mode from config file: enforcing Policy MLS status: enabled Policy deny_unknown status: allowed Max kernel policy version: 31 I don't know what changed but now it's working with selinux on, so for now, we are good. SELinux in Skydive, you call follow the PR here : https://github.com/skydive-project/skydive/pull/1068 while verifying this, please try verifying Bug 994170 - [RFE] [SkyDive] Ability to test network connectivity to logical networks on a host Final verification with public OSP14 repos is still missing. |