Description of problem: - Create a virtual machine in ovirt-node with spice protocol - Try to open the virtual-machine display via Admin Portal. Version-Release number of selected component (if applicable): - rhev-hypervisor7-7.0-20141006.0 Actual results: Cannot open Expected results: Should display to users the virtual machine. Additional info: Firewalld issue.
Alon, isn't host-deploy or vdsm taking care to open the ports, or is it left to Node to open the relevant ports?
(In reply to Fabian Deutsch from comment #1) > Alon, isn't host-deploy or vdsm taking care to open the ports, or is it left > to Node to open the relevant ports? yes, host-deploy sets /etc/sysconfig/iptables and persist it, if user did not uncheck the "configure firewall". firewalld is not used in hypervisor for now.
(In reply to Alon Bar-Lev from comment #2) > (In reply to Fabian Deutsch from comment #1) > > Alon, isn't host-deploy or vdsm taking care to open the ports, or is it left > > to Node to open the relevant ports? > > yes, host-deploy sets /etc/sysconfig/iptables and persist it, if user did > not uncheck the "configure firewall". > > firewalld is not used in hypervisor for now. But - is host-edploy or vdsm now also resüponsible to open the ports on Node - or do you expect Node to do this?
(In reply to Fabian Deutsch from comment #3) > (In reply to Alon Bar-Lev from comment #2) > > (In reply to Fabian Deutsch from comment #1) > > > Alon, isn't host-deploy or vdsm taking care to open the ports, or is it left > > > to Node to open the relevant ports? > > > > yes, host-deploy sets /etc/sysconfig/iptables and persist it, if user did > > not uncheck the "configure firewall". > > > > firewalld is not used in hypervisor for now. > > But - is host-edploy or vdsm now also resüponsible to open the ports on Node > - or do you expect Node to do this? as I wrote, host-deploy is overriding iptables and starts iptables on machine. please confirm iptables contains invalid content post deploy and/or iptables is down and/or firewalld is up.
please update bug subject to root cause.
bug 1128033 is verified, we can reproduce this bug now, and qa_ack+
Test version: rhev-hypervisor7-7.0-20150119.0.1.iso ovirt-node-3.2.1-5.el7.noarch Red Hat Enterprise Virtualization Manager Version: 3.5.0-0.30.el6ev Test steps: 1. Create a virtual machine in rhevh with spice protocol 2. Try to open the virtual-machine display via Admin Portal. Test result: display to users the virtual machine console success so this bug has been fixed, changed the status into "VERIFIED".
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://rhn.redhat.com/errata/RHEA-2015-0160.html