Description of problem: I have a setup of rhevm 3.5. added a rhel7 host. host deploy succeeded and vdsm is up selinux is set on permissive state. yet the engine can not seem to establish connection with the host despite the fact that the host is fully reachable. I will attach all the relevant logs 2014-10-13 17:37:02,000 WARN [org.ovirt.vdsm.jsonrpc.client.utils.retry.Retryable] (SSL Stomp Reactor) Retry failed: java.net.NoRouteToHostException: No route to host at sun.nio.ch.SocketChannelImpl.checkConnect(Native Method) [rt.jar:1.7.0_65] at sun.nio.ch.SocketChannelImpl.finishConnect(SocketChannelImpl.java:739) [rt.jar:1.7.0_65] at org.ovirt.vdsm.jsonrpc.client.reactors.ReactorClient$2.call(ReactorClient.java:111) [vdsm-jsonrpc-java-client.jar:] at org.ovirt.vdsm.jsonrpc.client.reactors.ReactorClient$2.call(ReactorClient.java:97) [vdsm-jsonrpc-java-client.jar:] at org.ovirt.vdsm.jsonrpc.client.utils.retry.Retryable.call(Retryable.java:26) [vdsm-jsonrpc-java-client.jar:] at java.util.concurrent.FutureTask.run(FutureTask.java:262) [rt.jar:1.7.0_65] at org.ovirt.vdsm.jsonrpc.client.utils.ReactorScheduler.performPendingOperations(ReactorScheduler.java:28) [vdsm-jsonrpc-java-client.jar:] at org.ovirt.vdsm.jsonrpc.client.reactors.Reactor.run(Reactor.java:58) [vdsm-jsonrpc-java-client.jar:]
fails automation on el7 - adding to beta blocker.
We don't do routing. We just use the IP. If there is no route to host it's not because of anything related to jsonrpc.
Saggi is right that it is not related to jsonrpc. Together with Ohad we investigated the issue and after capturing the traffic we can see that the host response to any network frame sent to vdsm port is ICMP type 3 code 10 which is according to the iptables rule: REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited My assumption is that we do not configure iptables properly during host deploy.
We have confirmation that host deploy did not configure iptables because it was told not to do it.