Description of problem: -> $ hosted-engine --deploy ... INFO ] TASK [ovirt.ovirt.hosted_engine_setup : Enforce firewalld status] [ ERROR ] fatal: [localhost]: FAILED! => {"msg": "The conditional check 'firewalld_s.status.SubState != 'running' or firewalld_s.status.LoadState == 'masked'' failed. The error was: error while evaluating conditional (firewalld_s.status.SubState != 'running' or firewalld_s.status.LoadState == 'masked'): 'dict object' has no attribute 'SubState'\n\nThe error appears to be in '/usr/share/ansible/collections/ansible_collections/ovirt/ovirt/roles/hosted_engine_setup/tasks/pre_checks/validate_firewalld.yml': line 8, column 5, but may\nbe elsewhere in the file depending on the exact syntax problem.\n\nThe offending line appears to be:\n\n register: firewalld_s\n - name: Enforce firewalld status\n ^ here\n"} [ ERROR ] Failed to execute stage 'Closing up': Failed executing ansible-playbook [ INFO ] Stage: Clean up ... Version-Release number of selected component (if applicable): Centos Stream ovirt-hosted-engine-setup-2.5.0-0.0.master.20201216174101.git2a94b06.el8.noarch How reproducible: Steps to Reproduce: 1. 2. 3. Actual results: Expected results: Additional info:
Can you please attach full log and journal?
The documentation text flag should only be set after 'doc text' field is provided. Please provide the documentation text and set the flag to '?' again.
Not sure if it is me being asked for 'info' and if yes so then - more specific instructions please. I believe this must be easily reproducible - just get CentosStream up to date in terms of updates and: -> $ dnf install https://resources.ovirt.org/pub/yum-repo/ovirt-release-master.rpm -y -> $ hosted-engine --deploy For me it reproduces right on in a kvm, thus easy to anyone to reproduce.
Please share the Ansible version and hosted-engine log files located in /var/log/ovirt-hosted-engine-setup/
Created attachment 1754347 [details] logs /var/log/ovirt-hosted-engine-setup/
ansible-2.9.17-1.el8.noarch
QE cannot reproduce this issue, but QE detected another issue. Test Version ovirt-hosted-engine-setup-2.5.0-0.0.master.20201216174101.git2a94b06.el8.noarch ansible-2.9.17-1.el8.noarch Test Steps: 1. Install RHEL 8 server host 2. Enable ovirt repos 3. Install ovirt-engine-appliance 4. hosted engine -deploy Test Result: There is no error at "Enforce firewalld status" task. [ INFO ] TASK [ovirt.ovirt.hosted_engine_setup : Check firewalld status] [ INFO ] ok: [localhost] [ INFO ] TASK [ovirt.ovirt.hosted_engine_setup : Enforce firewalld status] [ INFO ] skipping: [localhost] [ INFO ] TASK [ovirt.ovirt.hosted_engine_setup : Get default gateway IPv4] [ INFO ] changed: [localhost] [ INFO ] TASK [ovirt.ovirt.hosted_engine_setup : Get default gateway IPv6] [ INFO ] changed: [localhost] [ INFO ] TASK [ovirt.ovirt.hosted_engine_setup : Set he_gateway] But there is an error at "Enforce FIPS mode" task. [ INFO ] TASK [ovirt.ovirt.hosted_engine_setup : Enforce FIPS mode] [ ERROR ] fatal: [localhost -> rhevh-hostedengine-vm-05.lab.eng.pek2.redhat.com]: FAILED! => {"changed": false, "msg": "FIPS mode is not enabled as required"} [ INFO ] TASK [ovirt.ovirt.hosted_engine_setup : Sync on engine machine]
Created attachment 1754582 [details] Fail at enfore FIPS mode
(In reply to Wei Wang from comment #7) > QE cannot reproduce this issue, but QE detected another issue. > > Test Version > ovirt-hosted-engine-setup-2.5.0-0.0.master.20201216174101.git2a94b06.el8. > noarch > ansible-2.9.17-1.el8.noarch > > Test Steps: > 1. Install RHEL 8 server host > 2. Enable ovirt repos > 3. Install ovirt-engine-appliance > 4. hosted engine -deploy > > Test Result: > There is no error at "Enforce firewalld status" task. > > [ INFO ] TASK [ovirt.ovirt.hosted_engine_setup : Check firewalld status] > [ INFO ] ok: [localhost] > [ INFO ] TASK [ovirt.ovirt.hosted_engine_setup : Enforce firewalld status] > [ INFO ] skipping: [localhost] > [ INFO ] TASK [ovirt.ovirt.hosted_engine_setup : Get default gateway IPv4] > [ INFO ] changed: [localhost] > [ INFO ] TASK [ovirt.ovirt.hosted_engine_setup : Get default gateway IPv6] > [ INFO ] changed: [localhost] > [ INFO ] TASK [ovirt.ovirt.hosted_engine_setup : Set he_gateway] > > But there is an error at "Enforce FIPS mode" task. > [ INFO ] TASK [ovirt.ovirt.hosted_engine_setup : Enforce FIPS mode] > [ ERROR ] fatal: [localhost -> > rhevh-hostedengine-vm-05.lab.eng.pek2.redhat.com]: FAILED! => {"changed": > false, "msg": "FIPS mode is not enabled as required"} > [ INFO ] TASK [ovirt.ovirt.hosted_engine_setup : Sync on engine machine] Can you please open a new bug?
This bug has been reported against Centos Stream not RHEL8. Also, may I share a friendly advice - when you talk to each other, then address people by their names rather then "you". You might know whom "you" are talking to, but that does not go for the rest of the people who get all bugzilla messages.
(In reply to Asaf Rachmani from comment #9) > (In reply to Wei Wang from comment #7) > > QE cannot reproduce this issue, but QE detected another issue. > > > > Test Version > > ovirt-hosted-engine-setup-2.5.0-0.0.master.20201216174101.git2a94b06.el8. > > noarch > > ansible-2.9.17-1.el8.noarch > > > > Test Steps: > > 1. Install RHEL 8 server host > > 2. Enable ovirt repos > > 3. Install ovirt-engine-appliance > > 4. hosted engine -deploy > > > > Test Result: > > There is no error at "Enforce firewalld status" task. > > > > [ INFO ] TASK [ovirt.ovirt.hosted_engine_setup : Check firewalld status] > > [ INFO ] ok: [localhost] > > [ INFO ] TASK [ovirt.ovirt.hosted_engine_setup : Enforce firewalld status] > > [ INFO ] skipping: [localhost] > > [ INFO ] TASK [ovirt.ovirt.hosted_engine_setup : Get default gateway IPv4] > > [ INFO ] changed: [localhost] > > [ INFO ] TASK [ovirt.ovirt.hosted_engine_setup : Get default gateway IPv6] > > [ INFO ] changed: [localhost] > > [ INFO ] TASK [ovirt.ovirt.hosted_engine_setup : Set he_gateway] > > > > But there is an error at "Enforce FIPS mode" task. > > [ INFO ] TASK [ovirt.ovirt.hosted_engine_setup : Enforce FIPS mode] > > [ ERROR ] fatal: [localhost -> > > rhevh-hostedengine-vm-05.lab.eng.pek2.redhat.com]: FAILED! => {"changed": > > false, "msg": "FIPS mode is not enabled as required"} > > [ INFO ] TASK [ovirt.ovirt.hosted_engine_setup : Sync on engine machine] > > Can you please open a new bug? Yes, trace this issue with https://bugzilla.redhat.com/show_bug.cgi?id=1924590
I can see systemd have "SubState" and "LoadState" on CentOS Stream: # systemctl show -p SubState --value firewalld running # systemctl show -p LoadState --value firewalld loaded But looks like Ansible doesn't fetch them. Versions: # rpm -qa | egrep 'systemd|ansible' ansible-2.9.17-1.el8.noarch systemd-udev-239-43.el8.x86_64 systemd-container-239-43.el8.x86_64 systemd-pam-239-43.el8.x86_64 systemd-239-43.el8.x86_64 rpm-plugin-systemd-inhibit-4.14.3-4.el8.x86_64 systemd-libs-239-43.el8.x86_64 python3-systemd-234-8.el8.x86_64
Ansible systemd module uses "systemctl show" command. oVirt Node 4.4.5 based on centos8: # systemctl show firewalld | grep Load LoadState=loaded CentOS Stream 8: # systemctl show firewalld | grep Load Failed to parse bus message: Invalid argument Based on this output the issue is in systemd: https://bugzilla.redhat.com/show_bug.cgi?id=1901449 lejeczek, can you please upgrade systemd package and try again?
Moving this to QA. CentOS Stream and RHEL 8.4 beta should have both the systemd package including the fix.
Test with RHEL-8.4.0-20210309.1-x86_64-dvd1.iso, there are below problem: [root@hp-dl388g9-05 ~]# yum install -y ovirt-hosted-engine-setup Updating Subscription Management repositories. Red Hat Enterprise Linux 8 for x86_64 - BaseOS Beta (RPMs) 571 kB/s | 2.7 MB 00:04 Last metadata expiration check: 0:00:01 ago on Fri 09 Apr 2021 02:09:54 PM CST. Error: Problem: cannot install the best candidate for the job - nothing provides python3 needed by ovirt-hosted-engine-setup-2.4.9-1.el8.noarch - nothing provides genisoimage needed by ovirt-hosted-engine-setup-2.4.9-1.el8.noarch - nothing provides python3-netaddr needed by ovirt-hosted-engine-setup-2.4.9-1.el8.noarch - nothing provides virt-install needed by ovirt-hosted-engine-setup-2.4.9-1.el8.noarch (try to add '--skip-broken' to skip uninstallable packages or '--nobest' to use not only best candidate packages) Test steps: 1. Install RHEL 8 server host 2. Enable ovirt repos # yum install -y https://resources.ovirt.org/pub/yum-repo/ovirt-release44-pre.rp 3. Install ovirt-engine-appliance # yum install -y ovirt-engine-appliance 4. yum install -y ovirt-hosted-engine-setup 5. hosted engine -deploy
According to comment 15, move it to "ASSIGNED"
(In reply to Wei Wang from comment #15) > Test with RHEL-8.4.0-20210309.1-x86_64-dvd1.iso, there are below problem: > [root@hp-dl388g9-05 ~]# yum install -y ovirt-hosted-engine-setup > Updating Subscription Management repositories. > Red Hat Enterprise Linux 8 for x86_64 - BaseOS Beta (RPMs) > 571 kB/s | 2.7 MB 00:04 > Last metadata expiration check: 0:00:01 ago on Fri 09 Apr 2021 02:09:54 PM > CST. > Error: > Problem: cannot install the best candidate for the job > - nothing provides python3 needed by > ovirt-hosted-engine-setup-2.4.9-1.el8.noarch > - nothing provides genisoimage needed by > ovirt-hosted-engine-setup-2.4.9-1.el8.noarch > - nothing provides python3-netaddr needed by > ovirt-hosted-engine-setup-2.4.9-1.el8.noarch > - nothing provides virt-install needed by > ovirt-hosted-engine-setup-2.4.9-1.el8.noarch > (try to add '--skip-broken' to skip uninstallable packages or '--nobest' to > use not only best candidate packages) > > Test steps: > 1. Install RHEL 8 server host > 2. Enable ovirt repos > # yum install -y > https://resources.ovirt.org/pub/yum-repo/ovirt-release44-pre.rp > 3. Install ovirt-engine-appliance > # yum install -y ovirt-engine-appliance > 4. yum install -y ovirt-hosted-engine-setup > 5. hosted engine -deploy Hi Wei, The issue is not related to this bug. Please open a new bug and mark it as depends on this bug. Thanks
(In reply to Asaf Rachmani from comment #17) > (In reply to Wei Wang from comment #15) > > Test with RHEL-8.4.0-20210309.1-x86_64-dvd1.iso, there are below problem: > > [root@hp-dl388g9-05 ~]# yum install -y ovirt-hosted-engine-setup > > Updating Subscription Management repositories. > > Red Hat Enterprise Linux 8 for x86_64 - BaseOS Beta (RPMs) > > 571 kB/s | 2.7 MB 00:04 > > Last metadata expiration check: 0:00:01 ago on Fri 09 Apr 2021 02:09:54 PM > > CST. > > Error: > > Problem: cannot install the best candidate for the job > > - nothing provides python3 needed by > > ovirt-hosted-engine-setup-2.4.9-1.el8.noarch > > - nothing provides genisoimage needed by > > ovirt-hosted-engine-setup-2.4.9-1.el8.noarch > > - nothing provides python3-netaddr needed by > > ovirt-hosted-engine-setup-2.4.9-1.el8.noarch > > - nothing provides virt-install needed by > > ovirt-hosted-engine-setup-2.4.9-1.el8.noarch > > (try to add '--skip-broken' to skip uninstallable packages or '--nobest' to > > use not only best candidate packages) > > > > Test steps: > > 1. Install RHEL 8 server host > > 2. Enable ovirt repos > > # yum install -y > > https://resources.ovirt.org/pub/yum-repo/ovirt-release44-pre.rp > > 3. Install ovirt-engine-appliance > > # yum install -y ovirt-engine-appliance > > 4. yum install -y ovirt-hosted-engine-setup > > 5. hosted engine -deploy > > Hi Wei, > The issue is not related to this bug. > Please open a new bug and mark it as depends on this bug. > Thanks Open a new bug https://bugzilla.redhat.com/show_bug.cgi?id=1948429 to trace it.
Test with RHEL-8.4.0-20210309.1-x86_64-dvd1.iso ovirt-engine-appliance-4.4-20210408133441.1.el8.x86_64 ovirt-hosted-engine-setup-2.4.9-1.el8.noarch HE deploys successfully. Move it to "VERIFIED"
This bugzilla is included in oVirt 4.4.6 release, published on May 4th 2021. Since the problem described in this bug report should be resolved in oVirt 4.4.6 release, it has been closed with a resolution of CURRENT RELEASE. If the solution does not work for you, please open a new bug report.
The needinfo request[s] on this closed bug have been removed as they have been unresolved for 500 days