oVirt - NFS - weird problem...
-
- Posts: 2019
- Joined: 2015/02/17 15:14:33
- Location: Bulgaria
- Contact:
Re: oVirt - NFS - weird problem...
You can always live migrate the VMs to another host.If this is not possible, then post the firewall rules and we can try to review them.
Re: oVirt - NFS - weird problem...
I know its not professional, but I have just only one host server... And this one more home server)hunter86_bg wrote:You can always live migrate the VMs to another host.If this is not possible, then post the firewall rules and we can try to review them.
All my rules:
Code: Select all
[root@vm ~]# iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
ACCEPT tcp -- anywhere anywhere multiport dports nfs
ACCEPT udp -- anywhere anywhere multiport dports nfs
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
ACCEPT icmp -- anywhere anywhere
ACCEPT all -- anywhere anywhere
ACCEPT tcp -- anywhere anywhere tcp dpt:54321
ACCEPT tcp -- anywhere anywhere tcp dpt:54322
ACCEPT tcp -- anywhere anywhere tcp dpt:sunrpc
ACCEPT udp -- anywhere anywhere udp dpt:sunrpc
ACCEPT tcp -- anywhere anywhere tcp dpt:ssh
ACCEPT udp -- anywhere anywhere udp dpt:snmp
ACCEPT tcp -- anywhere anywhere tcp dpt:websm
ACCEPT tcp -- anywhere anywhere tcp dpt:16514
ACCEPT tcp -- anywhere anywhere multiport dports rockwell-csp2
ACCEPT tcp -- anywhere anywhere multiport dports rfb:6923
ACCEPT tcp -- anywhere anywhere multiport dports 49152:49216
ACCEPT udp -- anywhere anywhere udp dpt:6081
REJECT all -- anywhere anywhere reject-with icmp-host-prohibited
Chain FORWARD (policy ACCEPT)
target prot opt source destination
REJECT all -- anywhere anywhere PHYSDEV match ! --physdev-is-bridged reject-with icmp-host-prohibited
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
ACCEPT udp -- anywhere anywhere udp dpt:6081
[root@vm ~]#
In a world without walls, who need windows? )
-
- Posts: 2019
- Joined: 2015/02/17 15:14:33
- Location: Bulgaria
- Contact:
Re: oVirt - NFS - weird problem...
I've used ovirt on a single node ,but it's not so flexible. Now , my setup is on 4 KVM virtual machines (with nested Virtualization) for testing purposes,only.
As you are using iptables , you need to define static ports on the NFS server and then to allow these same ports. Check the following guides and verify you haven't missed any step.Check all manually defined ports in /etc/sysconfig/nfs and then compare them in the iptables.
RHEL6 guide which is more consistent and will give a general view.
RHEL7 guide.
With firewalld, all this is much easier - just run this :
As you are using iptables , you need to define static ports on the NFS server and then to allow these same ports. Check the following guides and verify you haven't missed any step.Check all manually defined ports in /etc/sysconfig/nfs and then compare them in the iptables.
RHEL6 guide which is more consistent and will give a general view.
RHEL7 guide.
With firewalld, all this is much easier - just run this :
Code: Select all
firewall-cmd --permanent --add-service={nfs,mountd,rpc-bind} && firewall-cmd --reload