openstack controller fencing does not work
Issue
-
We imported our controllers on Red Hat enterprise virtualization platform from KVM. Following that, we made a stack update by updating the fencing.
-
The following fencing devices are configured:
[root@tst-osctrl01 ~]# pcs stonith show --full
Resource: stonith-fence_rhevm-566f70400060 (class=stonith type=fence_rhevm)
Attributes: ipaddr=rhev-manager.locadomain login=admin@internal passwd=ecocenter pcmk_host_list=tst-osctrl02 port=tst-osctrl02 ssl=1 ssl_insecure=1
Operations: monitor interval=60s (stonith-fence_rhevm-566f70400060-monitor-interval-60s)
Resource: stonith-fence_rhevm-566f70400072 (class=stonith type=fence_rhevm)
Attributes: ipaddr=rhev-manager.localdomain login=admin@internal passwd=ecocenter pcmk_host_list=tst-osctrl03 port=tst-osctrl03 ssl=1 ssl_insecure=1
Operations: monitor interval=60s (stonith-fence_rhevm-566f70400072-monitor-interval-60s)
Resource: stonith-fence_rhevm-566f7040004e (class=stonith type=fence_rhevm)
Attributes: ipaddr=rhev-manager.localdomain login=admin@internal passwd=ecocenter pcmk_host_list=tst-osctrl01 port=tst-osctrl01 ssl=1 ssl_insecure=1
Operations: monitor interval=60s (stonith-fence_rhevm-566f7040004e-monitor-interval-60s)
Target: tst-osctrl01
Level 1 - stonith-fence_rhevm-566f7040004e
Target: tst-osctrl02
Level 1 - stonith-fence_rhevm-566f70400060
Target: tst-osctrl03
Level 1 - stonith-fence_rhevm-566f70400072
- But when I test the fecing that the node does not restart. Werun this command on another openstack controller:
# iptables -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT && iptables -A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT && iptables -A INPUT -p tcp -m s
tate --state NEW -m tcp --dport 5016 -j ACCEPT && iptables -A INPUT -p udp -m state --state NEW -m udp --dport 5016 -j ACCEPT && iptables -A INPUT ! -i lo -j REJECT --reject-with icmp-host-prohibit
ed && iptables -A OUTPUT -p tcp --sport 22 -j ACCEPT && iptables -A OUTPUT -p tcp --sport 5016 -j ACCEPT && iptables -A OUTPUT -p udp --sport 5016 -j ACCEPT && iptables -A OUTPUT ! -o lo -j REJECT
--reject-with icmp-host-prohibited
- Fencing failed with the following error messages:
Dec 14 10:38:11 [7440] tst-osctrl01.localdomain stonith-ng: info: call_remote_stonith: Requesting that 'tst-osctrl01' perform op 'tst-osctrl02 reboot' with 'stonith-fence_rhevm-566
f70400060' for crmd.7444 (144s)
Dec 14 10:38:11 [7440] tst-osctrl01.localdomain stonith-ng: notice: operation_finished: fence_rhevm_reboot_1:696002:stderr [ 2020-12-14 10:38:11,766 ERROR: Failed: Unable to obtain
correct plug status or plug is not available ]
Dec 14 10:38:11 [7440] tst-osctrl01.localdomain stonith-ng: notice: operation_finished: fence_rhevm_reboot_1:696002:stderr [ ]
Dec 14 10:38:11 [7440] tst-osctrl01.localdomain stonith-ng: notice: operation_finished: fence_rhevm_reboot_1:696002:stderr [ ]
Dec 14 10:38:11 [7440] tst-osctrl01.localdomain stonith-ng: warning: log_action: fence_rhevm[696002] stderr: [ 2020-12-14 10:38:11,766 ERROR: Failed: Unable to obtain correct plug st
atus or plug is not available ]
Environment
- Red Hat OpenStack Platform 13.0 (RHOSP)
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.