openstack controller fencing does not work

Solution In Progress - Updated -

Issue

  • We imported our controllers on Red Hat enterprise virtualization platform from KVM. Following that, we made a stack update by updating the fencing.

  • The following fencing devices are configured:

[root@tst-osctrl01 ~]# pcs stonith show --full
 Resource: stonith-fence_rhevm-566f70400060 (class=stonith type=fence_rhevm)
  Attributes: ipaddr=rhev-manager.locadomain login=admin@internal passwd=ecocenter pcmk_host_list=tst-osctrl02 port=tst-osctrl02 ssl=1 ssl_insecure=1
  Operations: monitor interval=60s (stonith-fence_rhevm-566f70400060-monitor-interval-60s)
 Resource: stonith-fence_rhevm-566f70400072 (class=stonith type=fence_rhevm)
  Attributes: ipaddr=rhev-manager.localdomain login=admin@internal passwd=ecocenter pcmk_host_list=tst-osctrl03 port=tst-osctrl03 ssl=1 ssl_insecure=1
  Operations: monitor interval=60s (stonith-fence_rhevm-566f70400072-monitor-interval-60s)
 Resource: stonith-fence_rhevm-566f7040004e (class=stonith type=fence_rhevm)
  Attributes: ipaddr=rhev-manager.localdomain login=admin@internal passwd=ecocenter pcmk_host_list=tst-osctrl01 port=tst-osctrl01 ssl=1 ssl_insecure=1
  Operations: monitor interval=60s (stonith-fence_rhevm-566f7040004e-monitor-interval-60s)
 Target: tst-osctrl01
   Level 1 - stonith-fence_rhevm-566f7040004e
 Target: tst-osctrl02
   Level 1 - stonith-fence_rhevm-566f70400060
 Target: tst-osctrl03
   Level 1 - stonith-fence_rhevm-566f70400072
  • But when I test the fecing that the node does not restart. Werun this command on another openstack controller:
# iptables -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT && iptables -A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT && iptables -A INPUT -p tcp -m s
tate --state NEW -m tcp --dport 5016 -j ACCEPT && iptables -A INPUT -p udp -m state --state NEW -m udp --dport 5016 -j ACCEPT && iptables -A INPUT ! -i lo -j REJECT --reject-with icmp-host-prohibit
ed && iptables -A OUTPUT -p tcp --sport 22 -j ACCEPT && iptables -A OUTPUT -p tcp --sport 5016 -j ACCEPT && iptables -A OUTPUT -p udp --sport 5016 -j ACCEPT && iptables -A OUTPUT ! -o lo -j REJECT
--reject-with icmp-host-prohibited
  • Fencing failed with the following error messages:
Dec 14 10:38:11 [7440] tst-osctrl01.localdomain stonith-ng:     info: call_remote_stonith:  Requesting that 'tst-osctrl01' perform op 'tst-osctrl02 reboot' with 'stonith-fence_rhevm-566
f70400060' for crmd.7444 (144s)
Dec 14 10:38:11 [7440] tst-osctrl01.localdomain stonith-ng:   notice: operation_finished:   fence_rhevm_reboot_1:696002:stderr [ 2020-12-14 10:38:11,766 ERROR: Failed: Unable to obtain
correct plug status or plug is not available ]
Dec 14 10:38:11 [7440] tst-osctrl01.localdomain stonith-ng:   notice: operation_finished:   fence_rhevm_reboot_1:696002:stderr [  ]
Dec 14 10:38:11 [7440] tst-osctrl01.localdomain stonith-ng:   notice: operation_finished:   fence_rhevm_reboot_1:696002:stderr [  ]
Dec 14 10:38:11 [7440] tst-osctrl01.localdomain stonith-ng:  warning: log_action:   fence_rhevm[696002] stderr: [ 2020-12-14 10:38:11,766 ERROR: Failed: Unable to obtain correct plug st
atus or plug is not available ]

Environment

  • Red Hat OpenStack Platform 13.0 (RHOSP)

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.

Current Customers and Partners

Log in for full access

Log In