NBD setup - No such item
-
@Tristis-Oris does the XO have access to the NBD enabled network ?
-
@florent I don't get that moment.
Both interfaces at same vlan. But on host it a dedicated link, on VM it's virtual link at trunk port.Now i switch XO VM network to host NBD link - this tasks not dissapeared.
Test backup done as usual one, with a bit less speed than before: 60MiB vs 80-90.also probably found a visual bug. After XO update
preferNbd = trueatconfig.tomlremoved, but at already configured backup job this settings still availabe.
-
@florent i removed all frozen tasks, again enabled nbd, etc. But anyway can't make it work.
Sure i read all guides at blog, all steps looks correct. Any hints? -
@Tristis-Oris That is strange
We are finalizing the release today, I will take a deep look tomorrow if it's ok for you -
@florent sure, no rush here.
-
I tryed multiple time to have te "reconfigure ip of .." task, but didn't succeed.
What I did :
- on the pool > network : activated NBD connection
- on the delta backup job : enable NBD
I didn't have to change anything else
-
@florent i don't get
reconfigure ipsecond time, but backups still without nbd. -
@Tristis-Oris ok
What are the network accessible by the XO VM ? does it contains the NBD enabled network ? -
@florent as i say, XO only one interface it's same host interface where NBD is enabled.
-
@Tristis-Oris And you don't have message like
can't connect to nbd serverin the system log / Xo-server output ? -
@florent never seen such errors. At which step it should happens?
-
@Tristis-Oris when launching a backup, between the snapshot and the beginning of the the transfer. It should try to connect to the host(s) NBD server
-
@florent also , is there a firewall/network filtering between XO and the host ? the conneciton to the NBD server go through the port 10809
-
@florent is NBD server running at dom0?
for clear test: disabled nbd, removed all XO logs. Enabled NBD on host, changed XO interface to this one, run backup task with NBD > no one error at logs.
-
@Tristis-Oris yes the NBD server run in the dom0, one per host
-
@florent hm. Telnet to 10809 is refused even from dom0, to both backup interface and management.
We have no any additional firewalls at network. Host's iptable looks fine.What a name of service, to check if it running?
-
also add
filter = 'xo:backups:DeltaBackupWriter'to config.toml. Anyway no one error during backup. -
@Tristis-Oris I think it is built in in the xapi .
ss -tulpnon my host :
there is a xapi-nbd service
-
@florent looks fine.
also i add extra iptables rules, nothing changed.
iptables -A INPUT -p tcp --dport 10809 -m comment --comment "NBD" -j ACCEPT iptables -A OUTPUT -p tcp --dport 10809 -m comment --comment "NBD" -j ACCEPT -
@Tristis-Oris my iptable are
-P INPUT ACCEPT -P FORWARD ACCEPT -P OUTPUT ACCEPT -N RH-Firewall-1-INPUT -N xapi_nbd_input_chain -N xapi_nbd_output_chain -A INPUT -p tcp -m tcp --dport 10809 -j xapi_nbd_input_chain -A INPUT -p gre -j ACCEPT -A INPUT -j RH-Firewall-1-INPUT -A FORWARD -j RH-Firewall-1-INPUT -A OUTPUT -p tcp -m tcp --sport 10809 -j xapi_nbd_output_chain -A RH-Firewall-1-INPUT -i lo -j ACCEPT -A RH-Firewall-1-INPUT -p icmp -m icmp --icmp-type any -j ACCEPT -A RH-Firewall-1-INPUT -i xenapi -p udp -m udp --dport 67 -j ACCEPT -A RH-Firewall-1-INPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT -A RH-Firewall-1-INPUT -p udp -m conntrack --ctstate NEW -m udp --dport 694 -j ACCEPT -A RH-Firewall-1-INPUT -p tcp -m conntrack --ctstate NEW -m tcp --dport 22 -j ACCEPT -A RH-Firewall-1-INPUT -p tcp -m conntrack --ctstate NEW -m tcp --dport 80 -j ACCEPT -A RH-Firewall-1-INPUT -p tcp -m conntrack --ctstate NEW -m tcp --dport 443 -j ACCEPT -A RH-Firewall-1-INPUT -p tcp -m tcp --dport 21064 -j ACCEPT -A RH-Firewall-1-INPUT -p udp -m multiport --dports 5404,5405 -j ACCEPT -A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited -A xapi_nbd_input_chain -i xenbr0 -m conntrack --ctstate NEW,ESTABLISHED -j ACCEPT -A xapi_nbd_input_chain -j REJECT --reject-with icmp-port-unreachable -A xapi_nbd_output_chain -o xenbr0 -j RETURN -A xapi_nbd_output_chain -j REJECT --reject-with icmp-port-unreachablethere is already a line for nbd
