Hi guys

So I'm busy studying for my RHCSA (with the EX300 right after), and have come across an issue with kickstarter files in KVM that I was hoping someone could help out with.

Basically my VM host has 2 virtual interfaces, default (192.168.122.0/24) and outsider (192.168.100.0/24) (as per the study guide environment).

If I use virt-install to create a new vm, using a local ftp store on the vm host, and a ks.cfg file pointing to installation files on the same ftp, it works fine, on the default virtual interface.
But, if I alter the ks.cfg file to point to the ftp store on the outsider interface, with all other static network parameters setting up the interface on 192.168.100.x, it doesn't work. It connects to the FTP (which in this case would be 192.168.100.1 on virbr1), but it can't copy anything and fails. Am I missing something?

It's not a train smash since I can always change it after the VM is installed, but I think in a real world situation this isn't ideal. It also adds extra time to the installation that I think can be avoided.
My guess is that there's a virt-install flag I'm missing but I can't seem to find it.

Any help is appreciated.

How do you know it can't copy anything? Is it an instant failure or a slow timeout? Are there any useful errors you can pass on from the debugging output on the other terminals during install?

Initially it sounds as if there's an iptables issue, so presumably not kickstart related. once you have the system built, does replicating the exact same FTP data flow work?

As FTP is a bit of a weird protocol, I'd usually suggest installing over HTTP instead, as the connectivity is just a simple port 80 rather than having issues with FTP protocol inspection etc.

Hi Chris

The VM installation pops up in a separate KVM window and runs through all the steps until just a little after Network Manager. It sets up eth0, then complains about not being able to copy install.img and offers a prompt to check the ftp connection. I've attempted with an http source from the VM host and the same problem occurs.

As for a possible iptables issues, I've flushed rules and it still does the same thing. In any case it seems like something that should work, since I installed and setup the default virbr0 interface (via the GUI virt-manager), the same way. It's only if I setup the outsider virbr1 interface, and attempt a kickstarter install on it.

If I install the system by conventional means, the ftp link works only after changing the virtual bridge via virt-manager for that specific VM, hence my suspicion that it's just a missing flag for virt-install. Perhaps it tries to use the default virbr0 bridge unless specified otherwise?

edit: Oh and I'm not too sure where I would check relevant logs? Nothing comes up on the console when it hits the error.

edit2: Ok I may have found the answer, will test it later today and confirm. Found a sample virt-install that had the -w network=<name> flag enabled, so I suspect that may be what I'm looking for.
Was under the man page all along, --network=NETWORK.

Thanks anyway

you certainly shouldn't be flushing the rules here. As KVM/libvirt hooks onto a LOT of generic stuff on the system, the networking needs to be bridged correctly and configured in iptables to let traffic flow properly. As you're going to the outside interface of the box, you'll need to open iptables up to permit that traffic. What's the objective here? To make it as generic as you can? Personally I would suggest adjusting the interface setup so your VM's are on the same "outside" subnet, so all machines appear on the same flat network as anythign else physical. I don't know if virtmanager or the likes will simplify doing this though, as on the older releases I've used, I think you only get natted or local only network, not fully bridged.

If you've not seen the other screens, hit Ctrl+F3, F4 etc, and you'll see debug output there in the VM to check.

I think you're already aware, but this is certainly well above RHCSA level.

Yeah come to think of it I recall the bridging did get fubar'd after flushing the rules, which I promptly restored. It was basically just a quick test to check, but not something I'll habitually do .

The objective was just to get another VM up and running for testing purposes I suppose. Having the "outsider" network running is likely for later RHCE objectives, but the M. Jang guide I'm using asks for you to set it up early on to get up to scratch with automated VM installations using kickstarter. It was just this minor issue I ran into that seems to have a pretty straightforward solution (which I'll test properly later today).

My knowledge of iptables is quite noobish so I doubt they'd complicate matters so early on . Still getting to the more complicated stuff

Thanks for the help!

Dear SurrealTiggi,

Have you checked the SELinux settings for the directory (and files) that contain the copied installation files? See the instructions in Exercise 1-2 (and Lab 2) for more detail. I've found that to be the most common cause of the problem that you've described (unable to copy install.img).

Hi Mike.

Wow didn't expect the author himself to reply. Great book btw , it's been really helpful thus far.
Regarding the SELinux context, yes I have passed chcon -R to the installation directory. As mentioned, if I browse to the directory from any other outside machine it works without issues.
To clarify, I attempted the installation again yesterday and it really was just that --network=outsider flag that needed to be passed to virt-install.
Doing that it went through without a hitch

Dear SurrealTiggi,

I'm glad that you've figured things out. It's similar to what was discussed in this thread here http://www.linuxquestions.org/questi...577/page2.html .

While I'm not always available, do let me know if you have additional questions.

1 members found this post helpful.