Problem with deployment in a physical machine / connection timeout

Andre

@george1421 Yes I did my ping from FOS Engine
For the command showmount, it says that “command not found”

george1421

@Andre OK from FOS do this

mkdir /mnt
mount -t nfs <fog_server_ip>:/images/dev /mnt
ls -la /mnt

The idea is to connect from the FOS back to the fog server using nfs.

Andre

@george1421 I tried what you told me to do. But when I do the command for mounting, I have the same error “Connection Timeout” .

Andre

@george1421 But I don’t understand why in virtual it works and in physical it doesn’t work. I can deploy or capture virtual machines without problem, and physical machines I can’t.

Tom Elliott

This sounds an aweful lot like the nic of the fogserver is setup in Nat mode vs. bridged mode. I say this because of the “it works in virtual systems, but not on physical machines.”

Andre

@Tom-Elliott My Fogserver is setup in bridged mode

Andre

Nobody has a solution for my problem ?

george1421

@Andre There has to be something we are not seeing here.

Lets just recap where we are here.

1. You have a new fog server that is running FOG 1.3.5 that is a physical server (not really relevant that its physical)
2. Your fog server’s IP address is 192.168.230.10
3. Your target computer IS talking to the FOG server because it can check in, plus FOS does load and is running.
4. NFS is sharing the proper directories.
5. NFS is timing out in that it can’t connect.

Possible issues.

1. The firewall is running on the FOG server blocking nfs mounting.
2. selinux is not set to permissive on the FOG server.
3. There is some kind of screening router between the target computer and FOG server
4. Not all of the nfs services are running on the FOG server
5. Since there is a second fog server in the environment maybe it is playing a part in the target computer’s booting process that is unknown to us.

Since the target computer can’t seem to mount the nfs share on the physical fog server and you have a second virtual fog server, I would try to mount the nfs shares on the phy fog server from the vm fog server to confirm that nfs is working on the phy fog server.

from the vm fog server

mount -t nfs 192.168.230.10:/images /mnt
ls -la /mnt
umount /mnt

The above command should mount the images share on the phy fog server, list the contents of the directory and then unmount the images directory. When you run this command I would expect to see something like this:

drwxrwxrwx  5 fog  root 4096 Apr  4 06:37 .
drwxr-xr-x 25 root root 4096 Apr 15 21:35 ..
drwxrwxrwx  3 fog  root 4096 Apr  4 06:37 dev
-rwxrwxrwx  1 fog  root    0 Sep 24  2016 .mntcheck
drwxrwxrwx  2 fog  root 4096 Sep 24  2016 postdownloadscripts

Not directly related to your issue, i would update your FOG server to the latest RC build of 1.4.0 to test to see if 1.3.5 is the issue. Only do this on your phy fog server.
https://wiki.fogproject.org/wiki/index.php/Upgrade_to_trunk

Andre

@george1421 I just have one server FOG and it is virtual. I don’t have a Physical server FOG.

Andre

@george1421 I tried to mount what do you said, in a Virtual machine, on which I have already capture his image. But when I execute the command “mount -t nfs 192.168.230.10:/images /mnt”, in FOS engine. It say “connection refused”.

Andre

@george1421 I tried with these commands in FOS Engine, with my virtual machine :
mkdir /images
mkdir /images/dev
mount -o nolock,proto=tcp,rsize=32768,intr,noatime 192.168.230.10:/images /images
mount -o nolock,proto=tcp,rsize=32768,intr,noatime 192.168.230.10:/images/dev/ /images/dev

And it works, I can mount

Andre

@george1421 And when I tried to do the same thing in my physical machine, it doesn’t work

george1421

@Andre This is not logical.

back on the fog server can you execute this command:

cat /etc/exports

You should get something that looks like this

/images *(ro,sync,no_wdelay,no_subtree_check,insecure_locks,no_root_squash,insecure,fsid=0)
/images/dev *(rw,async,no_wdelay,no_subtree_check,no_root_squash,insecure,fsid=1)

The key to look for is the space, star ( * ) right after the share name. This restricts nfs access to specific hosts. The start means everyone.

Andre

@georgI have the same lines as you

george1421

@Andre Well then…

On the fog server can you run this command

rpcinfo -p
You will get an output like this

   program vers proto   port  service
    100000    4   tcp    111  portmapper
    100000    3   tcp    111  portmapper
    100000    2   tcp    111  portmapper
    100000    4   udp    111  portmapper
    100000    3   udp    111  portmapper
    100000    2   udp    111  portmapper
    100003    2   tcp   2049  nfs
    100003    3   tcp   2049  nfs
    100003    4   tcp   2049  nfs
    100227    2   tcp   2049
    100227    3   tcp   2049
    100003    2   udp   2049  nfs
    100003    3   udp   2049  nfs
    100003    4   udp   2049  nfs
    100227    2   udp   2049
    100227    3   udp   2049
    100021    1   udp  44805  nlockmgr
    100021    3   udp  44805  nlockmgr
    100021    4   udp  44805  nlockmgr
    100021    1   tcp  39255  nlockmgr
    100021    3   tcp  39255  nlockmgr
    100021    4   tcp  39255  nlockmgr
    100005    1   udp  37435  mountd
    100005    1   tcp  45499  mountd
    100005    2   udp  40066  mountd
    100005    2   tcp  33852  mountd
    100005    3   udp  59675  mountd
    100005    3   tcp  33362  mountd

The keys are to ensure that you have at least one portmapper and nfs and nfslockmgr entry.

And then please run this command
sudo ipables -L
The output should look like this:

Chain INPUT (policy ACCEPT)
target     prot opt source               destination         

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination         

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination     

The last check is to ensure selinux has been set to permissive. The key is current mode == permissive.
sestatus
output:

SELinux status:                 enabled
SELinuxfs mount:                /selinux
Current mode:                   permissive
Mode from config file:          permissive
Policy version:                 21
Policy from config file:        targeted

Andre

@george1421 Ok, for the first command I have this :

For the second command (sudo ipables -L), it says command not found

And for the third command (sestatus). I have to install “policycoreutils” and I have do this. And the result of the command “sestatus” :

Tom Elliott

@Andre This still sounds, very much, like a “NAT” vs. “Bridged” network problem.

I say this BECAUSE the connection is allowed from virtual space, but not a real machine.

Particularly your FOG Server is IP Address 192.168.230.10.

What’s the IP address your physical machines are pickin gup.

Andre

@Tom-Elliott The IP address of my physical machine is 192.168.230.23. I can ping my server FOG and my server FOG can ping my physical machine.

Tom Elliott

@Andre From the Physical machine can you please run:

passwd

Set a simple password
Hit me in chat
I want to remote in and help if at all possible via AnyDesk.

Andre

@Tom-Elliott where I run this command ?
And my network is a local network. I don’t have access to internet.