Fuel for OpenStack

Monitor firewall rules on collector to avoid lab data

Bug #1472976 reported by Alexander Charykov
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Fuel for OpenStack
Invalid
Medium
Alexander Charykov
Fuel for OpenStack 8.0

Bug Description

Add monitoring of firewall rules that denies access from lab networks.

Alexander Charykov (acharykov)
Changed in fuel:
assignee: nobody → Alexander Charykov (acharykov)
Alexander Charykov (acharykov)
Changed in fuel:
status: Confirmed → Fix Released
status: Fix Released → Confirmed
Revision history for this message
Bogdan Dobrelya (bogdando) wrote :

Please elaborate why this bug has a high priority. What is deploy and ops and UX impact?

Revision history for this message
Alexander Charykov (acharykov) wrote :

Moving to 8.0 we don't have time to fix it now.

Changed in fuel:
milestone: 7.0 → 8.0
importance: High → Medium
Dmitry Pyzhov (dpyzhov)
tags: added: area-devops
Revision history for this message
Igor Shishkin (teran) wrote :

Frankly speaking I'm not sure "monitoring" is a proper solution here since firewall is a part of node configuration.
So it's state should be verified before being applied since failures here could cause huge security problems(globally speaking about firewall).

Revision history for this message
Alexander Charykov (acharykov) wrote :

This check belongs to accident run of iptables -F command. If it is done stats from ci would corrupt stats data.

Revision history for this message
Igor Shishkin (teran) wrote :

So we probably must not do anything manually and do not test in production.
This will cover the case and makes us not needed to cover firewall with useless items.

Igor Shishkin (teran)
Changed in fuel:
status: Confirmed → Invalid
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.