Fuel for OpenStack

  1. Bug #1496399
  2. Comment #8

Comment 8 for bug 1496399

Revision history for this message
Sergey Kulanov (skulanov) wrote :

Running puppet manifest flushes firewall table rules for docker:

For now we have a single rule:
https://github.com/fuel-infra/puppet-manifests/blob/master/modules/fuel_project/manifests/jenkins/slave.pp#L835-L843

which is wrong.

At least the rules should be like here:
https://github.com/hesco/hesco-weave/blob/master/manifests/firewall/docker.pp
https://github.com/hesco/hesco-weave/blob/master/manifests/firewall/dnat_published_port.pp

As a simple fix just restart docker after running manifests

As a long live solution update firewall rules, but IMO better to restart docker from manifests after running firewall rules