After getting access to bug reporter environment, I've got the problem. In I39df6c22ea78ae5628f964634a3251216c888507 we introduced rule for iptables which looks like
--src-type LOCAL means that all addresses which looks like local for node (based on routing table) will have an access and all other will not. In case of bug reporter "local" mean small /27 subnet but for my environment it was big /24 subnet and I have IP addresses for master node and host machine both from this subnet, so this rule didn't work for me, but worked for bug reporter.
Solution is simple - we need allow access for 8443 (https) port like we do this for 8000 (http) one.
After getting access to bug reporter environment, I've got the problem. In I39df6c22ea78ae 5628f964634a325 1216c888507 we introduced rule for iptables which looks like
+ firewall { '044 fuelweb_local':
+ chain => $chain,
+ port => $fuelweb_port,
+ proto => 'tcp',
+ src_type => 'LOCAL',
+ action => 'accept',
+ }
+
+ firewall { '045 fuelweb_block_ext':
+ chain => $chain,
+ port => $fuelweb_port,
+ proto => 'tcp',
+ action => 'reject',
+ }
+
--src-type LOCAL means that all addresses which looks like local for node (based on routing table) will have an access and all other will not. In case of bug reporter "local" mean small /27 subnet but for my environment it was big /24 subnet and I have IP addresses for master node and host machine both from this subnet, so this rule didn't work for me, but worked for bug reporter.
Solution is simple - we need allow access for 8443 (https) port like we do this for 8000 (http) one.