Juniper Openstack

Openshift: kubemgr introspect #8108 not working

Series trunk
Bug #1759968

Bug #1759968 reported by Sarath on 2018-03-29

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	Juniper Openstack	Status tracked in Trunk
	Trunk	Fix Committed	Medium	Aniket Gawade	Juniper Openstack r5.0.0

Bug Description

Version# R5.0 #43 (openshift#3.7)

Kubemgr introspect #8108 not working and needs to add iptables entry to get it working as workaround.

Chain OS_FIREWALL_ALLOW target prot opt source ACCEPT tcp -- anywhere ACCEPT tcp -- anywhere ACCEPT tcp -- anywhere ACCEPT tcp -- anywhere ACCEPT tcp -- anywhere ACCEPT tcp -- anywhere ACCEPT tcp -- anywhere ACCEPT tcp -- anywhere ACCEPT tcp -- anywhere ACCEPT tcp -- anywhere ACCEPT tcp -- anywhere ACCEPT tcp -- anywhere ACCEPT tcp -- anywhere ACCEPT tcp -- anywhere ACCEPT tcp -- anywhere ACCEPT tcp -- anywhere ACCEPT tcp -- anywhere ACCEPT tcp -- anywhere ACCEPT tcp -- anywhere ACCEPT tcp -- anywhere ACCEPT tcp -- anywhere ACCEPT tcp -- anywhere ACCEPT tcp -- anywhere ACCEPT tcp -- anywhere ACCEPT tcp -- anywhere ACCEPT tcp -- anywhere ACCEPT tcp -- anywhere ACCEPT tcp -- anywhere ACCEPT tcp -- anywhere ACCEPT tcp -- anywhere ACCEPT tcp -- anywhere ACCEPT tcp -- anywhere ACCEPT tcp -- anywhere ACCEPT tcp -- anywhere ACCEPT tcp -- anywhere ACCEPT tcp -- anywhere ACCEPT tcp -- anywhere ACCEPT tcp -- anywhere ACCEPT tcp -- anywhere ACCEPT tcp -- anywhere ACCEPT tcp -- anywhere ACCEPT tcp -- anywhere ACCEPT tcp -- anywhere ACCEPT tcp -- anywhere ACCEPT tcp -- anywhere ACCEPT tcp -- anywhere ACCEPT tcp -- anywhere ACCEPT tcp -- anywhere ACCEPT tcp -- anywhere ACCEPT tcp -- anywhere ACCEPT tcp -- anywhere ACCEPT tcp -- anywhere ACCEPT tcp -- anywhere ACCEPT tcp -- anywhere ACCEPT tcp -- anywhere ACCEPT tcp -- anywhere ACCEPT tcp -- anywhere ACCEPT tcp -- anywhere ACCEPT tcp -- anywhere ACCEPT udp -- anywhere ACCEPT tcp -- anywhere ACCEPT tcp -- anywhere ACCEPT tcp -- anywhere ACCEPT udp -- anywhere ACCEPT tcp -- anywhere [root@5a10s31 ~]# (1 references)
destination
anywhere tcp dpt:xmltec-xmlmail /* contrail-cni */
anywhere tcp dpt:8085 /* contrail-vrouter-agent-introspect */
anywhere tcp dpt:pcsync-https /* ifmap */
anywhere tcp dpt:7198 /* cassandra */
anywhere tcp dpt:7199 /* cassandra */
anywhere tcp dpt:ups-onlinet /* cassandra */
anywhere tcp dpt:afs3-fileserver /* cassandra */
anywhere tcp dpt:apani2 /* cassandra */
anywhere tcp dpt:apani1 /* cassandra */
anywhere tcp dpt:9042 /* cassandra */
anywhere tcp dpt:9041 /* cassandra */
anywhere tcp dpt:XmlIpcRegSvc /* kafka */
anywhere tcp dpt:6381 /* redis */
anywhere tcp dpt:amqp /* rabbitmq */
anywhere tcp dpts:spcsdlobby:dandv-tester /* zookeeper */
anywhere tcp dpt:cgn-stat /* zookeeper */
anywhere tcp dpt:eforward /* zookeeper */
anywhere tcp dpt:tproxy /* contrail-analytics-api */
anywhere tcp dpt:d-s-n /* contrail-analytics-collector */
anywhere tcp dpt:8092 /* contrail-control-introspect-dns */
anywhere tcp dpt:us-srv /* contrail-control-introspect */
anywhere tcp dpt:8093 /* contrail-control-dns-xmpp */
anywhere tcp dpt:xmpp-server /* contrail-control-xmpp */
anywhere tcp dpt:webcache /* contrail-web-ui-debug */
anywhere tcp dpt:8143 /* contrail-web-ui */
anywhere tcp dpt:8084 /* contrail-config-api-introspect */
anywhere tcp dpt:jetdirect /* contrail-config-api-backend */
anywhere tcp dpt:us-cli /* contrail-config-api */
anywhere tcp dpt:pcsync-https /* ifmap */
anywhere tcp dpt:7198 /* cassandra */
anywhere tcp dpt:7199 /* cassandra */
anywhere tcp dpt:ups-onlinet /* cassandra */
anywhere tcp dpt:afs3-fileserver /* cassandra */
anywhere tcp dpt:apani2 /* cassandra */
anywhere tcp dpt:apani1 /* cassandra */
anywhere tcp dpt:9042 /* cassandra */
anywhere tcp dpt:9041 /* cassandra */
anywhere tcp dpt:XmlIpcRegSvc /* kafka */
anywhere tcp dpt:6381 /* redis */
anywhere tcp dpt:amqp /* rabbitmq */
anywhere tcp dpts:spcsdlobby:dandv-tester /* zookeeper */
anywhere tcp dpt:cgn-stat /* zookeeper */
anywhere tcp dpt:eforward /* zookeeper */
anywhere tcp dpt:tproxy /* contrail-analytics-api */
anywhere tcp dpt:d-s-n /* contrail-analytics-collector */
anywhere tcp dpt:8092 /* contrail-control-introspect-dns */
anywhere tcp dpt:us-srv /* contrail-control-introspect */
anywhere tcp dpt:8093 /* contrail-control-dns-xmpp */
anywhere tcp dpt:xmpp-server /* contrail-control-xmpp */
anywhere tcp dpt:webcache /* contrail-web-ui-debug */
anywhere tcp dpt:8143 /* contrail-web-ui */
anywhere tcp dpt:8084 /* contrail-config-api-introspect */
anywhere tcp dpt:jetdirect /* contrail-config-api-backend */
anywhere tcp dpt:us-cli /* contrail-config-api */
anywhere state NEW tcp dpt:2379
anywhere state NEW tcp dpt:2380
anywhere state NEW tcp dpt:pcsync-https
anywhere state NEW tcp dpt:pcsync-http
anywhere state NEW tcp dpt:senomix02
anywhere state NEW udp dpt:senomix02
anywhere state NEW tcp dpt:10250
anywhere state NEW tcp dpt:http
anywhere state NEW tcp dpt:https
anywhere state NEW udp dpt:4789
anywhere tcp dpt:8108 <<<<<<<<<<<<<<<

Tags:

Revision history for this message

Sachchidanand Vaidya (vaidyasd) wrote on 2018-03-30:

Pls add is as part of openshift-ansible installation

Revision history for this message

Aniket Gawade (aniketgawade) wrote on 2018-04-06:

Repo not in gerrit for made a direct commit to Juniper/openshift-ansible branch 3.7

https://github.com/Juniper/openshift-ansible/commit/19621fe667b6375e9a7d0dac931e003481b22b19

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.