we need an explicit guarantee that firewall rules are opened before we invoke any pcs commands
Bug #1866209 reported by
Michele Baldessari
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
tripleo |
Fix Released
|
Medium
|
Michele Baldessari |
Bug Description
We want to make sure that any firewall rule set to open pacemaker ports
is executed before we run any commands that invoke pcs to
authenticate remote nodes.
It simply makes sense from a high-level POV to explicitely open
up firewall rules before we invoke pcs commands that will talk to
remote nodes.
I have actually seen one case in the wild where during a scaleup
the node being scaled up was waiting on Exec['wait-
and the bootstrap node failed to contact pcs on the scaled up node
because there the firewall rules were never opened up as it was
waiting on the 'wait-for-settle' step.
Changed in tripleo: | |
status: | New → Triaged |
importance: | Undecided → Medium |
assignee: | nobody → Michele Baldessari (michele) |
tags: | added: train-backport-potential |
tags: | added: queens-backport-potential |
To post a comment you must log in.
Fix proposed to branch: master /review. opendev. org/711509
Review: https:/